Security Directory

Kryt Folimanka is a public underground shelter located in Prague 2, serving as the largest shelter in the district with capacity for 1300 people. The website provides information about the shelter, public tours, and related tourist services. The site is maintained by a government or municipal entity, indicated by the nature of the content and sector classification. Technically, the website uses a traditional web stack including Bootstrap, jQuery, and Google Analytics, hosted by Wedos. The site is accessible, uses HTTPS, and has moderate performance and mobile optimization. However, it lacks critical privacy and cookie policies, and no contact information is provided, which impacts compliance and user trust. Security posture is adequate with HTTPS but missing security headers and formal policies. Overall, the site is functional and informative but could improve in privacy compliance and security best practices.

B

Byznysakce.cz

mestoprobyznys.cz

62

Byznysakce.cz operates a specialized platform focused on comparative research and event organization related to business conditions in Czech cities and municipalities. The website serves as a hub for publishing research results, press releases, and hosting events that support local governments and entrepreneurs. The platform leverages Zoho Backstage for event management and integrates various modern web technologies including Ember.js and Google Tag Manager. The site is well-structured, mobile-optimized, and presents a professional image with consistent branding and reputable partners. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers are missing and no cookie consent mechanism is implemented, which may affect privacy compliance. The absence of WHOIS data is a notable transparency gap but does not detract significantly from the overall legitimacy of the site. Strategic recommendations include enhancing privacy compliance, adding security headers, and publishing incident response policies to strengthen trust and security culture.

Z

Zdravotnické zařízení městské části Praha 4

zzpraha4.cz

53

Zdravotnické zařízení městské části Praha 4 is a public contributory organization operating childcare groups, home babysitting, and other family services in Prague 4. The website serves as an information portal for parents and clients, providing updates, downloadable documents, and contact information. The organization holds a quality certification for childcare groups, indicating a reputable position in the local government sector. Technically, the website is built on WordPress with modern technologies such as jQuery, Bootstrap, Google Maps API, and Google Tag Manager, ensuring a responsive and user-friendly experience. Security posture is generally good with HTTPS enforced, but lacks some security headers and cookie consent mechanisms, which are recommended for compliance and enhanced protection. Overall, the site is safe, professional, and trustworthy, though the absence of WHOIS data slightly reduces domain trustworthiness. Strategic improvements in security headers, privacy compliance, and incident response documentation would strengthen the site's security and compliance profile.

B

Bageterie Boulevard

bbbox.cz

60

BBBOX is an online food delivery and catering service affiliated with the Bageterie Boulevard brand, targeting corporate clients and individuals in the Czech Republic. The website offers snack boxes and catering solutions for meetings and events, positioning itself as a convenient and quality-focused service. The business is operated by Lithio spol. s r.o., a company credited in the website metadata and footer. The site is well-branded and professionally designed, with clear navigation and multilingual support.

H

Hämeenlinnan kaupunki

hameenlinnantaidemuseo.fi

67

Hämeenlinnan taidemuseo is a municipal art museum located in Hämeenlinna, Finland, operated by the city government. The museum offers a diverse range of visual art exhibitions, events, educational programs, and retail services, targeting the general public, art enthusiasts, and tourists. The website reflects a well-established regional cultural institution with a clear focus on accessibility and community engagement. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Cookiebot for consent management, and uses Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the domain registration aligns with the municipal ownership, confirming legitimacy and trustworthiness.

K

Kulttuurikeskus ARX

kulttuurikeskusarx.fi

65

Kulttuurikeskus ARX is a municipal cultural center based in Hämeenlinna, Finland, focused on providing cultural services and events primarily for children, youth, and families. The website serves as a hub for information about their activities, exhibitions, festivals, and youth programs, positioning itself as a key local cultural institution. The business is affiliated with the city of Hämeenlinna, reinforcing its legitimacy and public service orientation. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Cookiebot, indicating a mature digital infrastructure. Analytics are handled via Matomo and Google Analytics, with clear cookie consent mechanisms in place, reflecting good privacy practices. Security posture is solid with HTTPS and cookie consent, though some security headers could be improved. Overall, the site is professional, accessible, and trustworthy, with no signs of blocking or WAF interference.

L

LUGA

luga.lu

63

LUGA is a cultural event organizer hosting an ephemeral urban garden exhibition in Luxembourg from May to October 2025. The website serves as an information and engagement platform for visitors, volunteers, and partners, showcasing event details, locations, and news. The site is well designed, multilingual, and optimized for SEO and accessibility, reflecting a mature digital presence. Technically, it leverages WordPress CMS, Cloudflare for DNS and CDN, and integrates modern analytics and consent management tools, indicating a good level of digital maturity. Security posture is solid with HTTPS, security headers, and cookie consent, though explicit security policies and incident response contacts are absent. Overall, the site is trustworthy, professional, and compliant with GDPR requirements.

