Security Directory

Č

Český hokej

ceskyhokej.cz

48

Český hokej is the official national ice hockey federation of the Czech Republic, providing comprehensive information, news, and services related to Czech ice hockey. The website serves a broad audience including fans, players, coaches, referees, and other stakeholders, offering news updates, team details, ticket sales, fan engagement zones, and an official merchandise shop. The domain is well-established since 2001, reflecting a mature and authoritative presence in the sports sector. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript, and integrates analytics tools like Google Tag Manager and Facebook Pixel, ensuring good performance and user experience across devices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit privacy and security policies are not found in the provided content. Overall, the site demonstrates high professionalism, consistent branding, and trustworthy digital presence, with room for improvement in explicit privacy disclosures and contact information visibility.

B

Bohemia

bohemiahokej.cz

42

The website www.bohemiahokej.cz is a Czech-language promotional platform centered around interactive hockey-themed games and contests sponsored by Bohemia Chips. It targets Czech consumers interested in hockey and promotional sweepstakes, offering prizes such as cars and branded merchandise. The site features multiple interactive games, user registration with consent for data processing, and social media integration. Technically, it employs modern JavaScript libraries and tracking tools like Google Tag Manager and Facebook Pixel, with a responsive design optimized for mobile devices. Security posture is generally good with HTTPS enforced and consent mechanisms in place, though minor backend PHP notices indicate some error handling issues. The absence of WHOIS data reduces domain trustworthiness, but the website content and branding appear professional and consistent with a legitimate marketing campaign.

T

Technické služby Velké Popovice, příspěvková organizace

tsvp.cz

57

Technické služby Velké Popovice is a municipal service organization providing essential technical and environmental services to the local community of Velké Popovice, Czech Republic. Their offerings include sewer cleaning, waste collection, water supply, and sewage management. The website serves as an information portal for residents, providing updates, service announcements, and contact details. The organization operates as a public entity, likely funded by local government and service fees, positioning itself as a key local utility provider. Technically, the website is built on the Webnode CMS platform, utilizing Cloudfront CDN for content delivery and Google Analytics for visitor tracking with IP anonymization enabled. The site is accessible, with a moderate performance profile and basic mobile optimization. However, it lacks advanced SEO and accessibility features. No blocking or WAF mechanisms were detected, indicating open access. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks security headers and formal privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is provided. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact information suggest legitimacy. Overall, the security posture is moderate but could be improved with better compliance and security controls. The overall risk is moderate with recommendations to implement privacy and cookie policies, add security headers, and verify domain registration details. Enhancing compliance and security transparency will improve trust and reduce potential risks.

G

Gibbs&Co., s.r.o.

e-news.cz

42

Ekonomický magazín is a Czech economic news portal operated by Gibbs&Co., s.r.o., providing up-to-date news, analyses, and expert opinions primarily in finance, banking, insurance, and investment sectors. The website targets professionals and individuals interested in economic developments and investment insights. It operates on a WordPress CMS with a modern tech stack including Bootstrap, jQuery, and various advertising and analytics integrations, demonstrating a mature digital infrastructure. The site is well-optimized for SEO and mobile devices, offering a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and consent management implemented, though some security headers could be improved. The site uses multiple advertising networks and tracking services with user consent, reflecting a comprehensive marketing approach. Overall, the website is trustworthy, professional, and compliant with GDPR, with clear business and contact information. No critical security or content safety issues were detected.

Jiří Rostecký operates a well-established Czech business media platform focused on podcasts, mentoring, and consulting services for entrepreneurs, freelancers, and small business owners. The website serves as a content hub and service portal, featuring extensive business-related content and live event promotions. The platform holds a strong market position in the Czech Republic's business media niche, supported by a decade-long domain history and consistent branding. Technically, the website is built on WordPress with modern SEO and performance optimizations including WP Rocket and All in One SEO Pro. It integrates multiple third-party services such as Vimeo, YouTube, Mailjet, and Spotify for media and marketing functionalities. The site is mobile-optimized, fast-loading, and accessible, reflecting a mature digital infrastructure. Security posture is robust with HTTPS enforced, comprehensive cookie consent mechanisms, and use of Google reCAPTCHA for bot protection. Security headers are present, and no vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with GDPR-aligned cookie policies and consent banners. Overall, the site presents low risk with high trustworthiness and professionalism. Strategic recommendations include publishing explicit security and incident response policies, adding contact emails or phone numbers for business inquiries, and maintaining regular security audits to ensure ongoing compliance and protection.

R

Radim Oulehla

fintree.cz

53

Fintree.cz is a Czech Republic-based FinTech news and review website founded around 2020 by Radim Oulehla. It serves a niche audience interested in financial technologies, startups, and business insights. The website offers news articles, reviews, podcasts, and job listings related to the FinTech sector. Technically, the site is built on WordPress using the Divi theme, leveraging common JavaScript libraries such as jQuery and Slick Carousel for UI enhancements. The site is mobile-optimized and includes SEO best practices with structured data and meta tags. Security-wise, the website enforces HTTPS and includes standard security headers, along with a GDPR-compliant cookie consent mechanism. However, it lacks explicit published security policies or incident response contacts. Overall, the site presents a professional and trustworthy digital presence with moderate to good technical maturity.

