Security Directory

P

Sign in - Matomo

pubmetrics.online

52

The website pubmetrics.online serves as a login portal for the Matomo analytics platform, a free and open-source web analytics solution. The platform targets website administrators and analytics users who require detailed visitor tracking and reporting capabilities. The domain is newly registered in 2023 and hosted by One.com, indicating a relatively new deployment of the service. The site’s content is minimal, focusing primarily on user authentication to access analytics data.

T

Technická správa komunikací hlavního města Prahy, a.s.

zpspraha.cz

56

The website parking.praha.eu serves as the official portal for parking options in Prague, managed by Technická správa komunikací hlavního města Prahy, a.s., a government-affiliated entity. It provides comprehensive information on short-term, long-term, and special parking options, including online payment services and permit management. The site targets residents, visitors, and business owners in Prague, positioning itself as the authoritative source for parking-related services in the city. Technically, the website is built on WordPress 6.8.2 with modern JavaScript libraries such as jQuery and ApexCharts for interactive content. SEO is well implemented using Yoast SEO, and the site is mobile-optimized with responsive design. Cookie consent mechanisms and privacy policies are in place, reflecting good digital maturity and GDPR compliance. From a security perspective, the site enforces HTTPS and uses cookie consent banners, but lacks explicit security headers like Content-Security-Policy or X-Frame-Options. No visible vulnerabilities or exposed sensitive data were detected. The absence of explicit incident response or vulnerability disclosure pages suggests room for improvement in security transparency. Overall, the website presents a professional, trustworthy, and user-friendly interface with strong business credibility. The domain is privacy-protected under EURid, which is justified given the government affiliation. The site is safe for general audiences and free from adult or questionable content.

The website at eoscms.cz is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. This prevents any detailed analysis of the company's business offerings, policies, or technical infrastructure. The domain is registered since 2019 with a Czech registrar and hosted by cesky-hosting.cz, indicating a legitimate regional presence. However, the lack of accessible content and absence of privacy, cookie, or contact information severely limits the ability to assess the company's market position or compliance posture. From a security perspective, the site does not expose any data or scripts, but the lack of visible security headers or SSL details is a concern. Overall, the site is effectively blocked, resulting in a low AI score and incomplete analysis.

E

Platforma EOS pro sportovní kluby a jiné organizace | eos.cz

eos.cz

53

EOS.cz is a Czech-based SaaS platform designed to streamline administration, communication, and web presence for sports clubs and other organizations such as communities, associations, and clubs. The platform offers a comprehensive suite of tools including member management, payment processing, communication channels, attendance tracking, nominations, electronic applications, GDPR compliance features, document sharing, and mobile applications. It serves a significant user base with over 222,000 active members and 980+ clubs across 71 sports, positioning itself as a leading solution in its niche. The website is professionally designed, mobile-optimized, and features rich multimedia content including video testimonials and app store badges, enhancing user trust and engagement. Technically, the site employs modern JavaScript frameworks like Alpine.js and Swiper.js, integrates analytics and tracking tools such as Google Tag Manager and Hotjar, and implements cookie consent mechanisms, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and standard security headers present, though explicit privacy policies and terms of service documents are not found, representing an area for improvement. WHOIS data is unavailable, which slightly impacts domain trustworthiness, but the overall professional presentation and extensive client testimonials support legitimacy. No adult or questionable content is present, making the site safe for general audiences.

P

Profit Visions s.r.o.

profit-visions.com

58

LINK-V is a small technology company based in the Czech Republic, specializing in bespoke web and mobile app development, digital automation, and business management solutions. Their offerings include Timeless Web and App services, as well as Grace Engine and Grace Manager tools designed to streamline development workflows and business operations. The company positions itself as an innovator blending technology, automation, and style to deliver future-proof digital products with ongoing support. Technically, the website is built with modern HTML5, CSS3, and JavaScript technologies, featuring custom scripts and SVG graphics. The site is well-structured, mobile-optimized, and includes tracking via a proprietary analytics service (data.grace.link). However, no major CMS or hosting provider details are disclosed. Performance is moderate, with good navigation and SEO practices. From a security perspective, the site uses HTTPS but lacks visible security headers and published security policies. The contact form uses POST method, indicating basic secure data submission. No vulnerabilities or exposed sensitive data were detected, but privacy and cookie policies are missing, representing compliance gaps. WHOIS data is limited due to TLD restrictions and privacy protection, but the domain appears legitimate with consistent company contact details. Overall, the website demonstrates a professional and credible business presence with moderate technical maturity and security posture. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance trust and reduce risk.

T

DropCatch.com

thisisgarcy.com

54

The website at dropcatch.com appears to be a platform focused on securing expiring domain names, targeting domain investors and buyers. However, the current accessible content is minimal, consisting primarily of a placeholder Angular app-root element with no visible user-facing content or business details. The WHOIS data for the domain is unavailable or indicates the domain is not registered, which raises significant concerns about the legitimacy and operational status of the site. Technically, the site uses modern frameworks such as Angular and integrates Google reCAPTCHA Enterprise for bot protection, but lacks visible security headers, privacy policies, or contact information. Overall, the security posture is weak due to missing critical elements, and the site appears to be either blocked, under development, or a placeholder.

