Security Directory

K

Krizovatkachuti.cz

krizovatkachuti.cz

58

Křižovatka chutí is a Czech language website dedicated to gourmet food and beverages, including wine, beer, distillates, coffee, restaurants, cooking, and reviews. It targets gourmet enthusiasts and food lovers, providing articles, recipes, and reviews. The business model appears to be content publishing supported by advertising and newsletter subscriptions. Technically, the site runs on WordPress with modern plugins such as Rank Math SEO and Jetpack, and integrates Google Analytics and AdSense for analytics and monetization. The site is mobile optimized and has good SEO practices. Security posture is decent with HTTPS enabled and cookie consent implemented, but lacks explicit security headers and a privacy policy page. WHOIS data is unavailable, which reduces domain trustworthiness. Overall, the site is professional and functional but could improve privacy compliance and security transparency.

L

Leo Express Global a. s.

leoexpress.com

78

Leo Express is a transportation company specializing in train and bus ticket sales across Central Europe, offering travel to over 120 destinations. The website is professionally designed with a clear focus on user experience, mobile optimization, and accessibility. It leverages modern web technologies such as React and Next.js, ensuring a responsive and performant platform. Privacy compliance is well addressed with comprehensive privacy and cookie policies and an active consent mechanism. However, the absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not published. Overall, the website presents a trustworthy and professional front for its business operations.

Tomáš Kalina's website is a personal portfolio and blog primarily targeting a general audience interested in his work or content. The site is built on WordPress using a premium theme and hosted on a Czech hosting provider. The technical infrastructure is modern and includes HTTPS with a valid SSL certificate, but lacks advanced security headers and DNSSEC. Privacy compliance is minimal, with no privacy policy or terms of service found, though a cookie consent mechanism is present. Contact information is limited to a contact form without explicit email or phone details. Overall, the site is professionally designed with good user experience but could improve in privacy and security transparency.

N

NetPro systems, s.r.o.

lezec.cz

56

Lezec.cz is a well-established Czech climbing and mountaineering portal operated by NetPro systems, s.r.o., founded in 2000. It serves a niche community of climbers and outdoor enthusiasts with news, guides, rankings, and community forums. The site integrates e-commerce through a partner shop and monetizes via advertising networks. Technically, the site uses traditional web technologies with Google Analytics and ad services, but employs a legacy charset and lacks some modern security headers. Security posture is moderate with HTTPS enforced but could be improved with additional headers and updated scripts. Privacy compliance is basic with cookie consent implemented and a privacy policy available, but lacks explicit terms of service or security policies. Overall, the site is legitimate, content-rich, and trusted within its community but would benefit from modernization and enhanced security practices.

The domain nervoussummer.com currently serves a 404 Not Found error page and is used by Admiral (getadmiral.com) to provide copyright access control and privacy consent services for digital publishers. The website itself contains no substantive content, no privacy or cookie policies, and no contact information, limiting its utility as a standalone business site. The technical infrastructure is hosted on Google Cloud Platform with basic HTML, CSS, and JavaScript content, and no advanced frameworks or CMS detected. Security practices are described in the page content, including HTTPS enforcement and certificate rotation, but no explicit security headers or vulnerability disclosures are present. The domain registration is stable and consistent with a reputable registrar, but DNSSEC is not enabled. Overall, the site is minimal and primarily functions as a service endpoint rather than a customer-facing website.

O

Olomoucký kraj

olkraj.cz

49

Olomoucký kraj operates as the official regional government portal for the Olomouc region in the Czech Republic, providing comprehensive information and services related to public administration, tourism, business, media, and social services. The website targets residents, businesses, tourists, and public officials, offering multi-language support and accessibility features to ensure inclusivity. The portal serves as a central hub for regional governance and community engagement, reflecting a strong market position as a trusted government resource. From a technical perspective, the website employs modern web technologies including Bootstrap for responsive design, SVG icons for scalable graphics, and Google Tag Manager for analytics and tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. However, the absence of explicit CMS identification and hosting details suggests potential areas for infrastructure transparency improvement. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, indicating attention to privacy compliance. Nonetheless, the lack of visible security headers, security policy documentation, and vulnerability disclosure mechanisms highlights opportunities for enhancing the security posture. The missing WHOIS data raises concerns about domain registration transparency, though the website's official branding and external references strongly support its legitimacy. Overall, Olomoucký kraj presents a professional and trustworthy government portal with solid content and technical foundations. Strategic enhancements in security documentation, domain registration transparency, and security header implementation would further strengthen its risk profile and user trust.

