Security Directory

R

Registrants of tuiskula.info (1API GmbH registrar)

tuiskula.info

46

Tuiskulan kylä website serves as a community and cultural hub for the village of Tuiskula in Finland, promoting local events such as summer theater, concerts, and village activities. The site provides historical context, community contact information, and promotes local book sales related to the village's heritage. The business model is community-focused, relying on volunteer efforts and local engagement. Technically, the website is built on WordPress with common plugins like Yoast SEO and Jetpack, and uses Google Tag Manager and Facebook SDK for analytics and marketing. The site is mobile-optimized and SEO-friendly but lacks explicit privacy and cookie policies, which is a compliance gap. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Overall, the domain registration is consistent and trustworthy with a long history. Recommendations include adding privacy and cookie policies, enabling DNSSEC, and improving security headers to enhance trust and compliance.

L

Lundan kyläyhdistys r.y.

lunda.fi

46

Lundan kyläyhdistys r.y. is a Finnish non-profit village association established in 1983, serving 11 villages in the Masku region. The organization focuses on community engagement, local events, and maintaining village vitality. Their website, built on WordPress, provides information about the association, events, and contact details, targeting local residents. The site integrates social media via Facebook and uses common plugins for SEO and contact forms. Technically, the site is well-structured, mobile-optimized, and uses HTTPS, but lacks some security headers and privacy compliance pages. Overall, the domain registration is consistent with the organization's identity, indicating legitimacy and stability.

Häme Events is a regional event listing platform operated by Hämeen Maakuntaliitto, a Finnish regional government entity. The website provides a searchable calendar of events in the Kanta-Häme region and offers an open API for integrating event data into other services. The platform targets residents and visitors interested in local events, supporting community engagement and regional promotion. The business model centers on providing free access to event information and facilitating event submissions. Technically, the website uses a custom-built platform with modern JavaScript libraries such as jQuery, Semantic UI, and various UI enhancement plugins. It integrates multiple analytics services including Google Analytics, Matomo, and Facebook SDK. Hosting appears to be on Amazon AWS infrastructure, indicated by the AWS nameservers. The site is mobile optimized and has basic SEO and accessibility features, though content quality is minimal and mostly functional. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks important security headers like Content-Security-Policy and X-Frame-Options, and does not provide privacy or cookie policies, which impacts GDPR compliance. No contact emails or phone numbers are visible on the site, limiting user support and incident response transparency. The WHOIS data confirms the domain is registered to the regional government organization, with consistent registration details and no privacy protection, supporting legitimacy. Overall, the website is a functional regional event platform with moderate technical maturity and a solid legitimacy profile. Security and privacy compliance can be improved by adding policies, security headers, and contact information. Enhancing content richness and user engagement features would also increase value and trust.

T

Tutmonda Esperantista Vegetarana Asocio

vegetarismo.info

55

The Tutmonda Esperantista Vegetarana Asocio (TEVA) is a small, international non-profit organization dedicated to promoting Esperanto among vegetarians and vegetarianism among Esperanto speakers. Founded in 1908 and currently hosted on WordPress.com, the website serves as an informational and community hub, offering resources such as bulletins, event information, and membership details. The technical infrastructure leverages WordPress.com hosting, Jetpack plugins, and integrates common advertising and analytics tools like Amazon Ads and Google Analytics. Security posture is adequate with HTTPS enabled and domain transfer protection, though DNSSEC is not enabled and security headers are absent. Privacy compliance is basic, with no explicit privacy or cookie policy pages found, but a cookie consent mechanism is present. Contact information is available primarily via email and social media channels. Overall, the website is professional, content-rich, and trustworthy, serving a niche community effectively.

H

HMP - Mestska policie hl. m. Prahy

mppraha.info

42

The website mppraha.info is the official online presence of the Municipal Police of Prague, Czech Republic. It serves as an information portal for residents and visitors, providing details about police units, contact information, news updates, recruitment, and public safety services. The site is well-branded with official logos and consistent municipal police identity, targeting a general audience interested in public safety and municipal services in Prague. The business model is government public service with a large organizational size and established presence since 2014. Technically, the site is built on Joomla CMS with modern web technologies including jQuery, Leaflet for interactive maps, and Revolution Slider for visual content. It integrates social media platforms such as Facebook, Twitter, YouTube, and Instagram, and uses Google Analytics for visitor tracking. The site is mobile-optimized with good navigation and content relevance, though accessibility features are basic. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. Cookie consent is implemented, indicating some level of privacy compliance, but no explicit privacy policy or terms of service were found on the homepage. No incident response or vulnerability disclosure information is provided. Suspicious hidden links to adult content domains were detected in hidden HTML elements, likely spam injections, but these are not visible to users. Overall, the website is trustworthy and professional, with a strong business credibility score. Recommendations include enabling DNSSEC, adding security headers, publishing a privacy policy, and monitoring third-party scripts for vulnerabilities to improve security posture and compliance.