V

VOLEJBAL.CZ

volejbal.cz

42

VOLEJBAL.CZ is a Czech-language volleyball sports portal providing news, league information, event calendars, and video content targeted at volleyball enthusiasts in the Czech Republic. The website features a consistent branding and offers various volleyball-related resources including links to partner sites and official volleyball organizations. Technically, the site uses jQuery, Google Analytics, and Google Adsense, hosted by Saturn-Toya s.r.o. The site is moderately optimized for mobile and SEO, with a good user experience and clear navigation. Security posture is basic with no detected security headers and unknown SSL configuration. Privacy and cookie policies are absent, indicating compliance gaps. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is not uncommon for small media portals. Overall, the site is safe, professional, and serves its niche audience well.

P

Pizza SCUOLA

pizzascuola.cz

54

Pizza SCUOLA is a Czech-based supplier specializing in premium authentic Italian ingredients and equipment for professional pizza kitchens. The company targets restaurants, pizzerias, and wholesale partners, offering a comprehensive range of products including flour, tomatoes, cheeses, and pizza ovens, alongside consulting, training, and support services. Their market position is that of a trusted local supplier with a focus on quality and reliability. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Fonts and jQuery. It is well-optimized for mobile devices, performs well, and features a professional design with clear navigation. Hosting is provided via Webflow's CDN, ensuring fast content delivery. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several recommended security headers and does not display a cookie consent mechanism, which are areas for improvement. No incident response or vulnerability disclosure information is provided, limiting transparency in security practices. Overall, the website presents a professional and trustworthy front for the business, but the absence of WHOIS data and some security best practices slightly reduce the trust score. Strategic improvements in security headers, privacy compliance, and domain registration transparency are recommended to enhance credibility and compliance.

M

Metrostav Development a.s.

palmovkaopenpark.cz

56

Metrostav Development a.s. is a well-established real estate developer operating primarily in Prague and other locations in the Czech Republic. The company focuses on residential and commercial projects, emphasizing modern architecture, quality materials, and environmental responsibility. Their website reflects a mature digital presence with clear business information, multiple ongoing and completed projects, and a professional design. Technically, the site uses a modern tech stack including jQuery UI, Bootstrap, Font Awesome, and integrates Google Analytics and Cookiebot for analytics and privacy compliance. Security posture is solid with HTTPS enforced and CSRF protections in place, though some security headers could be improved. Privacy compliance is strong, with a comprehensive privacy policy, cookie consent mechanism, and GDPR adherence. Overall, the site is trustworthy, professional, and well-maintained, supporting the company's market position as a reputable real estate developer.

R

RUBIKON Centrum, z. ú.

rubikoncentrum.cz

56

RUBIKON Centrum, z. ú. is a Czech non-profit organization established in 1994 that supports individuals with criminal pasts in reintegrating into society. Their services include employment assistance, debt resolution, social counseling, housing support, and educational programs. The organization has a strong market presence with numerous partnerships across government, private sector, and community organizations. The website is built on WordPress and uses modern web technologies including jQuery, Popper.js, and Tippy.js, with integrated analytics from Google and Facebook. Security measures such as HTTPS and Content Security Policy are implemented, though some additional headers could enhance security further. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Contact information is available primarily via phone and contact forms, with no direct company emails found in the HTML. WHOIS data is unavailable, which slightly impacts trust but is common for privacy-protected domains. Overall, the website is professional, trustworthy, and well-structured, serving its target audience effectively.

D

Divadlo pod Palmovkou

podpalmovkou.cz

60

Divadlo pod Palmovkou is a well-established classical drama theatre located in Prague, Czech Republic, offering a diverse range of theatrical performances, concerts, exhibitions, and educational programs. The theatre operates under the auspices of the City of Prague, reflecting its cultural significance and public funding model. The website presents a professional and user-friendly interface with comprehensive event listings, ticketing options, and community engagement features such as newsletters and social media integration. Technically, the site leverages modern web technologies including React and Next.js, hosted on Google Cloud infrastructure, ensuring fast performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be enhanced. Privacy compliance is strong, with clear GDPR-aligned policies and transparent data handling practices. Overall, the website reflects a credible, trustworthy, and professionally managed cultural institution with a strong digital presence.

C

Curry House

curryhouse.cz

41

Curry House is a well-established Indian and Bangladeshi restaurant located in Prague, Czech Republic, founded in 2009. It holds a strong market position as the only 5-star halal restaurant in Prague, offering dine-in, takeaway, and delivery services. The website reflects a medium-sized hospitality business with a focus on authentic cuisine and customer satisfaction, supported by multiple certifications and positive customer testimonials. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, Slider Revolution, and various plugins for reservations and e-commerce. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is good with HTTPS enforced and no exposed sensitive data, but lacks visible security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in compliance and security transparency.

Cafe DECADA is a small local hospitality business operating a cafe in Prague, Czech Republic. The website presents basic business information including contact details, social media links, and location. The business targets local customers and offers cafe services with reservation options. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies such as JavaScript, CSS, and HTML5. The site is moderately optimized for mobile devices and has a good design quality with clear navigation. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and privacy compliance features such as privacy and cookie policies. WHOIS data is unavailable, likely due to privacy protection, which is common for small businesses. Overall, the website is trustworthy and professional but could improve in privacy compliance and security best practices.