The domain truculentrate.com currently serves as a service domain hosted by Admiral, a company providing copyright access control and privacy consent management services for digital publishers. The website content is a 404 Not Found error page, indicating no active business-facing website content is available at this URL. The domain is hosted on Google Cloud Platform and uses AWS DNS servers, reflecting a modern cloud infrastructure. Security practices include HTTPS enforcement, frequent certificate rotation, and continuous content scanning, with no executable files hosted. However, the lack of visible security headers and absence of a cookie consent mechanism limit the security and privacy posture. The domain registration is transparent and consistent with the service use case, registered via NameCheap without privacy protection.

The domain harborcaption.com currently serves a 404 Not Found error page with no active website content. The domain is registered with NameCheap, Inc. since January 2023 and is hosted on Google Cloud Platform. The page content indicates that the domain is used by Admiral (getadmiral.com) to provide copyright access control and privacy consent services for digital publishers. However, no active business website or detailed company information is present. The technical infrastructure is basic, relying on standard web technologies and cloud hosting. Security practices described in the page content are industry standard, including HTTPS enforcement and no hosting of executable files, but these cannot be externally verified. The absence of privacy, cookie, or terms of service policies, as well as lack of contact information, reduces the site's trustworthiness and compliance posture. Overall, the site is currently non-functional as a business website and provides minimal information.

The domain salmonfin.com currently serves a 404 Not Found error page with minimal content describing the role of Admiral (getadmiral.com) as a service provider for copyright access control and privacy consent management for digital publishers. The website lacks substantive business content, contact information, or interactive elements, indicating it is either inactive or a placeholder domain. The technical infrastructure is hosted on Google Cloud Platform with DNS managed by AWS DNS servers, but DNSSEC is not enabled. Security practices described are industry standard for the service provider, including encryption and certificate rotation, but no explicit security headers or advanced configurations are visible. Overall, the site has a low content and business credibility score due to lack of information and accessibility. The domain registration is consistent and legitimate, registered since 2019 with NameCheap, Inc. No signs of malicious activity or adult content are present.

I

IAS | Login

integralplatform.com

58

The website reporting.integralplatform.com is a single-page application serving as a login portal for a unified reporting platform branded as IAS. The platform appears to target business users requiring access to actionable data analytics to drive superior results. The site content is minimal, focused on authentication, with no public-facing informational pages such as privacy policy, cookie policy, or contact details. The technical infrastructure is modern, leveraging React for the SPA, with CSS and JavaScript assets loaded asynchronously. However, no explicit hosting or CMS information is available. Security measures include a CSRF token in the login form, but no security headers or HTTPS enforcement details were provided. The WHOIS lookup for the subdomain failed, indicating either a lack of public registration data or that the subdomain is part of a larger domain not analyzed here. Overall, the site demonstrates basic professionalism but lacks transparency in privacy and contact information.

Č

Český Gastronomický Institut servisní s. r. o.

ceskygastronomickyinstitut.cz

62

The website www.ceskygastronomickyinstitut.cz represents the Czech Gastronomic Institute's organization and promotion of the prestigious Bocuse d’Or Czech culinary competition. It serves as a platform to showcase top Czech chefs competing for a place in European and world finals, providing event information, ticket sales, media coverage, and partner details. The site targets culinary professionals, gastronomy enthusiasts, and event attendees, positioning itself as a key national player in the hospitality and gastronomy sector. Technically, the website is built using modern web technologies including React and Next.js, ensuring fast performance and excellent mobile optimization. The site employs HTTPS and includes cookie consent mechanisms, although it lacks some security headers and a comprehensive privacy policy. Tracking technologies such as Google Analytics and Facebook Pixel are present but consent is initially denied, reflecting a basic privacy compliance stance. From a security perspective, the site benefits from HTTPS and cookie consent but would improve by adding security headers and publishing clear privacy and incident response policies. The absence of WHOIS data reduces domain trustworthiness, though the professional content and reputable partnerships support legitimacy. Overall, the site is well-designed and functional, with moderate risk due to incomplete transparency and security best practices. Strategic recommendations include enhancing privacy disclosures, implementing security headers, publishing incident response contacts, and improving WHOIS transparency to bolster trust and compliance.

