Security Directory

D

Deutscher Wetterdienst

dwd-shop.de

64

The Deutscher Wetterdienst WetterShop website serves as the official e-commerce platform for the German federal weather service, offering specialized weather forecasts, climate data, and related publications primarily targeting professionals in agriculture, aviation, and other sectors requiring precise meteorological information. The site is well-branded with government insignia and provides a clear, professional user experience in German with an English language option. The business model focuses on selling weather and climate-related products and services, positioning the organization as a trusted authority in meteorological data within Germany. Technically, the website is built on the Magento e-commerce platform, utilizing JavaScript libraries such as jQuery and Prototype.js. The site demonstrates good mobile optimization, accessibility features, and SEO practices, although performance is moderate. Security is enforced through HTTPS and secure cookie settings, but the absence of security headers and a cookie consent mechanism indicates room for improvement in compliance and hardening. From a security perspective, the site shows a solid baseline with no visible vulnerabilities or exposed sensitive data. However, the lack of a published security policy, incident response contacts, and vulnerability disclosure mechanisms suggests limited transparency in security governance. The WHOIS data aligns well with the official government entity, confirming domain legitimacy and consistency with the website content. Overall, the website is trustworthy, professionally maintained, and suitable for its target audience. Strategic recommendations include implementing cookie consent to meet EU regulations, adding security headers to enhance protection, and publishing security and incident response policies to improve transparency and user trust.

M

Météo-France

meteofrance.yt

61

Météo-France Mayotte is the official regional meteorological service providing comprehensive weather forecasts, cyclone tracking, marine weather, and climatology information for Mayotte. The website serves residents, visitors, and government agencies with up-to-date meteorological data and alerts. Technically, the site is built on Drupal CMS with modern JavaScript libraries such as Leaflet for mapping and integrates consent management via Didomi, ensuring GDPR compliance in cookie handling. The site is mobile-optimized and accessible, with good SEO practices. Security posture is strong with HTTPS and consent mechanisms, though explicit security policies and vulnerability disclosures are absent. Overall, the domain registration is consistent with the official nature of the site, and no blocking or WAF challenges were detected.

The website drias-climat.fr appears to be a climate-related informational site, likely affiliated with meteorological data services in France, as inferred from its nameservers pointing to meteofrance.fr. The domain is registered since 2011 and is active, indicating a stable presence. However, the accessible content is minimal, primarily a captcha verification page, with no visible privacy, cookie, or terms of service policies. There is no contact information or business details presented on the page. Technically, the site uses JavaScript and base64 encoded images but lacks modern web practices such as HTTPS enforcement and security headers. The overall user experience and content quality are poor, with limited navigation or engagement features.

E

Eastern Sun Tours and Safaris

easternsuntours-safaris.com

47

Eastern Sun Tours and Safaris is a Tanzania-based tour operator specializing in safari and adventure travel services. Established in 2010, the company offers a range of services including wildlife safaris, Kilimanjaro climbing expeditions, Serengeti tours, and cultural experiences. The website positions the company as a premier operator with expert guides, targeting tourists interested in exploring Tanzania's natural and cultural treasures. Technically, the website is built on WordPress using Elementor, with integrations such as Google Site Kit for SEO and analytics. Hosting is provided by NameCheap, and the site uses HTTPS with a clientTransferProhibited domain status, indicating a stable and secure domain registration. However, DNSSEC is not enabled, and security headers are missing, which are areas for improvement. The security posture is moderate, with no visible vulnerabilities but lacking advanced security configurations. Privacy compliance is weak, as no privacy or cookie policies are found, and no consent mechanisms are implemented. Contact information is not explicitly presented, which may affect user trust and compliance. Overall, the website is professional and content-rich but would benefit from enhanced security and privacy practices to improve trust and compliance.

E

Elima Pottery s.r.o.

elimashop.cz

56

Elima Pottery s.r.o. operates www.elimashop.cz, a small family-owned e-commerce business specializing in handcrafted Polish stoneware ceramics from Boleslawiec. The website targets a general audience interested in unique, traditional pottery products, offering multi-language and multi-currency support to serve international customers. The business model focuses on direct online retail of artisanal ceramic products, leveraging its expertise and unique product lineage to differentiate itself in the niche market. Technically, the website is built on the Upgates e-commerce platform, utilizing modern web technologies including JavaScript, Google Fonts, Google Analytics 4, and Facebook Pixel for marketing and analytics. The site demonstrates good mobile optimization and SEO practices, though some accessibility features could be enhanced. Performance is moderate, with room for improvement in loading speed and technical modernization. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, indicating awareness of privacy regulations. However, the absence of security headers and explicit privacy and terms of service pages suggests gaps in security best practices and compliance. The lack of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trustworthiness. Overall, the website presents a professional and trustworthy front for a niche e-commerce business but would benefit from improved security practices, clearer privacy compliance documentation, and verification of domain registration details to enhance credibility and reduce risk.