Sherpas TECH, s.r.o. is a Czech-based technology and marketing company specializing in retention marketing and technology integration services. The company offers a range of services including email marketing strategy, technology implementation for retention marketing, data engineering in CRM systems, and advanced customer analytics. Their website reflects a professional and consistent brand image, targeting B2B clients seeking to optimize marketing performance through technology. The company demonstrates a solid market position supported by client references and a clear business focus. Technically, the website employs modern tools such as Google Analytics, Google Tag Manager, and CookieScript for consent management, indicating a mature digital infrastructure. The site is built likely on the Nette Framework, with responsive design and good SEO practices. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site uses HTTPS with no visible critical vulnerabilities. Cookie consent is implemented with opt-in mechanisms, and forms include anti-bot measures. However, there is no publicly available security policy or incident response information, which could be improved to enhance trust and compliance. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR cookie consent requirements. Strategic recommendations include publishing security and incident response policies, enhancing security headers, and improving accessibility. The domain WHOIS data aligns well with the website content, supporting legitimacy and trustworthiness.

C

Czech Union of the Deaf, z.ú.

cun.cz

54

The Czech Union of the Deaf, z.ú. is a well-established non-profit organization dedicated to supporting the deaf community in the Czech Republic. Their website presents a clear and professional overview of their services, including activation services, sign language interpreting, simultaneous transcription, educational courses, and publications. The organization maintains multiple regional branches and active social media presence, indicating a strong community engagement and outreach. Technically, the website is built on WordPress with WooCommerce integration for e-commerce functionality, leveraging common web technologies such as jQuery and Google Fonts. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks advanced security headers and explicit privacy or cookie policies, which are important for compliance and trust. The absence of WHOIS data is a notable concern, reducing domain registration transparency and trustworthiness. Overall, the website is functional, trustworthy, and serves its community well, but could improve in privacy compliance and security best practices.

K

Kultur | lx – Arts Council Luxembourg

kulturlx.lu

58

Kultur | lx – Arts Council Luxembourg is a governmental cultural promotion organization dedicated to supporting artists and promoting Luxembourg's cultural creation. The website serves as a comprehensive platform for cultural news, events, funding opportunities, and resources, targeting artists, cultural professionals, and the general public interested in Luxembourg's arts scene. The organization holds a strong national position as the official arts council, supported by government partnerships and a clear mission to foster cultural development. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates Google services like Tag Manager and reCAPTCHA. Accessibility features and GDPR-compliant cookie management via Axeptio demonstrate digital maturity and compliance. The site is mobile-optimized and well-structured, providing a positive user experience. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though the absence of explicit security headers and incident response information suggests room for improvement. No vulnerabilities or exposed sensitive data were detected. The lack of WHOIS data limits domain trust verification, but the professional presentation and official branding mitigate concerns. Overall, the website is a trustworthy, well-maintained digital presence for a government cultural entity, with recommendations to enhance security headers and incident response transparency to further strengthen its security posture.

V

Visit Turku Archipelago Oy

visitturku.fi

44

Visit Turku Archipelago Oy operates the official tourism website for Turku and its archipelago, providing comprehensive information on local attractions, dining, accommodation, and events. The website serves both tourists and local residents, positioning itself as a trusted source for travel inspiration and practical information. The business model focuses on promoting regional tourism and supporting local partners through digital content and event listings. Technically, the site employs modern web technologies including Google Tag Manager, Google Maps API, and Vimeo for multimedia content, hosted with Azure DNS services. The site is mobile-optimized and accessible, with good SEO practices and a clear navigation structure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the domain registration data aligns well with the business, indicating legitimacy and trustworthiness. Strategic recommendations include enhancing security headers, publishing explicit security policies, and adding a vulnerability disclosure channel to further strengthen trust and compliance.

T

TSC

tsc.lv

61

TSC is a Latvian-based service provider specializing in the repair of mobile phones, tablets, smartwatches, laptops, electric scooters, and audio equipment. The company targets general consumers in Latvia seeking device repair services. The website is professionally designed with consistent branding and provides clear information about its services, primarily in Latvian. The business operates in the technology sector with a small company size and a local market focus. Technically, the website employs modern technologies including Bootstrap for responsive design, Google Tag Manager for analytics, and Cookiebot for cookie consent management. The site uses HTTPS with good SSL configuration and includes security headers, indicating a solid technical foundation. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the website demonstrates good practices such as enforced HTTPS, cookie consent mechanisms, and no visible exposure of sensitive data. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure information. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the website presents a trustworthy and professional online presence with moderate technical maturity and good privacy compliance. Strategic improvements could focus on enhancing accessibility, publishing security policies, and adding incident response information to strengthen security posture and user trust.

B

Bageterie Boulevard

bb.cz

58

Bageterie Boulevard is a well-established fast casual gourmet sandwich and food service chain primarily operating in the Czech Republic with some presence in Slovakia. The company offers a variety of freshly prepared sandwiches and related products, emphasizing quality and speed. Their business model includes physical retail locations, online ordering platforms, catering services, and franchise opportunities. The website reflects a mature digital presence with multiple branches listed, a mobile app promotion, and loyalty programs. Technically, the site uses a mix of legacy and modern web technologies including jQuery, Google Maps API, and various marketing and analytics tools such as Google Analytics, Facebook Pixel, and Cookiebot for consent management. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and vulnerability disclosure policies are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, supporting a large retail hospitality business.

ERGO Lithuania is a well-established insurance provider offering a broad range of insurance products including vehicle, property, travel, life, health, and personal insurance. The company targets private individuals and businesses primarily in the Baltic region, maintaining a strong market presence with over 640,000 customers. The website reflects a professional and user-friendly digital presence, leveraging modern web technologies such as Next.js and integrating comprehensive consent management and analytics tools. Security posture is robust with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. Overall, ERGO Lithuania demonstrates a mature digital infrastructure and trustworthy business operations with room for improvement in transparency around security and vulnerability disclosures.