P

Prague Morning - Czech Republic's biggest media outlet in English

praguemorning.cz

56

Prague Morning is a prominent English-language media outlet based in the Czech Republic, established in 2016. It serves as the largest English news source in the country, targeting English-speaking residents and visitors interested in local news and events. The website offers news publishing services with monetization primarily through advertising and subscription-based premium content. The business maintains a consistent brand presence and leverages social media platforms to engage its audience. Technically, the website is built on WordPress CMS using Elementor for page building and Yoast SEO for search engine optimization. It integrates modern web technologies including jQuery and Google Analytics for tracking. Hosting utilizes Cloudflare DNS services, and the site employs HTTPS with good SSL configuration. Advertising is managed through Google Adsense and Vidverto, with multiple tracking and marketing tools embedded. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA for form protection. However, it lacks published privacy, cookie, and terms of service policies, which are critical for GDPR compliance and user trust. No explicit incident response or vulnerability disclosure policies are available. Security headers are assumed but not explicitly confirmed in the HTML content. Overall, the security posture is moderate but could be improved with clearer policies and enhanced security controls. The website content is safe for general audiences, with no adult or questionable material detected. WHOIS data confirms the domain's legitimacy and consistent registration since 2016, aligning with the business's operational history. Strategic recommendations include publishing comprehensive privacy and cookie policies, adding terms of service, implementing a vulnerability disclosure program, and enhancing accessibility and security headers to improve compliance and trust.

F

fintechcowboys.cz

fintechcowboys.cz

48

fintechcowboys.cz is an online Czech-language magazine focused on fintech innovations and financial technology trends. It provides news, analysis, and articles targeting fintech enthusiasts and professionals in the Czech Republic. The website operates on a content publishing and advertising business model, primarily monetized through Google Adsense. The site is hosted on VAS Hosting infrastructure and uses modern web technologies including Matomo analytics and Google Fonts. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though some security headers could be improved. WHOIS data shows an unusual future domain creation date, which slightly impacts trust but does not detract from the professional presentation of the site. Overall, fintechcowboys.cz is a credible niche fintech media outlet with moderate technical maturity and good privacy compliance.

R

Runwayonline

runwayonline.cz

52

Runwayonline.cz is a Czech lifestyle online magazine established in 2020, focusing on fashion, beauty, travel, food, and entertainment content. The website targets a general audience interested in lifestyle topics and maintains a consistent brand presence with active social media channels on Facebook, Instagram, and YouTube. The business model revolves around content publishing and advertising revenue, primarily leveraging the Seznam SSP ad network. Technically, the site is built on WordPress with popular plugins such as Yoast SEO and Elementor, indicating a modern and maintainable infrastructure. Hosting and domain registration are managed by Wedos, a Czech provider, aligning with the website's regional focus. Security posture is adequate with HTTPS enforced and Google Analytics integrated with opt-out capabilities; however, the absence of security headers and explicit privacy and cookie policies indicates room for improvement. No WAF or blocking mechanisms were detected, allowing full content accessibility.

F

Frenk.ai

frenk.ai

58

Frenk.ai is a newly founded fintech startup (2025) specializing in AI-driven financial advisory services delivered through an interactive gamified platform. The company targets individuals seeking to improve their financial decision-making and literacy. The website presents a professional and modern design with clear calls to action for joining a waitlist for early access. Technically, the site uses Bootstrap for responsive design, Cloudflare for DNS, and Google Analytics for user tracking. The site is mobile optimized and performs moderately well. Security posture is adequate with HTTPS enforced and secure form handling, but lacks DNSSEC and security headers, which are recommended for improvement. Privacy compliance is partially addressed with a privacy policy and GDPR mention, but no cookie consent mechanism is present. Business credibility is supported by clear contact information and EU data protection claims. Overall, the site is trustworthy and well-positioned for a fintech startup but can enhance security and privacy practices.

R

Riseup

riseup.net

65

Riseup is a small, donation-funded organization providing secure online communication tools such as email, VPN, mailing lists, and collaboration platforms targeted at activists and groups working on liberatory social change. The organization emphasizes privacy, self-determination, and democratic alternatives in digital communication. Their market position is niche, focusing on privacy-conscious users and social justice communities globally. Technically, the website uses modern frontend technologies like Bootstrap and Font Awesome, is mobile optimized, and provides good accessibility and SEO features. Security-wise, the site enforces HTTPS, has a clientTransferProhibited domain status, and offers extensive security resources, though it lacks DNSSEC and some security headers. Privacy compliance is strong with a comprehensive privacy policy and no detected tracking or analytics. Overall, the website is trustworthy, professional, and aligned with its mission.

N

Nikita Karamov

kytta.dev

54

The website kytta.dev is a personal portfolio and blog of Nikita Karamov, a full-stack web developer and open-source enthusiast. The site showcases personal projects such as Share₂Fedi and Shareon, targeting developers and technology enthusiasts. It positions itself as an individual developer's platform rather than a commercial business. Technically, the site is built using the Zola static site generator with minimal JavaScript and SVG graphics, delivering fast performance and good mobile optimization. The site uses HTTPS and a privacy-friendly analytics service (GoatCounter), but lacks formal privacy and cookie policies, security headers, and incident response information. Security posture is generally good with no visible vulnerabilities, but could be improved with additional headers and policies. Overall, the site is trustworthy, professional, and safe for general audiences.

