Security Directory

B

Bookio

bookiopro.com

62

BookioPro is a specialized online reservation and restaurant management system targeting restaurant owners and managers. The platform offers a comprehensive suite of tools including reservation books, online booking, guest management, statistics, and advanced features such as gift vouchers and event management. The business model is SaaS-based with a 30-day free trial to attract new customers. The website is professionally designed with consistent branding and clear navigation, supporting multiple languages and mobile optimization. Technically, the site leverages established front-end libraries like Bootstrap and Font Awesome, integrates Google Analytics and Tag Manager for tracking, and uses Smartsupp for live chat support. Cookie consent is managed via CookieYes with granular user controls, indicating a basic level of privacy compliance. However, no explicit privacy policy page was found, and WHOIS data for the domain is missing, which raises concerns about domain legitimacy. From a security perspective, the site uses HTTPS (assumed from external scripts loaded via HTTPS), but no security headers were detected in the provided data. The use of third-party scripts introduces potential risks that should be regularly audited. No incident response or security policy information is publicly available, which is a gap in transparency and preparedness. Overall, the website presents a solid business offering with good technical implementation but has room for improvement in security posture and privacy transparency. The lack of WHOIS data and explicit privacy policies slightly reduce trustworthiness. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and security policies, and verifying domain registration details to improve credibility.

L

Litea Solution s.r.o.

usbmedia.cz

60

USB Media, operated by Litea Solution s.r.o., is a Czech-based company specializing in the custom manufacturing and sale of promotional USB flash drives and IT-related corporate gifts. Established in 2010, the company offers a range of services including laser engraving, printing on flash drives, and production of IT gadgets such as Bluetooth speakers and wireless chargers. Their market position is that of a specialized provider catering primarily to business clients seeking unique promotional items. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, supporting a positive user experience. Technically, the website is built on WordPress and leverages modern web technologies including jQuery, Google Analytics, Google reCAPTCHA, and Owl Carousel. It uses Google Fonts and integrates Google Maps API for location services. Performance is moderate with good mobile optimization, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA on its contact form, which helps mitigate spam and abuse. However, it lacks important security headers such as Content-Security-Policy and X-Frame-Options, which could enhance protection against common web attacks. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is weak due to the absence of a privacy policy and cookie consent mechanism, which is a notable gap given GDPR requirements. Overall, the website is trustworthy and legitimate, supported by consistent WHOIS data showing domain registration since 2010. Contact details are transparent with dedicated customer service representatives. The site does not contain any adult or questionable content and targets a general business audience. Strategic improvements in privacy compliance and security headers would enhance the site's security posture and regulatory adherence.

The website www.jakubfiser.com is currently inaccessible, returning a 403 Forbidden error page with no accessible content. The domain appears unregistered or inactive as the WHOIS query returned no matching record, and no registrar or registrant information is available. Consequently, no business, contact, or security-related information can be extracted or analyzed. The lack of HTTPS, security headers, and privacy policies further indicates a minimal or non-existent online presence. This severely limits any meaningful security or compliance evaluation. From a technical perspective, the site does not provide any metadata, scripts, or technologies to assess. The absence of content and blocking by the server suggests either a misconfiguration or intentional restriction of access. No analytics or advertising technologies are detected, and no contact or incident response information is available. Security posture is critically weak due to the lack of HTTPS, security headers, and the domain's apparent unregistered status. There are no indications of vulnerabilities or malicious content, but the site’s inaccessibility and lack of registration raise significant legitimacy concerns. Overall, the risk is high due to the inability to verify the domain or its content, and the site should not be trusted for business or personal use until proper registration and content deployment occur.

RogerOnline.cz is an online reservation system tailored for sports clubs, primarily tennis clubs, in the Czech Republic. The platform provides a centralized listing of numerous sports clubs with their contact details, addresses, and links to their official websites, facilitating court and facility bookings. The website targets sports clubs and their members, offering a niche service that supports club management and user convenience. The business model revolves around providing an online booking infrastructure for sports facilities, positioning itself as a regional service with a moderate market presence.

Č

Český tenisový svaz

cztenis.cz

46

Český tenisový svaz operates as the official national tennis federation of the Czech Republic, providing comprehensive services including player registration, tournament organization, rankings, and training for players, coaches, and referees. The website serves as a central hub for tennis-related information, official documents, and communication with the tennis community. It targets tennis players of all ages, clubs, and officials within the Czech Republic, positioning itself as the authoritative body in Czech tennis. Technically, the website uses a traditional tech stack with Bootstrap and jQuery, alongside Google Analytics for user tracking. While the site is functional and well-structured, it uses an outdated jQuery version which may expose it to security vulnerabilities. The site lacks visible cookie consent mechanisms and security headers, which are important for compliance and security best practices. From a security perspective, the site benefits from HTTPS and secure login forms but should update its JavaScript libraries and implement modern security headers. The WHOIS data confirms the domain's legitimacy and long-standing presence, reinforcing trust in the organization. Overall, the site is professional and trustworthy but could improve its security posture and privacy compliance. Recommendations include updating JavaScript libraries, implementing cookie consent banners, adding security headers, and enhancing privacy disclosures to align with GDPR requirements. These steps will improve user trust, security, and regulatory compliance.