S

Service national de la jeunesse

animateur.lu

57

Animateur.lu is an official government portal operated by the Service national de la jeunesse in Luxembourg, targeting current and prospective youth animators. The site provides comprehensive resources including training, certifications, event listings, and material lending to support youth animation activities. It holds a strong market position as a trusted government resource with consistent branding and clear navigation. Technically, the website is built on WordPress with a modern stack including WooCommerce for e-commerce capabilities, Contact Form 7 for forms, and Complianz for GDPR compliance. The site uses Matomo analytics hosted on its own server, enhancing privacy compliance. Security posture is good with HTTPS enforced and cookie consent implemented, though security headers could be improved. Overall, the website is professional, accessible, and trustworthy, serving its audience effectively.

Maison Eisenborn is a government-affiliated non-profit organization providing accommodation and support services to young adults involved in international mobility programs in Luxembourg. The website is professionally designed using WordPress and integrates standard technologies such as jQuery, Ninja Forms, and Google Maps API. The site includes a comprehensive application form collecting detailed personal and financial information, indicating a structured approach to service delivery. Security posture is adequate with HTTPS and cookie consent mechanisms, though improvements in security headers and explicit privacy policies are recommended. Overall, the domain registration and website content are consistent and trustworthy, reflecting a legitimate government service.

S

Service national de la jeunesse

colonies.lu

57

The website colonies.lu is an official government-operated portal managed by the Service national de la jeunesse in Luxembourg. It serves as a centralized platform aggregating a wide variety of leisure activities such as weekends, camps, and colonies organized by multiple partner organizations. The portal targets children and youth in Luxembourg, providing event listings, registration capabilities, and practical information. The site is well-branded with consistent government logos and clear navigation, reflecting a professional and trustworthy presence. Technically, the site is built on WordPress 6.8.1 with modern plugins including Yoast SEO and Complianz GDPR for privacy compliance. It uses Bootstrap for responsive design and integrates Google Maps for location services. The site demonstrates good mobile optimization, accessibility features, and SEO practices. Analytics are handled via Matomo with anonymized statistics, respecting user privacy. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism with opt-in for non-essential cookies. However, it lacks explicit HTTP security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analysis. The domain registration data aligns well with the website’s government affiliation and Luxembourg location, indicating high legitimacy. Overall, colonies.lu is a well-maintained, secure, and privacy-conscious government portal providing valuable services to youth in Luxembourg. Strategic improvements include adding security headers, publishing a security policy, and providing incident response contact information to enhance trust and compliance.

Z

Zentrum Fünfbrunnen / Centre Cinqfontaines

cinqfontaines.lu

58

The website cinqfontaines.lu represents a Luxembourg government-operated educational and memorial center focused on Holocaust remembrance, antisemitism, racism, democracy, and human rights education. The site serves children, youth, educators, and the general public interested in historical and human rights topics. It is managed by the Luxembourg government and related youth and political education services, positioning itself as a niche cultural and educational institution. The content is well-structured, multilingual, and professionally presented with clear navigation and consistent branding. Technically, the website is built on WordPress 6.8.1 with jQuery, Google Maps API, and Font Awesome. It uses Matomo for analytics and implements a cookie consent mechanism compliant with GDPR principles. The site is hosted likely on Luxembourg infrastructure, uses HTTPS with excellent SSL configuration, and shows moderate performance and good mobile optimization. However, some security best practices such as security headers are missing. From a security perspective, the site enforces HTTPS, uses cookie consent, and does not expose sensitive data. No vulnerabilities or WAF blocking were detected. Privacy compliance is partial due to the absence of an explicit privacy policy page and terms of service. Contact information is available but lacks email addresses and security incident contacts. Overall, the website is trustworthy, professional, and serves its educational and memorial purpose effectively. Strategic improvements include publishing a privacy policy and terms of service, adding security headers, and providing incident response contact information to enhance security posture and compliance.

S

Service National de la Jeunesse (SNJ)

chalets.lu

54

Chalets.lu is an official Luxembourg government-affiliated website providing comprehensive information and booking options for youth accommodations including chalets, camping grounds, and youth hostels across Luxembourg. The platform targets youth groups, families, and tourists seeking affordable lodging options, positioning itself as a trusted government resource. The website leverages WordPress CMS with modern technologies such as Bootstrap, jQuery, and Google Maps API to deliver a responsive and accessible user experience. Privacy compliance is robust, featuring a detailed cookie policy with opt-in consent mechanisms aligned with GDPR requirements. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not publicly available. Overall, the site demonstrates a high level of professionalism, trustworthiness, and technical maturity suitable for its government service role.

O

Orange Luxembourg

orange.lu

65

Orange Luxembourg is a major telecommunications operator providing mobile telephony, internet fiber, TV, and fixed-line telephone services in Luxembourg. The website reflects a professional and well-branded digital presence, targeting a general audience with clear service offerings. The technical infrastructure is based on Magento 2, leveraging modern web technologies and integrating analytics and marketing tools such as Google Tag Manager and Facebook Pixel. Security posture is good with HTTPS enforced and partial security headers, though some improvements are recommended to enhance security headers and CSP completeness. Privacy compliance is basic with a cookie consent mechanism but no explicit privacy policy detected in the provided content. The absence of WHOIS data limits domain trust verification, but the website content and branding strongly indicate legitimacy.