O

Oehling.cz - váš e-shop s fototechnikou

oehling.cz

55

Oehling.cz is an e-commerce platform specializing in the sale of photographic equipment, targeting a general audience primarily in the Czech Republic. The website presents a professional design with good mobile optimization and integrates multiple tracking and marketing tools such as Google Analytics, Facebook Pixel, and Google Tag Manager. Despite the lack of visible privacy and terms of service policies, the site demonstrates a mature digital infrastructure typical for retail e-commerce businesses. The absence of WHOIS data is a notable concern, potentially indicating issues with domain registration transparency. Security posture is adequate with HTTPS enforced and consent mechanisms for cookies implemented, but could be improved by adding security headers and publishing clear privacy and contact information.

3

37th International Conference on Alpine Meteorology (ICAM)

icam2025.hr

51

The website for the 37th International Conference on Alpine Meteorology (ICAM) presents a well-structured and content-rich platform for the upcoming scientific conference scheduled in Poreč, Croatia in late 2025. It targets researchers and professionals in mountain meteorology and climate science, offering detailed event information, registration, and abstract submission functionalities via partner platforms. The site demonstrates a moderate level of digital maturity with modern web technologies and responsive design, although it lacks key privacy and security policy disclosures. The security posture is adequate with HTTPS and Cloudflare DNS, but could be improved by adding security headers and incident response information. Overall, the domain registration aligns with the event's geographic focus but shows an unusual future creation date, likely due to event timing. Strategic improvements in privacy compliance and contact transparency would enhance trust and compliance.

The Belgian Science Policy Office (BELSPO) operates as the Federal Public Planning Service Science Policy, providing coordination and support for scientific research and federal scientific institutions in Belgium. The website serves as an official government portal offering multilingual content in Dutch, French, and English, targeting government stakeholders, researchers, and the public interested in science policy. Key services include support for federal museums, participation in European and international scientific organizations, research funding, and management of the Belnet telematics network. Technically, the website uses basic HTML, CSS, and JavaScript without advanced frameworks or CMS detected. The site is moderately optimized for performance and mobile use but lacks advanced accessibility and SEO features. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. Security headers and SSL configuration details are not visible in the provided data, suggesting room for improvement in security hardening. From a security perspective, the site shows no signs of vulnerabilities or exposed sensitive data but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy and cookie policies are present, though cookie consent mechanisms are not implemented. WHOIS data is restricted by DNS Belgium policy, which is typical for government domains, and does not raise legitimacy concerns. Overall, the site is trustworthy and professional but could enhance its security posture and privacy compliance. The overall risk is low given the official nature and content safety, but strategic improvements in security headers, HTTPS enforcement, and transparency in incident response would strengthen the security and trust profile.

S

Suomen Ympäristökeskus

ostersjon.fi

65

The website itameri.fi is operated by Suomen Ympäristökeskus, a Finnish governmental environmental agency. It serves as an information and data dissemination platform focused on the Baltic Sea, providing environmental monitoring data, water quality information, and marine observations. The site targets researchers, environmental professionals, policymakers, and the general public interested in the Baltic Sea ecosystem. The business model is governmental and informational, with no commercial transactions. The domain has been registered since 2003, consistent with a mature governmental service. Technically, the website uses WordPress CMS with modern JavaScript libraries and integrates Google Tag Manager and CookieHub for analytics and cookie consent management. The site is mobile optimized, accessible, and SEO friendly. Hosting appears to be on Finnish academic or research infrastructure, indicated by the nameservers. Performance is moderate with good mobile and accessibility features. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks DNSSEC and visible security headers such as Content-Security-Policy or X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with a clear privacy and cookie policy in Swedish, aligned with GDPR requirements. No explicit incident response or security policy pages were found. Overall, the website is trustworthy and legitimate, with strong alignment between WHOIS registration data and website content. Recommendations include implementing DNSSEC, adding security headers, and publishing incident response information to enhance security posture and transparency.

Sencor.hu is a professional e-commerce website representing the Sencor brand, specializing in consumer electronics and household appliances targeted primarily at the Hungarian market. The site offers a broad product catalog with detailed categories and supports customer account management and product support services. The business is positioned as a medium-sized retail entity with a consistent brand presence and international regional sites. Technically, the website employs modern JavaScript frameworks, Google Tag Manager, and analytics tools, ensuring a good user experience and moderate performance. Security posture is strong with HTTPS enforcement, secure login forms, and standard security headers, though explicit privacy and terms policies are missing, indicating room for compliance improvement. Overall, the site is trustworthy, safe, and professionally maintained, with clear contact information and no suspicious elements detected.

Sencor is a consumer electronics and home appliances brand offering a wide range of products including televisions, audio-video equipment, kitchen appliances, and health and beauty devices. The website serves as a retail and informational platform targeting general consumers primarily in the French language market, with multiple regional versions available. The company provides customer support, product downloads, and dealer location services, positioning itself as an established player in the retail electronics sector with a medium-sized market presence based in the Czech Republic. Technically, the website is built on modern web technologies including HTML5, CSS3, JavaScript, Bootstrap 4, and Kentico CMS. It employs structured data (JSON-LD) for enhanced SEO and contact information presentation. The site is mobile-optimized with good navigation and content quality, although some accessibility features are basic. Performance is moderate with use of Google Fonts and asynchronous JavaScript loading. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML. However, no explicit security headers were detected, and there is no visible cookie consent mechanism, which may impact GDPR compliance. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website presence. Overall, the website is functional, professional, and trustworthy in content and design but would benefit from improved security headers, cookie consent implementation, and verification of domain registration details to enhance trust and compliance.