L

Lektor Tance

lektortance.cz

49

The website www.lektortance.cz offers a specialized educational service focused on a requalification course for dance instructors accredited by the Czech Ministry of Education (MŠMT ČR). It targets amateur dancers with at least three years of experience and existing dance trainers seeking professional certification. The site provides detailed course information, schedules, pricing, and testimonials, positioning itself as a reputable provider in the Czech education sector for dance training. Technically, the website employs modern frontend technologies including Bootstrap 5, jQuery, and Lightbox, ensuring a responsive and user-friendly experience. The site is well-structured with clear navigation and good content quality. However, there is a lack of explicit privacy and cookie policies, which impacts compliance with GDPR and related regulations. No advanced analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site uses HTTPS (implied by the URL), but no security headers were detected in the provided data, suggesting room for improvement in security hardening. The absence of WHOIS data limits the ability to fully verify domain legitimacy, though the detailed alumni records and accreditation provide strong trust signals. Overall, the website is professional, content-rich, and trustworthy for its educational purpose but should enhance privacy compliance and security practices to improve its risk profile and regulatory adherence.

The website 'Tanečně společně 2025' appears to be a small community or event-focused site related to dance activities in the Czech Republic. The content is minimal and primarily informational, targeting a general audience interested in dance events. The site uses modern frontend technologies such as Bootstrap 5.3.3 and Font Awesome 7.1.0, indicating a basic level of technical maturity. However, there is no evidence of a content management system or advanced backend infrastructure. Security posture is limited, with no detected security headers or privacy policies, and no HTTPS verification data available. The absence of contact information and privacy compliance documents suggests room for improvement in trust and regulatory adherence. Overall, the site is accessible without WAF or blocking mechanisms, but lacks comprehensive security and privacy features.

The website 'Dance of Love 2025' appears to be a promotional site for an event or organization named 'Dance of Love' scheduled for 2025. The content is minimal and primarily focused on branding with limited descriptive information about the business model or services. The site targets a general audience, likely attendees or participants interested in the event. Technically, the site uses standard web technologies including jQuery, Bootstrap, and Font Awesome, indicating a basic but modern frontend infrastructure. However, there is no evidence of a content management system or advanced backend technologies. Security posture is weak due to the absence of security headers and lack of visible HTTPS configuration details. No privacy, cookie, or terms of service policies are present, which raises compliance concerns. The WHOIS data is unavailable, which limits the ability to verify domain legitimacy and ownership. Overall, the site is accessible without WAF or security challenges but lacks critical trust and compliance indicators.

Centrum tance s.r.o. operates the website TanecniDarky.cz, offering e-commerce sales of gift vouchers redeemable for a variety of dance and fitness classes. The business targets individuals seeking unique gifts for friends and family interested in physical activities such as salsa, zumba, ballet, yoga, and pole dance. The company has a local presence in Prague and Brno with over 25 years of experience, positioning itself as a trusted provider in the dance and fitness sector. Technically, the website uses modern frontend technologies including Bootstrap and jQuery, and integrates Google Analytics and Google Ads for marketing and tracking purposes. The site is mobile responsive and provides a good user experience with clear navigation and professional design. Security posture is moderate; HTTPS is implied but no explicit security headers were detected, and privacy compliance is lacking due to absence of privacy and cookie policies. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but does not contradict the professional presentation of the business. Overall, the website is functional and credible but would benefit from enhanced security and compliance measures.

G

Google

go.dev

63

The website go.dev is the official site for the Go programming language, an open source language developed and supported by Google. It serves as a comprehensive resource hub for developers, offering documentation, learning materials, downloads, and community engagement. The site is well-positioned in the technology sector as a leading programming language platform with strong industry adoption and backing by a major enterprise, Google. The content is highly relevant to software developers and teams focused on building scalable, secure systems. From a technical perspective, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates Google Tag Manager and Analytics for performance and user behavior tracking. The site is hosted on Google infrastructure, ensuring fast performance and excellent mobile optimization. Accessibility and SEO practices are well implemented, contributing to a positive user experience. Security-wise, the site enforces HTTPS and uses best practices such as asynchronous loading of analytics scripts. However, it lacks explicit security policy documentation and incident response contact information, which are recommended for transparency and trust. No vulnerabilities or exposed sensitive data were detected in the content. Privacy and cookie policies are present and link to Google's official policies, indicating good compliance with GDPR and related regulations. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity. The domain registration details align with the business claims, reinforcing legitimacy. Strategic recommendations include publishing dedicated security and incident response policies, enhancing security headers, and maintaining regular audits of third-party scripts to further strengthen security posture.

C

CarSoul

carsoul.cz

49

CarSoul.cz is a Czech-based automotive company specializing in operational leasing and sales of new and certified used vehicles. The company aggregates offers from multiple dealers, providing customers with a wide selection of cars including financing options. The website presents a professional and user-friendly interface with clear navigation, customer testimonials, and certifications such as CEBIA, indicating a trustworthy market presence. The target audience includes both individual customers and companies seeking fleet management solutions. Technically, the site employs modern JavaScript frameworks and libraries including Laravel Livewire, Swiper.js, and Google Tag Manager, supporting a responsive and interactive user experience. Security posture is moderate with HTTPS usage and cookie consent mechanisms in place, but lacks visible security headers and explicit privacy or security policies. WHOIS data for the domain is unavailable, which slightly impacts trustworthiness but does not detract from the overall professional presentation. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and verifying domain registration details to improve legitimacy and compliance.