C

CrimeRadar

uscrimeradar.com

61

CrimeRadar is an AI-powered platform providing real-time public safety and crime alerts across the United States. The service targets general users interested in timely crime information, offering mobile applications on both Apple Store and Google Play. The website presents a professional design with clear navigation and regularly updated content, positioning itself as a comprehensive crime alert solution covering all 50 states and over 10,000 cities. However, the domain's very recent registration date in 2025 raises questions about the maturity and longevity of the business. Technically, the site uses modern frameworks such as React and Next.js, ensuring good performance and mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC, which could be improved. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR-specific features detected. Contact information is limited to an email address with no phone or physical address provided. Overall, the platform appears functional and trustworthy but would benefit from enhanced security and privacy practices to increase user confidence.

R

Redakce časopisu TREKING

treking.cz

63

Treking.cz is a Czech-language online portal dedicated to hiking, trekking, and outdoor activities, offering a wide range of articles, guides, event calendars, and accommodation listings. It serves a niche audience of outdoor enthusiasts primarily in the Czech Republic and Slovakia. The website is content-rich, regularly updated, and maintains partnerships with other reputable outdoor and travel websites. Technically, it uses common web technologies including Google Fonts, Adsense, and Tag Manager, with basic mobile optimization and SEO practices in place. Security posture is moderate with HTTPS usage and a consent management platform, but lacks visible security headers and detailed security policies. The absence of WHOIS data limits domain trust verification, but the website content and structure indicate a legitimate and professional operation. Overall, the site scores well in content quality and privacy compliance but could improve in security best practices and domain transparency.

P

Projektová kancelář Kraje Vysočina, příspěvková organizace

platbyvysocina.cz

63

The website www.platbyvysocina.cz serves as the official online payment portal for the Kraj Vysočina region in the Czech Republic. It enables residents to conveniently pay various local fees such as municipal charges, school fees, and sports club memberships online, replacing traditional cash and slip payments. The portal is positioned as a regional government service, supported by the Projektová kancelář Kraje Vysočina, with clear contact information and trusted payment methods including Visa and Mastercard. Technically, the site employs modern web technologies with responsive design and structured navigation, though it lacks some advanced security headers and cookie consent mechanisms. The absence of WHOIS data limits domain registration transparency, but the overall legitimacy is supported by consistent branding and government affiliation. Security posture is good with HTTPS enforced and secure form handling, but improvements in security policy publication and vulnerability disclosure are recommended.

S

Eshop se šperky z polodrahokamů a minerálů | Šperkyakameny.cz

sperkyakameny.cz

54

The website sperkyakameny.cz operates as an e-commerce platform specializing in the sale of jewelry made from semi-precious stones, minerals, and pearls. It targets consumers interested in unique and quality jewelry pieces, offering a wide range of products categorized by stone types and jewelry styles. The site is well-structured and provides comprehensive product information, care instructions, and customer support channels, positioning itself as a niche retailer in the Czech market. Technically, the website utilizes a proprietary e-commerce platform (eshop-rychle.cz) and integrates modern analytics and marketing tools such as Google Tag Manager, Matomo, and Sklik retargeting. The site is served over HTTPS, ensuring encrypted communications, and is optimized for mobile devices with good navigation clarity. However, it lacks some security best practices such as security headers and a visible cookie consent mechanism. From a security perspective, the site demonstrates a moderate posture with HTTPS enabled and consent settings restricting analytics and ad storage by default. The absence of WHOIS data for the domain raises concerns about domain registration transparency and trustworthiness. No critical vulnerabilities or exposed sensitive data were detected in the provided content. Privacy policies and terms of service are present and appear comprehensive, supporting GDPR compliance. Overall, the website presents a professional and trustworthy front for its business, but the lack of domain registration data and some missing security headers suggest areas for improvement. Strategic recommendations include enhancing security headers, implementing a cookie consent banner, and verifying domain registration details to bolster trust and compliance.