S

Suomen Tykistö-, Pioneeri- ja Viestimuseoyhdistys ry

museomilitaria.fi

57

Museo Militaria is a Finnish non-profit organization operating one of the largest war and military history museums in Finland, located in Hämeenlinna. The museum offers diverse exhibitions, educational programs, guided tours, and a retail e-commerce platform targeting families, history enthusiasts, and school groups. The website is professionally designed with clear navigation and multilingual support, reflecting a mature digital presence. Technically, the site uses modern frameworks like Bootstrap, integrates multiple analytics and marketing tools, and employs secure payment processing via Paytrail. Security posture is good with HTTPS enforced and cookie consent implemented, though it lacks explicit security headers and a dedicated security policy page. Overall, the website is trustworthy, compliant with GDPR, and provides comprehensive contact and policy information.

T

Tabernas 21, s.r.o.

citybee.cz

58

CityBee.cz is a Czech online media platform focused on providing curated event listings, venue recommendations, and cultural tips primarily for Prague residents and visitors. The website operates under the company Tabernas 21, s.r.o., established around 2012, and positions itself as a trusted local guide with editorial content and advertising services. The platform integrates advertising partnerships and offers business registration services for local venues. Technically, the site uses legacy JavaScript libraries like jQuery 1.8.3, Google Tag Manager, and Facebook SDK, with a moderate performance profile and basic mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks modern security headers and uses outdated libraries, which could pose risks. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for media businesses. Overall, the site is professional, content-rich, and safe for general audiences.

S

StavbaWeb

stavbaweb.cz

51

StavbaWeb is a Czech-language online platform dedicated to sharing information about construction products, architectural projects, and companies in the architecture and construction sectors. It serves as a niche media outlet providing news, project showcases, and industry insights primarily targeting architects, construction professionals, and related stakeholders in the Czech Republic. The website features a modern WordPress-based infrastructure with various plugins supporting GDPR compliance and user engagement. It integrates Google Tag Manager and Facebook SDK for analytics and marketing purposes. Security posture is moderate with HTTPS enforced and some security plugins in place, but lacks explicit security headers and published security policies. The absence of WHOIS data limits domain trust assessment, though the site appears professional and well-maintained. Privacy compliance is partial, with cookie consent implemented but no clear privacy policy page found. Overall, the site is a credible resource within its industry niche but would benefit from enhanced transparency and security documentation.

S

SNCB-NMBS International

b-europe.com

62

SNCB-NMBS International operates a professional online platform for booking international train travel across Europe, including services for Eurostar, TGV INOUI, ICE, and other major train operators. The website targets European travelers seeking convenient ticket purchasing and travel planning, offering additional services such as Interrail passes and special tickets for bikes and dogs. The platform is built on a modern technology stack including C#, JavaScript, and Sitecore CMS, with integration of Google and Facebook APIs and a robust consent management system for GDPR compliance. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are lacking. The absence of WHOIS domain registration data is a notable concern, potentially indicating a subdomain usage or incomplete WHOIS information. Overall, the website presents a trustworthy and user-friendly experience for its target audience, but would benefit from enhanced transparency in domain registration and security disclosures.

I

International Anti-Fur Coalition

antifurcoalition.org

56

The International Anti-Fur Coalition (IAFC) operates as a global non-profit animal rights advocacy group focused on ending the fur trade through activism, education, and legislative efforts. Founded in 2006, it unites over 50 organizations worldwide to organize campaigns and promote anti-fur legislation. The website serves as an informational and campaign platform, targeting animal rights supporters and the general public concerned with ethical fashion. Technically, the website is built on the Shopify platform, leveraging standard web technologies such as jQuery, Facebook SDK, and embedded YouTube content. The site is mobile-optimized with moderate performance and basic SEO and accessibility features. Analytics and tracking are implemented via Shopify Analytics and Facebook Pixel, indicating moderate user tracking. From a security perspective, the site enforces HTTPS and uses hCaptcha for form protection, but lacks explicit security headers and detailed privacy or cookie policies. WHOIS data is unavailable, likely due to privacy protection, which is common for non-profit organizations. No critical vulnerabilities or malicious content were detected. Overall, the website presents a moderate risk profile with good content quality and business credibility but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

I

Information Week

informationweek.com

73

InformationWeek is a well-established technology news and analysis media brand founded in 1979 and currently owned by Informa PLC. The website serves IT professionals and business leaders by providing in-depth coverage of IT management, artificial intelligence, cybersecurity, cloud computing, and data privacy. It holds a strong market position as a trusted source of technology insights. Technically, the website employs a modern technology stack including JavaScript frameworks, New Relic monitoring, and various analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly available. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and content-rich, though the lack of publicly available WHOIS data slightly impacts trust scores.

N

Nuit du Sport

nuitdusport.lu

55

Nuit du Sport is a government-backed initiative in Luxembourg aimed at promoting sports activities among youth and the general population by organizing annual sports events across various communes. The website serves as an informational and promotional platform, providing program details, partner information, and news updates. It is supported by official government bodies such as the Service National de la Jeunesse and the Ministère des Sports, indicating a strong institutional backing. Technically, the website employs modern web technologies including jQuery, lazy loading for images, and tracking via Matomo analytics. The site is mobile-optimized and accessible, with good SEO practices and a consistent branding strategy. No CMS or hosting provider details are explicitly identified from the content. From a security perspective, the site uses HTTPS with good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, security headers are not explicitly detected, and there is no public security or incident response policy. Privacy compliance is indicated by the presence of a legal aspects page covering privacy and cookie policies, with GDPR compliance implied. Overall, the website presents a low-risk profile with a solid business credibility due to government affiliation, though the lack of WHOIS data and explicit security policies slightly reduce trust scores. Strategic improvements could focus on enhancing security headers, publishing incident response contacts, and providing clearer contact information.