F

Frenkee

frenkee.cz

59

Frenkee.cz is a Czech Republic-based fintech platform offering a comprehensive suite of online financial services including insurance (car, travel, life, property), loans (mortgages), and investment solutions. The platform emphasizes user-friendly online access, transparency, and customer empowerment, supported by AI-driven financial guidance through its Frenk.ai service. The website demonstrates a strong market presence with multiple partnerships with reputable insurance companies and extensive media coverage, enhancing its credibility and trustworthiness. Technically, the website employs modern web technologies such as Google Tag Manager, Swiper.js for carousels, and the Nette PHP framework for backend and form validation. The site is well-optimized for performance, mobile responsiveness, and accessibility, with good SEO practices and structured navigation. Security best practices are observed with HTTPS enforcement, secure form handling, and appropriate security headers, although explicit security policies and incident response information are not published. The security posture is solid with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-compliant privacy policies. However, the absence of WHOIS registration data reduces transparency and trust in domain ownership, which is a notable concern. Overall, the site is professional, trustworthy, and safe for general audiences seeking financial services online.

B

Bonavita, spol. s r.o.

bonavita.cz

46

Bonavita, spol. s r.o. is a leading Czech manufacturer specializing in breakfast cereals, oat flakes, and soy products. The company operates a professional website that supports its retail and e-commerce business models, including a bonus program and an online shop. The website is well-structured, with clear navigation and relevant content targeting general consumers interested in healthy breakfast options. Technically, the site employs modern frontend technologies such as Bootstrap, jQuery, and Owl Carousel, and integrates analytics and marketing tools like Google Analytics and Seznam Retargeting. While the website is mobile-optimized and user-friendly, there is room for improvement in security headers and accessibility compliance. The security posture is moderate, with HTTPS implied but no explicit security headers detected in the provided data. Privacy and cookie policies are present and GDPR compliant, reflecting a good privacy compliance stance. The absence of WHOIS data reduces transparency and slightly impacts trustworthiness, but the overall business credibility remains high due to clear contact information and professional presentation.

V

Velkopopovická Kozlovna - restaurace Velké Popovice

velkopopovickakozlovna.cz

62

Velkopopovická Kozlovna is a traditional restaurant located in Velké Popovice, Czech Republic, closely associated with the world-famous Velkopopovice brewery. The business offers authentic dining experiences featuring tank and unfiltered Kozel beer, group menus, event catering, conference spaces, accommodation, and brewery tours. The website reflects a small hospitality business with a local market focus, emphasizing traditional Czech cuisine and beer culture. Technically, the site is built on WordPress using the Divi theme, incorporating modern web technologies such as Google reCAPTCHA and Google Analytics, and hosted by Active24 with CDN support. The site is moderately performant, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is good with HTTPS enforced and spam protection, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a cookie consent banner present but no privacy policy or terms of service pages found. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business. The content is safe for general audiences except for alcohol-related content, which is appropriate for the hospitality sector.

R

Restaurace Pod Ledem Velké Popovice

restauracepodledem.cz

62

Restaurace Pod Ledem Velké Popovice is a small hospitality business specializing in restaurant dining, local brewery beer, and event hosting services located in Velké Popovice, Czech Republic. The website presents a professional and consistent brand image with clear contact information and social media presence. Technically, the site is built on WordPress using the Divi theme, with standard plugins for GDPR compliance and analytics. The site is moderately performant and mobile-optimized, with good SEO practices. Security posture is adequate with HTTPS and cookie consent, but lacks advanced security headers and vulnerability disclosure mechanisms. Privacy compliance is basic, with no explicit privacy policy or terms of service pages found. WHOIS data confirms domain legitimacy and consistency with the business location and history.

H

Hotel u Ledu*** / Wellness

hoteluledu.cz

62

Hotel u Ledu is a hospitality business located in Velké Popovice, Czech Republic, offering comfortable accommodation, wellness services, and gastronomic experiences. The website positions the hotel as an ideal location for both leisure and corporate events, targeting a general audience seeking quality hospitality services. The business appears to be small-sized and has been operating since 2015, with a consistent brand presence and good content quality on its website. Technically, the website is built on WordPress using the Divi theme, leveraging modern web technologies such as Google Tag Manager and Google Analytics for tracking and marketing purposes. The site demonstrates good SEO practices, mobile optimization, and basic accessibility features. Hosting and domain registration are consistent with the business location and sector, indicating a stable digital infrastructure. From a security perspective, the website uses HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers and incident response policies are not evident, suggesting room for improvement in security posture. No vulnerabilities or suspicious activities were detected in the content or technical setup. Overall, the website presents a professional and trustworthy online presence for the hotel business, with moderate tracking and marketing tools in use. Strategic recommendations include enhancing security headers, publishing clear security and incident response policies, and maintaining regular updates to the CMS and plugins to mitigate potential vulnerabilities.

B

Bohemia

bohemiachips.cz

44

Bohemia Chips is a Czech snack food brand specializing in potato chips and related products, with a strong market presence supported by official partnerships such as with Czech hockey. The website is built on WordPress and uses a variety of modern web technologies and plugins to deliver a visually appealing and content-rich experience. While the site is well-designed and mobile-optimized, it lacks explicit privacy and terms of service pages, which are important for compliance and user trust. Security posture is moderate with HTTPS enabled but missing key security headers and vulnerability disclosure mechanisms. The absence of WHOIS data raises concerns about domain registration legitimacy, though the website content and branding appear professional and consistent with a legitimate business.

My Prints is a Czech Republic based small business specializing in textile branding and printing services with 25 years of industry experience. The company offers a range of printing technologies including screen printing, digital printing, embroidery, and patches, catering to orders from single pieces to large volumes. The website is professionally designed using WordPress and WooCommerce, hosted likely by Websupport, and provides clear contact information and references to build trust. However, the site lacks privacy and cookie policies, security headers, and incident response information, which are important for compliance and security posture. The domain registration data is consistent with the business claims and location, enhancing legitimacy.