H

Hrvatski Crveni križ

hck.hr

59

Hrvatski Crveni križ is a well-established Croatian humanitarian organization with a strong national presence and a comprehensive portfolio of social, health, and crisis response services. The website reflects a mature digital presence with clear navigation, regional contact points, and integrated donation mechanisms. Technically, the site uses modern web technologies including Bootstrap, Google Analytics, and Google Maps API, ensuring a responsive and accessible user experience. Security posture is solid with HTTPS enforced and privacy compliance evident through cookie consent and privacy policies. However, some security headers are missing and no explicit vulnerability disclosure or incident response contacts are published. Overall, the domain registration data aligns well with the organization's identity, supporting high legitimacy and trustworthiness.

IRTA d.o.o. is a medium-sized regional tourism development agency based in Istria, Croatia, established in 2004. The company manages official tourism portals, contact and sales centers, and develops cultural and outdoor tourism products to promote the Istrian region. Their market position is strong within the regional tourism sector, serving tourists and local businesses with comprehensive information and services. Technically, the website uses a custom CMS with modern JavaScript libraries and Google services, but lacks HTTPS which is a significant security gap. The privacy policy is comprehensive and GDPR compliant, with a named data protection officer, reflecting good privacy awareness. However, the absence of HTTPS and security headers lowers the security posture. Overall, the site is professional and trustworthy but requires security improvements to align with best practices.

Y

Úvod | Yankeesvicky.cz

yankeesvicky.cz

46

The website www.yankeesvicky.cz is a small-scale e-commerce platform focused on retailing Yankees sports merchandise primarily targeting the Czech Republic market. The site features basic content and design, with a functional user interface and mobile optimization. It integrates several third-party technologies including jQuery, Google Maps API, and delivery service scripts, indicating a moderate level of technical maturity. However, the absence of a privacy policy and limited business information reduces its compliance and trustworthiness. Security posture is moderate with HTTPS usage and CSRF token presence but lacks advanced security headers and explicit vulnerability disclosures. Overall, the site is functional but would benefit from enhanced transparency, security practices, and privacy compliance to improve user trust and regulatory adherence.

S

Saaristolautat.fi

saaristolautat.fi

43

Saaristolautat.fi is a specialized informational website providing ferry routes and schedules for the Finnish archipelago, including the Turku archipelago and Åland Islands. The site targets travelers and residents needing up-to-date ferry information for over 40,000 islands serviced by approximately 50 ferries and 200 docks. The business model is primarily informational, serving as a public utility platform rather than a commercial enterprise. The website is relatively small in scale, founded in 2017, and operates with a niche focus on regional transportation. Technically, the website employs a modern web stack including HTML5, CSS3, JavaScript with jQuery, Bootstrap for responsive design, FontAwesome for icons, and integrates Google Maps API for route visualization. Hosting appears to be provided by Domainhotelli, a Finnish hosting provider. The site is mobile optimized and has good SEO practices, though accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, the site lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance given its European audience. No contact information or incident response details are provided, limiting transparency and trust. The WHOIS data shows the domain is registered to a private person rather than an organization, which is somewhat inconsistent with the public service nature of the site but not necessarily suspicious. No WAF or blocking mechanisms are detected, and the site content is fully accessible. Overall, the website is functional and provides valuable regional transportation information but would benefit from improved security practices, privacy compliance, and clearer business contact details to enhance trust and regulatory adherence.

EM-Immobilien is a small real estate company based in Vienna, Austria, specializing in property management and brokerage services. The website serves as a basic informational portal targeting individuals and businesses seeking real estate services locally. The company branding is moderately consistent, with a focus on personal and individual service as indicated by the tagline and logo. The website content is primarily in German and includes references to key services such as property management and real estate brokerage. However, the site lacks comprehensive business contact details and formal privacy or terms of service documentation.

M

MXGP Czech republic 26.-27.7.2025 - Home

mxgploket.com

42

The website www.mxgploket.com serves as an informational portal for the MXGP Czech Republic motocross event scheduled for July 26-27, 2025. It provides event details, ticketing links, accommodation, maps, and contact navigation. The site targets motocross enthusiasts and event attendees primarily in the Czech Republic region. Technically, it is built on Joomla CMS with standard web technologies including jQuery, Bootstrap, and Google Maps API integration. The site includes Google Analytics for visitor tracking but lacks visible privacy or cookie policies, which is a compliance gap. Security posture is basic with no detected security headers or advanced protections. WHOIS data for the domain is unavailable, raising concerns about domain registration legitimacy. Overall, the site is functional but requires improvements in privacy compliance, security hardening, and domain legitimacy verification.

L

Lounaistieto

lounaistieto.fi

63

Lounaistieto.fi is a regional government information service portal for Southwest Finland, providing localized data and resources to residents and stakeholders. The website is positioned as a trusted public sector resource, offering regional information in Finnish with multilingual support. The business model is focused on public service and information dissemination, targeting local citizens and organizations. Technically, the site is built on WordPress CMS, utilizing various plugins such as Matomo for analytics and CookieHub for cookie consent management. The infrastructure supports modern web technologies including React and Google Maps API, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and cookie consent implemented; however, there is room for improvement in security headers and explicit policy disclosures. Overall, the site is accessible, professionally designed, and trustworthy, though it lacks visible privacy and terms of service policies. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and improving accessibility features to strengthen compliance and user trust.