The domain bidpapers.com currently serves as a 404 Not Found error page and is utilized by Admiral, a service provider specializing in copyright access control and privacy consent management for digital publishers. The domain is registered with NameCheap and hosted on Google Cloud Platform, indicating a modern infrastructure. However, the website itself lacks substantive content, contact information, or business details, limiting its utility as a public-facing site. Security practices described in the embedded text indicate adherence to industry standards such as HTTPS enforcement and frequent certificate rotation, but no advanced security frameworks or certifications are publicly documented. Overall, the site is legitimate but functions primarily as a service endpoint rather than a traditional website.

A

AOL

aol.com

74

The analyzed website is a consent management page for AOL, which is part of the Yahoo family of brands. It provides users with options to accept, reject, or manage privacy settings related to cookies and personal data usage. The page is well-branded, consistent with AOL and Yahoo corporate identity, and links to comprehensive privacy and cookie policies hosted on legal.yahoo.com. The business operates within the technology and media sectors, focusing on digital content and advertising services. The website targets general internet users and employs standard consent frameworks aligned with GDPR requirements. From a technical perspective, the site uses modern web technologies including JavaScript and CSS, with a moderate performance profile and good mobile optimization. However, explicit security headers are not detected, and no detailed security or incident response policies are linked, indicating room for improvement in security posture transparency. The site uses CSRF tokens in forms, indicating some security best practices. Analytics and tracking are implemented via Yahoo Rapid and IAB Transparency & Consent Framework partners, with extensive user tracking but with clear consent mechanisms. Security-wise, the site is served over HTTPS (implied by domain and scripts), but explicit security headers are not visible in the provided data. No vulnerabilities or exposed sensitive data were detected. The WHOIS data for the subdomain consent.yahoo.com is not separately registered, which is expected for a subdomain of a major brand. The domain is legitimate and consistent with the business identity. Overall, the website is professional, compliant with privacy regulations, and trustworthy. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and improving accessibility and SEO features to strengthen the site's security posture and user trust.

S

STAVOS Engineering, s.r.o.

stavosengineering.cz

50

STAVOS Engineering, s.r.o. is a Brno-based engineering company specializing in construction and development projects, operating as part of the STAVOS Brno, a.s. holding. The company offers a range of services including design, client collaboration, construction supervision, and infrastructure development, targeting clients in the real estate and construction sectors within the Czech Republic. The website presents a professional image with clear branding and relevant content tailored to its audience. Technically, the site is built on the Webnode CMS platform, leveraging Amazon Cloudfront CDN for hosting and Google Tag Manager for analytics. The site is mobile-optimized and includes cookie consent mechanisms aligned with GDPR requirements. Security posture is solid with HTTPS enforced, though additional security headers could enhance protection. WHOIS data is not publicly available, indicating privacy protection, which is typical for businesses of this size and type. Overall, the website reflects a legitimate and credible business with moderate digital maturity and compliance.

M

Městský úřad Jemnice

mesto-jemnice.cz

51

The website mesto-jemnice.cz serves as the official online presence for the town of Jemnice in the Czech Republic. It provides comprehensive municipal information including news, public documents, event calendars, and contact details for local government offices. The site targets residents, visitors, and stakeholders interested in local governance and community services. The business model is that of a government entity providing public services and information. The website is well-branded and consistent with its municipal identity, offering good content quality and trust indicators such as official contact information and document archives. Technically, the site uses the vismo CMS platform with standard web technologies including HTML5, CSS, JavaScript, and integrates Google services such as reCAPTCHA and Translate. The site is mobile optimized and offers basic accessibility features. Performance is moderate with room for improvement in SEO and security headers. The hosting provider is not explicitly identified. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect its contact form from spam. However, it lacks explicit security headers which could enhance protection against common web vulnerabilities. Privacy policies and cookie usage statements are present but lack an active consent mechanism, which may be a compliance gap under GDPR. No incident response or vulnerability disclosure information is provided. Overall, the website is a trustworthy and professional municipal portal with a solid foundation but could benefit from enhanced security practices and privacy compliance measures. The domain registration data supports the legitimacy and long-standing presence of the site. Strategic recommendations include implementing security headers, improving cookie consent mechanisms, and publishing security policies to strengthen user trust and regulatory compliance.