L

Le Gouvernement du Grand-Duché de Luxembourg

lu-alert.lu

58

LU-Alert is the official Luxembourg government website dedicated to the national alert and information system for the population. It provides timely alerts issued by public authorities and promotes the LU-Alert mobile application available on iOS and Android platforms. The website targets residents and citizens of Luxembourg, aiming to enhance public safety through effective communication channels. The site is well-branded with consistent government identity and offers content primarily in French with language alternatives.

L

Le Gouvernement du Grand-Duché de Luxembourg

etat.lu

64

The website etat.public.lu serves as the official directory and portal for public administration websites of the Grand Duchy of Luxembourg. It provides comprehensive listings and links to government ministries, agencies, and related public services primarily in French. The site is government-operated, targeting public sector employees, citizens, and stakeholders seeking official information. The business model is informational and public service oriented, with a strong market position as the authoritative government directory. Technically, the site is built on Adobe Experience Manager, uses modern web standards, and is mobile optimized with good accessibility features. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks explicit security headers and incident response information. The absence of WHOIS data limits domain trust verification, though the content and branding strongly indicate legitimacy. Overall, the site is professional, trustworthy, and serves its public information purpose effectively.

L

Le Gouvernement du Grand-Duché de Luxembourg

guichet.lu

67

Guichet.public.lu is the official government portal of Luxembourg dedicated to providing citizens with easy access to a wide range of public services and administrative information. The website offers comprehensive coverage of topics such as financial aids, citizenship, family and education, taxation, immigration, inclusion, justice, housing, leisure, health, transport, and employment. It serves as a centralized digital gateway for Luxembourg residents to navigate government procedures efficiently. Technically, the site is built on Adobe Experience Manager (AEM), leveraging modern web technologies including SVG icons, JavaScript, and CSS for a responsive and accessible user experience. The presence of Adobe Dynamic Tag Manager indicates a mature approach to analytics and marketing tag management. The site is mobile-optimized and includes accessibility features, ensuring usability for a broad audience. From a security perspective, the website enforces HTTPS and integrates secure login mechanisms linking to official government authentication services. Cookie consent and privacy policies are clearly presented, reflecting compliance with GDPR requirements. While explicit security headers are not fully visible in the provided data, the overall posture appears strong with no evident vulnerabilities or exposed sensitive data. Overall, guichet.public.lu demonstrates a high level of professionalism, trustworthiness, and user-centric design, making it a reliable resource for Luxembourg citizens. The main limitation in the analysis is the absence of WHOIS data, which restricts domain registration trust assessment. Nonetheless, the official branding and domain extension support its legitimacy.

L

Le Gouvernement du Grand-Duché de Luxembourg

luxembourg.lu

57

The website luxembourg.public.lu is the official government portal of the Grand Duchy of Luxembourg, providing comprehensive information about the country’s culture, living conditions, tourism, education, work, and investment opportunities. It serves a broad audience including residents, tourists, investors, and the general public. The site is well-branded with consistent government logos and multilingual support, reflecting Luxembourg’s multicultural and multilingual identity. Technically, the site is built on Adobe Experience Manager, uses modern web technologies, and includes accessibility and SEO best practices. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers could be improved. The absence of WHOIS data is likely due to registry restrictions rather than malicious intent, but it slightly impacts trust metrics. Overall, the site is professional, trustworthy, and well-maintained.

L

Le gouvernement luxembourgeois

gouvernement.lu

65

The website gouvernement.lu is the official portal of the Luxembourg government, providing authoritative information, news, and access to public services. It serves a broad audience including citizens, residents, businesses, and international partners. The site is well-structured, multilingual, and professionally designed, reflecting its role as a government information hub. Technically, it is built on Adobe Experience Manager CMS and uses Adobe DTM for tracking, indicating a mature digital infrastructure. Security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security headers and policies could be improved. WHOIS data is unavailable due to query rate limits, but the domain's .lu TLD and official branding support legitimacy. Overall, the site demonstrates strong business credibility and good privacy compliance.

C

CSG Foundation

csgfoundation.com

67

CSG Foundation is a non-profit organization dedicated to supporting communities, first responders, promising talents, and CSG Group employees. The foundation focuses on three key pillars: firefighter support, science and education, and employee assistance. The website is professionally designed using modern technologies such as Next.js and Sanity CMS, providing a good user experience with clear navigation and mobile optimization. Security posture is solid with HTTPS enforced and secure forms, though some security policies and incident response information are missing. Privacy and cookie policies are comprehensive and GDPR compliant. The absence of WHOIS data is a concern but the website's linkage to the reputable Czechoslovak Group supports its legitimacy.

S

sitour Slovakia

sitour.sk

50

sitour Slovakia operates as a key player in the tourism advertising sector, providing innovative and flexible advertising solutions primarily in ski resorts, aquaparks, and online platforms. As part of the larger sitour International network, it leverages a strong market position across Alpine regions to deliver targeted out-of-home and digital advertising services. The website reflects a professional and modern digital presence, utilizing the Astro framework and integrating Google Tag Manager for analytics and marketing purposes. Privacy and cookie consent mechanisms are robust and GDPR compliant, enhancing user trust. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though formal security policies and incident response contacts are absent. Overall, the site demonstrates a mature business with a clear focus on tourism advertising and technology, supported by consistent branding and comprehensive content.

