Security Directory

J

Ještědská stavební společnost, spol. s r.o.

jss.cz

57

Ještědská stavební společnost, spol. s r.o. is a well-established Czech construction company specializing in building and water management projects with over 30 years of experience and more than 790 completed projects. The company targets clients in the Liberec region and broader Czech Republic, offering comprehensive construction services including new builds, reconstructions, and ecological water infrastructure. The website reflects a professional and consistent brand presence with clear service descriptions and references. Technically, the site uses modern JavaScript libraries and Google analytics tools, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and published security policies. Privacy compliance is partial due to missing privacy and terms documents. WHOIS data confirms domain legitimacy and consistency with business claims. Overall, the site is trustworthy and functional with room for improvement in compliance and security best practices.

E

eSports.cz s.r.o.

hc-slavia.cz

45

HC Slavia Praha is a well-established Czech ice hockey club with a strong local presence and active fan engagement. The website serves as a comprehensive portal for news, match schedules, ticket sales, youth programs, and partner information. The site is professionally designed with good navigation and mobile optimization, targeting hockey fans and the local community. Technically, the site uses a custom CMS with common libraries like jQuery and Bootstrap, hosted likely by REG-ZONER. Security posture is adequate with HTTPS and cookie consent mechanisms, though some improvements are recommended such as updating libraries and publishing explicit security policies. Overall, the site is trustworthy and functional but lacks some formal privacy and terms documentation.

G

Global Financial Solutions s.r.o.

gfsgroup.cz

65

Global Financial Solutions s.r.o. operates as a financial consulting and brokerage firm based in the Czech Republic, providing services such as financial product consulting, communication with financial institutions, and support in unexpected financial situations. The company positions itself as a strong partner in finance with a client-centric approach, supported by partnerships with multiple financial institutions and a parent company, OK HOLDING. The website reflects a medium-sized enterprise with a professional online presence and clear business information. Technically, the website employs modern web technologies including jQuery, Bootstrap, and tracking tools like Google Tag Manager and Facebook Pixel, hosted by WEDOS. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site is well-structured, GDPR compliant, and trustworthy, with no signs of malicious content or blocking mechanisms.

Č

Čermák a Hrachovec a.s.

cerhra.cz

50

Čermák a Hrachovec a.s. is a well-established Czech company specializing in construction and infrastructure services, particularly in water supply, sewage systems, trenchless technologies, and road reconstruction. Founded in 1998, it serves business clients primarily in the energy and transportation sectors. The website reflects a professional and consistent brand image with clear presentation of services, leadership, and references. Technically, the site uses modern JavaScript libraries and analytics tools, with good mobile optimization and basic SEO. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers and incident response contacts could be improved. Overall, the domain registration data aligns well with the business claims, supporting high legitimacy and trustworthiness.

A

ALPY, spol. s r.o.

festivalalpinismu.cz

48

The website festivalalpinismu.cz represents the International Festival of Alpinism held in Prague, organized by ALPY, spol. s r.o. The festival is a well-established event with a history dating back to 2009, featuring top climbers, safety symposiums, and mountain film screenings. The site targets outdoor enthusiasts, climbers, and professionals interested in mountain safety. Technically, the site is built on Drupal 8 with Bootstrap and jQuery, offering a responsive and user-friendly experience. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, though security headers are missing and privacy compliance is lacking. The site integrates tracking tools like Google Tag Manager and Facebook Pixel but does not provide cookie consent mechanisms or privacy policies, indicating compliance gaps. Overall, the domain registration and business information are consistent and trustworthy, supporting a high legitimacy score.

A

Asklepion

asklepion.cz

48

Asklepion is a leading clinical and aesthetic medicine institute in the Czech Republic, offering a wide range of specialized medical services including dermatology, stomatology, plastic surgery, and more. The website reflects a mature digital presence with comprehensive service descriptions, customer testimonials, and an integrated e-commerce platform for related products. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and Google Analytics, ensuring a responsive and user-friendly experience. Security measures include HTTPS enforcement and reCAPTCHA integration, although there is room for improvement in security headers and explicit incident response policies. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable resource for patients and clients.

M

MEDIA MARKETING SERVICES a.s.

hitradiocontact.cz

51

Hitrádio Contact is a Czech regional radio station operated by MEDIA MARKETING SERVICES a.s., offering multiple live internet radio streams, podcasts, playlists, contests, and a listener club. The website targets Czech-speaking audiences interested in music and regional news, providing a rich multimedia experience with detailed song metadata and active social engagement. The business operates primarily in the media sector with a medium-sized footprint and a domain age consistent with its founding in 2021. Technically, the website employs modern web technologies including Google Tag Manager, Facebook Pixel, jQuery, and Foundation CSS framework. It is hosted by Active24, a reputable provider, and demonstrates good performance and mobile optimization. SEO and accessibility are adequately addressed, though accessibility could be improved further. From a security perspective, the site enforces HTTPS, uses security headers, and includes CSRF tokens, indicating a solid security posture. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear GDPR and cookie policies and consent mechanisms. However, no explicit security policy or incident response contacts are published. Overall, the website is professional, trustworthy, and safe for general audiences. It shows good digital maturity and business credibility, with room for improvement in formal security disclosures and accessibility enhancements.