Č

Česká pošta

postsignum.cz

60

PostSignum is an electronic certification authority service operated by Česká pošta, providing qualified and commercial digital certificates, qualified time stamps, and secure key solutions primarily for Czech public administration, businesses, entrepreneurs, and individuals. The website is professionally designed with clear navigation and offers multiple services including online certificate issuance and customer portals. The technical infrastructure relies on standard web technologies such as jQuery and Google Translate widgets, with a CMS from Macron Software. Security posture is moderate with HTTPS usage but lacks explicit security headers and cookie consent mechanisms. WHOIS data is unavailable, which slightly impacts trust but the strong branding and government affiliation mitigate concerns. Overall, the website is a credible and professional government service platform.

M

Město Jaroměřice nad Rokytnou

jaromericenr.cz

50

The website jaromericenr.cz serves as the official online presence for the municipal government of Jaroměřice nad Rokytnou, Czech Republic. It provides residents and visitors with essential information including news updates, event calendars, contact details, and public service announcements. The site targets local citizens, tourists, and businesses, offering a centralized platform for municipal communication and services. The business model is typical for a government entity, focusing on transparency and community engagement rather than commercial activities. Technically, the website employs a traditional HTML/CSS/JavaScript stack powered by the vismo CMS platform. It integrates Google services such as Tag Manager, Analytics, reCAPTCHA, and Translate widgets to enhance functionality and user experience. The site is hosted by REG-ZONER, a Czech registrar and hosting provider, and uses HTTPS to secure communications. Mobile optimization and accessibility are basic but functional, with room for improvement in accessibility compliance and performance tuning. From a security perspective, the site demonstrates good baseline practices including HTTPS enforcement, use of reCAPTCHA on forms, and a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced transparency and trust. No critical vulnerabilities or exposed sensitive data were detected in the content. Overall, the website is a trustworthy and professional municipal portal with solid business credibility and moderate technical sophistication. Strategic improvements in security policy publication, accessibility, and technical modernization would further strengthen its posture and user trust.

SIA Sertifikācijas centrs is a well-established Latvian certification institution founded in 2012, accredited by the Latvian National Accreditation Bureau and notified in EU institutions. The company specializes in product, personnel, and management system certifications, serving a broad regional market including Latvia and neighboring countries. Their website reflects a professional business presence with clear service descriptions and contact information. Technically, the site uses standard web technologies such as HTML, CSS, and jQuery, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website and WHOIS data indicate a legitimate and credible business with room for improvement in security and privacy practices.

The website vilemwalter.cz is a small, niche informational site focused on historical and cultural content related to the city of Brno and the Moravia region in the Czech Republic. It offers resources such as historical sacral architecture, old maps, photographs, and directories, along with some sales of books and exlibris. The site appears to be a personal or hobby project, founded in 2004, with a modest but relevant content offering for enthusiasts and researchers interested in local history. From a technical perspective, the website is built using basic HTML, CSS, and JavaScript without modern frameworks or CMS platforms. The site lacks mobile optimization and advanced accessibility features, and performance is moderate. There is no evidence of HTTPS usage or security headers, which indicates a weak security posture. No privacy or cookie policies are present, and no analytics or tracking technologies are detected, suggesting minimal user data collection. Security evaluation reveals significant gaps, including the absence of HTTPS, security headers, and formal privacy compliance. The site does not provide incident response contacts or security policies. However, no vulnerabilities or malicious content were detected. The domain registration is consistent with the website's age and content, registered since 2004 with no privacy protection, supporting legitimacy. Overall, the site is safe and suitable for general audiences but requires improvements in security, privacy compliance, and technical modernization to enhance trustworthiness and user experience.

The website autoplay.pl currently displays a minimal maintenance page with no substantive content, metadata, or user interaction elements. The domain is registered since 2005 with OVH SAS, indicating a stable and legitimate registration history. However, the website lacks critical elements such as privacy policies, cookie consent mechanisms, contact information, and security headers, which limits its operational maturity and trustworthiness. The technical infrastructure appears basic, with only a single CSS stylesheet linked and no visible scripts or analytics tools. Security posture is weak due to the absence of HTTPS confirmation and security headers, although no explicit vulnerabilities were detected from the provided data. Overall, the site is in a placeholder state, limiting its business and security evaluation.

n2eyes Agencja Interaktywna is a small interactive web agency based in Gniezno, Poland, specializing in creating unique websites. Their market position is that of a local service provider with a social media presence on Facebook, where they engage with a modest audience. The business model focuses on providing web design and interactive website creation services to businesses and individuals. Technically, the company leverages the Facebook platform for its online presence, utilizing modern web technologies such as React and JavaScript, with hosting and infrastructure managed by Facebook. The page is mobile optimized and performs well, though SEO is basic due to platform constraints. Security posture benefits from Facebook's robust HTTPS and platform security, with no direct vulnerabilities observed on the page. However, the absence of privacy, cookie, and terms of service policies on the page indicates a gap in compliance and transparency. Overall, the risk is low given the platform's protections, but the company should consider linking or publishing these policies to enhance trust and compliance.