T

The Waterfront

underdogbarnyc.com

49

The Waterfront website represents a hospitality business, likely a restaurant or event venue located in Venice, California. The site is built on the Squarespace platform, featuring a gallery of images and navigation for about, menus, reservations, and scheduling. The technical infrastructure is modern with good mobile optimization and basic SEO and accessibility features. Security posture is moderate with HTTPS enabled and cookie consent implemented via iubenda, but lacks advanced security headers and visible privacy or terms policies. The absence of WHOIS data for the queried domain underdogbarnyc.com and mismatch with the website content reduces trustworthiness and raises questions about domain registration legitimacy. Overall, the site is functional and professional but would benefit from enhanced security and compliance disclosures.

T

The Waterfront

sweetmelissascafe.com

59

The Waterfront is a hospitality business operating as a restaurant located in Venice, California. The website serves as an online presence providing information about the restaurant, menus, reservations, and scheduling. The business appears to be a small local restaurant with a focus on dining services and event scheduling. The website is built on the Squarespace platform, leveraging standard web technologies and third-party scripts such as Iubenda for cookie management, although no active cookie consent mechanism or privacy policy is present. The site is moderately optimized for performance and mobile devices, with a clean and consistent branding approach. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is functional and professional but would benefit from enhanced privacy and security measures to improve trust and compliance.

T

The Waterfront

yourfitnesspath.com

59

The website content analyzed corresponds to 'The Waterfront', a hospitality business likely operating as a restaurant or event venue. The site offers menus, reservation options, and scheduling links, targeting general public customers. The technical infrastructure is based on Squarespace CMS, leveraging standard web technologies and third-party services like Iubenda for cookie management. The site is mobile optimized and has moderate performance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance documentation. The WHOIS data for the provided domain yourfitnesspath.com is missing, and the website content does not match the domain, indicating a possible domain-content mismatch or error in the provided URL. This discrepancy impacts trust and legitimacy assessments. Overall, the site is professionally designed but requires improvements in privacy compliance, contact transparency, and security best practices.

N

Nadace města Karlovy Vary

nadace-karlovyvary.cz

41

Nadace města Karlovy Vary is a non-profit foundation established by the statutory city of Karlovy Vary, Czech Republic. The foundation focuses on supporting cultural, sports, health, social, educational, architectural, and tourism-related initiatives within the city and its surroundings. The website serves as an informational portal providing details about the foundation's mission, supported areas, partners, and grant opportunities. The target audience includes local residents, cultural organizations, and potential grant applicants. Technically, the website is built using HTML5, CSS3, and JavaScript with jQuery 1.8.3 and RequireJS, likely generated by Adobe Muse. Mobile optimization is basic with separate mobile and tablet pages. Security posture is moderate but weakened by the use of outdated JavaScript libraries and lack of visible security headers or privacy policies. No forms or direct contact information are present on the main page, limiting user engagement and transparency. Overall, the site is functional and professional but requires updates to improve security and compliance.

T

Tiskárna GARMOND spol. s r.o.

garmond-tisk.cz

44

Tiskárna GARMOND spol. s r.o. is a small Czech printing company established in 1992, offering comprehensive printing services including prepress preparation, offset and digital printing, surface finishing, embellishments, bookbinding, and delivery. The company emphasizes in-house production capabilities and minimal external subcontracting, positioning itself as a reliable regional provider with specialized binding services. The website is professionally designed using WordPress with multilingual support, optimized for SEO and mobile devices, reflecting a mature digital presence. Security posture is good with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal privacy/cookie policies, indicating areas for compliance improvement. Overall, the business demonstrates legitimacy and professionalism with clear contact information and client testimonials, but should enhance privacy compliance and security best practices to strengthen trust and regulatory adherence.

S

Studio Fresh Net, s.r.o.

mediaas.cz

52

Mediaas.cz is a Czech advertising and publishing agency operating since 2013, offering comprehensive marketing services across the Czech Republic. The website presents a professional image with clear branding and a focus on various marketing disciplines including promotion, print, events, and social marketing. The technical infrastructure includes modern web technologies such as HTML5, CSS3, JavaScript, Google Fonts, and integration of marketing analytics tools like Google Analytics and Facebook Pixel. The site is mobile optimized and uses a cookie consent mechanism to comply with privacy regulations. Security posture is moderate with HTTPS implied but lacks explicit security headers and detailed privacy policies. No contact emails or phone numbers were found in the provided content, which limits direct communication channels. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and stability.

E

ESHA academy

eshacademy.eu

60

The website 'ESHA academy' represents a small sports education entity focused on summer hockey training programs affiliated with HC Energie Karlovy Vary. The site is built on the Wix platform, leveraging Wix Thunderbolt framework and standard web technologies. The content is primarily in Czech and targets local sports enthusiasts and youth interested in hockey training. The technical infrastructure is typical for Wix-hosted sites, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance mechanisms. The absence of privacy and cookie policies, contact information, and SEO optimization limits the site's professional credibility and discoverability. WHOIS data is not publicly available due to privacy protection, which is common for small businesses but slightly reduces trust. Overall, the site is functional and safe but would benefit from enhanced compliance and transparency.