O

Obecní úřad Velké Popovice

velkepopovice.cz

47

Velké Popovice's official municipal website serves as a comprehensive portal for local residents and visitors, providing essential information such as public notices, contact details, event calendars, and citizen services. The site is positioned as a trusted local government resource with a clear focus on community engagement and transparency. Technically, the website employs a modern CMS (vismo), uses HTTPS, integrates Google Analytics with consent management, and includes accessibility and mobile optimization features. Security measures include the use of Google reCAPTCHA on forms and cookie consent banners, though explicit security policies and headers could be improved. The absence of WHOIS data limits domain trust assessment, but the website's content and contact information strongly indicate legitimacy. Overall, the site is well-maintained, user-friendly, and compliant with privacy regulations, making it a reliable digital presence for the municipality.

S

STŘÍDA SPORT s. r. o.

stridasport.cz

64

STŘÍDA SPORT s. r. o. operates a specialized retail e-commerce platform focused on hockey equipment, apparel, and accessories primarily serving the Czech and Slovak markets. The company offers a broad product range including skates, goalie gear, sticks, helmets, gloves, protective equipment, bags, and fan apparel. The website supports customer accounts and integrates multiple social media channels to engage its target audience of hockey players and enthusiasts. Technically, the site is built on the PrestaShop CMS platform, utilizing modern web technologies such as jQuery, Google Tag Manager, and Leaflet.js for mapping store locations. The site is mobile-optimized and demonstrates good navigation and content quality. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and policies are missing. The absence of WHOIS registrant data limits full domain trust verification, but the website content and structure indicate a legitimate business. Privacy policy and terms of service are not explicitly found, suggesting room for compliance improvement.

Č

Český svaz ledního hokeje & eSports.cz, s.r.o.

pojdhrathokej.cz

45

The website 'Pojď hrát hokej' is a Czech initiative focused on promoting ice hockey among children and their parents. It organizes events such as 'Týden hokeje' and provides resources to find local hockey clubs and information on equipment. The site is supported by reputable partners including Kaufland and Český hokej, indicating a strong market position within the Czech sports non-profit sector. The business model centers on community engagement and sports promotion rather than commercial sales. Technically, the website employs a modern tech stack including Bootstrap for responsive design, jQuery, Google Tag Manager, Facebook Pixel, and Google Analytics for tracking and marketing. Hosting appears to be managed by REG-ZONER, a Czech registrar and hosting provider. The site is mobile-optimized with good navigation and basic accessibility features, though some SEO and security header enhancements could be made. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policies, incident response contacts, and security.txt files. No critical vulnerabilities or exposed sensitive data were detected. Tracking is moderate, using common analytics and marketing tools. Overall, the website is professional, trustworthy, and safe for general audiences, with a strong focus on sports promotion. Recommendations include improving security headers, publishing security policies, and adding incident response information to enhance trust and compliance.

P

PAMAX

pamax.cz

50

PAMAX is a traditional Czech family-owned business specializing in the custom manufacture and retail of beds, mattresses, and furniture with a focus on health-certified products. Established in 1997, the company leverages its long-standing expertise to serve customers seeking high-quality, tailor-made sleep and home comfort solutions. The website reflects a professional e-commerce platform built on PrestaShop, integrating modern tracking and marketing tools such as Google Analytics and Facebook SDK. Contact information and social media presence are clearly provided, enhancing customer trust and engagement. Security posture is solid with HTTPS and secure forms, though improvements are recommended in security headers and privacy consent mechanisms. Overall, PAMAX demonstrates a credible and mature digital presence aligned with its business history and market positioning.

The website at notfound.com presents minimal content primarily consisting of an embedded iframe sourced from an external domain with obfuscated parameters, likely serving advertising or tracking purposes. There is no visible business information, contact details, or user interaction elements, indicating the site is either a placeholder or used for ad delivery rather than a legitimate business presence. The domain is registered since 1996 with Network Solutions, which suggests legitimacy in registration, but the website content does not reflect a mature or professional business. Technically, the site lacks modern web development best practices, with no metadata, no structured data, no security headers, and no DNSSEC enabled. The SSL configuration is basic, and no HTTPS redirect is evident. Mobile optimization and accessibility are poor due to the minimal and non-structured content. The presence of tracking pixels and an iframe with complex URL parameters indicates extensive user tracking without transparency or consent mechanisms. From a security perspective, the site does not implement standard security headers or privacy policies, exposing visitors to potential risks from third-party content. There is no evidence of incident response readiness or certifications. The overall security posture is weak, and privacy compliance is non-existent. The domain's age supports legitimacy, but the website's lack of business information and poor content quality reduce trustworthiness significantly. Overall, the site scores low on content quality, technical implementation, security posture, privacy compliance, and business credibility. It is recommended to avoid engagement with this site until it improves transparency, security, and content quality.

P

Pic-Time

pic-time.com

65

Pic-Time is a technology company specializing in providing professional photographers with an advanced online platform for photo galleries, print sales, and marketing automation. The company offers a comprehensive suite of services including AI-powered gallery search, video delivery, sales automation, and mobile app management, positioning itself as a niche leader in the photography SaaS market. The website is well-designed, mobile-optimized, and integrates multiple third-party tools for analytics, marketing, and customer support, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. The absence of WHOIS registration data is a notable concern for domain legitimacy, suggesting the need for further verification. Overall, Pic-Time presents a professional and trustworthy online presence with room for improvement in transparency and security disclosures.