Savonlinja Oy is a well-established Finnish transportation company operating since 1924, providing scheduled bus routes, charter services, and travel packages primarily within Finland. The company targets general travelers and regional commuters, maintaining a strong market position with multiple subsidiaries and a recognized brand. The website reflects this with clear service offerings, travel booking forms, and active social media presence. Technically, the website uses a mix of legacy and modern technologies including AngularJS, jQuery, Bootstrap, and Google Fonts, with some outdated elements such as the legacy Google Analytics script. Security posture is moderate; HTTPS is used but no advanced security headers are detected, and privacy compliance is weak due to missing explicit privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in privacy and security best practices.

P

Planet Zemlja

planet-zemlja.hr

39

Planet Zemlja is a Croatian non-profit organization dedicated to environmental awareness, personal ecology, and ecological news dissemination. The website serves as a community platform offering news articles, event announcements, photo and video galleries, and educational content related to ecology. The target audience is the general public interested in environmental issues within Croatia. The business model is informational and community-driven without evident commercial transactions. Technically, the site uses a custom PHP-based CMS with jQuery and various plugins for RSS feeds, weather, and media galleries. External integrations include Google Analytics and Facebook SDK for tracking and social media engagement. However, the site lacks HTTPS on its main URLs, which is a significant security concern. Security headers are absent, and no advanced security or privacy compliance mechanisms are evident. Contact information is limited to forms without explicit emails or phone numbers. Overall, the site is functional but requires modernization and security improvements.

P

Pro Háčkování s.r.o.

prohackovani.cz

56

ProHackovani.cz is a Czech Republic-based e-commerce retailer specializing in crafting supplies, particularly for knitting, crocheting, sewing, and creative hobbies. The website offers over 21,000 products and has an established market presence with an 8-year tradition. It provides both online sales and a physical store in Kostelec nad Labem, supported by customer service via phone, email, and chat. The business model focuses on retail sales to hobbyists and creative individuals, maintaining a strong customer service orientation and product availability.

P

Pejskovice

pejskovice.cz

54

Pejskovice.cz is an e-commerce website specializing in pet supplies targeted primarily at Czech pet owners. The site offers a variety of products for dogs, cats, and rabbits, positioning itself as a local online retailer with a focus on pet care. The website is built on the Shoptet platform, leveraging common web technologies such as JavaScript, jQuery, and integrates analytics tools including Google Analytics and Smartlook for user behavior tracking. While the site is accessible and uses HTTPS, it lacks visible privacy and terms of service pages, which are important for compliance and user trust. The absence of WHOIS data and registrant information reduces the domain's trustworthiness, although the website content and structure appear professional and consistent with a legitimate retail business. Security posture is moderate, with HTTPS enabled but missing important security headers. Overall, the site is functional and serves its business purpose but would benefit from enhanced transparency and security practices.

C

Croatian Climate Change Panel

solarniklaster.org

45

The Croatian Climate Change Panel operates the solarniklaster.org website as a specialized platform focused on renewable energy, sustainable technologies, and climate change awareness primarily targeting Croatian and regional audiences. The site offers news, expert articles, multimedia content, and educational resources to support green energy transition efforts. Technically, the website uses a standard modern tech stack including Bootstrap, jQuery, and analytics tools, hosted on a domain registered since 2015 with privacy protection. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is basic with policies present but no explicit cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site is a credible, niche informational resource with room for security and privacy improvements.

Otok Krk energija d.o.o. is a Croatian limited liability company focused on producing and supplying renewable energy, primarily solar, to achieve energy independence for the island of Krk. The company is relatively new, founded in 2019, and is owned by the local municipality of Baška with plans to include other local government units as co-owners. Their business model centers on local investment and sustainable energy production, positioning themselves as a key player in the regional green energy market. The website reflects this mission with content in Croatian and some English, targeting local residents, investors, and governmental bodies interested in renewable energy projects. Technically, the website uses common web technologies such as Bootstrap, jQuery, and popular carousel libraries, with integration of Google Analytics and Facebook SDK for tracking and marketing purposes. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security posture is moderate; HTTPS is used but no explicit security headers or incident response policies are published. Privacy and cookie policies exist but lack active consent mechanisms. Overall, the website is professional and trustworthy but could improve in security and privacy compliance. Recommendations include implementing security headers, adding cookie consent, publishing incident response information, and enhancing contact transparency.

A

Aittakoodi Oy

pikavuorot.fi

47

Pikavuorot.fi is a Finnish transportation price comparison website operated by Aittakoodi Oy, founded in 2015. The platform aggregates and compares prices and schedules for bus and train travel across multiple Finnish transportation providers, including major companies such as VR, Matkahuolto, Onnibus, and airlines like Finnair and Norwegian. It serves a general audience seeking convenient travel planning and ticket purchasing options within Finland. The website enjoys a moderate market position as a leading price comparison tool in its niche. Technically, the site employs a modern but somewhat dated technology stack including Bootstrap 3, jQuery, DataTables, and Socket.io for real-time data updates. It integrates multiple third-party services for fonts, advertising, and analytics, including Google Adsense and Facebook SDK. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. From a security perspective, HTTPS is used, but explicit security headers are not detected in the provided data. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is basic, with a cookie consent banner and a privacy policy page present, but no detailed security or incident response policies are published. Contact information is limited to an email address, with no phone or physical address provided. Overall, Pikavuorot.fi presents a trustworthy and functional service with room for improvement in security hardening, privacy transparency, and expanded contact options. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing comprehensive policies, and improving user trust signals.