S

SK Meteor Praha

meteortenis.cz

30

SK Meteor Praha is a historic tennis club based in Prague, established in 1884, offering tennis training, competitive teams, court rentals, and community events. The website serves as an informational portal for members and visitors, highlighting club history, services, and contact details. The club targets tennis enthusiasts of all ages, including children, youth, adults, and seniors, positioning itself as a well-established local sports institution. Technically, the website uses legacy technologies such as jQuery 1.4.2 and Google Maps API, with Google Analytics for visitor tracking. However, it lacks modern security features such as HTTPS and security headers, and does not provide privacy or cookie policies, indicating compliance gaps. The security posture is weak due to the absence of SSL and outdated libraries, posing risks to user data confidentiality and integrity. Overall, the site is functional but requires modernization and security improvements to enhance trust and compliance.

A

Allstar Group s.r.o.

centrumtance.cz

58

Centrum Tance, operated by Allstar Group s.r.o., is a well-established dance and exercise center based in the Czech Republic, offering a wide range of courses, workshops, and events primarily in Prague and Brno. The website presents a professional and content-rich platform targeting a broad audience interested in dance, fitness, and wellness activities. The business model focuses on service provision through in-person classes, permanent passes, and gift vouchers, supported by a network of partner organizations and local government entities. Technically, the website employs modern JavaScript libraries, Google Tag Manager, and cookie consent mechanisms, ensuring a good level of digital maturity and user experience. Security posture is strong with HTTPS enforced and privacy-conscious tracking, although some HTTP security headers and explicit incident response contacts are absent. The lack of publicly available WHOIS data reduces domain trust verification, but the overall site professionalism and transparency mitigate concerns. Strategic recommendations include enhancing security headers, publishing a security policy, and improving contact information for incident response. Overall, Centrum Tance demonstrates a solid online presence with good privacy compliance and user engagement, suitable for its market niche.

A

Aponeta s.r.o.

cafemilano.cz

45

Café Milano, operated by Aponeta s.r.o., is a small hospitality business located in Prague, Czech Republic, specializing in homemade cakes, Italian wines, and event hosting services. The website presents a clear business description, contact information, and operating hours, targeting local customers and business clients. The digital presence is built on the inPage CMS platform with common JavaScript libraries, offering a moderate level of technical sophistication and basic mobile optimization. The site includes a cookie consent mechanism but lacks formal privacy and terms of service documentation. Security posture is moderate with no visible HTTPS or security headers information, and WHOIS data is missing, which impacts domain trust verification. Overall, the website is functional and professional but would benefit from enhanced security and compliance documentation.

Pinseria Palmovka is a small hospitality business operating a café and restaurant in Prague, Czech Republic, focusing on quality food with gluten-free, vegetarian, and vegan options. The business emphasizes local sourcing, sustainability, and community engagement through events like quiz nights. The website is built on Joomla CMS with modern UI frameworks and integrates third-party services for analytics, marketing, and online reservations. While the website is well-designed and content-rich, it lacks a published privacy policy and terms of service, which are important for GDPR compliance. The absence of WHOIS data for the domain raises concerns about domain legitimacy, though the website content and contact information appear professional and consistent with a legitimate local business. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosures. Overall, the website presents a trustworthy and professional front for a local hospitality business but should improve compliance and security transparency.

A

Ateliér Terej

terej.cz

50

Ateliér Terej operates as a specialized e-commerce retailer focusing on linen and cotton textile products, including bed linen, table linen, and accessories. The website is built on the PrestaShop platform and targets consumers interested in quality textile goods, primarily within the Czech Republic. The business model centers on online sales with a clear presentation of product collections and fabric samples. The company maintains a professional online presence with social media integration and structured data markup to enhance search visibility. Technically, the website employs modern e-commerce technologies including Google Analytics and Facebook Pixel for marketing and analytics purposes. The site is mobile-optimized and demonstrates good SEO practices. However, some technical improvements such as enhanced security headers could further strengthen the platform. The site uses HTTPS exclusively, ensuring encrypted communications. From a security perspective, the website shows a moderate security posture with HTTPS and cookie consent mechanisms in place. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. However, the absence of WHOIS registration data is a notable concern, reducing domain trustworthiness. There is no visible security policy or incident response information, which could be improved to enhance user trust and compliance. Overall, Ateliér Terej presents a trustworthy and professional e-commerce platform with room for improvement in domain transparency and security best practices. Strategic recommendations include implementing security headers, publishing a security policy, and addressing the WHOIS data gap to improve legitimacy and user confidence.

A

Alf & Bet, spol. s r.o.

prague.coffee

60

The website www.prague.coffee represents Alf & Bet, spol. s r.o., a small hospitality business specializing in specialty coffee and artisan bread in Prague. The business operates multiple locations offering coffee, bread, bakery, and roastery services. The site is professionally designed with consistent branding and good content quality, targeting general consumers interested in quality coffee and bakery products in Prague. Technically, the site uses Solidpixels CMS, integrates Google Analytics and Google Maps, and employs modern web fonts and JavaScript. The site is mobile optimized and performs moderately well, though SEO is limited due to a noindex directive. Security posture is adequate with HTTPS enabled but lacks security headers and formal privacy or cookie policies, which reduces compliance and trust. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. Overall, the domain appears legitimate with privacy-protected WHOIS data, which is common for small businesses. The site content is safe for general audiences with no adult or explicit material.