O

Oblastní muzeum v Lounech

archeoskanzenbrezno.cz

57

Archeoskanzen Březno is an archaeological open-air museum affiliated with the regional museum in Louny, Czech Republic. It offers educational programs, prehistoric-themed events, and summer camps aimed at students and adults interested in archaeology and cultural heritage. The website provides detailed event calendars and program descriptions, targeting a general audience with an interest in education and culture. Technically, the site is built on the Webnode CMS platform, hosted via AWS Cloudfront CDN, and employs Google Tag Manager for analytics. The site is mobile-optimized and presents a clear navigation structure with good content quality. Security-wise, the site uses HTTPS with a good SSL configuration but lacks important security headers and privacy/cookie policies, which impacts compliance and security posture. WHOIS data is unavailable, likely due to privacy protection, which is common for small cultural institutions. Overall, the site is legitimate and trustworthy but would benefit from enhanced security and privacy compliance measures.

The website brno1645.cz is an educational and cultural project presenting virtual 3D models of the city of Brno as it appeared during the 1645 Swedish siege. The project is small-scale and niche, targeting history enthusiasts and the general public interested in historical reconstructions. The site offers downloadable models for use with Google Earth and provides historical context and updates. The business model is non-commercial, focusing on cultural heritage dissemination. Technically, the website is simple, built with basic HTML and CSS without modern frameworks or CMS. It lacks advanced technical features such as responsive design, accessibility enhancements, or SEO optimizations. No analytics or tracking scripts are present, indicating minimal digital maturity. Performance is moderate given the static nature of the content. From a security perspective, the site lacks HTTPS enforcement and security headers, which lowers its security posture. There are no privacy or cookie policies, and no incident response or vulnerability disclosure information is provided. Contact information is limited to a single email address. No forms or user input mechanisms are present, reducing attack surface but also limiting user engagement. Overall, the website is safe and trustworthy for its intended educational purpose but would benefit from improvements in security, privacy compliance, and technical modernization to enhance user trust and protection.

P

PREVENT s.r.o.

eskoleni.net

62

The website https://eskoleni.net/user/ represents an online training platform operated by PREVENT s.r.o., a Czech company specializing in online education, consulting, auditing, and certification services. The platform targets users seeking professional online training and certification, positioning itself as a niche educational service provider since 2020. The business model combines B2B and B2C elements, focusing on delivering contractual educational services and related consulting. The website content is primarily in Czech and includes a secure login form for users, with a comprehensive GDPR-compliant privacy policy presented in a modal dialog.

V

Vinaři Velké Němčice

nocsklepu.cz

54

The website www.sklepyvelkenemcice.cz serves as a promotional platform for the annual wine cellar open days event in Velké Němčice, a South Moravian village in the Czech Republic. It targets wine enthusiasts and tourists interested in local wine tasting experiences. The site provides event information, links to local partners, and social media channels but does not operate as an e-commerce platform. The business model focuses on community engagement and event promotion for local winemakers. Technically, the website is built on the Webnode CMS platform, leveraging Amazon Cloudfront CDN for static content delivery. It uses modern web technologies including JavaScript and CSS, and is mobile-optimized with a responsive design. Performance is moderate, and SEO is basic but functional. The site includes a cookie consent banner with advanced settings, indicating some level of privacy awareness. From a security perspective, the site enforces HTTPS and uses Google Tag Manager for analytics. However, it lacks important security headers and does not provide a privacy policy or terms of service, which are critical for GDPR compliance. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. WHOIS data for the domain is unavailable, which raises concerns about domain legitimacy verification. Overall, the website is functional and serves its purpose as an event information portal but requires improvements in privacy compliance, security best practices, and transparency to enhance trustworthiness and regulatory adherence.