The website umdpl.info represents a Ukrainian human rights non-profit association named Асоціація УМДПЛ, also branded as “ФРІРАЙТС”. It focuses on digital rights, penitentiary oversight, legal education, criminal justice, and activist protection. The organization targets activists, government bodies, and the general Ukrainian public, providing educational resources, reports, and special projects. The domain is well-established since 2008, supporting the organization's credibility and longevity. Technically, the site runs on an outdated WordPress 4.4.2 CMS with older jQuery libraries, which introduces security risks. The site uses Google Analytics and Facebook SDK for tracking and social media integration. Mobile optimization and accessibility are basic, with moderate performance. No advanced SEO or modern frameworks are detected. Security posture is moderate but with notable gaps: HTTPS is enabled, but no DNSSEC, no security headers, and no cookie consent mechanisms are present. The outdated CMS and libraries increase vulnerability exposure. No explicit privacy or cookie policies were found, indicating compliance gaps with GDPR and related regulations. Overall, the site is functional and credible for its non-profit mission but requires technical and security modernization. Strategic improvements in security headers, CMS updates, privacy compliance, and user experience would enhance trust and reduce risk.

S

Centrum.cz: Fandíme dobrému obsahu

stdout.cz

49

Centrum.cz is a prominent Czech internet portal providing a variety of services including email, current news, weather updates, and search functionalities. It serves a broad Czech audience seeking reliable and timely information. The website leverages modern web technologies such as React and Next.js, ensuring a responsive and user-friendly experience. The presence of multiple reputable news sources and professional design indicates a mature digital presence. Security-wise, the site enforces HTTPS and includes essential security headers, reflecting a good security posture. However, the absence of explicit privacy and cookie policies, as well as contact information, suggests areas for compliance and transparency improvement. Overall, Centrum.cz appears to be a trustworthy and well-established media portal with room to enhance privacy compliance and user trust through clearer policy disclosures.

C

Centrum.cz

xsd.cz

57

Centrum.cz is a well-established Czech internet portal providing a variety of online services including email, news, and weather updates. The website targets Czech-speaking users seeking reliable and diverse content. Technically, the site is built on modern frameworks such as Next.js and React, leveraging multiple third-party analytics and advertising platforms to monetize and analyze user engagement. Security posture is strong with HTTPS enforced and appropriate security headers, although privacy compliance could be improved by publishing clear privacy and cookie policies. The absence of WHOIS data is likely due to privacy protection, which is common for media portals. Overall, the site presents a professional and trustworthy online presence with room for enhancement in privacy transparency and contact accessibility.

G

Galaksija

galaksija.hr

42

Galaksija.hr is a Croatian online magazine focused on popularizing science across various disciplines including natural sciences, technology, social sciences, ecology, and medicine. The website offers news articles, blogs, multimedia galleries, and videos targeting a general audience interested in science and education. The business model appears to be content publishing supported by advertising and partnerships with related portals. Technically, the site uses a custom CMS with common web technologies such as jQuery, Bootstrap, and Flexslider, and integrates analytics tools like Google Analytics, Histats, and Mixpanel. The site is accessible via HTTPS and includes a login form for registered users, but lacks advanced security headers and explicit GDPR cookie consent mechanisms. No incident response or security contact information is provided, which could be improved to enhance trust and compliance. Overall, the website is professionally designed with good content quality and moderate technical implementation, suitable for its niche media role.

I

Istra Bike

istria-bike.com

44

Istra Bike is an official regional cycling tourism portal for the Istria region in Croatia, providing comprehensive information on bike trails, accommodation, events, and related services. The website targets cycling tourists and outdoor enthusiasts, positioning itself as a key resource for promoting cycling tourism in the area. The platform offers detailed trail information, event calendars, multimedia content, and service listings such as bike rentals and transport. Technically, the website employs modern web technologies including Bootstrap 5, jQuery, Slick Carousel, and Lightbox2, ensuring a responsive and user-friendly experience. The site is served over HTTPS and includes cookie consent mechanisms, indicating awareness of privacy regulations. However, some security best practices such as explicit security headers and detailed security policies are missing. From a security perspective, the site maintains a good baseline with HTTPS and cookie consent but lacks advanced security headers and incident response information. The absence of WHOIS data for the domain raises concerns about domain registration transparency, although the website content and partner affiliations suggest legitimacy. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professionally designed and functional, with good content quality and user experience. The main risk lies in the missing WHOIS registration data, which slightly reduces trustworthiness. Strategic improvements in security headers, transparency policies, and domain registration clarity are recommended to enhance trust and compliance.

Istra Trails is an official regional tourism website focused on promoting cycling trails, accommodation, and events in the Istrian peninsula, Croatia. The site targets tourists and outdoor enthusiasts seeking detailed trail information and related services. It maintains a consistent brand presence with partner tourism companies and active social media channels. Technically, the website uses a mix of legacy and modern technologies including jQuery, Google Analytics, Facebook SDK, and Google Maps API v2, with moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but lacks DNSSEC and security headers, and uses deprecated APIs. Privacy compliance is addressed with a privacy policy and cookie consent banner, though terms of service and incident response policies are absent. Overall, the site is trustworthy and professionally maintained but could improve security and compliance aspects.