L

Lokálny trh

lokalnytrh.sk

56

Lokálny trh is an established Slovak online platform founded in 2014 that maps and catalogs local food and beverage producers, providing consumers with an interactive map and search tools to discover regional producers. The platform also supports producers, retailers, and event organizers by offering free online profiles and promotional tools. The website demonstrates a good level of digital maturity with modern technologies such as Algolia search, Google Analytics, Facebook SDK, and responsive design. Security posture is solid with HTTPS, DNSSEC, and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. Overall, the platform serves a niche retail market in Slovakia with a focus on local and regional products, maintaining a trustworthy and professional online presence.

W

Waldhart Software

skischool.shop

48

Waldhart Software operates a specialized online platform providing e-commerce and booking solutions tailored for ski schools and snow sports schools primarily in Alpine regions. The website serves as a reference showcase for nearly 300 live client online shops, demonstrating a strong market presence in the niche retail sector for winter sports education and services. The business model focuses on B2B SaaS offerings, enabling ski schools to manage online bookings and sales effectively. Technically, the website employs modern JavaScript frameworks, likely Vue.js with the Quasar UI framework, and integrates Google Maps APIs for location services. Hosting is managed via profiwebspace.at, with domain registration through InterNetX GmbH in Austria. The site is served over HTTPS, ensuring encrypted communications, but lacks DNSSEC and security headers, which are recommended for enhanced security. Security posture is moderate; while HTTPS and domain transfer protections are in place, the absence of security headers and privacy/cookie policies indicates room for improvement in compliance and security best practices. No forms or contact details were found in the analyzed content, limiting direct user engagement and incident response capabilities. Overall, the website is professional and well-structured, targeting ski schools and related businesses with a clear value proposition. However, to strengthen trust and compliance, the addition of privacy and cookie policies, security headers, and clear contact information is advised.

AWA 1213 is a Czech Republic-based company providing comprehensive roadside assistance services for motorists, including personal vehicles, trucks, and buses. The company operates a 24/7 call center and offers assistance cards that provide prepaid services to customers. Their market position is that of an established service provider with coverage across the Czech Republic and Europe. The website is built on WordPress and uses common web technologies such as jQuery and Google Maps API to enhance user experience. The site is mobile-optimized and presents clear navigation and professional content. Security posture is adequate with HTTPS enforced and secure forms, but lacks advanced security headers and published security policies. Privacy compliance is partially met with available privacy and terms documents but lacks cookie consent mechanisms. WHOIS data is missing, which limits domain trust verification and slightly reduces overall credibility. Overall, the website is professional, trustworthy, and serves its target audience effectively.

V

Visiting Nurses Association of America (V.N.A.A.)

bayoudogs.org

60

The Visiting Nurses Association of America (V.N.A.A.) is featured on a professional and comprehensive website hosted under the Young Survival Coalition domain, a reputable non-profit organization focused on young adults facing breast cancer. The site provides detailed information about V.N.A.A.'s advocacy, education, and community-based home health services. The target audience includes young women diagnosed with breast cancer and their support networks. The website demonstrates a strong market position within the non-profit healthcare advocacy sector, offering key services such as resource directories and community support. Technically, the website employs modern web technologies including FusionCMS, Google Analytics, Google Tag Manager, Facebook Pixel, and Google Maps API. The site is mobile-optimized, accessible, and SEO-friendly, with a clean and consistent branding approach. Performance is moderate, with room for optimization in loading speed and security headers. From a security perspective, the site uses HTTPS with a good SSL configuration and no visible exposed sensitive data. However, security headers are not detected, and privacy compliance could be enhanced by implementing explicit cookie consent mechanisms and clearer GDPR indicators. The WHOIS data is privacy-protected, which is typical for non-profit organizations, and no suspicious patterns were found, supporting the site's legitimacy. Overall, the website is trustworthy, professional, and well-maintained, serving its community effectively. Strategic improvements in security headers and privacy compliance would further strengthen its posture.

W

W&P - member of Euronova Group

wandp.cz

60

W&P, a member of the Euronova Group, is a leading outdoor advertising provider in the western Czech Republic, offering a broad portfolio of advertising spaces including billboards, public transport shelters, LED screens, and more. The company holds a significant market share in the Plzeň and Karlovy Vary regions and emphasizes community benefit alongside business growth. Technically, the website is built on WordPress using popular page builders and plugins, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS and cookie consent implemented, but lacks some security headers and explicit security policies. WHOIS data is missing, which reduces domain trustworthiness, but the website content and business information appear professional and credible. Overall, the site is well-structured and compliant with GDPR, with clear contact information and social media presence.