Č

Česká pošta

zakaznicka-karta.cz

53

The website www.zakaznicka-karta.cz represents the official customer loyalty card service of Česká pošta, the Czech national postal service. It offers users various benefits such as discounts on postal services, the ability to pick up parcels for family members, and partner rewards. The site is well-branded, consistent with Česká pošta's identity, and targets general postal customers in the Czech Republic. The business model is government-operated postal services with a customer loyalty program to enhance user engagement and retention. Technically, the website uses common JavaScript libraries such as jQuery, Slick Carousel, and Magnific Popup, indicating a moderately modern tech stack. The site is mobile optimized and has good SEO practices, although accessibility features are basic. The site loads scripts over HTTPS, but explicit security headers are not detected in the provided data, suggesting room for improvement in security hardening. From a security perspective, the site implements a cookie consent banner and a comprehensive privacy policy compliant with GDPR. However, no explicit security policy, incident response, or vulnerability disclosure information is found. The WHOIS data is unavailable, likely due to CZ NIC privacy restrictions, but the domain and website content strongly indicate legitimacy. No WAF or blocking mechanisms are detected, and the site content is safe with no adult or questionable material. Overall, the website is professionally maintained with a good balance of content quality, technical implementation, and business credibility. Security posture is adequate but could benefit from enhanced headers and transparency on security policies. The domain's legitimacy is supported by consistent branding and official contact details, despite missing WHOIS data.

B

Blueprint

blueprintvegas.com

60

Blueprint is a medium-sized event organizer specializing in the real estate and construction technology sector. Their flagship event, held annually in Las Vegas, attracts thousands of attendees including industry executives, startups, and investors. The website is professionally designed and well-branded, providing detailed information about speakers, sponsors, and event schedules. Technically, the site is built on WordPress with modern frameworks and integrates multiple analytics and marketing tools. Security posture is good with HTTPS and anti-clickjacking measures, but lacks DNSSEC and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration and hosting are legitimate and consistent with the business profile.

D

Daily Miami News

dailymiaminews.com

52

Daily Miami News is an online news media outlet focused on delivering news content related to Miami and surrounding areas, covering categories such as news, world, business, technology, sports, entertainment, and real estate. The website operates on a WordPress platform with a professional theme and uses common web technologies including jQuery, Yoast SEO, and Slick Carousel. It is hosted behind Cloudflare DNS services, ensuring reliable availability and basic security protections. The site is regularly updated with recent news articles and uses structured data to enhance SEO performance. However, it lacks explicit privacy and cookie policies, which impacts its privacy compliance rating. From a security perspective, the website uses HTTPS and has domain status protections to prevent unauthorized domain changes. However, DNSSEC is not enabled, and no advanced security headers are detected, indicating room for improvement in security hardening. The absence of published security policies or incident response contacts suggests limited transparency in security governance. Analytics usage is moderate, relying on Google Analytics and Tag Manager, but without clear data retention or privacy compliance disclosures. Overall, the website presents a good user experience with clear navigation and relevant content for its target audience. The lack of direct contact emails or phone numbers and missing privacy-related policies are notable gaps. The domain registration data is consistent with the website's business claims, supporting its legitimacy. Strategic improvements in privacy compliance, security headers, and transparency would enhance trust and security posture.

New York YIMBY is a specialized media outlet focused on real estate development and construction news in New York City. Established in 2012, it provides detailed coverage of projects, neighborhoods, and industry trends from a pro-growth perspective. The website targets real estate professionals, developers, urban planners, and interested residents, offering news articles, research, advertising opportunities, and community forums. Its market position is that of a niche, trusted source within the NYC real estate media landscape. Technically, the website is built on WordPress and leverages a modern technology stack including jQuery, Yoast SEO, and various advertising and analytics tools such as Google Analytics, Facebook Pixel, and Quantcast. It uses Cloudflare for DNS and likely CDN services, ensuring good performance and security. The site is mobile-optimized with good SEO and accessibility features, although some accessibility aspects could be improved. From a security standpoint, the site employs HTTPS with excellent SSL configuration but lacks some security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic; while a privacy policy is present, there is no cookie consent mechanism or GDPR-specific compliance information. Incident response and vulnerability disclosure policies are absent. Overall, the website is professional, content-rich, and trustworthy with moderate tracking and advertising practices. Recommendations include enhancing privacy compliance with cookie consent, publishing security and incident response policies, enabling DNSSEC, and adding security headers to improve security posture and regulatory compliance.

S

SIA Universitātes Vetfonds

vetfonds.lv

60

SIA Universitātes Vetfonds operates a comprehensive veterinary supply and service website targeting veterinarians and animal owners primarily in Latvia. The company, established in 1995, offers an extensive range of veterinary products through an online pharmacy, supports veterinary professionals with equipment and educational seminars, and provides laboratory testing services. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support focused on Latvian. Technically, the site is built on WordPress with WooCommerce, leveraging modern libraries and integrations such as Google Tag Manager and Facebook Pixel for analytics and marketing. Security posture is solid with HTTPS enforced and no evident vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. Overall, the site demonstrates a trustworthy and credible business with strong market positioning in the veterinary healthcare sector.

P

Purple Trading

purpletrading.cz

79

Purple Trading is an online Forex and CFD brokerage targeting retail and professional traders primarily in the Czech Republic. The website presents itself as a leading global Forex broker offering premium quality trading services, reliable technology, and a fair approach to clients. The content is professionally structured and localized in Czech, indicating a mature digital presence. The company emphasizes client success and provides extensive cookie consent and privacy mechanisms, reflecting compliance with GDPR requirements. Technically, the site uses modern JavaScript libraries and analytics tools such as Google Tag Manager, Segment, and Smartlook, integrated with a Joomla CMS platform. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content.