T

Ticketportal

ticketportal.sk

53

Ticketportal.sk is a well-established Slovak ticket sales platform specializing in entertainment events such as theatre, music concerts, festivals, musicals, and sports. The website targets a general audience in Slovakia and positions itself as a leading ticketing service provider in the region. The platform leverages modern web technologies including jQuery, Google Tag Manager, Facebook SDK, and reCAPTCHA to provide a secure and user-friendly experience. Consent management is implemented to comply with GDPR requirements, although explicit privacy and terms of service documents were not found in the provided content. Security posture is strong with HTTPS enforced and anti-bot measures in place, but could be improved by adding security headers and publishing a security policy. Overall, the website is professional, trustworthy, and technically sound, serving a large user base with extensive event ticketing services.

I

Istria Tourist Board

istra.hr

54

The website www.istra.hr serves as the official tourist website for the Istria Tourist Board, promoting the Istria region in Croatia. It provides comprehensive tourism information including accommodation, events, heritage, and nature activities targeting tourists and visitors interested in the Mediterranean region. The business operates as a regional tourism board with a medium-sized presence and has been established since 2012, consistent with the domain registration data. The website demonstrates a good level of digital maturity with modern web technologies, accessibility features, and SEO optimization. It uses a Laravel-based CMS inferred from session cookies and integrates multiple third-party services such as Facebook SDK, Google Tag Manager, Cookiebot for cookie consent, and MailerLite for marketing automation. Security posture is solid with HTTPS enforced and a detailed cookie consent mechanism, although explicit security headers could be more visible. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed through Cookiebot's consent management and links to a comprehensive privacy policy. However, no explicit terms of service or security policy pages were found. Overall, the website is professional, trustworthy, and well-aligned with its business purpose.

T

TZ Poreč

myporec.com

54

The website www.myporec.com serves as the official tourism portal for the City of Poreč in Istria, Croatia. It provides comprehensive information on local accommodations, events, gastronomy, and travel planning, targeting tourists and visitors interested in the region. The site is well-branded under the TZ Poreč identity and offers multilingual support, rich multimedia content, and accessibility features, reflecting a mature digital presence. Technically, the site employs modern JavaScript libraries, Google Analytics, and Facebook SDK for tracking and engagement, alongside cookie consent and accessibility compliance tools. Security posture is good with HTTPS enforced and cookie consent mechanisms, though explicit security headers could be improved. The absence of WHOIS data is a notable anomaly, reducing trust slightly, but the overall content and presentation suggest a legitimate and professional operation. Strategic recommendations include enhancing security headers, clarifying incident response policies, and investigating the WHOIS inconsistency to improve business credibility and trust.

J

JJ68

jj68byjagr.com

61

JJ68 by Jaromír Jágr is a Czech e-commerce business specializing in premium CBD products, including oils, protein drinks, and supplements, targeting sports enthusiasts and wellness consumers. The website is professionally designed, localized in Czech, and offers a clear navigation structure with multiple product categories. The business model combines online retail with a physical store presence in Prague. Technically, the site uses the Shoptet e-commerce platform, integrates multiple analytics and marketing tools, and is hosted via Amazon Cloudfront CDN. Security posture is moderate with HTTPS enforced and CSRF protections, but the use of an outdated jQuery version and lack of explicit security headers are notable weaknesses. Privacy compliance is good, with a comprehensive privacy policy and cookie consent mechanism in place. However, the absence of WHOIS registration data raises concerns about domain legitimacy, warranting further verification. Overall, the site is functional and trustworthy but should address technical and registration transparency issues to enhance credibility.

L

Lokálny trh

lokalnytrh.sk

56

Lokálny trh is an established Slovak online platform founded in 2014 that maps and catalogs local food and beverage producers, providing consumers with an interactive map and search tools to discover regional producers. The platform also supports producers, retailers, and event organizers by offering free online profiles and promotional tools. The website demonstrates a good level of digital maturity with modern technologies such as Algolia search, Google Analytics, Facebook SDK, and responsive design. Security posture is solid with HTTPS, DNSSEC, and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. Overall, the platform serves a niche retail market in Slovakia with a focus on local and regional products, maintaining a trustworthy and professional online presence.

I

Intergovernmental Panel on Climate Change

ipcc.ch

63

The Intergovernmental Panel on Climate Change (IPCC) is a globally recognized United Nations body established in 1988 to provide policymakers with scientific assessments on climate change, its impacts, and mitigation strategies. The organization operates with 195 member countries and produces comprehensive reports that are key inputs for international climate negotiations. The website reflects a mature digital presence with extensive content, including reports, working group information, and activities, targeting policymakers, researchers, and the public interested in climate science. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, and various UI libraries. It is well-optimized for mobile and accessibility, though performance is moderate. Security posture is strong with HTTPS enforced and no exposed sensitive data, but could be improved by adding explicit security headers and a cookie consent mechanism to enhance GDPR compliance. Overall, the IPCC website demonstrates high professionalism, trustworthiness, and content quality. However, it lacks explicit contact emails or phone numbers on the homepage and does not display a cookie consent banner, which are areas for improvement. No WAF or blocking mechanisms were detected, allowing full content access for analysis.