C

Chlebíček Store

chlebicekstore.cz

43

Chlebíček Store is a small vegan bistro based in Prague, Czech Republic, specializing in plant-based open sandwiches and related vegan fast food items. The business has been operating since 2015 and targets both vegan and non-vegan customers seeking fresh, quality, and modern local food options. The website is built on WordPress using the Enfold theme and integrates social media and location services via Facebook SDK and Google Maps API. While the site is well-structured and provides clear contact information, it lacks critical privacy and cookie policies, which may impact GDPR compliance. Security posture is moderate with HTTPS enabled but missing security headers and minor deprecated code warnings. WHOIS data is unavailable, which slightly reduces domain trustworthiness but does not detract significantly from the business legitimacy based on website content. Overall, the site is professional and functional but could improve in privacy compliance and security best practices.

R

restauracezenklovka.cz

restauracezenklovka.cz

50

The website restauracezenklovka.cz is currently a domain parking and sale landing page with minimal content and no active business presence. The site primarily serves to advertise the domain for sale, with no privacy policies, contact information, or business details provided. The technical infrastructure is basic, relying on simple JavaScript and external ad/tracking scripts, with no detected CMS or advanced frameworks. Security posture is weak, lacking HTTPS enforcement and security headers, and no compliance documentation is present. Overall, the site does not represent an operational business and carries a low trust and credibility profile.

T

Terapeutické centrum EPIMELEIA

teracentrum.cz

39

Terapeutické centrum EPIMELEIA is a small healthcare service provider based in the Czech Republic, offering psychological and psychotherapeutic counseling, coaching, and self-development services primarily in Prague and Olomouc. The website presents a professional and consistent brand image, targeting individuals, couples, and children seeking mental health support, including online therapy options. The business model focuses on direct service provision with an emphasis on accessibility and client support. Technically, the website is built on WordPress using Elementor and Jet plugins, integrating Google Analytics and Google Tag Manager for user tracking. The site is mobile-optimized with moderate performance and basic accessibility features. Security posture is adequate with HTTPS enabled and use of Google reCAPTCHA, but lacks security headers and explicit privacy or cookie policies. WHOIS data is unavailable, limiting domain trust assessment, but the website content and presentation suggest legitimacy. Overall, the site scores moderately well in content quality, technical implementation, and business credibility, with room for improvement in privacy compliance and security best practices.

O

optik studio Jana Čížková s.r.o.

optik.studio

58

Optik Studio Jana Čížková s.r.o. is a small retail optical business based in the Czech Republic, specializing in the sale of branded eyewear and providing expert optical services. The website presents a professional and consistent brand image, targeting consumers seeking quality eyeglasses and optical care in Prague. The company maintains an active blog and social media presence, enhancing customer engagement. Technically, the website is built on the Webnode CMS platform, hosted via Amazon Cloudfront CDN, and employs modern web technologies including Google Analytics and Tag Manager for tracking. The site is mobile-optimized and performs moderately well, with good SEO practices in place. Security-wise, the site uses HTTPS with a valid SSL certificate and implements a cookie consent banner, but lacks advanced security headers and explicit privacy or security policies. WHOIS data is unavailable due to privacy protection, which is common and justified for this business type. Overall, the website is trustworthy and functional but could improve in privacy transparency and security hardening.

S

Pod Palmovkou | ToFitko

svetpodpalmovkou.cz

46

The website 'Pod Palmovkou | ToFitko' appears to be a small-scale fitness or local service site built on WordPress using Elementor and Yoast SEO plugins. The content is accessible and presented in Czech language, targeting a general audience interested in fitness or related services. However, the site lacks critical business and security information such as privacy policies, contact details, and WHOIS registration data, which limits its credibility and trustworthiness. Technically, the site uses modern web technologies and is mobile optimized, but security best practices like HTTPS enforcement and security headers are not verifiable from the provided data. Overall, the site shows moderate technical maturity but low privacy and business transparency.

D

DreamFit Praha

dreamfit.cz

58

DreamFit Praha operates fitness and wellness clubs located in Prague 8, offering a range of services including personal training, group classes, physiotherapy, massages, and specialized training zones such as cross training and performance gyms. The website is professionally designed using the Wix platform, reflecting a small local business with a clear focus on health and fitness services. The business targets general fitness enthusiasts and wellness clients in the Prague area. Technically, the site leverages Wix's Thunderbolt framework and standard JavaScript polyfills, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and some script-based security hardening, but lacks explicit security headers and visible privacy or cookie policies, which are important for compliance and trust. No WHOIS data is available from the CZ NIC registry, likely due to privacy protection, but the website content and technical indicators suggest legitimacy. Overall, the site is safe, professional, and trustworthy, though improvements in privacy compliance and security headers are recommended.