S

Saratoga County Chamber of Commerce

saratoga.org

58

The Saratoga County Chamber of Commerce website serves as a regional hub for local business support, community engagement, and event promotion within Saratoga County, United States. The site targets local businesses and community members, offering services such as networking opportunities and promotional campaigns. The business model is membership-based, focusing on fostering local economic growth and community involvement. The website is professionally designed with consistent branding and good content quality, reflecting a small-sized organization with a clear regional focus. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, Yoast SEO Premium, and various analytics and tracking tools such as Google Analytics and Facebook Pixel. Hosting is supported by Azure CDN, contributing to moderate performance and good mobile optimization. SEO practices are well implemented with structured data and meta tags, although accessibility features are basic. From a security perspective, the site enforces HTTPS and includes some best practices such as reCAPTCHA integration. However, explicit security headers are not detected, and no vulnerability disclosure or incident response policies are present. The WHOIS data is privacy protected or unavailable, which is common for such organizations but slightly reduces transparency. Overall, the security posture is good but could be improved with enhanced headers and formal policies. The overall risk assessment indicates a legitimate and professionally maintained website with moderate user tracking and some gaps in privacy compliance. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and establishing vulnerability disclosure mechanisms to improve trust and compliance.

I

Innovation Center at Saratoga

innovationcentersaratoga.org

50

The Innovation Center at Saratoga operates as a regional business incubator focused on fostering startups and entrepreneurial growth in the Saratoga area. The website provides basic information about its services and mission but lacks comprehensive privacy, cookie, and security policies. Technically, the site is built on WordPress using the Divi theme and WooCommerce, with Google Analytics integrated for visitor tracking. While HTTPS is enabled and domain registration is consistent with the business age, the absence of DNSSEC and security headers indicates room for improvement in security posture. The lack of visible contact information and privacy compliance elements suggests a need for enhanced transparency and user trust mechanisms. Overall, the site is functional but would benefit from stronger security and privacy practices to align with modern compliance standards.

R

ResponsiveAds

responsiveads.com

65

ResponsiveAds is a mature technology company specializing in creative automation for digital advertising, offering a comprehensive suite of tools and services to brands, agencies, and publishers. Their platform supports high-impact, fluid HTML5 ads across multiple channels including web, mobile, DOOH, and CTV, with advanced analytics and dynamic creative optimization capabilities. The website reflects a professional and well-branded presence with extensive case studies and trusted partner logos, indicating strong market positioning. Technically, the website is built on WordPress with modern frameworks like Elementor and Yoast SEO, hosted on AWS infrastructure. It integrates multiple advertising and analytics technologies such as Google Tag Manager, DoubleClick, StackAdapt, and Microsoft Clarity. The site is mobile-optimized, accessible, and employs a detailed cookie consent mechanism compliant with GDPR principles. From a security perspective, the site uses HTTPS with good SSL configuration and standard security practices including bot management and secure cookies. However, it lacks DNSSEC and explicit security headers, and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements include enhancing security headers, publishing privacy and security policies, and adding vulnerability disclosure information to further strengthen trust and compliance.

Z

Základní škola Černošice, příspěvková organizace

zscernosice.cz

40

Základní škola Černošice is a public primary school located in the Czech Republic, providing comprehensive educational services including various extracurricular activities and community engagement programs. The website serves as an information portal for students, parents, and the local community, offering news, event calendars, and access to class information. The school positions itself as a key local educational institution with a focus on active learning and community involvement. Technically, the website is built on WordPress CMS with common plugins such as Event Organiser and Responsive Lightbox, and uses Bootstrap for responsive design. The site is moderately optimized for performance and mobile devices, with basic accessibility features. Security is implemented via HTTPS, but lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in compliance and security posture. From a security perspective, the site shows no immediate vulnerabilities or exposed sensitive data, but the absence of WHOIS data and lack of explicit privacy and security policies reduce overall trustworthiness. No incident response or vulnerability disclosure information is provided, which could be a concern for transparency and security readiness. Overall, the website is functional and professional for its educational purpose but would benefit from enhanced privacy compliance, security best practices, and improved transparency regarding domain registration and data protection policies.

N

Nemocnice Na Františku

nnfp.cz

48

Nemocnice Na Františku is a modern healthcare institution located in the heart of Prague, Czech Republic. The hospital offers a wide range of medical services including inpatient and outpatient care, emergency services, plastic surgery, orthopedics, and rehabilitation. It positions itself as a leading healthcare provider with a focus on professional care, modern equipment, and patient comfort. The website reflects a well-structured digital presence with clear navigation, patient testimonials, and social media engagement. Technically, the website is built on WordPress 6.8 using Oxygen Builder and integrates common libraries such as jQuery and FontAwesome. It employs cookie consent mechanisms and GDPR-compliant privacy policies, indicating awareness of privacy regulations. Performance is moderate with good mobile optimization, though some security headers are missing which could be improved. From a security perspective, the site uses HTTPS and includes cookie consent but lacks explicit security headers like Content-Security-Policy and X-Frame-Options. No critical vulnerabilities were detected in the visible content. The absence of WHOIS data reduces trustworthiness slightly but the presence of certifications, social media, and professional content supports legitimacy. Overall, the website is professional and trustworthy with room for technical and security enhancements. Strategic recommendations include implementing comprehensive security headers, improving WHOIS transparency, and enhancing accessibility features.

W

Working Chance

workingchance.org

57

Working Chance is a UK-based non-profit charity dedicated to supporting women with convictions to find employment and education opportunities. The organization provides tailored support including CV preparation, interview coaching, confidence building, and employer training. It holds a unique market position as the only UK charity solely focused on this demographic, working closely with employers and policymakers to break down barriers and stigma. The website reflects a professional and consistent brand with excellent content quality and user experience. Technically, the site uses modern analytics tools and is hosted on DigitalOcean with a CDN, showing moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is good with clear cookie and privacy policies. Overall, the domain registration data supports the legitimacy and trustworthiness of the organization.