C

CCM Hockey

ccmhockey.com

70

CCM Hockey is a well-established brand specializing in the retail of ice hockey equipment, targeting the Finnish market through this localized e-commerce website. The site offers a comprehensive range of hockey gear including skates, sticks, protective equipment, and apparel, supported by a 30-day free return and satisfaction guarantee. The business operates on a medium scale with a clear focus on hockey enthusiasts and players in Finland, leveraging the global CCM brand's reputation. Technically, the website is built on Salesforce Commerce Cloud, integrating modern marketing and analytics tools such as Cookiebot for consent management, Signifyd for fraud protection, and Yotpo for customer reviews, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved and explicit security policies are not published. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with no signs of blocking or WAF interference, making it accessible and user-friendly.

D

Discord

bkmbfans.cz

71

Discord is a leading global communication platform primarily serving communities and gamers. The analyzed page is an invite to a Discord server dedicated to the BK Mladá Boleslav hockey club community, reflecting Discord's core service of enabling community engagement through chat and voice. The platform is well-established with a domain age of over 20 years and uses modern web technologies including React and WebSocket for real-time communication. Hosting and DNS services are provided by Cloudflare, ensuring robust infrastructure and performance. Security posture is strong with HTTPS enforced and domain registration protections in place, though some improvements such as enabling DNSSEC and adding explicit security headers could enhance security further. Privacy compliance is supported by comprehensive privacy and terms policies linked from the main domain, but the invite page lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and safe for general audiences.

F

FANSHOP BK Mladá Boleslav

fanshopbkboleslav.cz

53

FANSHOP BK Mladá Boleslav operates an e-commerce platform dedicated to selling fan merchandise for the BK Mladá Boleslav hockey team. The website offers a variety of products including apparel, accessories, and souvenirs targeted at fans and supporters. The business model is focused on niche retail e-commerce within the Czech Republic, catering to a specific sports fan base. The site demonstrates consistent branding and good content quality with clear product listings and pricing. Technically, the site uses a custom or proprietary e-commerce platform with JavaScript, CSS, and Matomo analytics integration. The website is mobile optimized and provides a cookie consent mechanism aligned with GDPR principles, although a formal privacy policy page is not clearly identified. Security posture is adequate with HTTPS enforced and secure form handling, but lacks some security headers and explicit security policies. WHOIS data is unavailable, which impacts domain trust and legitimacy assessment. Overall, the site is functional and professional but would benefit from enhanced transparency and security documentation.

E

eSports s.r.o.

pop.cz

50

POP Airport is a well-established retail and entertainment center located near Prague’s Václav Havel Airport, offering a wide range of services including outlet shopping with over 200 global brands, family amusement parks, a dinosaur museum, classic car exhibitions, and plane spotting facilities. The business targets tourists, families, and shoppers seeking discounted products and leisure activities. The website reflects a mature digital presence with consistent branding and comprehensive content that supports the business model effectively. Technically, the site employs modern web technologies such as JavaScript, Google reCAPTCHA, and font loading optimizations, ensuring good performance and mobile responsiveness. Security measures include HTTPS enforcement, cookie consent management, and use of security headers, contributing to a strong security posture. Privacy compliance is evident through a detailed privacy policy and cookie consent mechanisms. Overall, the domain’s WHOIS data aligns with the business claims, indicating legitimacy and trustworthiness.

F

feratel Schweiz

feratel-sitour.ch

51

feratel Schweiz is a specialized media company focused on marketing premium advertising spaces in Swiss ski resorts and alpine regions. As part of the larger feratel media technologies AG group, it combines technological innovation with tourism expertise to offer a broad range of services including booking systems, live panoramic videos, guest cards, and digital information solutions. The company targets advertising agencies and clients seeking high-impact out-of-home advertising in alpine environments. The website demonstrates a mature digital infrastructure using modern frameworks like Astro and integrates Google Tag Manager for analytics and marketing. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site reflects a professional and trustworthy business with strong market positioning in the alpine advertising sector.

S

sitour Italia Srl

sitour.it

47

sitour Italia Srl is a specialized company providing innovative advertising and technological solutions tailored for mountain and ski resort environments in Italy. The company holds a strong market position with over 200 clients annually and is part of a broader international network. Their services include Out-of-Home advertising, digital and analog signage, interactive multimedia systems, and safety-oriented solutions for alpine tourism. The website reflects a mature digital presence built on modern technologies such as Astro and integrates Google Tag Manager for analytics and marketing. Security posture is solid with HTTPS and cookie consent mechanisms in place, although explicit security policies and incident response contacts are absent. Overall, the site is professional, compliant with GDPR, and trustworthy, supporting the company's credibility in its sector.

S

sitour - werbe gmbh

sitour.de

49

sitour - werbe gmbh is a leading specialist in advertising and technology solutions across over 1,000 alpine destinations worldwide. The company focuses on combining brand presence, visitor experience, and safety through innovative and sustainable concepts. With decades of experience in Out-of-Home advertising and interactive multimedia solutions, sitour offers a unique platform reaching up to 200 million sports and outdoor enthusiasts. The website reflects a mature digital infrastructure built on modern technologies such as Astro and integrates video streaming and consent management effectively. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are absent. Overall, the site is professional, well-branded, and trustworthy, supporting sitour's market leader position in alpine advertising and technology.