A

ABX software s.r.o.

kestolu.cz

41

kestolu.cz is a Czech-based software solution specializing in providing an integrated e-shop module for the ABX Harsys gastro program. The company, ABX software s.r.o., founded in 2021, targets restaurants and gastro businesses seeking seamless online ordering and payment integration. The website offers demos, customer references, and detailed feature descriptions, positioning itself as a niche player in the hospitality technology sector. Technically, the site uses modern frontend libraries such as Bootstrap, FontAwesome, and Swiper.js, with responsive design and moderate performance. However, it lacks visible backend CMS indicators and advanced SEO or accessibility features. Security posture is moderate with HTTPS implied but missing explicit security headers and privacy policies, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and functional but would benefit from improved privacy compliance and security hardening.

S

sicily s. r. o.

nasucetni.cz

45

Náš účetní is a small Czech accounting service provider operating under the company sicily s. r. o. The company offers comprehensive accounting advisory and bookkeeping services including tax evidence, payroll accounting, and personnel management. With over 15 years of experience, the firm emphasizes direct client contact, efficiency, and reducing paperwork by digitizing documents. The website reflects a professional business focused on small and medium-sized enterprises and individual entrepreneurs in the Czech Republic. Technically, the site is built on Joomla CMS with UIkit and RokSprocket frameworks, providing a modern and mobile-optimized user experience. However, the absence of WHOIS data and lack of privacy and cookie policies indicate gaps in transparency and compliance. Security posture is moderate with some best practices like CSRF tokens but missing HTTP security headers and explicit SSL configuration details. Overall, the site is functional and trustworthy but would benefit from enhanced security and compliance measures.

S

Sicily Café

sicilycafe.cz

50

Sicily Café is a small hospitality business located in Prague, specializing in homemade organic cuisine, Italian-style coffee, and desserts. The website presents a professional and consistent brand image with clear navigation and relevant content for its target audience. The business leverages an online presence including an e-shop and gift card services through partner domains. Technically, the site is built on Joomla CMS with common web technologies such as jQuery, Bootstrap, and UIkit, providing a moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled and a cookie consent banner, but lacks advanced security headers and privacy policy documentation. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact information support business legitimacy. Overall, the site scores moderately on content quality, technical implementation, security, privacy compliance, and business credibility.

V

Victoria Tanczos Portfolio

futurperfekt.studio

56

Victoria Tanczos Portfolio is a small creative business specializing in branding and graphic design with a focus on sustainability and impactful design. The website serves as a professional portfolio showcasing various projects across branding, web, print, and social media design. The business targets clients seeking thoughtful and sustainable design solutions. Technically, the website uses a simple stack with jQuery and custom CSS/JS, with good mobile optimization and SEO practices. Security posture is moderate with cookie consent implemented but lacks visible security headers and incident response information. WHOIS data is privacy protected or unavailable, which is typical for small creative businesses. Overall, the website is professional, trustworthy, and well-structured, with room for improvement in security and transparency.

N

next layer Telekommunikationsdienstleistungs- und BeratungsGmbH

nextlayer.at

67

next layer Telekommunikationsdienstleistungs- und BeratungsGmbH is an Austrian owner-managed Internet Service Provider specializing in tailored cloud, network, and server infrastructure solutions for business customers. The company emphasizes personalized service with direct technical contacts and flexible planning to meet client needs. Their market position is that of a trusted mid-sized ISP with a strong focus on quality and customer orientation. The website reflects this professionalism with clear messaging and comprehensive service descriptions. Technically, the website is built on TYPO3 CMS, a robust and mature content management system. It employs Matomo for privacy-conscious analytics and Cookiebot for GDPR-compliant cookie consent management. The site is well-optimized for mobile devices, accessible, and SEO-friendly. Security best practices are observed, including HTTPS enforcement, security headers, and no visible vulnerabilities or exposed sensitive data. The security posture is strong, supported by ISO 27001 certification, indicating a mature information security management system. Cookie consent mechanisms and Do Not Track settings in analytics demonstrate compliance with privacy regulations. However, the site lacks explicit incident response contact information and a published security.txt file, which could enhance transparency and vulnerability management. Overall, the website and business present a low-risk profile with high trustworthiness, good technical implementation, and strong privacy compliance. Strategic recommendations include publishing incident response contacts, adding a security.txt file, and continuous monitoring of third-party scripts to maintain security standards.

The Fachschaft Informatik website serves as the official online presence of the student representative group for the Faculty of Informatics at TU Wien, Austria. It provides news, event information, academic support resources, and community engagement opportunities primarily targeted at informatics students. The site is well-structured, bilingual in parts, and offers key services such as consulting, communication platforms, and lecture wikis. The organization operates as a non-profit student body with a clear educational focus. Technically, the website is built using the Hakyll static site generator, ensuring a lightweight and secure infrastructure. The site is mobile-optimized, accessible, and SEO-friendly with proper meta tags and Open Graph data. No advanced analytics or tracking technologies are detected, reflecting a privacy-conscious approach. However, the absence of cookie consent mechanisms and security headers indicates room for improvement in compliance and security hardening. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data or vulnerable libraries. The lack of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests a basic security posture typical for a student organization. The domain registration data aligns well with the website's educational purpose and Austrian affiliation, supporting legitimacy and trustworthiness. Overall, the website presents a professional, trustworthy, and community-focused platform with good technical implementation but could enhance privacy compliance and security policies to better align with best practices and regulatory requirements.