VEBO is a small non-profit association based in Switzerland focused on the development of probation services in Eastern Europe. Founded approximately 15 years ago by professionals from the Canton of Zürich, it supports penitentiary system development projects in countries including the Czech Republic, Romania, Georgia, and Greece. The organization provides expertise and fundraising assistance to both state and private institutions. The website reflects a professional and consistent brand with clear content targeted at probation service professionals and related NGOs. Technically, the site is built on the Contao CMS platform using common JavaScript libraries for UI enhancements. It is mobile-optimized and performs moderately well. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies. WHOIS data is unavailable due to TLD restrictions, but the domain usage aligns with the organization's stated history and purpose. Overall, the website is trustworthy and suitable for its audience, though improvements in security transparency and contact options could enhance credibility.

S

Statutární město Děčín

mmdecin.cz

51

The website www.mmdecin.cz serves as the official web portal for the statutory city of Děčín in the Czech Republic. It provides municipal information, public service announcements, and downloadable documents for residents and visitors. The site is positioned as a government entity portal with a focus on local governance and community services. The target audience primarily includes city residents and stakeholders interested in municipal affairs. Technically, the website is built on the Joomla CMS platform, utilizing common web technologies such as jQuery, Bootstrap, and Font Awesome. It incorporates Google reCAPTCHA for form security and implements a cookie consent mechanism, indicating awareness of privacy regulations such as GDPR. The site demonstrates moderate performance and good mobile optimization, though accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. However, it lacks visible security headers and does not publish explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The absence of WHOIS data is likely due to privacy protection, which is common and justifiable for government domains. Overall, the website presents a professional and trustworthy front for the city government, with room for improvement in privacy policy transparency, security header implementation, and accessibility compliance. The risk level is low, but strategic enhancements in security posture and compliance documentation are recommended.

G

Gebrüder Weiss

gw-world.com

61

Gebrüder Weiss is a globally operating full-service logistics provider specializing in transport, supply chain management, warehousing, and digital logistics solutions. The company holds a strong market position in Europe with a broad international footprint and a comprehensive portfolio of services tailored to both business and private customers. Their website reflects a mature digital presence with multi-language support and extensive service information. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including lazy loading, consent management via Usercentrics, and Google Tag Manager for analytics and marketing. The site is well-optimized for performance, mobile responsiveness, and accessibility, indicating a high level of digital maturity. From a security perspective, the site enforces HTTPS and integrates cookie consent mechanisms, but lacks visible security headers and a public incident response or vulnerability disclosure policy. The WHOIS data is missing or unavailable, which is unusual for an enterprise-grade domain and warrants further investigation. Overall, the security posture is good but could be improved with additional headers and transparency. The overall risk assessment is moderate with strong business credibility and technical implementation but some concerns around domain registration transparency. Strategic recommendations include enhancing security headers, publishing incident response contacts, and clarifying domain registration details to improve trust and compliance.

A

Alteryx

alteryx.com

76

Alteryx is a leading enterprise technology company specializing in AI-ready data analytics and automation platforms. Their flagship product, Alteryx One, offers a no-code AI analytics platform designed to unify data and automate analytics workflows, targeting data analysts and business intelligence professionals. The company maintains a strong market position with a professional and well-branded online presence, supported by verified social media channels and comprehensive digital content. Technically, the website is built on WordPress and leverages modern technologies such as jQuery, Google Tag Manager, Hotjar, and NitroPack for performance optimization. The site is mobile-optimized, fast-loading, and SEO-friendly, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, implements standard security headers, and uses cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. The WHOIS data is unavailable or obscured, which slightly reduces trust but is offset by the professional site and brand presence. Overall, the website demonstrates a high level of professionalism, security, and compliance suitable for an enterprise technology provider.

S

Stavby mostů a.s.

smp.cz

64

Stavby mostů a.s. is a Czech Republic-based medium-sized company specializing in the construction and reconstruction of bridges including motorways, roads, rail bridges, flyovers, and footbridges. The company has a history of 21 years in business and is affiliated with the parent company VINCI Construction CS. Their key services include monolithic, reinforced-concrete, prestressed-concrete, steel, timber, prefabricated, cable-stayed, and suspension bridges. The website reflects a professional and consistent brand image with clear contact information and social media presence. Technically, the site uses Solidpixels CMS, modern JavaScript libraries, and Google Tag Manager for analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent but lacks some security headers and explicit security policies. WHOIS data is unavailable, which slightly reduces trust but the overall legitimacy is supported by the professional presentation and parent company affiliation.

L

Lady Virtual

ladyvirtual.cz

44

Lady Virtual is a small Czech-based SEO consultancy led by Michaela Matanelli, specializing in SEO, linkbuilding, copywriting, and keyword analysis with over 15 years of experience. The website presents a professional image with clear service offerings, client testimonials, and certifications such as Google Analytics Individual Qualification. Technically, the site is built on WordPress with modern plugins and tracking tools, including Google Tag Manager and Smartlook, and implements GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS enforced and consent-based data collection, though some security headers could be improved. The absence of WHOIS data suggests privacy protection, which is typical for small consultancies. Overall, the site is trustworthy, well-structured, and compliant with privacy regulations.