Z

ZD Myslejovice, družstvo

agrogum-agm.cz

46

Agrogum AGM Myslejovice is a medium-sized manufacturing business specializing in custom rubber molding and technical rubber products. Operating as part of the agricultural cooperative ZD Myslejovice, the company has a long-standing history dating back to the 1970s. Their product range includes rubber-metal combinations, sealing elements, membranes, and production of pressing molds, serving industrial clients primarily in the Czech Republic. The website reflects a professional and consistent brand image with clear contact channels and GDPR compliance. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Google Fonts, and Google Analytics, managed via the Eliška CMS platform. The site is mobile-optimized with good SEO and accessibility basics. Security measures include HTTPS enforcement and Google reCAPTCHA v3 integration for form protection. However, additional security headers and explicit incident response policies are absent. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear cookie consent mechanisms and a privacy policy page. The absence of WHOIS data limits domain trust assessment, but the website content and business information appear legitimate and professional. Overall, the website presents a trustworthy and functional digital presence for a specialized manufacturing business, with room for improvement in security headers and transparency regarding security policies.

B

Bazény Kostelec

bazeny-kostelec.cz

55

Bazény Kostelec is a Czech company specializing in the manufacture and installation of plastic swimming pools and related products, operating since 1994. The company offers comprehensive turnkey solutions including pool construction, roofing, filtration systems, and chemical maintenance products. Their market position is that of a well-established local player with a strong focus on quality and customer service. Technically, the website is built on a modern stack including Bootstrap, jQuery, and integrates Google Analytics and reCAPTCHA for security and analytics. The site is mobile-optimized and includes cookie consent mechanisms compliant with GDPR. Security posture is good with HTTPS and secure forms, though there is room for improvement in HTTP security headers and incident response transparency. Overall, the website is professional, trustworthy, and provides clear contact information and customer testimonials, supporting business credibility. However, the absence of WHOIS data for the domain reduces transparency and trust slightly, warranting further verification.

B

BONVIN, s.r.o.

ubytovani-valtice.cz

49

The website represents a small family-run hospitality business, BONVIN, s.r.o., operating the Penzion Moravský Sommelier in Valtice, Czech Republic. It offers accommodation with a unique wine cellar experience, targeting wine enthusiasts, tourists, and cyclists exploring South Moravia. The site is well-structured, professionally designed, and provides clear contact and business information, enhancing trust and user engagement. Technically, the site employs modern web technologies including Bootstrap, jQuery, Google Analytics, and reCAPTCHA, indicating a moderate level of digital maturity. Security posture is good with HTTPS and anti-bot measures, though additional security headers and policies could improve resilience. The absence of WHOIS data reduces domain trustworthiness, but the website content and business details appear legitimate and consistent with a hospitality service provider. Overall, the site is functional, user-friendly, and compliant with GDPR cookie consent requirements.

M

MOTO OLOMOUC R&V s.r.o.

bartonmotors.cz

51

MOTO OLOMOUC R&V s.r.o. is a Czech small business founded in 2020 specializing in the sale and servicing of motorcycles, scooters, electric scooters, and quads, primarily under the Barton Motors brand. The company targets both children and adult riders, offering a range of vehicles and branded rider equipment. Their market position is that of a reliable and professional partner with a strong focus on customer service and quality products. Technically, the website is built on a modern stack including Bootstrap, jQuery, and Google services, with good mobile optimization and SEO practices. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers and policies are missing. The absence of WHOIS data reduces domain trust, but the website content and contact information appear legitimate and professional. Overall, the site is well-designed and user-friendly, supporting the company’s business goals effectively.

U

URS Czech

pro-cert.cz

44

URS Czech is a professional service provider specializing in ISO certification, inspections, product certification, testing, and training services primarily targeting businesses seeking compliance and quality assurance. The company operates as part of the URS Holdings group, with a global office network, positioning itself as a trusted partner in certification and compliance services. The website demonstrates a solid digital presence with modern technologies such as jQuery, slick carousel, and fancybox, providing a responsive and user-friendly experience. Privacy compliance is well addressed with cookie consent mechanisms and a clear privacy policy. Security posture is moderate, with secure form handling and HTTPS implied, but lacking explicit security headers and public security policies. The absence of WHOIS data reduces domain trust from a registration perspective, but the professional content, client testimonials, and certifications support legitimacy. Overall, the website is well-structured and credible, with room for improvement in security transparency and technical hardening.

Č

Česká poradna

ceskaporadna.cz

53

Česká poradna is an established Czech online platform serving as a comprehensive business directory and marketplace. It offers a catalog of companies, experts, services, products, articles, and a request-for-offers system, targeting businesses and consumers primarily in the Czech Republic. The platform is supported by the parent company Evropská databanka s.r.o., indicating a solid market presence and partnership ecosystem. The website is professionally designed with consistent branding and clear navigation, supporting multiple languages including Czech, Slovak, and English.

