Skip to main content

Is ofszlin.cz a Scam? Security Check Results - Okresní fotbalový svaz Zlín Reviews

O

Is ofszlin.cz Safe? Security Analysis for Okresní fotbalový svaz Zlín

https://ofszlin.cz

Check if ofszlin.cz is a scam or legitimate. Free security scan and reviews.

GovernmentCzech Republicsmall
WordPress 6.7.2jQueryPhoto Gallery pluginGoogle FontsPHP (implied by WordPress)
Analyzed 8/1/2025Completed 2:54:53 PM
59
Security Score
MEDIUM RISK

AI Summary

Okresní fotbalový svaz Zlín is a regional football association in the Czech Republic responsible for organizing football competitions, managing official communications, and supporting local football clubs and referees. The website serves as an information hub for schedules, official announcements, and contact directories, targeting football stakeholders in the Zlín district. The business operates as a non-profit entity within the government and sports sector, focusing on community sports development. Technically, the website is built on WordPress 6.7.2 with common plugins for galleries and UI enhancements. It uses HTTPS and Google Fonts, with jQuery as a JavaScript library. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. However, it lacks advanced security headers and privacy compliance mechanisms such as cookie consent and privacy policies. From a security perspective, the site enforces HTTPS but does not implement additional security headers or vulnerability disclosure mechanisms. No analytics or tracking scripts were detected, indicating minimal user tracking. Contact information is clearly provided, but the absence of privacy and cookie policies presents compliance risks under GDPR. WHOIS data confirms the domain's legitimacy and consistency with the organization's identity. Overall, the website is professional and trustworthy for its intended audience but requires improvements in privacy compliance and security best practices to enhance user trust and regulatory adherence.

Detected Technologies

WordPress 6.7.2jQueryPhoto Gallery pluginGoogle FontsPHP (implied by WordPress)

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

The organization holds a strong regional position as the official football governing body for the Zlín district, serving clubs, players, referees, and trainers. Its business model is non-profit, focusing on sports administration and community engagement. The website reflects a clear focus on football-related services including competition management, official documentation, and training resources. Partnerships with national and regional sports bodies and government entities strengthen its ecosystem. The absence of commercial advertising or affiliate programs aligns with its non-profit status. Growth indicators include regular updates of competition schedules and official announcements. The site’s content and structure support its role as a trusted information source within the local football community.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

o*****@ofszlin.cz

Phone Numbers (1)

608******

Physical Addresses (1)

Hradská č. 854, Zlín 760 01

Company Registration

Legal Name:

Okresní fotbalový svaz Zlín

Registration Number:

22883070

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a basic security posture with HTTPS enabled, ensuring encrypted communications. However, it lacks important security headers such as Content-Security-Policy, X-Frame-Options, and X-Content-Type-Options, which are recommended to mitigate common web vulnerabilities. No signs of exposed sensitive data or vulnerable libraries were found, but the absence of a vulnerability disclosure policy or security.txt file limits transparency and incident response readiness. The site does not appear to collect sensitive personal data beyond a search form, reducing attack surface. Overall, security practices are minimal but adequate for a non-commercial informational site. Enhancements in security headers and privacy compliance would improve the security maturity level.

Strategic Recommendations

Priority Actions for Security Improvement

1

Implement comprehensive privacy and cookie policies with clear GDPR compliance statements.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Okresní fotbalový svaz Zlín

Description:

District Football Association Zlín providing football competition schedules, official announcements, documents, referee delegations, and contact information for football clubs and trainers in the Zlín region.

Key Services:
Organization of football competitionsPublication of official announcements and documentsReferee and trainer directoriesFootball arena reservations for youth players
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
WordPress 6.7.2jQueryPhoto Gallery pluginGoogle FontsPHP (implied by WordPress)
Frameworks:
WordPress
Platforms:
Web
Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

basic

Security Assessment

Security Score:
70/100
Best Practices:
  • HTTPS enforced

Analytics & Tracking

Tracking Level:minimal
Privacy Compliance:poor

Advertising & Marketing

Transparency Level:poor

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:high

Key Observations

1

Website is a regional football association site with official content and announcements.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

15/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

10/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

EU business without adequate privacy measures

CRITICAL

EU businesses are subject to strict GDPR requirements

Third-party services without privacy policy

HIGH

Detected services: Google APIs

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

100/100
Score
No issues found
SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:spf.protection.outlook.com ~all
DKIM Selectors Found
Selector:dkim(1296-bit rsa)
DMARC Details
Policy:quarantine
Aggregate Reports:dmarc@ofszlin.cz
Forensic Reports:dmarc@ofszlin.cz
MTA-STS Details

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

67/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

Mixed Content Detected

MEDIUM

1 resources loaded over insecure HTTP

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

85/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Registration Details

Domain Age
20 years(mature)

DNS Records

A Records:185.129.138.110
Name Servers:
ns.forpsi.czDNS only
ns.forpsi.it
ns.forpsi.net
MX Records:
10: ofszlin-cz.mail.protection.outlook.com

DNSSEC Status

DNSSEC Not Enabled

SPF Analysis

SPF Record:
v=spf1 include:spf.protection.outlook.com ~all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on a modern WordPress CMS version 6.7.2 with jQuery and a photo gallery plugin. It uses Google Fonts and standard web technologies (HTML5, CSS3, JavaScript). The site is mobile responsive with good navigation clarity and consistent branding. Performance is moderate, with no major issues detected but potential for optimization exists. SEO is basic with meta tags and canonical links present but no advanced structured data or Open Graph tags found. Accessibility is basic with some ARIA attributes and screen-reader text but could be improved. No advanced hosting or CDN information was detected. Overall, the technical infrastructure is stable and suitable for the site’s purpose but could benefit from modernization and enhanced security configurations.
Analyze Another Website