T

Top Trails of Germany e.V.

top-trails-of-germany.de

49

Top Trails of Germany e.V. is a non-profit organization dedicated to promoting Germany's premier hiking trails. The website provides comprehensive information on 13 major trails, including detailed descriptions, difficulty levels, and logistical data, targeting hiking enthusiasts and tourists interested in nature and outdoor activities. The organization positions itself as a niche leader in German hiking tourism, offering brochures, experience packages, and partnerships with outdoor brands. Technically, the site is built on TYPO3 CMS, leveraging modern JavaScript libraries and Google Maps API for enhanced user experience. The site is mobile-optimized with good SEO practices and clear navigation. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit policies could be improved. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site is professional, trustworthy, and content-rich, with active social media engagement.

M

Maps Marker Pro

mapsmarker.com

53

Maps Marker Pro is a specialized WordPress plugin provider focused on delivering advanced mapping solutions with an emphasis on ethical coding and user privacy. The company offers a feature-rich plugin supporting multiple map providers and geocoding services, targeting WordPress site owners and developers seeking flexible and privacy-conscious mapping tools. Their market position is strong within the WordPress ecosystem, supported by positive user testimonials and a clear commitment to data protection. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery and Slick Slider, and integrates multiple map APIs. The site is well-optimized for SEO and mobile devices, with good performance and accessibility standards. Security-wise, HTTPS is enforced, and the company follows best practices by not storing geolocation data and using privacy-focused analytics (Matomo). However, some security headers like Content-Security-Policy are not explicitly detected, and no security.txt or incident response policies are published. The overall security posture is good, with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, though the absence of a cookie consent mechanism is a minor gap. The missing WHOIS data for the domain is a concern for trust but is mitigated by the professional website and active business presence. Strategically, the company should enhance transparency by publishing security and incident response policies, implement cookie consent mechanisms, and consider adding a security.txt file to improve vulnerability disclosure. Monitoring domain registration status is recommended to ensure ongoing legitimacy.

The website www.bloombergconnects.org is currently inaccessible due to a PerimeterX Web Application Firewall (WAF) challenge page requiring human verification via captcha. This security mechanism blocks automated access and prevents retrieval of any meaningful content or business information from the site. Consequently, no metadata, privacy policies, contact details, or business descriptions are available for analysis. The WHOIS data is malformed and does not provide registrar, creation, or registrant details, further limiting trust and legitimacy assessment. The site loads several security and analytics scripts including New Relic and PerimeterX, indicating monitoring and protection measures are in place. However, the lack of accessible content and business information results in a low overall trust and credibility score.

YouLead sp. z o.o. operates a professional marketing automation platform targeting B2B, B2C, and e-commerce sectors primarily in Poland. The company offers a comprehensive system for sales and marketing automation, lead generation, customer segmentation, and omnichannel communication, positioning itself as a trusted partner with notable clients such as BMW and Volvo. The website reflects a mature digital presence with modern technologies and extensive analytics integration. Security posture is good with HTTPS and reCAPTCHA usage, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, supporting strong privacy practices. Overall, the business demonstrates credibility and professionalism with clear contact information and client testimonials.

The website www.vhs.cloud presents minimal accessible content, primarily consisting of an iframe loading a session-specific page. The domain is registered since 2016 with a reputable registrar and shows no signs of privacy protection or suspicious activity. However, the lack of visible business information, contact details, privacy policies, and terms of service limits the ability to fully assess the business or compliance posture. Technically, the site uses basic web technologies including jQuery and custom JavaScript, but lacks modern frameworks or CMS indications. Security posture is weak due to absence of security headers and DNSSEC, and no clear HTTPS enforcement information is available. Overall, the site appears to be a small-scale or internal service with limited public-facing content.

E

Expodum.cz

expodum.cz

58

Expodum.cz is a Czech Republic-based e-commerce retailer specializing in quick-setup party tents and related accessories. The company offers a variety of tent sizes and constructions, including steel and aluminum frames, with a focus on quality and customer satisfaction, evidenced by a 5-year warranty and positive customer reviews. Their business model targets both individual consumers and professional users needing reliable event shelter solutions. The website is well-branded and provides clear contact information, enhancing trust and customer engagement. Technically, the website leverages modern web technologies including Google Tag Manager, Google Analytics, Smartsupp chat, and the Sylius e-commerce platform. The site is mobile-optimized with good SEO practices and a cookie consent mechanism aligned with GDPR requirements. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and employs cookie consent for privacy compliance. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces domain trust slightly but does not detract significantly from the overall legitimacy of the business. Overall, Expodum.cz presents a professional and trustworthy online presence with a solid business focus. Strategic improvements in security policy transparency, WHOIS data availability, and enhanced accessibility would further strengthen their digital maturity and customer confidence.