S

sitour International

sitour.international

49

sitour International is a leading specialist in advertising and technology solutions focused on alpine mountain regions. The company offers innovative concepts that combine brand presence, visitor experience, and safety, serving a target audience of advertisers and brands aiming to reach sports and mountain enthusiasts. Their business model centers on providing Out-of-Home and Digital Out-of-Home advertising, as well as interactive multimedia and information systems in ski resorts and mountain areas. The website demonstrates a mature digital presence with multi-language support and a professional design. Technically, the site is built using modern frameworks such as Astro, incorporates Google Tag Manager for analytics, and uses video streaming technologies like Shaka Player. The website is fast, mobile-optimized, and accessible, with good SEO practices. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, indicating GDPR adherence. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the absence of explicit security headers and a published security policy or incident response page suggests room for improvement. The WHOIS data is unavailable publicly, which slightly reduces trust but is mitigated by the professional and consistent website content. Overall, sitour International presents a trustworthy and professional online presence suitable for its business sector, with recommendations to enhance security transparency and WHOIS data availability to further strengthen trust and compliance.

C

CEMEX

cemex.cz

66

CEMEX CZ is a leading manufacturer and supplier of construction materials in the Czech Republic, offering products such as concrete, cement, aggregates, and flooring solutions. The website reflects a mature digital presence with comprehensive product and service information, supported by a modern CMS platform (Liferay) and integration of analytics and cookie consent tools. The site is well-structured, mobile-optimized, and provides clear contact channels including phone and forms. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. The absence of WHOIS data reduces domain registration trust signals but the website content and branding strongly indicate legitimacy. Overall, the site is professional, trustworthy, and serves its target audience effectively.

H

Holcim Česko

lafarge.cz

62

Holcim Česko is a large manufacturing company specializing in sustainable construction materials, including cement, aggregates, and concrete products. As part of the global Holcim group, it leverages international expertise and a strong sustainability strategy focused on decarbonization and circular economy principles. The website reflects a professional corporate presence with clear branding and a focus on innovation and environmental responsibility. Technically, the site uses Drupal CMS with modern JavaScript libraries and Google Tag Manager for analytics, providing a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and policies could be improved. WHOIS data is unavailable, which slightly reduces domain trustworthiness, but the overall business credibility remains high based on content and branding. No direct contact emails or phone numbers are present on the homepage, but social media channels are linked for engagement. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the site is well-structured, secure, and aligned with corporate standards.

H

Heidelberg Materials, a.s.

transportbeton.cz

45

Heidelberg Materials CZ operates as a major provider of transport concrete and related construction materials across the Czech Republic. The company offers comprehensive services including production, delivery, and pumping of concrete, as well as manufacturing of various mortars and screeds. It is part of the larger Heidelberg Materials group, which is a recognized leader in the building materials industry. The website reflects a professional corporate presence with clear branding and a focus on serving construction professionals such as builders, developers, and architects. Technically, the site uses modern JavaScript libraries, Google Tag Manager for analytics, and a proprietary CMS, delivering a moderately fast and mobile-optimized experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though additional security headers could enhance protection. The absence of WHOIS data is a notable gap but does not detract significantly from the overall legitimacy given the strong corporate branding and content quality. Overall, the site is well-positioned to support the company's business objectives and maintain trust with its audience.

G

GAPA CZ a.s.

gapa-vahy.cz

57

GAPA CZ a.s. operates a professional website specializing in the sale, service, and calibration of various weighing scales and related accessories. The company targets industrial and commercial customers in the Czech Republic, offering a broad product range including automotive, crane, laboratory, and retail scales. Their business model combines direct sales, service contracts, and rental of weights, positioning them as a specialist in the weighing equipment market. The website content is well-structured and professionally presented, supporting their market position effectively. Technically, the website is built on the EasyWeb CMS platform, utilizing common web technologies such as JavaScript, jQuery, Font Awesome, and Google Fonts. The site demonstrates good mobile optimization and SEO practices, though performance is moderate. Cookie consent mechanisms are implemented with detailed user controls, indicating attention to privacy compliance, albeit lacking a dedicated privacy policy page. From a security perspective, the site lacks visible security headers and publicly available security or incident response policies. The SSL configuration status is unknown from the provided data. No critical vulnerabilities or exposed sensitive data were detected, but improvements in security best practices are recommended to enhance protection and compliance. Overall, the website is professional and trustworthy in appearance, but the absence of WHOIS data and privacy policy reduces confidence in domain legitimacy and full compliance. Strategic improvements in security posture and transparency would benefit the company’s digital maturity and risk profile.

