Security Directory

S

Centrum.cz: Fandíme dobrému obsahu

stdout.cz

0

Centrum.cz is a prominent Czech internet portal providing a variety of services including email, current news, weather updates, and search functionalities. It serves a broad Czech audience seeking reliable and timely information. The website leverages modern web technologies such as React and Next.js, ensuring a responsive and user-friendly experience. The presence of multiple reputable news sources and professional design indicates a mature digital presence. Security-wise, the site enforces HTTPS and includes essential security headers, reflecting a good security posture. However, the absence of explicit privacy and cookie policies, as well as contact information, suggests areas for compliance and transparency improvement. Overall, Centrum.cz appears to be a trustworthy and well-established media portal with room to enhance privacy compliance and user trust through clearer policy disclosures.

CEES HARTMAN is a small Dutch business specializing in website creation, online marketing, photography, and video production services. The company uses WordPress as its platform and collaborates closely with clients to design websites that reflect their branding and needs. The website showcases a portfolio of client projects, indicating a focus on small to medium-sized clients. Technically, the website is built on a modern WordPress stack with Elementor and the Customizr theme, providing a responsive and user-friendly experience. However, the site lacks privacy and cookie policies, and no explicit contact emails or phone numbers are provided, which may affect user trust and compliance. Security posture is moderate with HTTPS enabled but missing important security headers. Overall, the site is professional and safe but could improve in privacy compliance and security best practices.

U

Upbooking

upbooking.lu

0

Upbooking is a Luxembourg-based online platform dedicated to the recycling and exchange of used school books, promoting environmental sustainability and offering incentives such as vouchers for new book purchases. The platform targets students and families within Luxembourg, supported by government initiatives as evidenced by the presence of the Luxembourg government logo. Technically, the website is built on WordPress with a custom theme, uses modern tools like Google Tag Manager and Axeptio for cookie consent, and implements good accessibility features. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is strong with comprehensive policies and cookie consent mechanisms in place. Overall, the website is professional, trustworthy, and well-aligned with its educational and governmental mission.

P

Prva sušačka hrvatska gimnazija u Rijeci

pshg.net

0

Prva sušačka hrvatska gimnazija u Rijeci is a Croatian secondary school providing general and specialized education including classical ballet and contemporary dance programs. The institution is well-established with a domain age since 2007 and holds Erasmus accreditation, indicating active participation in European educational programs. The website serves students, parents, and educators with relevant news, schedules, and contact information. Technically, the site uses standard web technologies such as HTML5, CSS3, jQuery, and Font Awesome, hosted under a reputable registrar. The site is moderately optimized for performance and mobile use, with clear navigation and consistent branding. Security posture is moderate; while HTTPS is assumed, no advanced security headers or DNSSEC are implemented, and no cookie consent mechanism is present, which may affect compliance with privacy regulations. Overall, the site is trustworthy and professional but could improve in security and privacy compliance.

Energetska zadruga "Otok Krk" is a small Croatian energy cooperative focused on promoting renewable energy and energy independence on the island of Krk. The cooperative provides consulting, project support, collective purchasing, and education services to local residents and businesses. Their website reflects a community-oriented business model with clear contact information and active social media presence. Technically, the site uses common web technologies such as jQuery, Bootstrap, and Owl Carousel, providing a moderate performance and good mobile optimization. Security posture is moderate with HTTPS usage but lacks explicit security headers and incident response policies. Privacy compliance is basic with privacy and cookie policies present but no consent mechanism. Overall, the website is professional and trustworthy, with a legitimacy score supported by consistent WHOIS data and domain age.

G

Galaksija

galaksija.hr

0

Galaksija.hr is a Croatian online magazine focused on popularizing science across various disciplines including natural sciences, technology, social sciences, ecology, and medicine. The website offers news articles, blogs, multimedia galleries, and videos targeting a general audience interested in science and education. The business model appears to be content publishing supported by advertising and partnerships with related portals. Technically, the site uses a custom CMS with common web technologies such as jQuery, Bootstrap, and Flexslider, and integrates analytics tools like Google Analytics, Histats, and Mixpanel. The site is accessible via HTTPS and includes a login form for registered users, but lacks advanced security headers and explicit GDPR cookie consent mechanisms. No incident response or security contact information is provided, which could be improved to enhance trust and compliance. Overall, the website is professionally designed with good content quality and moderate technical implementation, suitable for its niche media role.