H

HC Benátky nad Jizerou

hokejbenatky.cz

46

HC Benátky nad Jizerou is a Czech ice hockey club with a well-established online presence since at least 2002. The website serves as an information hub for the club's activities, including team rosters, match schedules, news updates, and youth hockey programs. It targets local fans, players, and the community, providing comprehensive sports-related content and partner promotions. The site is hosted likely by REG-ZONER, a Czech hosting provider, and uses a technology stack including Bootstrap, jQuery, and Slick Carousel. While the site is functional and mobile-optimized, it uses some outdated JavaScript libraries and analytics scripts, which pose potential security risks. The security posture is moderate, with cookie consent implemented but lacking visible security headers and modern analytics. No explicit privacy policy or terms of service pages were found, which may impact compliance. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the site. Strategic improvements in security and privacy compliance are recommended to enhance trust and protect user data.

B

Bauer CZ

bauerhockey.cz

36

Bauer CZ operates a professional e-commerce website specializing in hockey equipment and apparel targeted primarily at hockey players and enthusiasts in the Czech Republic. The company offers a wide range of products including hockey sticks, skates, helmets, gloves, protective gear, training equipment, and clothing. The website demonstrates a consistent brand presence and good content quality, supporting its position as a recognized retailer in the hockey sports sector. Technically, the website employs modern web technologies such as jQuery, Google Tag Manager, Cookiebot for cookie consent, and Facebook SDK for social media integration. The site is HTTPS secured and uses structured data (JSON-LD) to enhance SEO and provide clear business information. Mobile optimization and user experience are good, with a clear navigation structure and search autocomplete features. From a security perspective, the website enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or suspicious content were detected. Privacy compliance is partial, with cookie consent present but no visible privacy policy or terms of service pages in the provided content. Overall, Bauer CZ presents a trustworthy and professional online retail platform with moderate to good security posture and technical implementation. Strategic improvements in privacy policy publication, security headers, and incident response transparency would enhance compliance and trustworthiness.

Z

ZAK TV

zaktv.cz

48

ZAK TV is a regional television broadcaster serving the Plzeňský and Karlovarský regions of the Czech Republic. The website offers live streaming of current broadcasts, an archive of programs, and services such as advertising and studio rental. The business operates as a small media entity with a consistent brand presence and active social media channels. Technically, the site uses a mix of legacy and modern web technologies including jQuery, Fancybox, AOS, and Clappr for video playback, supported by Google Analytics and Hotjar for analytics and user behavior tracking. While the site is accessible and professionally designed, it lacks critical privacy and cookie policies, which impacts GDPR compliance. Security posture is moderate with no visible security headers and no explicit SSL/TLS configuration details provided. Overall, the site is functional and credible but would benefit from enhanced security and privacy measures.

T

Michal Tučný revival

tucny-revival.cz

54

The website tucny-revival.cz represents a small Czech music band dedicated to the revival of Michal Tučný, a legend in Czech country music. The site provides information about band members, upcoming events, media galleries, and contact options primarily for fans and event organizers. The business model is focused on entertainment and local cultural promotion with a niche audience in the Czech Republic. The website is modest but functional, reflecting a small-scale operation with limited digital maturity.

H

Hostinec U Hubálků

uhubalku.cz

49

Hostinec U Hubálků is a Czech hospitality business specializing in traditional Czech cuisine, accommodation, event hosting, and catering services. The website presents a professional and comprehensive digital presence, showcasing menus, events, booking options, and an e-shop for homemade products. The business targets local and regional customers seeking quality dining and event experiences. Technically, the site is built on WordPress with the Divi theme and WooCommerce, integrating modern tools like Google Tag Manager and Facebook SDK for analytics and marketing. Security measures include HTTPS and Google reCAPTCHA on forms, though some security headers could be improved. Privacy compliance is strong with clear cookie consent and privacy policies. The absence of WHOIS data reduces domain trust but the website content and certifications support legitimacy. Overall, the site is well-designed, user-friendly, and trustworthy for its business domain.

O

Obec Orlické Záhoří

orlickezahori.eu

46

The website www.orlickezahori.eu is the official municipal site for the village of Orlické Záhoří in the Czech Republic. It serves as a comprehensive information portal for residents, visitors, and local businesses, providing news, event calendars, administrative contacts, public tenders, and tourism-related content including virtual tours. The site is positioned as a local government resource with a focus on community engagement and transparency. Technically, the website is built on Joomla CMS with Bootstrap 5 for responsive design, integrating third-party libraries such as Awesomplete for search and the Facebook SDK for social media integration. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security practices include HTTPS and CSRF tokens, but the absence of security headers and privacy/cookie policies indicates room for improvement. From a security perspective, the site shows a basic security posture with no critical vulnerabilities detected in the content. The domain WHOIS data is privacy protected, which is typical for .eu domains, and does not raise trust concerns given the official nature of the site. However, the lack of explicit privacy and cookie policies may pose compliance risks under GDPR. Overall, the site is trustworthy and professionally maintained, serving its intended audience well. Strategic recommendations include enhancing privacy compliance, implementing security headers, and improving accessibility and SEO to strengthen the site's security and user experience.