S

Sailun Group Europe

sailun-tyres.eu

59

Sailun Group Europe operates as a tyre manufacturer and distributor specializing in passenger car, light truck, truck, and bus tyres. The company offers a broad product portfolio including summer, winter, and all-season tyres, with a focus on performance, safety, and eco-friendly technologies tailored also for electric and hybrid vehicles. Positioned competitively in the European market, Sailun emphasizes quality and sustainability, evidenced by certifications such as the EcoVadis Silver Medal and endorsements like AutoBild approval. Their business model includes a dealer locator service and direct customer engagement through comprehensive product catalogs and press releases. Technically, the website employs modern web technologies including Bootstrap, jQuery, Font Awesome, Google Maps API, and Cookiebot for consent management. The site is mobile-optimized with good navigation and moderate performance. Analytics are implemented via Google Tag Manager, indicating moderate user tracking with privacy compliance measures in place. However, some security best practices such as security headers and explicit incident response policies are not publicly visible. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism, contributing to a solid security posture. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is due to EURid's privacy policy for .eu domains, which is common and justified for this business type. Overall, the domain and website present strong legitimacy and trustworthiness. The overall risk assessment is low, with recommendations to enhance security headers, publish security policies, and consider a vulnerability disclosure program to further strengthen trust and compliance. The website quality and business credibility are high, supporting Sailun's position as a reputable tyre brand in Europe.

S

Skanska a.s.

skanska.cz

70

Skanska a.s. is a leading construction and development company operating in the Czech Republic, specializing in residential and commercial real estate development, infrastructure projects, and related services such as facility management and equipment rental. The company is part of the global Skanska Group and maintains a strong market position with a focus on sustainability and innovation. The website reflects a mature digital presence with comprehensive content, clear navigation, and active social media engagement. Technically, the site uses modern frameworks and analytics tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and form protections in place, although explicit security policies and incident response details are not publicly disclosed. Overall, the domain registration and WHOIS data align well with the company's identity, supporting legitimacy and trustworthiness.

P

Pivovar Hradecký Klenot

hradeckyklenot.cz

42

Pivovar Hradecký Klenot is a small, regionally focused brewery located in Hradec Králové, Czech Republic, specializing in traditional Czech lagers and specialty beers. The business operates both a physical brewery with hospitality services and an online e-shop for direct sales. The website reflects a professional and consistent brand presence with clear contact information and social media integration. The inclusion of an age verification modal demonstrates compliance with legal requirements for alcohol-related content. Technically, the site uses modern web technologies including Bootstrap, jQuery, Google Tag Manager, and Facebook Pixel, supporting a moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though the absence of security headers and explicit privacy policies indicates room for improvement. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

W

Wellness Kuřim s.r.o.

halakurim.cz

53

Sportovní hala Kuřim is a local sports facility operated by Wellness Kuřim s.r.o., providing a variety of sports venues and services including a sports hall, inflatable summer hall, beach volleyball courts, athletic area, aquapark, fitness center, and football fields. The website targets local sports enthusiasts and community members, offering reservation systems and event information. The business operates in the hospitality sector with a small company size and a clear focus on community sports engagement. Technically, the website employs common web technologies such as Google Analytics, Facebook SDK, and Google Maps API, with a moderate performance and good mobile optimization. The site uses HTTPS and secure form submissions but lacks advanced security headers and published privacy or terms of service documents, indicating room for improvement in security and compliance maturity. Security posture is adequate with HTTPS and secure forms but missing security headers and privacy policy reduce overall security confidence. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is a concern for domain legitimacy and trustworthiness, although the website content and contact information appear professional and consistent. Overall, the website is functional and professional but would benefit from enhanced security practices, published privacy and terms policies, and improved transparency regarding data protection to increase trust and compliance.

O

OPPORTUNITY, spol. s r.o.

alpinecentrumbrno.cz

58

OPPORTUNITY, spol. s r.o. operates the Alpine Store Brno, a specialized automotive dealership focusing on Alpine sports cars, with a modern showroom in Brno, Czech Republic. The company has a long history in automotive sales and racing, positioning itself as a key player in the regional luxury sports car market. The website is professionally designed, mobile-optimized, and provides clear contact information and business details. Technically, it uses modern JavaScript libraries and integrates multiple marketing and analytics tools with appropriate cookie consent mechanisms. Security posture is good with HTTPS and obfuscated emails, though some security headers could be improved. The domain is newly registered, which aligns with a new brand initiative rather than the company's founding date. Overall, the site is trustworthy and well-maintained.

D

Drevoburza

drevoburza.eu

55

Drevoburza.eu operates as a specialized online marketplace and classified ads platform focused on forestry and wood-related products and services in Slovakia. The platform offers categorized listings including timber, pallets, wood chips, furniture, forestry services, and hunting supplies via an integrated e-shop. It targets businesses and individuals involved in the forestry sector, providing a niche regional service with moderate market presence. The website integrates social media and partner links to enhance its ecosystem. Technically, the website uses a traditional web stack with jQuery, Google Analytics, Facebook SDK, and Google Maps API. Hosting is provided by WebSupport s.r.o., a reputable Slovak hosting provider. The site is served over HTTPS, but uses some outdated libraries and lacks advanced security headers, indicating room for modernization and improved security hardening. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. From a security perspective, the site enforces HTTPS and uses input masking on phone fields, but lacks explicit security policies and incident response information. The presence of outdated jQuery versions and missing security headers represent potential vulnerabilities. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. No direct company contact emails or phone numbers are published, which may impact user trust. Overall, the website is functional and professionally presented with good content quality and clear navigation. It is safe for general audiences with no adult or questionable content. The domain registration is consistent and legitimate, supporting the business credibility. Strategic improvements in security posture, contact transparency, and technical modernization would enhance trust and compliance.