V

Vinaři Velké Němčice

sklepyvelkenemcice.cz

53

The website www.sklepyvelkenemcice.cz serves as a promotional platform for the traditional wine tasting event 'Otevřené sklepy' held in Velké Němčice, Czech Republic. It targets wine enthusiasts and tourists interested in Moravian wine culture, providing event details, participating winemakers, accommodation, and transportation information. The business operates on a local scale, focusing on hospitality and cultural tourism with a history of nearly 20 years. Technically, the site is built on the Webnode CMS platform, hosted on AWS Cloudfront, and employs modern web technologies including JavaScript and CSS. The site is mobile-optimized and performs moderately well, with good SEO practices and basic accessibility features. Security-wise, the site uses HTTPS with valid SSL certificates and includes a cookie consent mechanism with advanced user controls, reflecting some privacy awareness. However, the absence of a published privacy policy, terms of service, and contact information reduces overall trust and compliance posture. WHOIS data is unavailable, which raises concerns about domain registration transparency. Overall, the website is functional and professional but would benefit from enhanced privacy disclosures and contact transparency to improve trust and compliance.

The website povis.cz serves as a flood information system primarily targeting governmental and water management entities in the Czech Republic. The domain has been registered since 2007 and is hosted on Czech infrastructure, indicating a stable and legitimate presence. However, the website content is minimal, consisting mainly of a redirect page with basic metadata and no visible interactive content or detailed business information. Technically, the site uses basic HTML and CSS without modern frameworks or CMS, and lacks mobile optimization and accessibility features. Security posture is weak due to absence of HTTPS enforcement and security headers, and no privacy or cookie policies are present, which raises compliance concerns. Overall, the site appears functional but outdated and lacking in user engagement and security best practices.

The website represents a small local school cafeteria service in Velké Němčice, Czech Republic, providing meals primarily to children attending local schools and kindergartens, as well as employees and external diners. The business has a long history dating back to 1957, emphasizing nutritious and varied meals. The website content is basic but informative, focusing on history, current operations, pricing, and contact links. Technical infrastructure is simple, relying on basic HTML, CSS, and JavaScript without modern CMS or advanced frameworks. Security posture is weak due to lack of visible HTTPS enforcement and security headers, and no explicit contact information or incident response details are provided. Privacy compliance is partially addressed with a privacy policy and terms of service pages, but cookie consent mechanisms are absent. Overall, the site is safe and appropriate for general audiences but would benefit from technical and security improvements.

The website 'Orel jednota Velké Němčice' serves as an online presence for a local sports and community organization based in Velké Němčice, Czech Republic. It primarily focuses on promoting sports activities, community events, and cultural engagement for local residents and sports enthusiasts. The site content is basic and primarily informational, with limited interactive features or advanced technical implementations. The business model is non-profit and community-oriented, targeting local audiences. From a technical perspective, the website uses standard HTML, CSS, and JavaScript, including Google Analytics for visitor tracking. There is no evidence of a modern CMS or advanced frameworks. The site lacks visible HTTPS enforcement and security headers, which impacts its security posture negatively. Mobile optimization and accessibility are basic, and SEO practices are minimal. Security-wise, the site shows several weaknesses: absence of HTTPS, no privacy or cookie policies, no contact information for security or incident response, and no visible security best practices. The WHOIS data is missing, which raises concerns about domain legitimacy and registration status. Overall, the security posture is weak, with critical recommendations needed to improve trust and compliance. The overall risk assessment indicates a low to moderate risk primarily due to missing security controls and lack of transparency in domain registration. Strategic recommendations include implementing HTTPS, publishing privacy and cookie policies, adding contact information, and improving security headers and compliance measures.

J

Jiří Prskavec

jiriprskavec.cz

41

The website www.jiriprskavec.cz is a professionally designed personal site dedicated to Jiří Prskavec, an Olympic gold medalist in canoe slalom. It serves as a platform to showcase his biography, career achievements, photo and video galleries, and partnerships with various sponsors. The site targets fans, media, and sponsors, focusing on personal branding and promotion. Technically, the site uses modern web technologies including JavaScript libraries, Google Analytics, and social media SDKs, with a responsive design optimized for mobile devices. However, the site lacks explicit privacy and cookie policies, and no WHOIS data is available for the domain, which limits trust verification. Security headers are not detected, indicating room for improvement in security posture. Overall, the site is content-rich, trustworthy, and professionally maintained but would benefit from enhanced compliance and security measures.