E

Eko Kvarner

ekokvarner.hr

0

Eko Kvarner is a Croatian non-profit environmental organization focused on promoting sustainable energy, climate change awareness, and ecological protection in the Kvarner region. The website serves as an information hub providing news, activities, projects, and educational resources to local communities and stakeholders interested in environmental issues. The organization appears well-established with a domain registered since 2012 and clear contact information including physical address, phone numbers, and email. The site content is primarily in Croatian and targets regional audiences. Technically, the website uses an older CMS platform called Galaksija and relies on legacy JavaScript libraries such as jQuery and Fancybox. While the site is accessible and contains meaningful content, it loads some external scripts over unsecured HTTP, which introduces mixed content risks. The site lacks modern security headers and advanced privacy or cookie consent mechanisms, indicating room for improvement in security and compliance maturity. Hosting is provided by Totohost, a Croatian hosting provider, and the domain registrar is CARNET, a reputable Croatian academic network. From a security perspective, the site uses HTTPS but does not implement additional security headers or content security policies. No incident response or security policy pages are found, and no vulnerability disclosure or security.txt files are present. The WHOIS data is consistent with the website's business profile and geographic location, supporting legitimacy. No suspicious or malicious indicators were detected. Overall, the website is functional and provides valuable content for its target audience but would benefit from technical modernization, improved security practices, and enhanced privacy compliance to strengthen trust and resilience against threats.

G

Gemeindeamt Markt St. Martin

marktstmartin.at

0

The website marktstmartin.at serves as the official online presence of the Gemeindeamt Markt St. Martin, a municipal government entity in Austria. It provides comprehensive information about the community, including news, events, municipal services, tourism, and contact details. The site targets local residents and visitors, offering a user-friendly platform to access essential community resources and updates. The business model is typical of a government website, focusing on public service and community engagement rather than commercial activities. Technically, the website employs a modern but straightforward technology stack including jQuery, Tether, Bootstrap, and PhotoSwipe for image galleries. The site is mobile responsive and well-structured, with good SEO and accessibility basics. Performance is moderate, and the site uses HTTPS, although explicit security headers are not detected. Google Analytics is included but commented out, indicating a cautious approach to user tracking and privacy. From a security perspective, the site demonstrates a basic but adequate posture. There are no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, consistent with GDPR requirements. Overall, the website is trustworthy and professional, reflecting the legitimacy of a local government entity. It effectively balances user experience, content quality, and privacy considerations. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility compliance to further strengthen the site's security and compliance posture.

EM-Immobilien is a small real estate company based in Vienna, Austria, specializing in property management and brokerage services. The website serves as a basic informational portal targeting individuals and businesses seeking real estate services locally. The company branding is moderately consistent, with a focus on personal and individual service as indicated by the tagline and logo. The website content is primarily in German and includes references to key services such as property management and real estate brokerage. However, the site lacks comprehensive business contact details and formal privacy or terms of service documentation.

Mic Dorin Bau GmbH is a small, family-run construction company based in Austria, specializing in residential building services including shell construction, facades, outdoor areas, and renovations. With over 10 years of experience, the company targets private homeowners and clients seeking personalized construction solutions. The website reflects a professional and consistent brand image, providing clear contact information and a user-friendly interface. Technically, the site is built using modern frameworks like React and Phenomic, with Google Analytics integrated for visitor tracking and a cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and incident response disclosures are recommended. Overall, the domain registration data aligns well with the business claims, indicating a legitimate and trustworthy entity.

LingOA is a foundation dedicated to supporting Diamond Open Access journals in the field of linguistics, hosting 45 journals and publishing over 600 articles annually. The website is built on WordPress using the Enfold theme and employs modern web technologies such as jQuery and Google Fonts. The site is accessible, mobile-optimized, and presents a professional design tailored to an academic audience. However, it lacks explicit privacy, cookie, and terms of service policies, as well as detailed contact information, which impacts its compliance and trustworthiness scores. From a security perspective, the website uses HTTPS, ensuring encrypted communication, but does not implement common security headers, which could improve protection against certain web attacks. No vulnerability disclosure or incident response information is provided, which is a gap for transparency and security readiness. The absence of WHOIS registrant data is due to EURid's privacy policies for .eu domains, which is typical and justified for this type of non-profit academic entity. Overall, the website is safe, professional, and serves its niche academic community well but would benefit from enhanced privacy compliance and security best practices to improve trust and regulatory adherence.

Mathematics in Open Access (MathOA) is a non-profit foundation dedicated to promoting Fair Open Access principles in the mathematics scholarly publishing community. The organization supports the creation and transition of mathematics journals to Diamond Open Access models, providing funding, advisory services, and community engagement. The website reflects a focused academic mission with endorsements from notable scholars and support from reputable institutions. Technically, the site is built on WordPress with a modern theme and standard libraries, offering good mobile optimization and SEO practices. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers and formal policies are absent. The lack of privacy and cookie policies indicates compliance gaps that should be addressed to meet GDPR and other regulations. WHOIS data is unavailable or malformed, limiting domain trust verification, but the website content and external references support legitimacy. Overall, the site is professional, content-rich, and trustworthy within its niche, but could improve privacy compliance and security transparency.