S

stkprochlapy – Web pacientské organizace STK pro chlapy pro muže s urologickým nádorovým onemocněním

stkprochlapy.cz

43

The website stkprochlapy.cz represents a patient organization dedicated to supporting men with urological cancers in the Czech Republic. It provides information on prevention, diagnosis, treatment, and patient support, positioning itself as a specialized non-profit entity in the healthcare sector. The site targets Czech-speaking men affected by urological tumors and their families, offering guidance and updates relevant to their health journey. Technically, the website is built on WordPress 6.8.3, utilizing modern plugins such as Colibri Page Builder Pro, Swiper.js, and Fancybox, with Google Analytics integrated for visitor tracking. The site is mobile-optimized and presents a professional design with clear navigation. Security-wise, HTTPS is enabled, and a cookie consent mechanism is implemented, indicating GDPR awareness. However, no explicit privacy policy or terms of service pages were found, and no security headers were detected, which are areas for improvement. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is understandable for a patient support organization. Overall, the website is functional, informative, and moderately secure, serving its niche audience effectively.

IM FIT is a small fitness and wellness service provider operating clubs in Prague and Liberec, Czech Republic. The company offers a range of services including fitness, wellness, massages, solarium, cosmetics, personal trainers, InBody diagnostics, and group lessons. The website is built on WordPress and uses Bootstrap 5.3 for styling, indicating a modern but basic technical infrastructure. The site is accessible without any WAF or security challenges, but lacks important compliance documents such as privacy and cookie policies. No contact emails or phone numbers are provided, only physical addresses, which limits direct communication channels. The WHOIS data is completely missing, which raises concerns about domain legitimacy and transparency. Security posture is weak due to lack of security headers and unclear SSL configuration. Overall, the website provides basic information about the business but lacks critical security and compliance features.

S

Střední průmyslová škola dopravní, a.s.

sps-dopravni.cz

48

Střední průmyslová škola dopravní, a.s. is a specialized secondary technical school based in Prague, Czech Republic, focusing on transport, electrical, mechanical, and IT education. The institution offers various study programs in these fields, targeting motivated students and applicants. The website reflects a well-established educational entity with a medium-sized operation and a strong partnership with the Prague public transport company (DPP). The digital presence is professional, with comprehensive content, clear navigation, and active social media engagement. Technically, the site is built on WordPress with modern plugins and good SEO practices, though some security headers could be improved. The security posture is solid with HTTPS and cookie consent mechanisms, but lacks explicit incident response or vulnerability disclosure information. WHOIS data is unavailable, which slightly impacts trust but does not detract from the overall legitimacy. Strategic recommendations include enhancing security headers and publishing security policies to improve trust and compliance.

V

Výstaviště Praha

vystavistepraha.eu

63

Výstaviště Praha operates as the official online presence for the Prague Exhibition Grounds, offering comprehensive information about events, venue rental, sports, dining, and visitor services. The website targets a broad audience including local residents, tourists, families, and sports enthusiasts, positioning itself as a key information hub for activities at the venue. The business model revolves around venue management, event hosting, and supplementary services such as an e-shop and newsletter subscriptions. Technically, the site employs modern analytics and marketing tools with a strong emphasis on user consent and privacy compliance. The hosting infrastructure is stable and reputable, with good mobile optimization and SEO practices enhancing user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a professional and trustworthy digital presence aligned with its business objectives.

S

Studentská Akademie

studentska-akademie.cz

52

Studentská Akademie is an educational organization based in the Czech Republic offering a variety of artistic and extracurricular workshops targeted primarily at high school students. Their services include academies in music, film animation, theater, DJing, radio, and sports such as running and biking. The website positions itself as a community-focused educational provider with some workshops free and others paid. The site demonstrates a moderate level of digital maturity with integration of common web technologies and social media platforms but lacks modern security and privacy compliance features. The absence of WHOIS data limits the ability to fully verify domain legitimacy, though the presence of partner logos and active social media accounts supports its credibility. Security posture is moderate with HTTPS enabled but outdated JavaScript libraries and missing security headers present risks. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is functional and content-rich but requires improvements in security, privacy, and technical modernization to enhance trust and compliance.

M

MM Programming s.r.o.

mmprog.cz

41

MM Programming s.r.o. is a newly founded Czech technology company specializing in professional IT services including custom web development, web management, hosting, and IT consulting. The company targets both businesses and individual clients, positioning itself as a small but professional local IT service provider. Their website reflects a clear business focus with references to client projects and a consistent brand identity. Technically, the website uses modern frameworks such as Bootstrap and Font Awesome, is mobile optimized, and has good SEO fundamentals. However, it lacks published privacy and cookie policies, security headers, and advanced security disclosures, which are areas for improvement. The domain registration data is consistent with the company information and business claims, supporting legitimacy. Overall, the website is functional and professional but would benefit from enhanced privacy and security compliance to improve trust and reduce risk.

K

Kreisvolkshochschule Landkreis Harburg

kvhs-harburg.de

37

Kreisvolkshochschule Landkreis Harburg is a regional adult education institution in Germany offering a wide range of courses including languages, health, IT, culture, and basic education. The website is built on TYPO3 CMS and uses modern web technologies such as Bootstrap and jQuery, providing a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, although some security headers could be improved. Contact information and privacy policies are clearly presented, supporting GDPR compliance. Overall, the website reflects a trustworthy and professional educational service provider with a strong regional presence.