P

penShop

penshop.cz

57

penShop.cz is a specialized Czech e-commerce retailer focused on branded writing instruments, drawing, and calligraphy supplies. With approximately 20 years of market presence, it offers a broad product catalog and operates a physical store in Prague, enhancing customer trust and service quality. The website is built on the Shoptet platform, leveraging common web technologies including jQuery, Google Tag Manager, and Facebook SDK for marketing and analytics. The site is well-structured, mobile-optimized, and includes GDPR-compliant privacy and cookie policies. Security posture is generally good with HTTPS enforced and CSRF protections in place, though the use of an outdated jQuery version presents a potential vulnerability. No blocking or WAF challenges were detected, allowing full content accessibility. Overall, penShop.cz demonstrates a professional and trustworthy online presence suitable for its retail business model.

D

Dřevobox.cz

drevobox.cz

54

Dřevobox.cz is a Czech Republic-based e-commerce retailer specializing in wooden products and custom engraving services. The website offers a wide range of wooden goods including boxes, furniture, kitchen utensils, decorations, and fashion accessories, targeting general consumers interested in quality wooden items and personalized gifts. The business model is primarily online retail with a focus on craftsmanship and customization. The site is well-branded and professionally designed, providing clear navigation and a comprehensive product catalog.

V

Vyškovská TV, s.r.o.

kurimskymagazin.cz

52

Kuřimský magazín is a local media outlet operated by Vyškovská TV, s.r.o., focusing on video content related to the Kuřim region, including city council meetings and other local events. The primary distribution channel is their YouTube channel, complemented by cable TV broadcasting in Kuřim. The website serves as an informational hub with contact details and links to social media platforms. Technically, the site is built on the Webnode CMS platform, uses Amazon Cloudfront CDN for content delivery, and integrates Google Analytics and Facebook SDK for tracking and social engagement. While the site is accessible and functional, it lacks mobile responsiveness and advanced SEO or accessibility features. Security posture is basic with HTTPS enabled but missing important security headers and policies. The absence of privacy and cookie policies indicates non-compliance with GDPR requirements. WHOIS data is unavailable, which raises concerns about domain legitimacy, although the website content and contact information suggest a legitimate local business presence.

W

Wellness Kuřim s.r.o.

halakurim.cz

53

Sportovní hala Kuřim is a local sports facility operated by Wellness Kuřim s.r.o., providing a variety of sports venues and services including a sports hall, inflatable summer hall, beach volleyball courts, athletic area, aquapark, fitness center, and football fields. The website targets local sports enthusiasts and community members, offering reservation systems and event information. The business operates in the hospitality sector with a small company size and a clear focus on community sports engagement. Technically, the website employs common web technologies such as Google Analytics, Facebook SDK, and Google Maps API, with a moderate performance and good mobile optimization. The site uses HTTPS and secure form submissions but lacks advanced security headers and published privacy or terms of service documents, indicating room for improvement in security and compliance maturity. Security posture is adequate with HTTPS and secure forms but missing security headers and privacy policy reduce overall security confidence. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is a concern for domain legitimacy and trustworthiness, although the website content and contact information appear professional and consistent. Overall, the website is functional and professional but would benefit from enhanced security practices, published privacy and terms policies, and improved transparency regarding data protection to increase trust and compliance.

W

Wellness Kuřim s.r.o.

wellnesskurim.cz

69

Wellness Kuřim s.r.o. operates a multi-service wellness and recreational facility in the Czech Republic, offering aquapark, fitness, relaxation and massage services, a restaurant, and an e-shop for related products and vouchers. The company targets families, fitness enthusiasts, and wellness customers, positioning itself as a local/regional leader in hospitality and wellness services. The website is professionally designed with clear navigation and mobile optimization, integrating social media and cookie consent mechanisms. Technically, it uses common web technologies including jQuery, Google Analytics, Facebook SDK, and CookieHub for cookie management. Security posture is moderate with HTTPS implied but lacking explicit security headers and detailed security policies. WHOIS data is unavailable, which reduces transparency and trustworthiness. Contact information is clearly provided, but privacy and terms of service policies are not explicitly found. Overall, the website is functional, user-friendly, and trustworthy from a business perspective but could improve in security and compliance documentation.

S

Společenské a kulturní centrum Kuřim, příspěvková organizace

kulturakurim.cz

46

Společenské a kulturní centrum Kuřim is a public cultural institution serving the Kuřim community in the Czech Republic. It provides a variety of cultural services including event hosting, cinema screenings, library access, museum exhibitions, and senior club activities. The website is well-structured, professionally designed, and targets a broad audience including families, seniors, and local residents. The business model focuses on community engagement and cultural enrichment, positioning itself as a key local cultural hub. Technically, the website is built on Drupal 8 CMS, utilizing modern JavaScript libraries such as jQuery Cycle2 for slideshows and CookiesJSR for cookie consent management. It integrates Google Analytics for visitor tracking and Facebook SDK for social media interaction. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data limits domain trust analysis, but the presence of official contact information and local partnerships supports legitimacy. Overall, the website demonstrates a solid digital presence with good content quality, technical implementation, and business credibility. Strategic improvements include enhancing security headers, publishing security and incident response policies, and maintaining up-to-date CMS and modules to mitigate risks.