F

Fandi mámám z.s.

fandimat.cz

48

FandiMat is a Czech non-profit project operated by Fandi mámám z.s., focused on facilitating material aid between people in need and donors including individuals and companies. The platform offers a web and mobile app interface, enabling users to request or offer material goods such as clothing, food, and household items. The project also includes physical exchange points called FandiMatPOINTs. The website is professionally designed, content-rich, and well-structured, targeting socially vulnerable groups and charitable organizations in the Czech Republic. Technically, the site is built on WordPress with modern plugins and SEO tools, supported by Google Analytics and Tag Manager for analytics and marketing. Security posture is good with HTTPS and cookie consent mechanisms, though security headers could be improved. The domain registration is consistent and legitimate, supporting the trustworthiness of the project.

Roovee S.A. operates a modern city bike rental system primarily in Poland, leveraging IoT technology, solar panels, and a mobile app to provide eco-friendly transportation solutions. The company positions itself as the only fully Polish bike sharing provider with a growing presence in multiple cities, supported by partnerships with technology leaders like Orange. The website reflects a mature digital infrastructure built on WordPress with SEO and analytics integrations, offering a good user experience and clear business information. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the business demonstrates credibility and compliance with GDPR, including a named Data Protection Officer. The domain registration data aligns well with the company's claims, supporting legitimacy.

P

Proměny Tišnova

promenytisnova.cz

42

The website 'Proměny Tišnova' serves as an official municipal portal for the city of Tišnov, Czech Republic, focusing on investment projects, urban development, and public news. It provides residents and stakeholders with updates on ongoing and planned city projects, including detailed news articles and interactive maps. The site leverages modern front-end technologies such as Bootstrap, Google Maps API, and various JavaScript libraries to deliver a responsive and informative user experience. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the content and branding strongly indicate a legitimate government entity. Security posture is moderate, with no advanced security headers detected and limited privacy compliance indicators. The site uses Google Analytics and Tag Manager for user tracking but lacks visible privacy and cookie policies, which could be improved for GDPR compliance. Overall, the site is functional and informative but would benefit from enhanced security and privacy practices to strengthen trust and compliance.

B

Beskydské divadlo Nový Jičín, příspěvková organizace

beskydskedivadlo.cz

62

Beskydské divadlo Nový Jičín is a regional cultural institution in the Czech Republic specializing in theatrical performances, including operas, operettas, and experimental projects. Founded in 2014, it operates as a contributory organization offering a variety of services such as ticket sales, subscriptions, venue rentals, educational programs, and podcasts. The website reflects a well-structured and professionally maintained digital presence with clear branding and consistent content quality aimed at a general audience interested in cultural events. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Knockout.js, and integrates Google services such as Analytics, Tag Manager, and reCAPTCHA for security and tracking. The CMS appears to be Umbraco, supporting dynamic content and form submissions. The site is mobile-optimized and incorporates accessibility and SEO best practices, although some improvements in accessibility could be made. From a security perspective, the site uses HTTPS with good SSL configuration and integrates reCAPTCHA to protect forms from abuse. Cookie consent mechanisms are comprehensive and GDPR compliant, with granular user control over tracking preferences. However, some security headers are not explicitly detected and could be enhanced. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website demonstrates a strong security posture, good privacy compliance, and a credible business presence. It serves its audience effectively with relevant content and clear contact information. Strategic recommendations include enhancing security headers, maintaining up-to-date libraries, and publishing a formal security policy to further strengthen trust and compliance.

C

Clearyst°

clearyst.com

63

Clearyst° is a sustainability software and consulting company focused on delivering ESG expertise and data-driven solutions to businesses aiming to improve their sustainability performance and impact. The company offers a SaaS platform combined with advisory services targeting multiple industries including technology, manufacturing, retail, and consumer goods. Their market position is supported by professional branding, client testimonials, and partnerships with industry leaders. Technically, the website is built on Webflow with modern JavaScript libraries and analytics tools such as Google Tag Manager and LinkedIn Insight, indicating a mature digital infrastructure. However, the absence of WHOIS data and lack of explicit privacy and cookie policies highlight areas for improvement in transparency and compliance. Security posture is moderate with no detected security headers and unknown SSL configuration, though Webflow hosting suggests HTTPS is enabled. Overall, the website is professional and trustworthy in content but would benefit from enhanced privacy disclosures and domain registration transparency.

C

Czech Founders

czechfounders.org

47

Czech Founders is a Czech non-profit organization and community dedicated to empowering startup founders and innovators in Czechia. The organization provides networking opportunities, advocacy with policymakers, research, and events to support the growth and scaling of startups. It has a strong presence in the Czech startup ecosystem with over 1000 members and partnerships with key organizations. The website is professionally designed, content-rich, and well-structured, targeting founders, investors, and ecosystem supporters. Technically, it is built on WordPress with modern UI libraries and is mobile optimized. Security posture is good with HTTPS and domain transfer protection, though DNSSEC is not enabled and security policies are not explicitly published. Privacy compliance is mostly met with a GDPR policy but lacks a cookie consent mechanism. Overall, the website is trustworthy and credible with transparent WHOIS data matching the business leadership.

U

Urząd Miejski w Koszalinie

koszalin.pl

51

The website koszalin.pl serves as the official municipal portal for the city of Koszalin, Poland, providing residents, businesses, and visitors with news, event information, public consultations, and investment opportunities. It is positioned as an authoritative government source with a consistent brand and good content quality. The technical infrastructure is based on Drupal 7 CMS with legacy JavaScript libraries, indicating a need for modernization. The site employs HTTPS and cookie consent mechanisms, reflecting compliance with EU privacy regulations. However, the use of outdated software components presents security risks that should be addressed. No explicit security or incident response policies are publicly available, and contact information is limited to forms without direct emails or phone numbers. Overall, the site is trustworthy and functional but would benefit from technical and security upgrades.