S

SCRIPT

heydoo.lu

0

Heydoo.lu is an official educational content platform operated under the auspices of Luxembourg's Ministry of National Education, Childhood and Youth, branded as SCRIPT. The platform aggregates a wide range of educational materials including publications, audio, video, apps, and websites, targeting students, teachers, parents, and educators. It supports multilingual content in Luxembourgish, French, and German, enhancing accessibility for its diverse audience. The website is built on Drupal 10 with modern UI frameworks and integrates analytics tools such as Google Analytics and Facebook Pixel for user behavior insights. Technically, the site demonstrates a solid infrastructure with good mobile optimization, accessibility, and SEO practices. Security posture is adequate with HTTPS enforced and anti-bot measures, though some security headers could be improved. Privacy compliance is strong, featuring comprehensive privacy and cookie policies aligned with GDPR requirements. Contact information is primarily provided via a contact form, with no direct emails or phone numbers publicly listed. The absence of WHOIS data due to a malformed domain query limits domain registration trust analysis. However, the official government affiliation and quality content strongly support the site's legitimacy. No adult or questionable content is present, making it safe for general audiences. Overall, Heydoo.lu is a credible, well-maintained educational resource platform with room for minor security enhancements.

I

Istra Bike

istria-bike.com

0

Istra Bike is an official regional cycling tourism portal for the Istria region in Croatia, providing comprehensive information on bike trails, accommodation, events, and related services. The website targets cycling tourists and outdoor enthusiasts, positioning itself as a key resource for promoting cycling tourism in the area. The platform offers detailed trail information, event calendars, multimedia content, and service listings such as bike rentals and transport. Technically, the website employs modern web technologies including Bootstrap 5, jQuery, Slick Carousel, and Lightbox2, ensuring a responsive and user-friendly experience. The site is served over HTTPS and includes cookie consent mechanisms, indicating awareness of privacy regulations. However, some security best practices such as explicit security headers and detailed security policies are missing. From a security perspective, the site maintains a good baseline with HTTPS and cookie consent but lacks advanced security headers and incident response information. The absence of WHOIS data for the domain raises concerns about domain registration transparency, although the website content and partner affiliations suggest legitimacy. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professionally designed and functional, with good content quality and user experience. The main risk lies in the missing WHOIS registration data, which slightly reduces trustworthiness. Strategic improvements in security headers, transparency policies, and domain registration clarity are recommended to enhance trust and compliance.

Istra Trails is an official regional tourism website focused on promoting cycling trails, accommodation, and events in the Istrian peninsula, Croatia. The site targets tourists and outdoor enthusiasts seeking detailed trail information and related services. It maintains a consistent brand presence with partner tourism companies and active social media channels. Technically, the website uses a mix of legacy and modern technologies including jQuery, Google Analytics, Facebook SDK, and Google Maps API v2, with moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but lacks DNSSEC and security headers, and uses deprecated APIs. Privacy compliance is addressed with a privacy policy and cookie consent banner, though terms of service and incident response policies are absent. Overall, the site is trustworthy and professionally maintained but could improve security and compliance aspects.

M

MXGP Czech republic 26.-27.7.2025 - Home

mxgploket.com

0

The website www.mxgploket.com serves as an informational portal for the MXGP Czech Republic motocross event scheduled for July 26-27, 2025. It provides event details, ticketing links, accommodation, maps, and contact navigation. The site targets motocross enthusiasts and event attendees primarily in the Czech Republic region. Technically, it is built on Joomla CMS with standard web technologies including jQuery, Bootstrap, and Google Maps API integration. The site includes Google Analytics for visitor tracking but lacks visible privacy or cookie policies, which is a compliance gap. Security posture is basic with no detected security headers or advanced protections. WHOIS data for the domain is unavailable, raising concerns about domain registration legitimacy. Overall, the site is functional but requires improvements in privacy compliance, security hardening, and domain legitimacy verification.

Z

ZONER, a.s.

zonerai.com

0

Zoner AI Image Creator is a recently launched online platform by ZONER, a.s., offering free and easy-to-use AI-powered image generation with 4K resolution. The service targets general users interested in creative AI-generated images and is accessible globally via web browsers. The website is built using modern web technologies including Material UI and JavaScript ES modules, hosted likely on infrastructure associated with ZonerCloud. The domain is newly registered in 2023, consistent with the launch of this new service. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, indicating room for compliance improvements.

W

Wiener Städtische Versicherungsverein

wst-versicherungsverein.at

0

Wiener Städtische Versicherungsverein is a medium-sized Austrian non-profit organization dedicated to promoting art, culture, and social engagement. The website reflects a well-established entity with a clear focus on cultural exhibitions, social initiatives, and community involvement. Their market position is that of a reputable cultural non-profit with partnerships in the arts and academic sectors. The website is built on a modern WordPress platform with relevant plugins for SEO and user interaction, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and headers. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, serving a general audience interested in cultural and social topics.

The website online.hafanplus.cz is an online platform offering pet insurance products primarily targeting dog owners in the Czech Republic. The site provides forms to collect pet and insurance information and offers optional add-ons for working and special dogs. The business model focuses on direct online insurance product offerings with a simple user interface. Technically, the site uses modern frontend technologies including React, Ant Design, and Bootstrap frameworks, with Google Tag Manager for analytics. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is basic; HTTPS is assumed but no security headers were detected, and no explicit security or incident response policies are published. Privacy compliance is partially addressed via a cookie consent banner and a linked privacy policy page. However, no contact information or business registration details are provided, and WHOIS data is unavailable, which reduces trustworthiness. Overall, the site is functional and safe but would benefit from enhanced transparency, security practices, and business credibility disclosures.