E

Elkova

elkova.cz

57

Elkova is a Czech-based small business specializing in electrical installation services including both high and low voltage systems, security systems, video intercoms, fire protection, and photovoltaic solutions. Established in 2002, the company serves residential, commercial, and developer clients primarily in Prague and Central Bohemia. The website presents a professional image with clear service offerings, customer testimonials, and comprehensive contact information. Technically, the site is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for SEO, spam protection, and cookie consent. The site is mobile optimized and uses HTTPS with a valid SSL certificate, ensuring secure communications. Security posture is good but could be improved by adding explicit security headers and incident response information. Privacy compliance is evident with a GDPR-compliant privacy and cookie policy. Overall, the website is trustworthy and well-maintained, reflecting a legitimate and established business.

S

Sportovní areály HAMR

hamrsport.cz

57

Sportovní areály HAMR operates sports and recreational facilities in Prague, offering a wide range of sports activities including tennis, badminton, squash, beach volleyball, and group fitness classes. The business targets families and sports enthusiasts seeking leisure and active recreation, supported by amenities such as restaurants, cafes, and free parking. The website reflects a well-established local presence with a professional digital footprint and partner ecosystem. Technically, the site uses modern web technologies including Google Tag Manager and Google Maps API, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced and cookie consent implemented, though improvements are recommended in security headers and explicit security policies. WHOIS data is unavailable, which slightly impacts domain trust assessment. Overall, the site is safe, family-friendly, and professionally maintained.

M

myComm s.r.o.

hasicovo.cz

63

Hasičovo is a Czech Republic based media and community platform operated by myComm s.r.o., focusing on firefighting news, events, and resources. The website serves the firefighting community with news updates, event calendars, legislative information, and offers free website creation for fire brigades. It maintains a strong market position within its niche, supported by partnerships and an active social media presence. Technically, the site uses modern web technologies including Google Tag Manager, Google reCAPTCHA, and Google Maps API, with good mobile optimization and accessibility. Security posture is solid with HTTPS and reCAPTCHA protections, though some HTTP security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy and cookie policy and GDPR adherence. The lack of WHOIS data limits domain trust assessment, but the website content and business information appear professional and trustworthy.

S

Saucony

mysaucony.cz

60

The website mysaucony.cz serves as the official Czech Republic portal for the Saucony brand, specializing in running and lifestyle footwear. It showcases various product lines, provides a store locator, and offers a newsletter subscription, targeting runners and footwear consumers in the Czech market. The business model is retail-focused, leveraging brand marketing and e-commerce capabilities. The site is moderately sized and professionally maintained, with consistent branding and a clear market position as a regional Saucony presence. Technically, the site is built on WordPress with a modern tech stack including jQuery, Google Maps API, and Mailchimp integration. Hosting is via AWS and DigitalOcean Spaces, indicating a reliable infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses common security plugins, but lacks explicit security headers and published incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Contact information is limited to forms, with no direct emails or phone numbers published. Overall, the site is trustworthy and professionally managed, with no signs of malicious activity or blocking mechanisms. Strategic improvements could focus on enhancing security headers, publishing incident response details, and expanding direct contact options to improve user trust and compliance.

V

Vieta

vietabar.lv

54

Vieta is a hospitality business based in Riga, Latvia, specializing in champagne and wine sales, tastings, events, wine tours, and related services. The website is built on the Readymag platform and integrates modern web technologies including Google Fonts, Google Maps API, Facebook Pixel, and Google Tag Manager, reflecting a moderate level of digital maturity. The site is mobile optimized and presents a professional design with clear navigation and relevant content for its target audience. Security posture is adequate with HTTPS enforced and use of tracking and analytics tools, but lacks visible security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is legitimate and credible but would benefit from enhanced privacy and security disclosures to improve trust and compliance.

I

Icontio Ltd., org. složka

icontio.com

56

Icontio Ltd. is a Czech Republic-based technology company specializing in enterprise information systems and consulting services focused on digitalization, process improvement, and information security. Established in 2006, the company offers a suite of proprietary software products such as PMportal, Unicom, IQdoc, and others, targeting businesses, government agencies, healthcare, and social services. Their market position is supported by a long domain history, client references, and ISO 27001 certification, indicating a mature and trusted service provider in their niche. Technically, the website employs a mix of legacy and modern web technologies including jQuery 1.10.2, Google Analytics, Facebook SDK, and Google Maps API. The site is moderately performant, mobile-optimized, and SEO-friendly but lacks some modern security headers and uses an outdated JavaScript library, which could pose security risks. Hosting details are not explicit but domain registration is through a reputable registrar. From a security perspective, the company demonstrates awareness through ISO 27001 certification and domain transfer protections. However, the absence of DNSSEC, security headers, privacy and cookie policies, and incident response contacts indicates room for improvement in security posture and compliance. Tracking technologies are used moderately, with no visible cookie consent mechanisms, which may impact GDPR compliance. Overall, the website is professional, content-rich, and trustworthy with a solid business foundation. Strategic improvements in privacy compliance, security headers, and updating legacy technologies would enhance their security and compliance standing, reducing risk and increasing customer trust.