V

Vileda

vileda.sk

70

Vileda.sk is the official Slovak e-commerce website for Vileda, a leading brand in household cleaning products. Operated under Freudenberg Home and Cleaning Solutions s.r.o., the site offers a wide range of cleaning supplies including mops, cloths, and laundry care products. The platform targets Slovak consumers seeking quality and innovative household cleaning solutions, positioning itself as a trusted retail brand with a comprehensive product catalog and customer support via online forms. Technically, the website is built on SAP Hybris commerce platform, leveraging modern JavaScript libraries such as jQuery and Slick Carousel for UI components. It integrates Google Tag Manager, Microsoft Clarity, and Usercentrics CMP for analytics and privacy compliance. The site is mobile-optimized with good SEO and accessibility basics, ensuring a smooth user experience. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. It employs a consent management platform to comply with GDPR cookie regulations. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, Vileda.sk demonstrates a mature digital presence with strong business credibility and privacy compliance. The site is safe for general audiences, free from adult or questionable content. Strategic recommendations include enhancing accessibility, publishing security policies, and establishing a vulnerability disclosure program to further strengthen trust and security posture.

V

Vileda

vileda.cz

72

Vileda.cz is the official Czech e-commerce website for the Vileda brand, a leading provider of household cleaning products. The site offers a wide range of cleaning tools and accessories, targeting Czech households seeking quality and innovative cleaning solutions. The business is positioned as a trusted retail brand under the parent company Freudenberg Home and Cleaning Solutions s.r.o., with a professional online presence and active social media engagement. Technically, the website is built on a modern e-commerce platform (SAP Hybris Commerce) and employs a robust tech stack including jQuery, Google Tag Manager, Usercentrics for consent management, and Microsoft Clarity for analytics. The site is mobile-optimized and incorporates performance monitoring tools, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses a consent management platform to comply with GDPR. While explicit security headers are not fully visible in the HTML, no critical vulnerabilities or exposed sensitive data were detected. The absence of public WHOIS data suggests privacy protection, which is justified for a commercial brand site. Overall, the security posture is solid but could be enhanced by adding explicit security headers and publishing incident response policies. The overall risk assessment is low, with the site demonstrating good content quality, technical implementation, privacy compliance, and business credibility. Strategic recommendations include enhancing security headers, improving accessibility features, and making security policies more transparent to further strengthen trust and compliance.

L

Liapor s.r.o.

djt.cz

53

Dům jedním tahem is a Czech company specializing in the design and construction of low-energy prefabricated family houses made from ceramic concrete. The company offers a range of housing options including classic, premium, and modular homes, emphasizing quick construction, excellent insulation, and long durability. Their business model includes providing free project designs, printed catalogs, and personalized consultations, targeting individuals and families in the Czech Republic seeking sustainable and modern housing solutions. The website reflects a mature digital presence with professional design, clear navigation, and GDPR-compliant data collection practices. Technically, the website employs a variety of JavaScript libraries such as jQuery, Slick Carousel, and Google Tag Manager for analytics and marketing. The site is mobile-optimized and includes cookie consent mechanisms, indicating awareness of privacy regulations. However, explicit security headers are not detected, and WHOIS data is unavailable, which slightly impacts transparency and trust. From a security perspective, the site uses HTTPS and has implemented cookie consent and form validation, but lacks visible advanced security policies or incident response information. No vulnerabilities or suspicious content were detected. Overall, the site presents a secure and professional front but could improve in security header implementation and WHOIS transparency. The overall risk assessment is moderate to low, with recommendations to enhance security headers, update libraries regularly, and provide clearer security policies to strengthen trust and compliance.

C

Crypto Kingdom s.r.o.

cryptokingdom.tech

48

Crypto Kingdom s.r.o. operates a Czech and Slovak focused cryptocurrency education and trading platform, offering services such as trading signals, educational courses, workshops, and community support. Established in 2017, it positions itself as a leading crypto community in the region, targeting a broad audience from beginners to advanced traders and investors. The website is professionally designed with good navigation and mobile optimization, leveraging modern technologies including Bootstrap, jQuery, and various tracking and marketing tools. Security posture is solid with HTTPS and reCAPTCHA implemented, though improvements in security headers and DNSSEC are recommended. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Overall, the business appears credible and trustworthy with active social media presence and partner affiliations.

P

PuzzleWebs s.r.o.

podniknito.cz

69

Podnikni to! is a Czech educational platform dedicated to supporting aspiring entrepreneurs through workshops, community building, and practical business guidance. Established in 2016, it has built a strong network of regional partners including universities, municipalities, and business organizations, positioning itself as a key player in entrepreneurship education in the Czech Republic. The website is professionally designed using Drupal 10, with modern front-end technologies and good mobile optimization. It employs standard tracking and marketing tools such as Google Analytics, Facebook Pixel, and Google Tag Manager, alongside a compliant cookie consent mechanism. Security posture is solid with HTTPS and session management, though additional security headers and explicit incident response policies could enhance trust. Overall, the site is trustworthy, content-rich, and well-positioned to serve its target audience of entrepreneurs and business starters.