A

as4u.cz, s.r.o.

mladoboleslavsko.eu

64

The website www.mladoboleslavsko.eu serves as the official regional tourism portal for the Mladá Boleslav area in the Czech Republic. It provides comprehensive information on tourist regions, nature, history, culture, sports, accommodation, events, and local attractions. The site targets tourists and visitors interested in exploring this region, offering services such as event calendars, photo galleries, a mobile app, and an e-shop. The business behind the site appears to be a small regional tourism promotion entity, operated by as4u.cz, s.r.o., a Czech company specializing in publishing and editorial systems.

E

E-GO, s.r.o.

webhouse.family

61

WebHouse, operated by E-GO, s.r.o., is a reputable Slovakian hosting and domain registration provider managing over 56,000 domains. The company offers a range of hosting plans, including shared hosting, virtual and dedicated servers, and business email services, targeting both individual and business customers. Their market position is solid within the regional technology sector, emphasizing reliability and customer care with a 100% uptime guarantee. Technically, the website employs a mature technology stack including Bootstrap, jQuery, Google reCAPTCHA, and Cookiebot for consent management. The site is mobile-optimized with good SEO and accessibility features, though some accessibility aspects could be improved. Performance is moderate, with external dependencies on Google and Facebook services for analytics and social media integration. Security posture is good with HTTPS enforced and use of reCAPTCHA to protect forms. Cookie consent is managed comprehensively via Cookiebot, ensuring GDPR compliance. However, explicit security headers like CSP and X-Frame-Options are not clearly detected and could be enhanced. No critical vulnerabilities or exposed sensitive data were found. Overall, WebHouse presents a trustworthy and professional online presence with strong privacy compliance and business credibility. Strategic recommendations include enhancing security headers, publishing a formal security policy, and maintaining up-to-date third-party libraries to further strengthen security and compliance.

D

Drevoburza

drevoburza.eu

55

Drevoburza.eu operates as a specialized online marketplace and classified ads platform focused on forestry and wood-related products and services in Slovakia. The platform offers categorized listings including timber, pallets, wood chips, furniture, forestry services, and hunting supplies via an integrated e-shop. It targets businesses and individuals involved in the forestry sector, providing a niche regional service with moderate market presence. The website integrates social media and partner links to enhance its ecosystem. Technically, the website uses a traditional web stack with jQuery, Google Analytics, Facebook SDK, and Google Maps API. Hosting is provided by WebSupport s.r.o., a reputable Slovak hosting provider. The site is served over HTTPS, but uses some outdated libraries and lacks advanced security headers, indicating room for modernization and improved security hardening. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. From a security perspective, the site enforces HTTPS and uses input masking on phone fields, but lacks explicit security policies and incident response information. The presence of outdated jQuery versions and missing security headers represent potential vulnerabilities. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. No direct company contact emails or phone numbers are published, which may impact user trust. Overall, the website is functional and professionally presented with good content quality and clear navigation. It is safe for general audiences with no adult or questionable content. The domain registration is consistent and legitimate, supporting the business credibility. Strategic improvements in security posture, contact transparency, and technical modernization would enhance trust and compliance.

Hamrsport operates sports and leisure facilities in Prague, offering a variety of services including sports area rentals, tournaments, camps, and an online reservation system. The website targets families and sports enthusiasts, positioning itself as a local provider of recreational activities. The business appears small but well-established since 2014, with partnerships including local government entities. Technically, the website uses common frameworks like Bootstrap and jQuery, integrates Google Analytics and Facebook SDK for tracking, and provides a responsive design with moderate performance. Security posture is basic, with HTTPS implied but lacking explicit security headers and advanced protections. Privacy compliance is minimal, with a cookie consent banner but no visible privacy policy or terms of service. Contact information is comprehensive, including phone numbers, addresses, and a contact form with basic spam protection. Overall, the site is professional and trustworthy but could improve in security and privacy transparency.

L

Lesmedium SK, s.r.o.

lesmedium.sk

37

Lesmedium.sk is a Slovak media platform focused on forestry news, education, and community engagement. It serves forestry professionals, landowners, and enthusiasts with news articles, forums, subscription magazines, and advertising services. The company Lesmedium SK, s.r.o., founded in 2006, operates the site with a consistent brand presence and partnerships with relevant forestry organizations. Technically, the site runs on Joomla CMS with a mix of JavaScript libraries including MooTools and jQuery, and integrates tracking tools such as Google Analytics and Heatmap.it. The website is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is moderate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and legitimate with a solid domain age and consistent WHOIS data.

M

mediální skupina INCORP a.s.

eurozpravy.cz

67

EuroZprávy.cz is a well-established Czech news portal operated by mediální skupina INCORP a.s., founded in 2008. The site offers comprehensive news coverage including domestic and international news, sports, weather, business, culture, and opinion pieces. It targets the general public interested in current affairs and provides additional services such as podcasts and financial calculators. The website maintains a professional design with consistent branding and strong trust indicators such as an ethical code and transparent editorial information. Technically, the site leverages modern web technologies including Google Analytics, Google Tag Manager, Facebook SDK, and AWS hosting infrastructure. It employs advertising networks like Google Adsense and Performax, with appropriate consent mechanisms for GDPR compliance. Security posture is good with HTTPS enforced and AWS WAF integration, though explicit security policies and incident response contacts are not published. WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the site is a credible and professional media outlet with good technical and privacy practices.