Kapela Severka is a small music band based in the Czech Republic, with a website primarily serving as an informational and promotional platform. The site provides basic details about the band, including history, concerts, photo galleries, and partner information. The target audience is general public and fans interested in the band's activities. The business model is focused on band promotion and event announcements. Technically, the website is built with basic HTML, CSS, and JavaScript, including Google Analytics for visitor tracking. There is no detected CMS or advanced frameworks. The site shows moderate performance and basic mobile optimization but lacks modern security and privacy features. From a security perspective, the website lacks HTTPS enforcement and security headers, exposing it to potential risks. There are no privacy or cookie policies, nor any contact information for security incidents or data protection officers. Google Analytics is used without visible consent mechanisms, indicating poor privacy compliance. Overall, the website presents a low to moderate risk profile but requires improvements in security posture, privacy compliance, and contact transparency to enhance trustworthiness and user safety.

Nadoraz.cz is the official website of a Czech music band named Nadoraz, based in Hradec Králové, with a history spanning nearly four decades. The band offers live music performances across various genres including swing, dixieland, country, rap, funky, and rock, and participates in numerous festivals and events both domestically and internationally. Their business model centers on entertainment services, music sales, and event appearances targeting Czech-speaking music fans and event organizers. The website provides detailed band member information, upcoming event dates, and contact details for bookings. Technically, the website is built with basic HTML5, CSS, and JavaScript technologies including jQuery and Modernizr. The site has a moderate performance profile with basic mobile optimization and accessibility features. However, it lacks modern CMS integration and advanced technical frameworks. SEO optimization is basic with minimal meta tags and no structured data or Open Graph tags. From a security perspective, the site lacks HTTPS enforcement and security headers, and does not provide privacy or cookie policies, which are critical for GDPR compliance. No vulnerability disclosure or incident response information is present. The absence of analytics and tracking scripts indicates minimal user tracking, which is positive for privacy but also suggests limited marketing insights. Overall, the security posture is weak and needs improvement to protect user data and enhance trust. The overall risk assessment indicates a low to moderate risk profile primarily due to missing security best practices and compliance documentation. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and establishing vulnerability disclosure mechanisms to improve security and compliance posture.

H

HC VÍTKOVICE RIDERA

hc-vitkovice.cz

48

HC VÍTKOVICE RIDERA operates an official website serving as the primary digital platform for the Czech ice hockey club. The site provides comprehensive information including news articles, match schedules, team rosters, ticket sales, and fan engagement features. It targets hockey fans and the local community, positioning itself as a reputable sports club with a medium-sized presence in the Czech Republic. Technically, the website employs modern web standards with responsive design, custom fonts, and JavaScript libraries such as Swiper.js for interactive elements. Security-wise, the site enforces HTTPS, includes cookie consent mechanisms, and implements standard security headers, reflecting a good security posture. However, explicit security policies and incident response contacts are not publicly available, indicating room for improvement in transparency and compliance. Overall, the website is professional, trustworthy, and well-maintained, with no signs of blocking or malicious content.

M

Mountfield

mountfield.cz

76

Mountfield.cz is a leading Czech retailer specializing in garden technology, furniture, and pools, operating both online and through over 50 physical stores. The website is professionally designed with a clear focus on consumer garden products and services, offering a comprehensive shopping experience including customer support and after-sales services. The technical infrastructure leverages modern web technologies and integrates multiple analytics and marketing tools, ensuring good performance and user experience across devices. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though some security headers could be explicitly verified or enhanced. The absence of WHOIS data is likely due to privacy protection, which is justified for a large retail business. Overall, the website is trustworthy, compliant with GDPR, and free from adult or questionable content, making it suitable for a general audience.

I

Intellify

intellify.lv

51

Intellify is a Latvian company specializing in building automation and energy efficiency solutions, offering services such as HVAC equipment management, IoT sensor integration, and cloud-based data platforms. As a subsidiary of Lafi Group, it benefits from over 20 years of industry experience and a strong market position in Latvia. The website reflects a professional business-to-business model targeting building managers and enterprises seeking to optimize building operations. Technically, the site is built on modern frameworks like Next.js and React, with good mobile optimization and SEO practices. Security posture is strong with HTTPS and security headers implemented, though privacy compliance is lacking due to missing policies and consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and compliance features.

M

Muzeum a galerie Orlických hor v Rychnově nad Kněžnou

moh.cz

46

Muzeum a galerie Orlických hor is a regional cultural institution based in Rychnov nad Kněžnou, Czech Republic, dedicated to preserving and showcasing the art and history of the Orlické Mountains region. The website offers comprehensive information about permanent and temporary exhibitions, educational programs, and services such as research and archival access. The institution targets a broad audience including tourists, students, researchers, and local visitors. Technically, the website is built on a CMS platform (likely Fork CMS), uses modern JavaScript libraries, and integrates analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and reCAPTCHA for security. The site is mobile optimized, accessible, and SEO friendly with structured data markup.

M

Město Letohrad

letohrad.eu

48

The website letohrad.eu serves as the official online presence for the town of Letohrad, Czech Republic. It provides comprehensive information about municipal services, news, events, public administration, and community resources. The site targets residents, visitors, and local businesses, offering a centralized portal for accessing city-related information and services. The business model is that of a government entity focused on public service and community engagement. Technically, the site is built on a proprietary CMS platform (vismo) common among Czech municipalities, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google Translate for multilingual support and maintains a moderate performance profile with good mobile optimization. Accessibility features are basic but present, and SEO practices are adequate for the site's purpose. From a security perspective, the website enforces HTTPS and uses secure form submissions but lacks advanced security headers and explicit incident response or security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a privacy and cookie policy present but no active consent mechanism. Contact information is clearly provided, enhancing trust and credibility. Overall, the site is a well-maintained municipal portal with a good balance of content quality, usability, and security. Strategic improvements in security headers, privacy consent, and incident response documentation would further enhance its posture and compliance.