L

Liapor s.r.o.

liapor.cz

47

Liapor s.r.o. is a medium-sized manufacturing company based in the Czech Republic specializing in lightweight aggregate building materials, concrete products, and prefabricated construction systems. The company serves construction professionals, homeowners, and garden enthusiasts with a broad product portfolio including keramzit aggregate, concrete mixes, prefabricated ceilings, and garden architecture products. Their market position is supported by a professional website and a wide European presence through multiple country-specific subsidiaries. Technically, the website uses a modern but somewhat dated technology stack including jQuery 1.12.3 and Slick Carousel, with Google Tag Manager for analytics and marketing. The site is mobile optimized and SEO friendly, though accessibility could be improved. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, but the use of an outdated jQuery version and missing security headers are areas for improvement. WHOIS data is unavailable, which slightly reduces domain trustworthiness. Overall, the website is professional, compliant with GDPR, and trustworthy for its business domain.

N

National Association of REALTORS

realtorparty.realtor

62

The National Association of REALTORS operates the REALTOR Party website as a comprehensive platform for real estate advocacy, community outreach, and political engagement. The organization is a leading national entity in the real estate sector, providing extensive resources, training, and campaign services to REALTORS and affiliated associations. The website reflects a mature digital presence with a focus on promoting homeownership and property investment through coordinated advocacy efforts. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for enhanced user experience and functionality. The site is mobile optimized and incorporates multiple analytics and tracking tools, indicating a data-driven approach to user engagement and marketing. However, some security best practices such as explicit security headers and cookie consent mechanisms could be improved. From a security perspective, the site enforces HTTPS and uses anti-spam measures like Akismet. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the organization's identity, reinforcing domain legitimacy. Privacy policies and terms of service are present and comprehensive, supporting compliance with GDPR and other regulations. Overall, the website demonstrates a strong business credibility and professional online presence, with minor areas for enhancement in privacy compliance and security hardening. The risk profile is low, and the site serves as a trustworthy resource for its target audience.

G

get.realtor

get.realtor

67

get.realtor is a specialized online platform backed by the National Association of REALTORS® (NAR) that provides real estate professionals with domain registration and website building services tailored to their industry. The platform offers free and premium real estate websites, domains (.realtor and .realestate), and business tools such as Google Workspace and professional email. The website is professionally designed, mobile optimized, and includes strong trust signals such as customer testimonials and ADA compliance. Technically, it leverages HubSpot CMS and integrates multiple analytics and marketing tools, ensuring a modern and performant user experience. Security posture is strong with HTTPS, security headers, and privacy compliance, though explicit security policies and incident response information are not publicly detailed. Overall, the website and business demonstrate high legitimacy, professionalism, and market positioning within the real estate sector.

O

Office of Inspector General, U.S. Department of the Interior

doioig.gov

72

The Office of Inspector General for the U.S. Department of the Interior operates as a federal government oversight agency focused on auditing, investigating, and evaluating the Department's programs to prevent fraud, waste, and abuse. The website serves as a transparent platform for reporting, whistleblower protection, and dissemination of reports and news, targeting government employees, contractors, and the public. Technically, the site is built on Drupal 10 with modern libraries and is well-optimized for mobile and accessibility, though some security headers could be improved. The security posture is strong with HTTPS and vulnerability disclosure policies, but privacy compliance could be enhanced with cookie consent mechanisms. WHOIS data is limited due to .gov domain policies but the site’s content and branding strongly affirm its legitimacy. Overall, the site is professional, trustworthy, and serves an essential government function.

M

MicronesiaTour.com

micronesiatour.com

55

MicronesiaTour.com serves as the official travel and tourism website for the Micronesia region, including Guam, Northern Mariana Islands, Palau, FSM, and Marshall Islands. It provides comprehensive travel information, destination guides, event announcements, and cultural insights aimed at attracting tourists and promoting regional tourism. The website is positioned as a key regional tourism portal with a clear focus on hospitality and government tourism sectors. Technically, the site is built on Drupal 7 with a range of JavaScript libraries and integrates Google Analytics for visitor tracking. While the site is mobile-optimized and well-structured, it uses some outdated libraries and lacks advanced security headers and cookie consent mechanisms. The domain is well aged and registered with a reputable registrar, enhancing its credibility. However, the absence of explicit contact information and privacy compliance features are notable gaps. Overall, the website is functional and professional but would benefit from security and privacy improvements.

P

Pacific Islands Small Business Development Center Network (PISBDCN)

pacificsbdc.com

60

Pacific Islands Small Business Development Center Network (PISBDCN) is a government-affiliated non-profit organization operating under the University of Guam. It provides vital business development services including training, counseling, and resource networking to small businesses across the U.S. affiliated Pacific Islands. The website reflects a mature and well-established entity with a clear mission to foster economic growth in the region. The business model is service-oriented, funded partly by the U.S. Small Business Administration, and targets small business owners and entrepreneurs in the Pacific Islands. The site offers extensive resources, event registrations, and success stories, positioning itself as a key regional economic development player. Technically, the website is built on Drupal CMS with modern JavaScript libraries and integrates third-party services such as Google Analytics and Tawk.to for analytics and live chat support. The site is mobile-optimized and accessible, with good SEO practices. Hosting and DNS are managed via Cloudflare, providing performance and security benefits. However, DNSSEC is not enabled, and there is no explicit cookie consent mechanism, which are areas for improvement. Security posture is solid with HTTPS enforced and domain transfer locked, but lacks advanced security headers like CSP and a public vulnerability disclosure policy. No incident response or security contact information is provided. Privacy compliance is basic, with a privacy policy present but no cookie consent banner. Overall, the site is trustworthy and professional, with minor gaps in privacy and security best practices. The overall risk is low, but strategic improvements in security headers, DNSSEC, and privacy compliance would enhance trust and regulatory adherence. The domain WHOIS data supports legitimacy with consistent registration details and a long operational history since 2003.