The website joblungo.cz is currently a parked domain with no active business content. It displays a simple domain-for-sale message and embeds an external iframe from unrelated third-party domains. The site lacks any privacy, cookie, or terms of service policies, and no contact information or company branding is present. Technically, the site uses basic HTML and JavaScript with external advertising and tracking scripts but does not demonstrate modern web development practices or security best practices such as HTTPS enforcement or security headers. The security posture is weak due to the absence of these protections and the use of external iframes which may pose risks. Overall, the site is low trust and low quality, serving primarily as a placeholder for domain sale rather than an operational business website.

P

Pudeto

pudeto.cz

48

Pudeto is a Czech-based online marketing agency founded in 2019, specializing in outsourced marketing services for e-commerce and online businesses. They offer PPC, web analytics, social media marketing, audits, and email marketing, supported by proprietary tools such as Pobo.cz and Cenový automat. The website is professionally designed using WordPress with the Enfold theme and optimized for performance and mobile devices. Security posture is good with HTTPS and reCAPTCHA integration, but lacks explicit privacy and cookie policies. Contact is primarily via a contact form, with no direct emails or phone numbers publicly listed. The domain registration data aligns well with the business claims, indicating legitimacy.

The website fairshop.cz is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block. The landing page is a standard Cloudflare block message indicating that the visitor's actions triggered security rules, preventing access to the site content. As a result, no business information, contact details, or policies are available for analysis. The domain was registered very recently in April 2024, which may indicate a new or not yet fully operational business. The technical infrastructure relies on Cloudflare for DNS and security services. Due to the block, the website's security posture cannot be fully assessed, but the lack of visible security headers or policies is noted. Overall, the site currently presents a high risk for users due to inaccessibility and lack of transparency.

Č

České priority, z. ú.

ceskepriority.cz

67

České priority is a Czech non-profit think tank dedicated to supporting informed decision-making in public policy by integrating scientific knowledge and quality analysis. The organization collaborates with public administration, academic, non-profit, and research sectors to conduct research, provide support, and propose systemic changes. Their portfolio includes projects such as foresight, forecasting for policy (FORPOL), and strengthening analytical capacities in government. The website reflects a professional and consistent brand image with clear navigation and relevant content targeted at stakeholders in public policy and governance. Technically, the website is built on the Solidpixels CMS platform, utilizing modern JavaScript libraries and frameworks such as Swiper, Fancybox, and AOS for enhanced user experience. The site is mobile-optimized and employs HTTPS with good SSL configuration, though it lacks some security headers that could further harden its security posture. Cookie consent mechanisms are implemented, indicating awareness of privacy compliance, although explicit privacy and terms of service pages are not found. From a security perspective, the site demonstrates good practices with HTTPS and no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and vulnerability disclosure information suggests room for improvement. The WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is understandable for a non-profit entity. Overall, the site is trustworthy, professional, and serves its informational purpose effectively.

Y

Yellow Ribbon

yellowribbon.cz

64

Yellow Ribbon is a Czech non-profit organization dedicated to supporting the social reintegration of individuals after serving prison sentences. Through sports and awareness campaigns, they aim to reduce recidivism and provide second chances. The organization has a medium-sized presence in the Czech Republic with a history dating back to 2015 and maintains active partnerships and media visibility. Technically, the website is built on Webflow, uses Cloudflare for security and performance, and integrates Google Analytics and Cookiebot for privacy compliance. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data due to privacy protection is typical for non-profits but reduces transparency. Overall, the website is professional, trustworthy, and compliant with GDPR regulations.

N

Nadace 3WFoundation

3wfoundation.org

49

3WFoundation is a philanthropic foundation established in early 2022 by the Wałach brothers and their families, focusing on supporting Christian, charitable, cultural, and local community projects primarily in the Czech Republic and Central/Eastern Europe. The foundation emphasizes strategic philanthropy grounded in Christian values such as love, solidarity, and forgiveness, aiming for impactful societal change. The website presents clear information about the foundation's mission, supported projects, and founders, with content available in Czech, English, and Polish. Technically, the site uses modern web technologies including jQuery, Google Fonts, and Google Analytics, and implements a cookie consent mechanism compliant with GDPR principles. However, it lacks a dedicated privacy policy and terms of service pages, which are important for full compliance and transparency. Security-wise, the site uses HTTPS but does not show advanced security headers or incident response information.

K

Konecta

konecta-group.com

60

Konecta is an established enterprise-level company specializing in AI-powered customer and employee experience solutions. Founded in 1997, it operates globally with a strong focus on integrating human and AI agents to enhance interactions. The company offers a broad portfolio including AI & GenAI services, customer experience, digital marketing, employee experience, and advisory consulting. The website reflects a mature digital presence with multilingual support and professional branding. Technically, the site is built on HubSpot CMS, leveraging modern JavaScript modules, Google Fonts, and analytics tools like Google Analytics and HubSpot Analytics. Security posture is good with HTTPS enforced and domain protections in place, though improvements are possible in DNSSEC and security headers. Privacy compliance is partially addressed with a cookie consent banner but lacks explicit privacy and terms of service pages. Overall, the website is professional, trustworthy, and well-positioned in its market segment.

P

PROJEKT 23

projekt23.cz

39

PROJEKT 23 is a Czech non-profit initiative focused on crime prevention, social issues such as bullying, drugs, domestic violence, and providing support through storytelling, videos, and an assistance helpline. The project operates independently without corporate or institutional funding and collaborates with governmental and non-governmental organizations. Their key services include a YouTube channel, educational lectures, crime prevention projects, and an assistance hotline. The website demonstrates a consistent brand and professional content aimed at a general audience interested in social welfare and prevention. Technically, the site uses modern web technologies including optimized YouTube embeds and FontAwesome icons, with good mobile responsiveness and SEO practices. However, no privacy or cookie policies were found, and WHOIS data for the domain is unavailable, limiting trust assessment. Security headers and SSL configuration details are not provided, but HTTPS usage is implied. Overall, the site is credible and trustworthy based on content and partnerships, though improvements in privacy compliance and security transparency are recommended.