S

Stiftung Kunststätte Johann und Jutta Bossard

bossard.de

46

Museum Kunststätte Bossard is a small non-profit cultural institution in Germany dedicated to preserving and showcasing the artistic legacy of Johann and Jutta Bossard. The website provides detailed information about exhibitions, guided tours, and visitor services, targeting art enthusiasts and the general public. The museum operates with a clear cultural mission and maintains a consistent brand presence online. Technically, the website uses a traditional CMS (Contao) with common JavaScript libraries and moderate performance and mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, though improvements in security and privacy transparency are recommended.

T

Tourist-Information Winsener Elbmarsch

winsener-elbmarsch.de

44

The website www.winsener-elbmarsch.de serves as the official regional tourism portal for the Winsener Elbmarsch area in Germany, providing comprehensive information about local attractions, events, accommodations, and services. It targets tourists and visitors interested in exploring the region near Hamburg, offering resources such as event calendars, transport options, and cultural highlights. The site is positioned as a trusted local tourism information source with a focus on promoting regional heritage and leisure activities. Technically, the site is built on WordPress 6.8.3 using the Enfold theme and several plugins including Revolution Slider and Usercentrics for cookie consent management. The infrastructure reflects a moderate level of digital maturity with good mobile optimization and SEO practices. The site uses HTTPS with strong SSL configuration, though security headers are not explicitly detected in the HTML content. From a security perspective, the website demonstrates good practices such as HTTPS enforcement and cookie consent compliance. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were identified. The domain WHOIS data aligns well with the website content, indicating legitimacy and consistency. Overall, the site is a well-maintained regional tourism platform with good content quality and user experience. Strategic improvements in security headers, explicit security policies, and enhanced accessibility could further strengthen its posture. No adult or questionable content is present, making it suitable for general audiences.

R

Regionalpark Rosengarten e.V.

regionalpark-rosengarten.de

48

Regionalpark Rosengarten e.V. is a small non-profit organization focused on promoting regional development and tourism in the northern part of the Lüneburger Heide near Hamburg, Germany. The website serves as an information hub for leisure activities, regional projects, and barrier-free tourism, targeting tourists, local visitors, and project stakeholders. The organization benefits from EU and regional funding, as indicated by logos and content references. Technically, the website is built on WordPress using modern plugins such as UberMenu, Maps Marker Pro, and Complianz GDPR for cookie management. The site is well-structured, mobile-optimized, and accessible, with good SEO practices and moderate performance. Hosting is provided by kasserver.com, as inferred from the nameservers. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. However, it lacks explicit security headers and does not provide a public security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is minimal but consistent with the organization's profile, with no privacy protection or suspicious patterns. Overall, the website presents a professional, trustworthy, and compliant digital presence for a regional non-profit entity. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining plugin updates to ensure ongoing security and compliance.

N

Naturpark Lüneburger Heide

naturpark-lueneburger-heide.de

63

Naturpark Lüneburger Heide operates as a regional non-profit organization dedicated to the preservation and promotion of the unique cultural and natural landscape of the Lüneburger Heide in Germany. The website serves as a comprehensive portal offering detailed information about the nature park, its conservation efforts, regional products, events, and educational programs targeting tourists, local residents, and nature enthusiasts. The organization holds a recognized quality nature park certification and collaborates with regional partners, supported by EU funding initiatives.

The website represents a small, specialized business focused on equestrian sports, training, and event hosting in Germany. It serves as a portal for Turniergesellschaft Luhmühlen mbH (TGL), Ausbildungszentrum Luhmühlen (AZL), and related equestrian organizations. The content is basic but relevant to its niche audience, emphasizing horse riding sports and associated events. Technically, the site uses legacy technologies such as Flash alongside modern JavaScript libraries like jQuery and plugins for galleries and sliders. Hosting appears to be managed via luenecom.de DNS servers. The site lacks modern CMS indicators and shows only basic SEO and accessibility features. Mobile optimization is minimal, and the design is functional but basic. From a security perspective, the site lacks visible HTTPS enforcement details and security headers, and it uses deprecated Flash technology, which poses security and compatibility risks. No privacy or cookie policies are present, indicating poor privacy compliance. Analytics are implemented via Piwik hosted on a related domain, suggesting moderate user tracking. Overall, the website is functional for its purpose but requires significant improvements in security posture, privacy compliance, and modernization of technology to enhance trust and user experience.

E

Erlebnis Elbe

erlebnis-elbe.de

60

Erlebnis Elbe is a small tourism business focused on providing boat tours and leisure experiences on the Elbe river in Germany. The website is built on the Wix platform, leveraging Wix's proprietary technologies and hosting services. The digital infrastructure is standard for small businesses using Wix, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and formal privacy policies. Contact information and compliance documentation are missing, which limits trust and privacy compliance. Overall, the website serves its purpose for local tourism but requires improvements in privacy, security, and contact transparency to enhance credibility and compliance.