C

CCA Global Partners

ccaglobalpartners.com

53

CCA Global Partners is a cooperative organization dedicated to empowering independent, family-owned businesses primarily in the retail and home improvement sectors. Their business model focuses on providing scale, resources, and innovation to help these businesses compete effectively against large corporate entities. The website presents a professional and comprehensive overview of their brands, services, and mission, targeting entrepreneurs and family business owners. Technically, the site is built on WordPress with modern plugins and technologies, offering good performance and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. The absence of WHOIS data is a notable concern for domain transparency but does not detract significantly from the overall trustworthiness given the professional content and branding.

G

HPV vorbeugen » Generation Selbstbestimmt

gemeinsam-gegen-hpv.at

69

The website gemeinsam-gegen-hpv.at is a public health information portal focused on HPV prevention and vaccination awareness in Austria. It provides educational content about the HPV virus, associated diseases, prevention methods, vaccination locations, and information tailored for children, adolescents, and adults. The site targets the Austrian population with content in German and aims to promote HPV vaccination to reduce cancer risks. Technically, the site is built on Drupal 10 CMS, uses modern JavaScript libraries like Alpine.js, and integrates Google Tag Manager for analytics. The site is mobile-optimized, accessible, and has a clear navigation structure, contributing to a good user experience. Security-wise, the site enforces HTTPS and implements a cookie consent mechanism via OneTrust, but lacks explicit security headers and detailed privacy policy documentation. WHOIS data is unavailable from NIC.AT, limiting domain registration verification. Overall, the site appears professional and trustworthy for public health information but would benefit from enhanced transparency regarding privacy and contact information.

N

Nauru Airlines

nauruair.com

58

Nauru Airlines is a regional airline operating in the Central and South Pacific, providing scheduled passenger flights, freight services, charters, and ACMI leasing. The airline connects Nauru with key regional hubs including Brisbane, Nadi, Majuro, and others, serving both leisure and business travelers. The website reflects a well-established business with over 50 years of operation, emphasizing safety, service excellence, and regional connectivity. Technically, the website employs modern tracking and marketing technologies such as Google Tag Manager, Facebook Pixel, and Cookiebot for consent management. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies. WHOIS data is missing, which reduces transparency and trustworthiness, though the website content and branding appear legitimate. Overall, the site is professional and trustworthy but could improve in security transparency and contact information availability.

J

Jihočeské divadlo, p.o.

otacivehlediste.cz

52

Jihočeské divadlo operates the Otáčivé hlediště website, providing professional theatrical performances including ballet, opera, drama, and small theatre productions primarily in the Czech Republic. The organization targets a broad audience interested in cultural and artistic events, offering ticket sales integrated through a third-party platform. The website is well-structured, professionally designed, and supports multiple languages, enhancing accessibility and user experience. Social media integration and event promotion are strong, supporting audience engagement and marketing efforts. Technically, the site uses modern JavaScript libraries and tracking tools such as Google Tag Manager and Facebook Pixel, with HTTPS enforced for secure communications. However, the absence of WHOIS data limits domain registration transparency, which slightly impacts trust assessment. Privacy and cookie policies are present and indicate GDPR compliance, though terms of service and incident response information are missing. Overall, the site demonstrates a solid digital presence for a regional cultural institution with room for improvement in security headers and transparency documentation.

Bread Financial is a technology-forward financial services company offering a range of products including credit cards, personal loans, savings accounts, and payment solutions tailored for both personal and business customers. The company maintains a strong market presence with partnerships for branded credit cards such as AAA, NFL, Victoria’s Secret, and Ulta Beauty. Their website reflects a professional and consistent brand image with comprehensive product information and financial education resources. Technically, the site is built on Adobe Experience Manager, leveraging modern analytics and marketing tools such as Adobe Target and OneTrust for cookie consent, ensuring a mature digital infrastructure. Security posture is solid with HTTPS and privacy compliance mechanisms in place, though some security headers and explicit incident response contacts are not evident. The absence of WHOIS data for the domain raises minor concerns but does not detract significantly from the overall legitimacy given the professional content and external references. Strategic recommendations include enhancing security header implementation and publishing a vulnerability disclosure policy to further strengthen trust.

G

Guam Visitors Bureau

guamvisitorsbureau.com

50

The Guam Visitors Bureau operates as the official tourism authority for Guam, providing comprehensive data, marketing, and visitor safety resources to promote tourism and support industry stakeholders. The website serves as a central hub for tourism statistics, industry updates, procurement opportunities, and membership information, targeting both local businesses and visitors. Technically, the site is built on Drupal CMS with modern JavaScript libraries and integrates Google Analytics and Google Translate for analytics and multilingual support. The site is hosted behind Cloudflare DNS and uses HTTPS with domain locking for security. While DNSSEC is not enabled and no explicit security or incident response policies are published, the overall security posture is solid with no critical vulnerabilities detected. The website demonstrates good content quality, accessibility, and SEO practices, with clear navigation and professional branding consistent with a government entity. Contact information and social media presence further enhance trust. Recommendations include enabling DNSSEC, publishing security policies, and adding vulnerability disclosure mechanisms to improve security transparency and compliance.