C

Chaos Computer Club Wien (C3W)

c3w.at

69

The Chaos Computer Club Wien (C3W) is a non-profit community organization based in Austria focused on promoting information freedom, critical engagement with electronic media, and the dissemination of free technologies and standards. The website serves as an informational hub for the community, providing contact details, event information, and advocacy resources. The organization targets technology enthusiasts, civil society members, and activists interested in digital rights and open technologies. Technically, the website is built using the Hugo static site generator with modern JavaScript libraries enhancing user experience. It is well-optimized for mobile devices and accessibility, with good SEO practices and a clean, professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response policies could be improved. Privacy compliance is adequate with a privacy policy present, but no explicit cookie consent mechanism. Overall, the site is trustworthy, professional, and aligned with the organization's mission.

G

graz.social

graz.social

71

graz.social operates as a regional Mastodon social networking server primarily serving the Graz area and its surroundings. It is managed by a non-profit association focused on promoting ethical digital culture. The platform leverages the open-source Mastodon software (version 4.4.7) and provides a community-driven social media experience within the fediverse. The website content includes user-generated posts on diverse topics, reflecting an active and engaged user base. The business model is community-centric, emphasizing privacy and ethical digital interaction rather than commercial gain. Technically, the site employs modern web technologies including React and Ruby on Rails frameworks, with modular JavaScript and SVG-based UI elements. The site is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured content. Performance is moderate, with no significant technical debt or errors detected. Hosting details are not explicitly disclosed. From a security perspective, the site enforces HTTPS with excellent SSL configuration and avoids exposing sensitive data. However, it lacks some security headers and does not provide a cookie consent mechanism or terms of service, which are areas for improvement. No vulnerabilities or malicious content were detected. Privacy compliance is basic, with a privacy policy present but no explicit GDPR compliance indicators or data protection officer contact information. Overall, graz.social presents a trustworthy and well-maintained community platform with a strong ethical focus. Strategic recommendations include enhancing privacy compliance with cookie consent, publishing terms of service, adding security headers, and providing clearer contact and incident response information to strengthen trust and security posture.

P

Park Technology

themagicstamp.com

59

Magic Stamp, operated by Park Technology, offers a digital loyalty platform designed for small businesses, focusing on mobile and coffee loyalty solutions. The company provides an easy-to-use app combined with a physical stamp device to enhance customer retention. The website positions Magic Stamp as an affordable and effective loyalty solution with a clear target audience of small businesses seeking simple digital loyalty programs. The domain is well-established since 1999, supporting the business's credibility and longevity. Technically, the website is built on the Squarespace CMS platform, utilizing modern web technologies including JavaScript, jQuery, and integrations with marketing and analytics tools such as Google Analytics, Facebook Pixel, and HubSpot. The site is mobile-optimized and demonstrates good design and user experience, though accessibility features are basic. Performance is moderate, typical for a CMS-based site. From a security perspective, the site enforces HTTPS but lacks DNSSEC and HSTS headers, which are recommended for enhanced security. No explicit security policies or incident response contacts are published, representing an area for improvement. The domain is locked with multiple client prohibitions, indicating protection against unauthorized transfers or deletions. Privacy compliance is partial, with a cookie consent banner present but no visible privacy policy or terms of service pages. Overall, Magic Stamp's website is professional and trustworthy, with moderate security and privacy compliance. Strategic improvements in security headers, privacy documentation, and incident response transparency would enhance the site's security posture and user trust.

D

Demo verze stránek

mravenci.dev

57

Mravenci.cz is a Czech marketing agency specializing in online advertising, website creation, and e-commerce solutions tailored for small businesses and entrepreneurs. The company positions itself as a strategic marketing partner with affordable services and expert oversight, primarily targeting smaller firms such as restaurants, manufacturers, and small e-shops. The website showcases client references and offers free consultations, emphasizing transparency and trustworthiness. Technically, the site is built on WordPress using Elementor, with performance optimizations and modern web technologies. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. Overall, the site is professional, user-friendly, and compliant with GDPR, but lacks visible WHOIS data and explicit contact emails or phone numbers, which slightly impacts trust assessment.

V

VR|SPACE

vrspace.cz

48

VR|SPACE is a Czech-based company specializing in virtual reality and augmented reality solutions tailored for industries such as architecture, healthcare, engineering, and education. Established in 2015, the company positions itself as an innovative service provider focused on digitization and immersive technology applications to enhance productivity and safety. The website reflects a professional and consistent brand image, targeting business clients seeking VR/AR services. Technically, the site employs a modern tech stack including Google Analytics, Facebook Pixel, and Google Tag Manager, with a CMS identified as HAPPY admin and hosting by WEDOS. While the site is mobile-optimized and accessible, some outdated libraries like jQuery 1.11.1 are used, and security headers are minimal. Security posture is adequate with HTTPS and reCAPTCHA on forms, but could be improved with additional headers and updated libraries. Privacy compliance is basic with a clear cookie consent mechanism and a privacy policy page, though terms of service and explicit security policies are absent. Overall, the site is trustworthy and professionally maintained, with room for technical and security enhancements.