S

Solar Action Alliance

solaractionalliance.org

0

Solar Action Alliance is a small environmental advocacy group focused on promoting solar energy as a clean, reliable, and abundant renewable energy source. The website provides comprehensive information on solar panel costs, financing options, and state-specific installation guides, targeting homeowners and environmentally conscious individuals in the US. The business model centers on education and advocacy, supported by donations and informational content. Technically, the site is built on WordPress with Bootstrap for responsive design, leveraging common plugins and tracking tools such as Google Analytics and Facebook Pixel. Hosting is provided by SiteGround, and the domain is registered since 2015, indicating a stable presence. Security posture is moderate with HTTPS enforced and some security best practices observed, but lacks advanced security headers and published policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from improved compliance and security transparency.

I

Info-Zenter Demenz

demence.lu

0

Info-Zenter Demenz is a national information and consultation center based in Luxembourg, specializing in dementia and memory disorders. It serves affected individuals, their families, healthcare professionals, and the general public by providing free consultation services, educational events, and resources. The organization positions itself as a trusted authority in dementia care and information within Luxembourg, supported by government and community partnerships. The website is professionally designed, multilingual, and accessible, reflecting a strong commitment to user experience and inclusivity. Technically, the website is built on WordPress with modern web technologies including jQuery, Google Tag Manager, and Consent Magic for privacy compliance. Hosting is managed via EuroDNS nameservers, and the site employs HTTPS with reCAPTCHA for security. Accessibility features such as an accessibility toolbar are implemented, and SEO best practices are evident through structured data and meta tags. Security posture is solid with HTTPS and privacy consent mechanisms, though explicit security headers and a formal security policy are absent. No vulnerabilities or suspicious activities were detected. Privacy compliance is robust, with clear cookie and privacy policies and user consent management. Contact information is comprehensive and clearly presented. Overall, the website demonstrates a high level of professionalism, security awareness, and compliance, making it a trustworthy resource for its target audience. Strategic improvements could include adding explicit security headers and publishing a security incident response policy to further enhance trust and resilience.

C

culture.lu, Inc.

culture.lu

0

culture.lu is a specialized cultural portal serving the Luxembourg cultural community and enthusiasts. It offers a variety of content including articles, videos, podcasts, event listings, calls for participation, and job offers, positioning itself as a key media hub in the Luxembourg cultural sector. The website is built on Drupal 10 with modern web technologies and integrates social media and newsletter marketing tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though some HTTP security headers could be improved. Privacy compliance is well addressed with a clear privacy policy and cookie management. The absence of explicit contact information and terms of service pages is noted but does not significantly detract from overall credibility. The domain registration aligns well with the website's cultural and governmental affiliations, supporting legitimacy. Overall, culture.lu presents a professional, trustworthy, and content-rich platform for its target audience.

F

Free Journal Network

freejournals.org

0

Free Journal Network (FJN) is a small nonprofit organization based in the United States, founded in 2018, dedicated to promoting scholarly journals that adhere to the Fair Open Access model. The organization supports academic journals by facilitating coordination, funding, quality assurance, promotion, and advocacy for open access publishing without author fees. The website serves as an informational and organizational hub for members and interested parties in the scholarly publishing community. Technically, the website is built on WordPress, hosted by Bluehost, and uses common plugins and scripts such as Contact Form 7 and jQuery. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers, representing areas for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from enhanced security and privacy practices.

H

Hrvatsko meteorološko društvo

meteohmd.hr

0

Hrvatsko meteorološko društvo (HMD) is a well-established Croatian non-profit meteorological society dedicated to promoting meteorological science and practice. The website serves as an information hub for members and enthusiasts, offering news, events, project details, and membership services. The organization has a clear national presence with a domain registered since 2001 and consistent WHOIS data aligning with its Croatian roots. Technically, the website uses a traditional tech stack with jQuery and Google Analytics, but some libraries are outdated, posing potential security risks. Accessibility features are commendable, though mobile optimization is basic. Security posture is moderate with HTTPS usage but lacks visible security headers and cookie consent mechanisms, indicating partial GDPR compliance. Overall, the site is professional and trustworthy but would benefit from technical and compliance improvements.

S

SCHIOCCO LTD

board.support

0

Support Board is a technology company specializing in AI-driven chatbots and live chat support solutions primarily for WordPress and PHP platforms. The company offers products that automate customer communication, enhance marketing workflows, and improve customer service efficiency. With over 10,000 global clients and positive expert reviews, Support Board holds a strong position in the customer support software market. The website reflects a professional and modern digital presence with clear navigation and comprehensive content about their offerings. Technically, the site uses a modern tech stack including PHP, WordPress, Bootstrap, and jQuery, hosted on Google Cloud DNS infrastructure, delivering fast and mobile-optimized performance. Security posture is solid with HTTPS enforced and domain transfer protections, though improvements are possible by enabling DNSSEC and adding security headers. Privacy compliance is evident with clear privacy and terms of service pages, though cookie consent mechanisms are absent. Overall, the website and business demonstrate high credibility and trustworthiness with no critical security or content safety concerns.