R

REALDOMUS s.r.o.

realdomus.cz

10

REALDOMUS s.r.o. is a professional real estate agency operating primarily in České Budějovice, Prague, and surrounding regions in the Czech Republic. The company offers comprehensive real estate services including property sales, rentals, legal and financial advisory, supported by a team of 19 professionals with over 14 years of experience. Their market position is strengthened by membership in the Realitní komora and a strong portfolio of client testimonials, reflecting high customer satisfaction and trust. Technically, the website employs a modern technology stack including Bootstrap, jQuery, Google Maps API, and various marketing and analytics tools such as Google Analytics, Facebook Pixel, and Hotjar. The site is mobile-optimized, well-structured, and provides a good user experience with clear navigation and professional design. Privacy and cookie policies are implemented with consent mechanisms, indicating compliance with GDPR requirements. From a security perspective, the website uses HTTPS and implements Google reCAPTCHA to protect forms from bots. However, explicit security headers are not clearly detected, and no public security or incident response policies are available. The absence of WHOIS data reduces domain trustworthiness, but the website content and business information appear legitimate and professional. Overall, REALDOMUS presents a credible and professional online presence with good technical and privacy practices. The main risk lies in the lack of WHOIS transparency and limited public security policy disclosures. Strategic improvements in security headers and incident response visibility would enhance trust and compliance.

J

Jihočeské divadlo

jihoceskedivadlo.cz

54

Jihočeské divadlo is a professional theatre company based in the Czech Republic, offering a diverse range of performing arts including drama, opera, ballet, and small theatre productions. It serves a regional audience with performances both at home venues and touring other cities, including seasonal shows at the Otáčivé hlediště in Český Krumlov. The website is well-structured and content-rich, providing detailed program calendars and ticket purchasing options integrated with trusted third-party platforms. Technically, the site uses modern JavaScript libraries and Google services for analytics and search, with a cookie consent mechanism in place, though explicit privacy and terms policies are not found. Security posture is good with HTTPS enforced but could be improved by adding security headers and publishing security policies. The absence of WHOIS data limits domain trust analysis, but the site appears legitimate and professionally maintained.

G

GuamWEBZ

guamalerts.com

62

GuamWEBZ is a well-established technology company based in Guam, specializing in comprehensive web design, development, digital marketing, and software solutions. With over 21 years of experience, they serve a diverse clientele including government agencies, non-profits, and private sector businesses. Their service portfolio is extensive, covering website and mobile app development, e-commerce, CRM solutions, and tourism destination marketing. Technically, the website is built on Drupal CMS with modern JavaScript libraries and is mobile optimized, reflecting a mature digital infrastructure. Security posture is generally good with HTTPS enabled and client-side validation, but lacks some advanced security headers and explicit privacy and cookie policies. The absence of WHOIS data is a notable anomaly, though the website's content and client references support its legitimacy. Overall, GuamWEBZ presents as a credible and professional digital solutions provider with room for improvement in transparency and security best practices.

G

GuamWEBZ

guamwebz.com

62

GuamWEBZ is a well-established technology service provider based in Guam, specializing in comprehensive web design, app development, digital marketing, and IT solutions for a diverse clientele including government agencies, non-profits, and private sector businesses. With over 21 years of experience, the company holds a strong market position locally and extends its services globally. The website reflects a mature digital infrastructure built on Drupal CMS, enhanced with modern JavaScript libraries and accessibility features. Security posture is solid with HTTPS and client-side validation, though improvements are recommended in DNS security and published security policies. Privacy compliance is limited due to absence of privacy and cookie policies. Overall, GuamWEBZ presents a credible and professional online presence with strong business credibility and technical maturity.

M

Match Group

mtch.com

64

Match Group is a leading global innovator in online dating and social connection technology, operating a portfolio of apps and platforms that serve diverse audiences worldwide. Founded in 2000, the company emphasizes inclusivity, safety, and privacy in its offerings, aiming to create meaningful connections across all demographics. The website reflects a mature, professional business with strong branding and comprehensive policies supporting user trust and compliance. Technically, the site is built on WordPress with modern SEO and accessibility features, leveraging trusted third-party libraries and consent management tools. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in DNSSEC and security headers. Overall, the domain registration and website content align well, indicating a legitimate and established enterprise.

Bread Financial is a large financial services company specializing in credit cards, personal loans, savings products, and payment solutions. The company positions itself as a tech-forward organization offering simple and competitive financial products for both personal and business customers. Their website demonstrates a strong market presence with multiple branded credit card programs and partnerships with well-known brands such as American Express, AAA, NFL, Victoria’s Secret, and Ulta Beauty. The company leverages Adobe Experience Manager as its CMS and integrates advanced marketing and analytics tools from Adobe and other providers to optimize user experience and engagement. Security posture is generally strong with HTTPS enforcement and privacy compliance, though explicit security policies and incident response contacts are not published. The absence of WHOIS data reduces transparency but does not detract significantly from the overall legitimacy based on website content and external references. Strategic recommendations include enhancing security header implementation, publishing vulnerability disclosure and incident response information, and improving WHOIS transparency to strengthen trust and compliance.