M

Metrostav Development a.s.

metrostavdevelopment.cz

56

Metrostav Development a.s. is a well-established real estate developer in the Czech Republic, focusing on residential and commercial projects primarily in Prague. The company is part of the larger Metrostav Group and has a domain age consistent with its business history, indicating a stable market presence. Their website provides comprehensive information about ongoing and completed projects, targeting property buyers and investors in the region. Technically, the website employs modern web technologies such as Bootstrap, jQuery UI, and integrates Google Analytics and Cookiebot for analytics and privacy compliance. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and implements CSRF tokens in forms, but lacks explicit security headers and published security policies, which are recommended for improvement. Privacy compliance is strong with a visible cookie consent mechanism and a detailed privacy policy. Overall, the website is trustworthy, professional, and compliant with GDPR requirements, with room for enhancement in security transparency and incident response readiness.

M

MeetFactory o. p. s.

meetfactory.cz

49

MeetFactory o. p. s. is a well-established non-profit cultural organization based in Prague, Czech Republic, founded in 2000. The organization provides a vibrant space for live art, including music, theater, residencies, galleries, and workshops. Supported by a significant grant from the city of Prague, MeetFactory serves a general audience interested in contemporary art and culture. The website reflects this mission with detailed event listings and structured data to enhance user experience and search engine visibility. Technically, the site uses a combination of older JavaScript libraries and Bootstrap framework, hosted on WEDOS infrastructure, with moderate performance and basic mobile optimization. Security posture is moderate, with HTTPS implied but lacking visible security headers and modern security practices. Privacy compliance is limited, with no explicit cookie consent or comprehensive privacy policy clearly accessible. Business credibility is high due to consistent domain registration data, clear physical address, and active social media presence. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy measures.

S

SHERWOOD Digital a.s.

majales.cz

9

The website www.majales.cz serves as the central portal for the Majáles 2026 student festivals held across multiple Czech cities including Prague, Brno, Ostrava, and Hradec Králové. Operated by SHERWOOD Digital a.s., the site promotes large-scale student celebrations and provides event information and ticketing details. The business is positioned as a leading festival organizer in the Czech Republic, targeting students and young adults interested in cultural and social events. The site content is primarily in Czech with an option for English, reflecting a regional focus with some international accessibility. Technically, the website employs a modern tech stack including Bootstrap, Owl Carousel, Swiper, and integrates Google Analytics and Facebook Pixel for marketing and analytics purposes. Cookie consent is managed via CookieScript, demonstrating compliance with EU cookie regulations. The site is mobile-optimized with good SEO practices and moderate performance. However, no CMS or hosting provider details were identified, and accessibility features are basic. From a security perspective, the site uses HTTPS and implements cookie consent with opt-in for targeting and performance cookies, which is positive. Security headers are implied but not explicitly confirmed. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of a publicly accessible privacy policy and terms of service pages is a compliance gap. Additionally, WHOIS data for the domain is unavailable, which raises concerns about domain registration transparency and trustworthiness. Overall, the website presents a professional and trustworthy front for a regional event organizer but would benefit from enhanced transparency in privacy and security policies, explicit contact information, and verification of domain registration details to strengthen trust and compliance posture.

R

ROXY

roxy.cz

42

ROXY Prague is a well-established entertainment venue specializing in concerts, DJ events, and cultural activities since 1992. The website effectively showcases upcoming events, integrates multiple social media platforms, and provides a merchandise shop, targeting music and nightlife enthusiasts primarily in the Czech Republic. Technically, the site uses a modern JavaScript stack including jQuery, Google Analytics, Facebook Pixel, and asynchronous loading of Vue.js and Moment.js, indicating a moderate level of digital maturity. However, the absence of explicit privacy and cookie policies and lack of visible security headers highlight compliance and security gaps. The WHOIS data confirms the domain's legitimacy and long-term presence, supporting business credibility. Overall, the site is functional and professional but requires improvements in privacy compliance and security hardening.

The website musiccityclub.cz is currently a parked domain with no active business content or services. It displays a domain-for-sale message and embeds third-party advertising and tracking scripts. The site lacks any privacy, cookie, or terms of service policies, and no contact or company information is provided. Technically, the site uses basic JavaScript and iframes served via AWS Cloudfront CDN but lacks modern security practices such as HTTPS enforcement and security headers. The WHOIS data is suspicious with a future creation date and parking name servers, indicating the domain is not actively managed for business purposes. Overall, the site has poor content quality, low trustworthiness, and minimal compliance with privacy or security standards.

A

AudioMaster, a. s.

music-city.cz

54

Music City, operated by AudioMaster, a. s., is a Czech Republic-based e-commerce retailer specializing in musical instruments, sound and lighting technology, DJ equipment, and home recording gear. The company maintains a strong market presence with multiple physical stores in Prague, Brno, and Uherské Hradiště, complemented by a comprehensive online store. Their business model focuses on providing musicians and music enthusiasts with a wide range of products at competitive prices, supported by free shipping and a three-year warranty, enhancing customer trust and satisfaction. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, Cookiebot for cookie consent management, and analytics tools such as Google Analytics and Hotjar. The site is mobile-optimized and demonstrates good SEO and accessibility practices. However, there is room for improvement in security headers implementation and further hardening of form security. From a security perspective, the site uses HTTPS and has a robust cookie consent mechanism, indicating compliance with GDPR and privacy best practices. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS registration data is a notable concern, potentially impacting domain trustworthiness, but the visible business information and contact details mitigate this risk somewhat. Overall, Music City presents a professional and trustworthy online presence with a solid business foundation. Strategic improvements in domain registration transparency and enhanced security headers would further strengthen their security posture and credibility.