The website empl.io appears to be a small business or startup registered in the US since 2019. The site is built on WordPress using Bootstrap 3.3.4 and the Yoast SEO plugin, indicating a basic level of technical infrastructure. However, the content is minimal with no visible privacy, cookie, or terms of service policies, and no contact information is provided. The technical setup lacks modern security headers and DNSSEC is not enabled, which are areas for improvement. The security posture is basic with no detected vulnerabilities but also no advanced protections. Overall, the site presents a low level of business credibility and privacy compliance, limiting trustworthiness. Strategic improvements in security, privacy policies, and contact transparency are recommended to enhance the site's professionalism and compliance.

A

APPKEE s.r.o.

appkee-manager.cz

0

APPKEE s.r.o. operates a Czech-language software platform focused on mobile application management and development, primarily targeting businesses and developers requiring app creation and management tools for iOS and Android. The company has established a consistent brand presence since its domain registration in 2020 and maintains a professional website with clear navigation and relevant business content. The platform leverages modern JavaScript libraries and the Nette Framework, hosted on Czech-based servers, indicating a localized and technically competent infrastructure. From a security perspective, the website employs client-side validation and uses HTTPS (implied though not explicitly confirmed in provided data). However, it lacks visible security headers such as Content Security Policy or HSTS, and no explicit cookie consent mechanism is present, which are areas for improvement. The absence of contact information and incident response details on the login page limits transparency and user trust. No signs of WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, the website demonstrates moderate technical maturity and business credibility but would benefit from enhanced security practices and privacy compliance measures. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in security headers, cookie consent, and contact transparency would strengthen the platform's trustworthiness and compliance posture.

E

Energylink s.r.o.

energylink.cz

0

Energylink s.r.o. is a Czech Republic-based company specializing in innovative energy technologies for buildings, including heating, cooling, hot water preparation, and electricity production. The company targets public administration, private firms, and residential building owners, positioning itself as a reliable provider of energy-efficient solutions. Their website reflects a professional and modern digital presence, utilizing Bootstrap and jQuery frameworks, with good mobile responsiveness and clear navigation. However, the absence of WHOIS data raises concerns about domain registration legitimacy, although the website content and contact details appear genuine and consistent with the business claims. Security posture is solid with HTTPS and no visible vulnerabilities, but the lack of security headers and privacy policies indicates room for improvement. Overall, the site is trustworthy and well-maintained but would benefit from enhanced compliance and transparency measures.

C

Casa dell'Aviatore

casaviatore.it

0

Casa dell'Aviatore is the official officers' club of the Italian Air Force, providing hospitality, event hosting, and accommodation services primarily targeting military officers and their guests. The website presents a professional image with detailed service offerings including restaurant, bar, congress hall, and hotel facilities. It also features event information and member services, positioning itself as a niche hospitality provider within the military community in Italy. Technically, the site is built on WordPress with a modern tech stack including Bootstrap and various plugins for galleries, booking, and multilingual support. The site is mobile optimized and SEO friendly, though some accessibility features are basic. Security posture is moderate with HTTPS enforced but lacking explicit security headers and running an outdated WordPress version, which could pose risks. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced security and privacy measures.

O

Opera Nazionale per i Figli degli Aviatori

onfa.org

0

ONFA (Opera Nazionale per i Figli degli Aviatori) is an Italian non-profit organization dedicated to providing social assistance and support to the children of aviators. The website serves as an informational and community platform targeting families connected to the aviation sector in Italy. The organization operates with a focused mission in the government and non-profit sectors, maintaining a small organizational size and a niche market position. The website is built on WordPress using the Divi theme, with integration of Iubenda for cookie consent management, reflecting a moderate level of digital maturity and compliance with privacy regulations such as GDPR. Technically, the website is hosted on a provider using Host Anycast DNS servers, secured with HTTPS, and employs modern web fonts and cookie consent scripts. Performance and mobile optimization are rated as moderate to good, with basic accessibility features. SEO practices appear adequate with proper meta tags and structured data. Security posture is decent with HTTPS enforced and domain transfer protections enabled, but could be improved by enabling DNSSEC and adding more comprehensive security headers and vulnerability disclosure mechanisms. Overall, the security posture is solid for a small non-profit, with no critical vulnerabilities detected. Privacy compliance is strong, supported by a comprehensive privacy and cookie policy with explicit consent mechanisms. However, the absence of terms of service, security policy, and incident response contact details indicates areas for improvement. The website content is safe and appropriate for a general audience, with no adult or questionable content. Strategically, ONFA should focus on enhancing security headers, publishing a security.txt file, and providing clearer contact information to improve trust and compliance. These steps will strengthen their security culture and better protect their community members.