S

Studio Wyposażenia Wnętrz

studioww.pl

55

Studio Wyposażenia Wnętrz is a small, established Polish company based in Płock, specializing in custom office and school furniture since 1996. The company offers a broad range of furniture solutions including ergonomic chairs, metal cabinets, and window coverings, targeting businesses and institutions in the local region. Their market position is supported by long-term experience and authorized distributor status. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google APIs, providing a responsive and user-friendly experience. However, some accessibility and security best practices could be improved. Security posture is moderate with HTTPS enabled but lacking explicit security headers and formal vulnerability disclosure mechanisms. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced compliance and security measures.

A

Agmamito sp. z o.o.

agmamito.com

48

Agmamito sp. z o.o. is a Polish company specializing in upholstery and furniture fabrics, offering a diverse range of fabric collections including outdoor lines. The company targets both individual consumers and businesses involved in home and commercial interior design. Their market position is that of a niche player with a clear focus on quality textile products certified by OEKO-TEX Standard 100. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, supporting a positive user experience. Technically, the site employs modern web technologies such as jQuery, Bootstrap, Swiper.js, and integrates Google Analytics and Tag Manager for tracking. Hosting and DNS services are managed via Cloudflare, ensuring good performance and security. Security posture is solid with HTTPS enforced and domain transfer protection, though improvements like enabling DNSSEC and adding security headers are recommended. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, though no explicit security policy or incident response contacts are found. Overall, the website and domain registration data are consistent and trustworthy, reflecting a legitimate business with a good digital presence.

P

Producent drukarek 3D Omni3D Sp. z o. o.

omni3d.com

50

Omni3D is a Poland-based manufacturer specializing in large-format industrial 3D printers and related services. Established in 2010, the company has positioned itself as a leader in the industrial additive manufacturing sector, offering a range of products including industrial and desktop 3D printers, filaments, and on-demand 3D printing services. Their market focus spans multiple industries such as automotive, heavy and light industry, education, and transportation. The website reflects a mature digital presence with multilingual support, comprehensive product information, and active customer engagement channels including a newsletter and contact forms. Technically, the website is built on WordPress and leverages modern web technologies including Google Analytics, Google Tag Manager, reCAPTCHA, and lazy loading for performance optimization. The site is mobile-optimized and SEO-friendly with structured data markup enhancing search engine visibility. Hosting and domain registration details align with the business profile, indicating a stable and legitimate online presence. From a security perspective, the site enforces HTTPS and employs reCAPTCHA to protect forms. GDPR compliance is evident through a detailed privacy policy and cookie consent mechanism. However, the absence of explicit security policies, incident response contacts, and security headers suggests areas for improvement. No critical vulnerabilities or suspicious content were detected. Overall, Omni3D presents a professional, trustworthy, and well-maintained online platform supporting its industrial 3D printing business. Strategic enhancements in security transparency and technical hardening would further strengthen its security posture and customer trust.

K

KOMPANIA PIWOWARSKA SA

browarytyskie.pl

55

The website represents the Tyskie Książęce Breweries Tourist Center, a historic brewery in Poland with a 395-year legacy. It offers a range of services including brewery tours, museum visits, beer tasting workshops, a pub experience, and event organization. The business is positioned as a major cultural and hospitality destination in Upper Silesia, targeting tourists and beer enthusiasts. The site is professionally designed with consistent branding and clear navigation, supporting both local and international visitors. Technically, the site is built on WordPress with modern tracking and marketing tools integrated, including Google Tag Manager and Facebook Pixel. The presence of an age verification gate and comprehensive privacy and cookie policies demonstrate compliance with legal requirements for alcohol-related content. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Overall, the domain registration aligns well with the business identity, indicating legitimacy and trustworthiness.

L

Lufthansa City Center

lufthansa-city-center.com

58

Lufthansa City Center operates as a well-established travel agency network specializing in vacation and business travel services worldwide. The company leverages its affiliation with Lufthansa to provide comprehensive travel booking, consulting, and management solutions. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support targeting German and English-speaking travelers. Technically, the site is built on WordPress with modern plugins and tracking tools, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and domain transfer protections, though improvements are needed in DNS security and security headers. Privacy compliance is currently weak due to missing explicit privacy and cookie policies. Overall, the business credibility is high, supported by consistent WHOIS data and trust signals.

L

LEDS-C4 S.A

ledsc4.us

61

LEDS-C4 S.A operates the website ledsc4.us, a retail e-commerce platform specializing in designer LED lighting and decorative lamps targeted primarily at the US market. The company, founded in 2014 and based in Spain, offers a broad catalog of lighting products with a focus on quality and design. The website is professionally designed, mobile-optimized, and uses PrestaShop as its e-commerce platform, integrating various third-party tools such as Google Tag Manager, Doofinder search, and JivoSite chat for enhanced user experience and marketing. Technically, the website employs HTTPS with Cloudflare DNS services but lacks DNSSEC and some recommended security headers, which could be improved to enhance security posture. The site demonstrates moderate performance and good SEO practices but could benefit from stronger accessibility features. Privacy compliance is basic, with a cookie policy and consent mechanism present but no explicit privacy or terms of service pages found. From a security perspective, the site shows good fundamentals such as HTTPS and secure form tokens but lacks published security policies or incident response contacts. No critical vulnerabilities or suspicious patterns were detected, and the domain registration data aligns well with the business claims, indicating legitimacy and stability. Overall, the website presents a moderate risk profile with room for improvement in privacy compliance, security headers, and direct contact information. Strategic enhancements in these areas would strengthen trust and security posture, supporting business growth and regulatory compliance.