L

Lüneburger Heide GmbH

heidschnuckenweg.de

47

The website www.heidschnuckenweg.de serves as a comprehensive tourism portal dedicated to the Heidschnuckenweg hiking trail in the Lüneburger Heide region of Germany. It provides detailed information about the trail's 13 stages, accommodation options, seasonal hiking tips, and related services. The site is professionally designed with consistent branding and targets hikers, nature enthusiasts, and tourists seeking outdoor experiences in northern Germany. The business behind the site is Lüneburger Heide GmbH, a regional tourism organization, positioning itself as a key promoter of this popular hiking destination. Technically, the website is built using modern web technologies including React and Next.js, hosted on Hetzner servers. It demonstrates good mobile optimization, SEO practices, and moderate performance. The site employs HTTPS with strong SSL configuration but lacks explicit security headers, which could be improved. Privacy and cookie policies are present and GDPR compliant, with a cookie consent mechanism implemented. Contact information is available via a dedicated contact page, though no direct emails or phone numbers are embedded in the main HTML. From a security perspective, the site shows a solid posture with no visible vulnerabilities or exposed sensitive data. However, it lacks dedicated security or incident response policies and does not provide a vulnerability disclosure or security.txt file. The domain registration is consistent with the hosting provider and business purpose, indicating legitimacy. No WAF or blocking mechanisms interfere with content access. Overall, the website is a trustworthy, well-maintained tourism information platform with good content quality and technical implementation. Strategic recommendations include enhancing security headers, publishing explicit security policies, and improving accessibility features to further strengthen the site's security and compliance posture.

M

Nezisková organizace | Mezi námi, o.p.s. | Praha 4

mezi-nami.cz

52

The website www.mezi-nami.cz is a Wix-hosted site with minimal accessible content and no visible business or contact information. The lack of WHOIS data and registrant details limits the ability to verify the domain's legitimacy or business identity. Technically, the site uses standard Wix scripts and includes Mailchimp integration for marketing purposes. Security posture is basic with no advanced headers or policies detected, and privacy compliance is minimal due to absence of privacy or cookie policies. Overall, the site appears to be a small-scale or personal project with limited digital maturity and business presence.

T

Tenis Olten Czech

tenis-olten.cz

40

Tenis Olten Czech operates a local tennis center in Dolní Jirčany, Czech Republic, offering six multifunctional tennis courts with artificial JUTA grass surfaces. The business targets tennis players and sports enthusiasts in the region, providing court rentals, coaching, and additional sports like volleyball and nohejbal. The website is built on WordPress using Oxygen Builder and integrates modern JavaScript libraries such as Swiper.js and jQuery. It features a reservation system link and detailed pricing information, supporting a straightforward business model focused on local sports facility management. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and formal privacy or cookie policies, indicating compliance gaps. WHOIS data is unavailable, limiting domain legitimacy verification, but the website content and structure appear professional and trustworthy for a small local business. Overall, the site scores moderately well in content quality, technical implementation, and business credibility, but privacy compliance needs improvement.

S

Sbor dobrovolných hasičů Psáry

hasicipsary.cz

51

Sbor dobrovolných hasičů Psáry is a local volunteer fire brigade organization based in Psáry, Czech Republic, founded in 2013. The organization focuses on firefighting response, youth engagement, and community cultural events. Their website serves as a communication platform for local residents and volunteers, providing updates, event information, and contact details. The site is built on WordPress using Elementor, indicating a moderate level of digital maturity with standard web technologies. Hosting is provided by a Czech hosting provider, ensuring local infrastructure alignment. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies, which are recommended for compliance and trust. The site does not employ tracking or advertising technologies, reflecting a community-focused, non-commercial approach. Overall, the website is professional, trustworthy, and safe for general audiences, but could improve privacy compliance and security hardening.

S

SK Rapid Psáry

rapid-psary.cz

45

SK Rapid Psáry is a local Czech football club with a long tradition dating back to 1931. The website serves as an information hub for club members, fans, and the local community, providing news, match schedules, team information, and an e-shop for merchandise. The club targets football enthusiasts and community members interested in local sports activities. The business model is typical for a community sports club, focusing on engagement, membership, and local sponsorships. Technically, the website is built on a modern stack using EOS CMS, Alpine.js, Swiper.js, and other JavaScript libraries loaded from reputable CDNs. The site is mobile-optimized with good navigation and content structure, though some accessibility features could be improved. Performance is moderate, with no critical errors detected. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, there is a lack of visible security headers and no privacy or cookie policies, which are important for compliance and user trust. The absence of WHOIS data limits domain trust assessment, but the website content and active social media presence support its legitimacy. Overall, the site is functional and professional for its purpose but would benefit from enhanced privacy compliance, security headers, and clearer contact information to improve trust and security posture.

S

Sportovní klub – SK Čechoslovan

skcechoslovan.cz

42

Sportovní klub SK Čechoslovan is a local sports club based in the Czech Republic, offering multiple sports activities including football, volleyball, nohejbal, tennis, and a conditioning academy. The website serves as an information hub for club members and the local community, providing schedules, membership applications, and a fan shop. The club maintains an active presence on social media platforms such as Facebook and Instagram, enhancing community engagement. Technically, the website is built on WordPress using the Divi theme, with common plugins for GDPR compliance and download management. The site is mobile-optimized and provides a cookie consent mechanism, demonstrating awareness of privacy regulations. Security posture is moderate with HTTPS enforced but lacks advanced security headers and explicit vulnerability disclosure policies. WHOIS data is unavailable, which reduces transparency and trustworthiness from a domain registration perspective. Overall, the website is functional and professional but could improve in security and business credibility aspects.