A

Associazione Nazionale Famiglie Caduti e Mutilati dell'Aeronautica

anfcma.it

0

The Associazione Nazionale Famiglie Caduti e Mutilati dell'Aeronautica (A.N.F.C.M.A.) is a longstanding Italian non-profit association dedicated to supporting families of fallen and mutilated members of the Italian Air Force. The website serves as an informational and engagement platform, offering details about the association's history, mission, activities, staff, and contact information. It targets families of military personnel, researchers, and members of the association. The organization operates with a moral and supportive mission rather than commercial intent, providing scholarships, awards, psychological support, and legal assistance to its members. Technically, the website employs modern front-end technologies including Blazor, Bootstrap, and various JavaScript libraries for UI enhancements. The site is mobile-optimized with good navigation and content structure, though performance is moderate. The domain is relatively new (created in 2023) and recently expired, which poses a risk to availability and trust. No CMS or hosting provider details were identified. Privacy and cookie policies are present and GDPR compliance appears addressed, but no explicit security policies or incident response contacts are found. From a security perspective, the site uses HTTPS and DNSSEC is enabled, but lacks visible security headers and explicit security documentation. The expired domain status is a critical risk factor. No analytics or advertising scripts were detected, indicating a privacy-conscious approach. Overall, the website is professional and trustworthy but requires urgent domain renewal and enhanced security practices. Strategically, the association should prioritize domain renewal, implement security headers, document security policies, and establish incident response contacts to improve trust and resilience. Enhancing technical performance and accessibility would further benefit user experience.

M

MotoZem

motozem.cz

0

MotoZem.cz is a professional e-commerce retailer specializing in motorcycle apparel, accessories, and parts, targeting motorcycle enthusiasts primarily in the Czech Republic and neighboring countries. The website offers a broad catalog of products including clothing, helmets, gloves, and motorcycle parts, supported by physical stores in multiple cities. The company positions itself as a trusted regional player with a focus on secure and safe shopping experiences. Technically, the website employs modern web technologies including Google Tag Manager, Microsoft Clarity, and Luigisbox search tools, with responsive design and good SEO practices. Security posture is solid with HTTPS enforcement and secure form handling, though some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, enhancing user trust. However, the absence of WHOIS data for the domain introduces some uncertainty regarding domain registration transparency. Overall, the website is accessible, professional, and trustworthy with moderate risk due to missing domain registration details.

S

smart field s.r.o.

bohemiarider.cz

0

Bohemia Rider is a Czech Republic-based driving school operated by smart field s.r.o., specializing in personalized driving education for motorcycles and cars. The business emphasizes practical skills, individual attention, and community engagement through programs like the Buddy program. The website is professionally designed using WordPress and Elementor, featuring comprehensive service descriptions, instructor profiles, and transparent pricing. Social media integration and customer review widgets enhance trust and engagement. Technically, the site uses modern web technologies and enforces HTTPS, but lacks some security headers and privacy policies, which are recommended for compliance and security enhancement. WHOIS data is unavailable, which slightly impacts domain trust but does not detract from the professional presentation and legitimacy of the business.

W

Wojta Foto

wojta-foto.cz

0

Wojta Foto is a niche photography website specializing in speedway sports event photography, primarily serving audiences in the Czech Republic and Poland. The site showcases galleries of speedway races and related events, targeting speedway fans and photography enthusiasts. The business operates as a small entity founded in 2010, with a focus on content publishing and portfolio showcasing. Technically, the website is built on WordPress using common plugins such as NextGEN Gallery and Jetpack, hosted by Wedos, a Czech hosting provider. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but it lacks security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is safe for general audiences and maintains a moderate level of professionalism and trustworthiness.

SportPHOTO.cz is a professional sports photography agency specializing in capturing and providing images and insights from various global sports arenas. The website targets sports enthusiasts, media outlets, and event organizers, offering photographic content primarily in motorsport and other sports categories. The business operates in the Czech Republic and maintains a niche market position with a small-sized operation. The website content is well-structured and professionally presented, focusing on showcasing recent sports photography works and categorized galleries.

Z

ZAMG (Zentralanstalt für Meteorologie und Geodynamik)

naturkalender.at

0

Naturkalender.at is a citizen science platform operated under the auspices of the Austrian Central Institute for Meteorology and Geodynamics (ZAMG). It enables users to observe and record natural phenomena such as plants and animals throughout the year, contributing valuable data to climate research and phenology studies. The platform offers a dedicated mobile app for Android and iOS, fostering community engagement and scientific collaboration. The website is well-branded, consistent, and targets nature enthusiasts and researchers primarily in Austria. Technically, the site is built on Joomla CMS with Gantry 5 framework and uses modern UI components like Smart Slider 3. While the site is mobile optimized and provides a good user experience, some technical improvements are recommended, particularly in security headers and cookie consent mechanisms. The absence of WHOIS data limits full trust verification, but the affiliation with ZAMG and partner organizations supports legitimacy. Overall, the site presents a professional and trustworthy front for its niche scientific community.