H

Heimstaden

heimstaden.cz

51

Heimstaden.cz is a professionally maintained real estate website focused on rental apartments, commercial spaces, and new construction projects primarily in the Moravskoslezský region of the Czech Republic. The company is part of the larger Heimstaden group, a significant player in the European real estate market. The website offers a user-friendly experience with clear navigation, modern design, and multiple customer support channels. Technically, the site uses modern frameworks such as Next.js and is hosted on Microsoft Azure, ensuring reliable performance and scalability. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with visible privacy and cookie policies and consent mechanisms. Overall, the site reflects a mature digital presence suitable for a large real estate company.

E

EOS

eosclub.app

54

EOSclub.app is a well-established SaaS platform specializing in sports club and association management. It offers a comprehensive suite of tools including member database management, payment processing linked to e-banking, communication channels, attendance tracking, match nominations, GDPR-compliant registration, document sharing, and mobile applications for iOS and Android. The platform targets a broad range of sports clubs, from small to large organizations, and boasts over 222,000 active members and 980+ clubs across 71 sports, positioning itself as a significant player in the sports management software market. Technically, the website employs modern JavaScript frameworks such as Alpine.js and Swiper.js, integrates analytics tools like Google Tag Manager and Hotjar, and uses a custom CMS hosted on eoscz.eoscms.zone. The site is well-optimized for mobile devices, features fast loading times, and demonstrates good SEO and accessibility practices. The presence of cookie consent mechanisms indicates attention to privacy compliance, although explicit privacy and terms of service documents are not found. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. No vulnerabilities or exposed sensitive data were detected in the HTML content. However, the absence of published security policies, incident response contacts, and vulnerability disclosure mechanisms suggests areas for improvement in security transparency and readiness. Overall, EOSclub.app presents a professional, trustworthy, and technically mature platform with strong business credibility. To enhance its security posture and privacy compliance, it should publish clear privacy policies, terms of service, and security incident contacts. These steps will further solidify trust and compliance with regulatory standards.

T

Tritón Pardubice, spol. s r. o.

satniskrinky.cz

41

Tritón Pardubice, spol. s r. o. operates the website satniskrinky.cz, specializing in the development and manufacturing of equipment for changing rooms, workshops, and offices, including lockers, boxes, and related furniture. The company has an established market presence since 2009 and targets businesses and organizations requiring such equipment. The website reflects a professional e-commerce platform built on WordPress with WooCommerce and Elementor, providing a comprehensive product catalog and clear navigation. Social media integration and compliance with GDPR through detailed privacy and cookie policies demonstrate digital maturity. Security posture is strong with HTTPS enforcement and standard security headers, though the absence of a dedicated security policy or incident response contact suggests room for improvement. Overall, the site is trustworthy, well-branded, and compliant, supporting the company's business objectives effectively.

Chemie Akademie is a specialized educational institution in Austria focusing on chemistry education and training. It offers full-time, part-time, and continuing education programs tailored to students, apprentices, and professionals. The academy maintains strong partnerships with industry and research institutions, providing practical and career-oriented learning experiences. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, it is built on WordPress with modern frameworks like Vuetify and uses popular plugins for forms and GDPR compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site demonstrates good privacy compliance and business credibility with clear contact information and trust signals. No critical vulnerabilities or blocking mechanisms were detected, making it a trustworthy and well-maintained platform.

P

Pädagogische Hochschule Steiermark

phst.at

47

Pädagogische Hochschule Steiermark is a regional higher education institution in Austria specializing in teacher education and professional development. The website provides comprehensive information about degree programs, continuing education, research activities, and international mobility opportunities. It targets students, educators, and academic professionals primarily in the Styria region. The institution maintains a consistent and professional online presence with clear navigation and rich content tailored to its audience. Technically, the website is built on TYPO3 CMS with modern front-end technologies such as Bootstrap and Swiper.js. It uses Matomo analytics to track user interactions while respecting privacy. The site is mobile-optimized and accessible, with good SEO practices. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforced and cookie consent implemented. However, there is no explicit security policy or incident response contact information published. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a comprehensive privacy policy and cookie management. Overall, the website is trustworthy, professional, and well-maintained, reflecting the institution's credibility and commitment to education. Strategic improvements in security transparency and technical performance could further enhance its posture.

F

FH JOANNEUM

fh-joanneum.at

73

FH JOANNEUM is a well-established Austrian higher education institution specializing in applied sciences, offering a broad range of bachelor, master, and continuing education programs. The website targets prospective and current students, alumni, companies, and researchers, providing comprehensive information about study programs, research activities, and services. The institution maintains a strong regional presence with a consistent brand identity and professional online representation. Technically, the website is built on WordPress, leveraging modern web technologies such as jQuery and Alpine.js, and enhanced with plugins for SEO, multilingual support, and cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the website enforces HTTPS, implements essential security headers, and uses a cookie consent mechanism compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a publicly accessible privacy policy, terms of service, and incident response contacts indicates areas for compliance and transparency improvement. Overall, FH JOANNEUM's website reflects a mature digital presence with solid security and technical foundations. Strategic enhancements in privacy documentation and security communication would further strengthen trust and regulatory compliance.