C

Centrum Stromovka

centrumstromovka.cz

57

Centrum Stromovka operates as a retail and commercial center in the Czech Republic, providing shopping and vendor services primarily targeting local consumers and businesses. The website is built on WordPress and integrates common marketing and analytics tools such as Google Analytics, Google Ads, Facebook Pixel, and Cookiebot for cookie consent management. The technical infrastructure is moderately modern with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure, though explicit security headers are not detected and WHOIS data is missing, which impacts domain transparency. Overall, the site presents a professional and functional online presence for the business. Strategic improvements in security headers and privacy policy publication would enhance trust and compliance.

J

Jan Jelínek - Internetové-služby.eu

internetove-sluzby.eu

47

The website internetove-sluzby.eu represents a small Czech business operated by Jan Jelínek, specializing in dynamic website creation, SEO optimization, printing, advertising, and internet consulting services. The business targets primarily small and medium entrepreneurs in Prague and the Ústecký kraj region, with a claimed operational history since 1990. The site presents a professional and consistent brand image with clear contact details and service descriptions. Technically, the website uses a moderate tech stack including jQuery, Bootstrap, and live chat integration, with a CMS named inPage. Performance and mobile optimization are adequate, though accessibility is basic. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks explicit security headers and privacy policy documentation. WHOIS data is privacy protected, which is reasonable for a small business, but limits domain age and registrant verification. Overall, the site is functional, trustworthy, and safe for general audiences.

M

Metrostav Development

nadskalou.cz

51

Nadskalou.cz is a professionally developed website representing a new residential real estate project called Nad skálou Barrandov, located in Prague 5. The project is managed by Metrostav Development, a reputable construction and development company. The website effectively communicates the project's value proposition, emphasizing proximity to nature and urban amenities. The technical infrastructure is modern, leveraging ProcessWire CMS, Cookiebot for consent management, and Google Tag Manager for analytics and marketing. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers could be improved. Privacy compliance is well addressed with a comprehensive cookie policy and GDPR-aligned consent. Overall, the website presents a trustworthy and professional image suitable for its target audience of prospective home buyers seeking quality residential options in Prague.

M

Metrostav Development

viladomyumlyna.cz

50

Viladomy U Mlýna is a real estate development project focused on creating a new urban residential quarter in Vysočany, Prague. The website represents a medium-sized real estate developer, Metrostav Development, offering above-standard housing solutions. The site targets potential home buyers and residents interested in modern city living combined with natural surroundings. The business model centers on property development and sales within the Czech Republic real estate market. Technically, the website is built on the ProcessWire CMS and employs modern front-end technologies such as Swiper.js, Tippy.js, and Google Tag Manager, ensuring a good user experience with mobile optimization and SEO best practices. The site uses HTTPS and integrates a comprehensive cookie consent mechanism via Cookiebot, reflecting good privacy compliance and transparency in advertising and tracking practices. However, the WHOIS data shows a suspicious domain creation date in the future, which raises concerns about registration legitimacy. No explicit contact information or terms of service pages were found, which slightly impacts business credibility. Overall, the website is professional, secure, and compliant with GDPR, but improvements in transparency and WHOIS data accuracy are recommended.

The website at indlaegssedler.dk currently serves only a standard HTTP 404 error page indicating that the requested resource is not found. There is no accessible content, metadata, or business information available on the site. The domain is registered since 2015 and remains active with a valid expiry date in 2026, suggesting the domain is legitimate but the website is either under maintenance or abandoned. The lack of any privacy, cookie, or terms of service policies, as well as absence of contact information, severely limits the ability to assess the business or compliance posture. Technically, the site lacks security headers and DNSSEC is not enabled, which are areas for improvement. No WAF or security challenge mechanisms are detected, and the site is not blocked by any security service.

The website at czech.payu.com is currently inaccessible due to a 403 error served by AWS CloudFront, indicating either a Web Application Firewall (WAF) block or a configuration issue. This prevents retrieval of any meaningful content, metadata, or business information. The domain appears to be a subdomain of payu.com, a known payment service provider, but no WHOIS data is available for this subdomain, limiting verification of ownership or legitimacy. The lack of accessible content and metadata means no privacy, cookie, or security policies can be evaluated, and no contact or incident response information is present. From a technical perspective, the site is hosted behind Amazon CloudFront, which is a reputable CDN and security provider, but the current configuration blocks access, resulting in a poor user experience and zero content availability. No scripts, forms, or external links are detectable in the provided HTML. Security posture cannot be assessed beyond the presence of CloudFront, and no SSL or security headers data is available. Overall, the risk assessment is high due to the inability to verify the site’s content, policies, or security measures. The site’s legitimacy is uncertain, and the lack of WHOIS data for the subdomain further complicates trust evaluation. Strategic recommendations include resolving the CloudFront access issues, publishing clear business and security information, and ensuring compliance with privacy regulations to improve trust and transparency.

M

Möbelix

moebelix.cz

64

Möbelix.cz is an established Czech Republic-based online retailer specializing in furniture and stylish home accessories. The website offers a broad range of products with a focus on innovative and individual customer approaches, targeting general consumers interested in home furnishing. The platform demonstrates a modern technical infrastructure, leveraging React-based frontend technologies, Dynatrace monitoring, and various third-party marketing and analytics tools. The site is mobile-optimized and provides a good user experience with clear navigation and product categorization. Security posture is generally good with HTTPS enforced and secure cookie practices, though explicit security headers and privacy compliance mechanisms are lacking. The absence of WHOIS data limits domain trust assessment, but the professional presentation and e-commerce functionality suggest legitimate operations. Strategic improvements in privacy policy visibility, cookie consent, and security headers would enhance compliance and trust.