S

Schweizer Skischule Lenk

lenksportundevents.ch

0

Schweizer Skischule Lenk is an official ski school located in the Adelboden-Lenk ski region of Switzerland, offering ski and snowboard lessons for all skill levels, including specialized children's courses and winter events. The business is positioned as a local expert in winter sports education, targeting ski enthusiasts and families visiting the Berner Oberland region. Their business model is service-oriented with online booking capabilities, supported by a professional and consistent brand presence. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries such as jQuery and Owl Carousel. It employs HTTPS with anonymized IP tracking in Google Analytics and includes a cookie consent mechanism compliant with GDPR. The site demonstrates good mobile optimization and SEO practices, although some security headers are missing, which could be improved. From a security perspective, the site uses HTTPS and cookie consent but lacks explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business location and claims, enhancing trustworthiness. Overall, the website is secure, compliant, and professionally maintained. The overall risk is low, with recommendations focusing on enhancing security headers, adding incident response details, and maintaining up-to-date third-party libraries to further strengthen security posture and compliance.

The website at xc-academy.com is currently non-operational, serving a 404 error page indicating no site configuration found. The domain is registered since 2008 through Ascio Technologies, Inc. Danmark, a registrar service provider, but no active business or content is present on the site. The detected CMS is TYPO3, as indicated by the error page branding. There are no privacy, cookie, or terms of service policies, nor any contact or security information available. The lack of content and security measures results in a very low trust and credibility score.

B

Bikeschule Klosters

bikeschuleklosters.ch

0

Bikeschule Klosters is a well-established mountain bike school located in Klosters/Davos, Switzerland, with a history dating back to 1931. The company offers a broad range of bike courses, camps, workshops, and private guiding services tailored for children, youth, and adults. Their business model focuses on experiential outdoor education and recreation, supported by an online booking platform. The website reflects a professional and consistent brand image with clear contact information and partner affiliations, positioning them as a trusted local service provider in the biking community. Technically, the website is built on TYPO3 CMS, utilizing modern web technologies such as jQuery, Owl Carousel, and Google Tag Manager for analytics. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with compressed assets and responsive design elements enhancing user experience. From a security perspective, the site enforces HTTPS with IP anonymization for analytics and a comprehensive cookie consent mechanism. However, it lacks explicit security headers and publicly available security or incident response policies. No vulnerabilities or exposed sensitive data were detected, indicating a solid security posture for a small business. Overall, the website is safe, professional, and trustworthy, with no adult or questionable content. The domain registration data aligns well with the business claims, reinforcing legitimacy. Strategic improvements could focus on enhancing security headers, publishing security policies, and expanding incident response transparency to further strengthen trust and compliance.

W

Waldhart Software

skischool.shop

0

Waldhart Software operates a specialized online platform providing e-commerce and booking solutions tailored for ski schools and snow sports schools primarily in Alpine regions. The website serves as a reference showcase for nearly 300 live client online shops, demonstrating a strong market presence in the niche retail sector for winter sports education and services. The business model focuses on B2B SaaS offerings, enabling ski schools to manage online bookings and sales effectively. Technically, the website employs modern JavaScript frameworks, likely Vue.js with the Quasar UI framework, and integrates Google Maps APIs for location services. Hosting is managed via profiwebspace.at, with domain registration through InterNetX GmbH in Austria. The site is served over HTTPS, ensuring encrypted communications, but lacks DNSSEC and security headers, which are recommended for enhanced security. Security posture is moderate; while HTTPS and domain transfer protections are in place, the absence of security headers and privacy/cookie policies indicates room for improvement in compliance and security best practices. No forms or contact details were found in the analyzed content, limiting direct user engagement and incident response capabilities. Overall, the website is professional and well-structured, targeting ski schools and related businesses with a clear value proposition. However, to strengthen trust and compliance, the addition of privacy and cookie policies, security headers, and clear contact information is advised.

S

Study in Prague Consortium

studyinprague.cz

0

Study in Prague is an educational information portal dedicated to providing comprehensive resources for international students interested in studying in Prague, Czech Republic. The website aggregates detailed information about Prague's universities, study programmes, admission requirements, visa processes, scholarships, and student life. It serves as a centralized platform supported by the Study in Prague Consortium and partners such as the Prague city government and tourism organizations. The target audience is international students seeking higher education opportunities in Prague. The business model focuses on information dissemination and promotion of Prague as a study destination.

The domain cine.cz is registered since 2015 with a recognized registrar, indicating a legitimate registration. However, the website content is completely inaccessible, displaying only a minimal message 'Missing index page or access denied!'. This suggests the site is either inactive, misconfigured, or access is restricted. No metadata, scripts, forms, or contact information are present, limiting any meaningful analysis of business operations or services. The lack of HTTPS information and security headers further indicates poor security posture. Overall, the site does not provide any user-facing content or compliance documentation, resulting in a very low trust and credibility score.