M

Město Kostelec nad Orlicí

kostelecno.cz

59

The website www.kostelecno.cz serves as the official digital presence for the town of Kostelec nad Orlicí in the Czech Republic. It provides residents and visitors with comprehensive municipal information, including news, events, administrative contacts, public services, and official documents. The site is well-structured, professionally designed, and targets local citizens and stakeholders. The business model is that of a government entity providing public services and information. The website leverages modern web technologies including Vue.js, Mustache.js, and Google reCAPTCHA to enhance user experience and security. It is built on the Vismo CMS platform, which is specialized for municipal websites. Security posture is strong with HTTPS enforced and anti-bot measures in place, though some security headers could be improved. Privacy compliance is addressed with visible cookie and privacy policies, and GDPR considerations are evident. Overall, the site is trustworthy, professional, and serves its purpose effectively.

The website www.rychnov-city.cz serves as the official municipal portal for the city of Rychnov nad Kněžnou in the Czech Republic. It provides residents and visitors with comprehensive information about city life, administration, social and technical services, cultural events, and public utilities. The site is well-structured and targets local citizens and stakeholders seeking official city information and services. The business model is that of a government entity providing public services and information dissemination. Technically, the website is built on the Vismo CMS platform, utilizing standard web technologies such as HTML5, CSS3, and JavaScript. It integrates Google services including reCAPTCHA for form security and Google Translate for multilingual support. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some improvements in security headers could be made. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms from abuse. However, no explicit security policies or incident response contacts are published, and no security.txt file is present. The absence of WHOIS data limits the ability to fully verify domain registration legitimacy, though the presence of official contact information and consistent branding supports trustworthiness. Overall, the website is a reliable and professional municipal portal with good content quality and technical implementation. Strategic recommendations include enhancing security headers, publishing security policies, and improving WHOIS transparency to strengthen trust and compliance.

U

U Rudolfa | Restaurant Hradec Králové

urudolfa.restaurant

44

The website www.urudolfa.restaurant represents a small hospitality business operating a restaurant named 'U Rudolfa' located in Hradec Králové, Czech Republic. The business offers restaurant dining services and catering for events, including romantic dinners. The website content is accessible and well-structured, with a professional design using modern front-end technologies such as Bootstrap and JavaScript libraries. However, the site lacks critical compliance documents such as privacy and cookie policies, and no explicit contact information is found on the site. The WHOIS data is unavailable or protected, which limits the ability to fully verify domain legitimacy and ownership details. HTTPS is enabled, but security headers are missing, which could be improved to enhance security posture.

K

Královéhradecká provozní, a.s.

khp.cz

59

Královéhradecká provozní, a.s. is a regional water utility company operating primarily in the Hradec Králové region of the Czech Republic. It provides essential services including water supply, wastewater treatment, and customer support. The company is part of the larger Veolia group, which is a significant player in the energy and water sectors. The website reflects a professional and service-oriented business model targeting local residents and businesses. Technically, the site uses a proprietary CMS (Vizus CMS) and integrates Matomo analytics for traffic measurement, indicating a moderate level of digital maturity. The site is mobile-optimized and provides clear navigation and content relevant to its audience. Security-wise, the site uses HTTPS and has a cookie consent mechanism with granular controls, but lacks visible security headers and a published privacy policy, which are areas for improvement. The absence of WHOIS data limits domain trust verification, but the website content and branding strongly suggest legitimacy. Overall, the site is functional, professional, and trustworthy with room for enhanced compliance and security transparency.

FOMA BOHEMIA spol. s r.o. is a well-established Czech manufacturer specializing in black and white photographic materials, radiodiagnostic films, and non-destructive testing (NDT) systems. Founded in 1921, the company has a long tradition and serves a niche market including photography professionals and industrial customers. Their business model includes manufacturing and direct sales through an e-shop partner site. The website reflects a consistent brand image and provides comprehensive product information and company history. Technically, the site is built on the EasyWeb CMS platform, utilizing modern JavaScript libraries and Google Analytics for user tracking. The site is mobile-optimized with good navigation and content quality. Security-wise, the site implements cookie consent mechanisms but lacks visible HTTP security headers and published security policies. The absence of WHOIS data reduces domain trust, though the website content and contact information appear legitimate. Overall, the site scores well on content and business credibility but could improve privacy compliance and security posture.

L

LAMAX

lamax.cz

71

LAMAX operates a professional e-commerce website specializing in electric mobility products such as e-quads, e-scooters, and e-dirtbikes, alongside photo and video equipment and audio accessories. The company targets consumers interested in reliable and durable everyday technology, positioning itself as a niche player with a focus on quality and fair pricing. The website is built on the Shopify platform, leveraging modern web technologies and integrations with major analytics and marketing tools, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced, GDPR-compliant cookie consent, and no visible vulnerabilities, although some improvements like DNSSEC and explicit security policies could enhance trust further. Overall, the site presents a trustworthy and professional online presence suitable for its market segment.