S

SIKO KOUPELNY A KUCHYNĚ

siko.cz

62

SIKO KOUPELNY A KUCHYNĚ is a leading Czech retailer specializing in stylish bathroom and kitchen solutions, offering a wide range of quality products, project planning, and turnkey realization services. The company targets general consumers primarily in the Czech Republic and neighboring countries, positioning itself as a market leader in home improvement retail. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site is built on a modern Angular framework integrated with SAP Commerce Cloud, leveraging multiple marketing and analytics tools with user consent mechanisms. Security posture is strong with HTTPS enforcement and security headers, though the absence of a public security policy and incident response information is noted. The lack of WHOIS data reduces domain trust slightly but does not detract significantly from the overall legitimacy. Strategic recommendations include publishing security policies, enhancing incident response transparency, and verifying domain registration details to improve trust. Overall, SIKO demonstrates a mature digital presence with room for security and compliance enhancements.

D

Demo verze stránek

proengineers.cz

56

Proengineers studio is a small architecture and project design office based in the Czech Republic, offering comprehensive services focused on sustainable building design and modern technologies, including investor support during project realization. The website presents a professional image with good content quality and consistent branding, targeting general audiences interested in architectural services. Technically, the site is built on WordPress using Elementor and SEO plugins, with Google Analytics and Tag Manager for tracking. The site is accessible without any WAF or security challenges, indicating good availability. However, the absence of WHOIS data limits domain legitimacy verification. Security posture is moderate with HTTPS enabled but lacks security headers and published security policies. Privacy compliance is basic with cookie consent but no visible privacy or terms policies. Overall, the site is functional and professional but would benefit from enhanced security and compliance documentation.

D

Zámecké rezidence Škvorec | Rodinné domy na Prodej

domytrio.cz

57

The website 'Zámecké Rezidence Skvorec' appears to be a small-scale hospitality or real estate service provider based in the Czech Republic, offering residence accommodations. The site is built on the Wix platform, leveraging Wix's hosting and content management infrastructure. The technical setup is standard for Wix sites, with modern JavaScript and CSS but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled but missing important security headers and no visible incident response or security policies. Privacy compliance is minimal, with no privacy or cookie policies detected. Business credibility is limited by the absence of contact details and trust indicators. Overall, the site is functional but basic, suitable for a small local business.

P

Pozemky Choryne

pozemkychoryne.cz

53

Pozemky Choryne is a small real estate business focused on selling building plots in the Choryně area of the Czech Republic. The website presents information about residential land near nature, targeting individuals or families seeking property close to the city but in a natural setting. The business operates locally with a clear niche in real estate sales. Technically, the website is built on the Wix platform, utilizing standard Wix scripts and polyfills, indicating a moderate level of digital maturity suitable for small businesses. The site is mobile optimized and has basic SEO and accessibility features. Security posture is moderate with HTTPS enabled but lacks advanced security headers and privacy compliance mechanisms. No WHOIS data is available, likely due to privacy protection, which slightly reduces trust but is common for small businesses. Overall, the site is functional and professional but would benefit from enhanced privacy policies, contact information, and security improvements.

Z

Zámecké rezidence Škvorec | Rodinné domy na Prodej

zameckerezidenceskvorec.cz

56

The website 'Zámecké Rezidence Skvorec' appears to represent a small real estate or residential accommodation business located in the Czech Republic. The site is built on the Wix platform and is primarily in Czech language, targeting local visitors or potential clients interested in residential services. The business model likely revolves around property rental or sales, although explicit business details are sparse. The website's technical infrastructure is standard for Wix-hosted sites, utilizing Wix's JavaScript libraries and assets, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and policies. Privacy and cookie policies are absent, indicating low privacy compliance. No contact information or social media links are provided, limiting business credibility and user trust. WHOIS data is unavailable, suggesting privacy protection or registration issues, which impacts trustworthiness. Overall, the site is functional but basic, with room for improvement in transparency, security, and compliance.

R

BYTY | Šárecká 26

rezidencesarecka.cz

57

Rezidence Sarecka is a small real estate project website hosted on the Wix platform, targeting potential home buyers and investors in Prague, Czech Republic. The site provides information about residential apartments but lacks detailed business and contact information. Technically, the site uses Wix's Thunderbolt framework and standard web technologies, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and security headers, but the absence of privacy and cookie policies, as well as WHOIS transparency, reduces overall trust. There are no detected vulnerabilities or malicious content, and the site is safe for general audiences.

U

Usermaven

usermaven.com

63

Usermaven is a technology company founded in 2020 that offers an AI-powered marketing attribution and analytics SaaS platform. The platform targets marketing teams, agencies, brands, and product teams by providing multi-touch attribution, product analytics, funnel analysis, and user journey insights. The company positions itself as privacy-conscious, emphasizing GDPR and CCPA compliance and hosting data in the EU. Technically, the website is built on modern frameworks such as Next.js and React, integrates with multiple marketing and analytics tools, and uses Cloudflare for DNS and likely CDN services. The site is fast, mobile-optimized, and professionally designed. Security posture is good with HTTPS enforced and domain transfer protection, but lacks published security policies and vulnerability disclosures. Privacy compliance is partial due to missing explicit privacy and cookie policies. Overall, the website is trustworthy and professional, with room for improvement in transparency and compliance documentation.