The website drias-climat.fr appears to be a climate-related informational site, likely affiliated with meteorological data services in France, as inferred from its nameservers pointing to meteofrance.fr. The domain is registered since 2011 and is active, indicating a stable presence. However, the accessible content is minimal, primarily a captcha verification page, with no visible privacy, cookie, or terms of service policies. There is no contact information or business details presented on the page. Technically, the site uses JavaScript and base64 encoded images but lacks modern web practices such as HTTPS enforcement and security headers. The overall user experience and content quality are poor, with limited navigation or engagement features.

Palmetto Podiatry Associates, LLC is a small healthcare provider specializing in comprehensive foot and ankle care based in Columbia, South Carolina. Established in 1999, the practice offers a range of podiatric services including surgical and non-surgical treatments. The website reflects a professional and consistent brand presence with clear contact information and trust indicators such as certifications and local awards. Technically, the site uses standard web technologies like jQuery and FontAwesome, with good mobile optimization and accessibility features via the UserWay widget. However, the absence of WHOIS data for the domain raises some concerns about domain registration transparency. Security posture is moderate with HTTPS implied but lacking explicit security headers and vulnerability disclosures. Privacy compliance is basic, with a HIPAA policy linked but no cookie consent or detailed privacy policy page. Overall, the site is functional and trustworthy from a business perspective but could improve in security and privacy transparency.

E

Eastern Sun Tours and Safaris

easternsuntours-safaris.com

0

Eastern Sun Tours and Safaris is a Tanzania-based tour operator specializing in safari and adventure travel services. Established in 2010, the company offers a range of services including wildlife safaris, Kilimanjaro climbing expeditions, Serengeti tours, and cultural experiences. The website positions the company as a premier operator with expert guides, targeting tourists interested in exploring Tanzania's natural and cultural treasures. Technically, the website is built on WordPress using Elementor, with integrations such as Google Site Kit for SEO and analytics. Hosting is provided by NameCheap, and the site uses HTTPS with a clientTransferProhibited domain status, indicating a stable and secure domain registration. However, DNSSEC is not enabled, and security headers are missing, which are areas for improvement. The security posture is moderate, with no visible vulnerabilities but lacking advanced security configurations. Privacy compliance is weak, as no privacy or cookie policies are found, and no consent mechanisms are implemented. Contact information is not explicitly presented, which may affect user trust and compliance. Overall, the website is professional and content-rich but would benefit from enhanced security and privacy practices to improve trust and compliance.

C

Compass Pools Deutschland GmbH

swimmingpool-kosten.de

0

Compass Pools Deutschland GmbH operates a German-language website offering high-quality ceramic swimming pools with an online configurator and pricing tool. The company targets residential customers in Germany seeking durable and well-insulated pools, leveraging a dealer network for construction services. The website is modestly designed with basic mobile optimization and clear navigation, but lacks advanced technical frameworks or CMS platforms. Security posture is moderate with concerns due to outdated jQuery usage and absence of security headers. Privacy compliance is basic with presence of privacy and cookie policies but no explicit consent mechanism. Overall, the site is functional and trustworthy but would benefit from technical and security improvements.

O

ORIENTAL.cz, s.r.o.

oriental.cz

0

ORIENTAL.cz, s.r.o. operates a specialized e-commerce platform and physical store focused on selling oriental and exotic goods including teas, clothing, accessories, and decorative items. The company targets customers interested in authentic oriental products and tea enthusiasts within the Czech Republic. The website is professionally designed with good navigation, mobile optimization, and clear contact information, supporting a positive user experience and trustworthiness. Technically, the site leverages modern marketing and analytics tools such as Google Analytics 4, Facebook Pixel, and Google Tag Manager, integrated within the Upgates e-commerce platform. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though some security headers and policies are not explicitly found. The absence of WHOIS registration data and explicit privacy policy documents slightly reduce transparency and compliance confidence. Overall, the site is functional, secure, and professionally managed but would benefit from enhanced compliance documentation and domain registration transparency.

C

Cottage Labs LLP

cottagelabs.com

0

Cottage Labs LLP is a UK-based technology company specializing in open access infrastructure, data visualisations, data repositories, bespoke software development, and consulting on project and data lifecycles. The company serves academic and research institutions, partnering with prestigious organizations such as CERN, University of Oxford, and Wellcome Trust, positioning itself as a trusted provider in the open data and research infrastructure sector. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its target audience. Technically, the site uses modern frameworks including Bootstrap and FontAwesome, with moderate performance and good mobile optimization. However, there is no evidence of a CMS or advanced analytics tools, indicating a custom or lightweight platform. Security posture is moderate; while HTTPS is presumably enabled (not explicitly confirmed), no security headers or vulnerability disclosures are present, and privacy and cookie policies are missing, which are critical for GDPR compliance. Overall, the site is trustworthy and professional but would benefit from enhanced security and privacy compliance measures.