S

seyfro.social

seyfro.social

67

seyfro.social operates as a small Mastodon instance providing decentralized social networking services with a focus on privacy, ethical design, and no advertising. The platform is based on Mastodon version 4.2.20, an open-source social network software, and targets general users interested in privacy-respecting social media. The site currently has minimal active users, indicating a niche or early-stage community. Technically, the website uses modern web technologies including React and WebSocket for real-time communication, with a moderate performance profile and good mobile optimization. Security posture is moderate; while no critical vulnerabilities or exposed sensitive data were found, the absence of security headers and cookie consent mechanisms suggests room for improvement. Privacy compliance is basic with a privacy policy present but lacking cookie consent and GDPR explicit indicators. Business credibility is moderate due to lack of contact information and terms of service, but the site’s open-source nature and transparent admin identity provide trust signals. Overall, the site is safe, accessible, and professionally presented but would benefit from enhanced security and compliance features.

T

Fitness a wellness | ToFitko

tofitko.cz

46

The website www.tofitko.cz presents a fitness and wellness business targeting a general audience primarily in the Czech Republic. The site is built on WordPress using Elementor and Yoast SEO, indicating a moderate level of digital maturity. The content is basic but relevant to the fitness and wellness sector, with no detected adult or explicit content. However, the absence of privacy, cookie, and terms of service policies suggests limited compliance with data protection regulations. Security posture is weak due to lack of security headers and no visible incident response or security policies. The WHOIS data is unavailable, which reduces trust and raises concerns about domain legitimacy. Overall, the site is functional but requires improvements in security and compliance to enhance trustworthiness and user protection.

A

Alf & Bet

alfabet.coffee

68

Alf & Bet is a small specialty coffee roaster and artisan bakery based in Prague, Czechia, operating an e-commerce platform primarily targeting European customers. The company offers a curated selection of coffee, tea, bread, wine, books, and related accessories, supported by physical espresso bar locations under the EMA brand. The website is built on Shopify, leveraging modern e-commerce technologies and third-party integrations for marketing, analytics, and customer reviews. Privacy and cookie consent mechanisms are implemented, reflecting GDPR compliance. Security posture is strong with HTTPS and standard security headers, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site presents a professional and trustworthy online presence with no signs of malicious activity or content blocking.

A

Alf & Bet, spol. s r.o.

emaespressobar.cz

54

EMA espresso bar operates a chain of specialty coffee bars in Prague, offering high-quality espresso drinks, bakery products, and coffee beans roasted under the Alf & Bet brand. The business targets coffee enthusiasts and local consumers seeking specialty coffee experiences. The website is professionally designed, mobile-optimized, and integrates modern web technologies including Solidpixels CMS and Google Tag Manager for analytics. Security posture is generally good with HTTPS enforced and secure form handling, though the absence of security headers and privacy policy pages are notable gaps. The lack of WHOIS data reduces domain trustworthiness, but the business information and contact details on the site support legitimacy. Strategic improvements in privacy compliance and security disclosures are recommended.

A

Alf & Bet

coffee.toys

68

Alf & Bet is a small specialty coffee roaster and artisan bakery based in Prague, Czechia, operating an e-commerce platform primarily targeting European customers. The company offers a curated selection of coffee, tea, bread, wine, books, and related accessories, supported by physical espresso bar locations under the EMA brand. Their market position is niche, focusing on quality and artisanal products with a loyal customer base. The website is built on the Shopify platform using a modern theme and integrates multiple analytics and marketing tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit policies could be improved. The domain WHOIS data is privacy protected, which is typical for small businesses, and no suspicious patterns were detected. Overall, the website is professional, trustworthy, and compliant with GDPR, making it a reliable online presence for the business.

S

sicily s.r.o.

sicily.cz

41

sicily s.r.o. operates a hospitality and accounting services business primarily targeting local customers in the Czech Republic. The company emphasizes ethical business practices and minimal ecological impact. Their website is built on Joomla! CMS and integrates common web technologies such as jQuery, Bootstrap, and Google Analytics. The site is moderately optimized for mobile and SEO, with a professional design and clear navigation. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks explicit security headers and formal privacy or terms of service documentation. The domain registration data is consistent and supports the legitimacy of the business. Overall, the website presents a trustworthy and professional image but would benefit from enhanced privacy compliance and security practices.

P

Pinseria Palmovka

pinseriapalmovka.cz

42

Pinseria Palmovka is a small Czech restaurant specializing in pinsa and other food items, offering an online ordering platform for customers. The website is primarily in Czech and targets local customers seeking convenient online food ordering. The business appears to be recently established in 2021, with a focused hospitality industry presence. Technically, the website uses modern JavaScript modules and CSS custom properties but lacks advanced frameworks or CMS. Hosting is likely provided by Wedos, a Czech hosting provider. Security posture is basic with no detected security headers or incident response information, and privacy compliance is limited with no cookie consent mechanism despite a privacy policy link. The website content is safe and appropriate for general audiences, with no adult or questionable content detected. Overall, the site is functional and professional but would benefit from enhanced security and privacy features.