TÜV SÜD Czech is a well-established enterprise providing trusted solutions in safety, security, and sustainability sectors. With over 150 years of experience, the company offers a broad portfolio of services including testing, certification, auditing, inspection, calibration, cybersecurity, and training. The website reflects a mature digital presence with professional design, multi-language support, and compliance with GDPR and cookie consent regulations. Technically, the site uses modern technologies such as Sitecore CMS, Google Tag Manager, and Adobe Tag Manager, ensuring good performance and user experience across devices. Security posture is strong with HTTPS enforced and privacy-focused consent mechanisms, though explicit security headers and published security policies are absent. The lack of WHOIS data limits domain registration trust verification but does not detract from the overall legitimacy indicated by the website content and branding.

ept GmbH is a German-based manufacturer specializing in a wide range of electronic connectors and connector solutions, serving industrial and manufacturing sectors globally. Their product portfolio includes highspeed, miniaturized, rugged, EMC/shielding, power, automotive, and customized connectors, indicating a strong focus on technical innovation and industry standards. The website supports multiple languages, reflecting an international market presence. Technically, the site is built on the bee.tools® CMS platform, uses modern web technologies including WebP and SVG images, and is mobile optimized. However, there is room for improvement in accessibility and SEO. Security posture is moderate with HTTPS enabled and use of secure image formats, but lacks visible security headers and explicit privacy or cookie policies. WHOIS data for the domain is unavailable, which raises some concerns about domain legitimacy, though the website content and branding are professional and consistent with a legitimate business. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security hardening.

The website scriptxyz.xyz presents a basic login interface built on the Laravel framework, targeting users who need authentication services. The site is minimalistic with no visible business branding, contact information, or policies, indicating it may be an early-stage or internal application rather than a public-facing commercial service. The technical infrastructure leverages modern web technologies including Laravel, Bootstrap, and reputable CDNs for fonts and scripts, hosted behind Cloudflare DNS services. However, the absence of DNSSEC and security headers suggests room for improvement in security hardening. The WHOIS data is notably suspicious due to a domain creation date set in the future, which undermines trust and raises legitimacy concerns. No privacy or cookie policies are present, and no analytics or tracking mechanisms are detected, indicating minimal user data collection but also a lack of compliance transparency. Overall, the site is functional but lacks maturity in business presence and security posture.

M

Městský úřad Cheb

cheb.cz

51

The website cheb.cz is the official municipal portal for the city of Cheb in the Czech Republic. It provides comprehensive information and services to residents and visitors, including access to official documents, event calendars, online reporting tools, and contact information for city administration. The site is well-positioned as a trusted government resource with a clear focus on citizen engagement and transparency. Technically, the site employs modern web technologies including HTTPS, Google Analytics with consent management, Google reCAPTCHA for form security, and a CMS platform (Vismo) tailored for municipal websites. The design is professional, mobile-optimized, and accessible, supporting a positive user experience. Security posture is solid with HTTPS enforcement and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is strong with explicit cookie consent and a detailed privacy policy. Overall, the site demonstrates a mature digital presence appropriate for a government entity, with good trust indicators and no suspicious elements.

M

Město Králův Dvůr

kraluv-dvur.cz

47

The website kraluv-dvur.cz serves as the official digital presence for the town of Králův Dvůr in the Czech Republic. It provides residents and visitors with municipal information, including news updates, event calendars, public notices, and contact details for city offices. The site is positioned as a local government portal, focusing on transparency and community engagement. The business model is typical for a municipal government, offering public services and information without commercial intent. Technically, the website is built on the vismo CMS platform and incorporates standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google Analytics and Google Tag Manager for visitor tracking, with a cookie consent mechanism that respects user privacy by default denying analytics and marketing cookies. The site is mobile-optimized and accessible, with good SEO practices and a clear navigation structure. From a security perspective, the site enforces HTTPS and implements cookie consent in compliance with GDPR. However, it lacks explicit security policies, incident response contacts, and advanced security headers, which are recommended for enhanced protection. No vulnerabilities or exposed sensitive data were detected in the content. The domain registration is consistent with the municipal nature of the site, having been established in 2001, indicating a mature and legitimate online presence. Overall, kraluv-dvur.cz is a trustworthy and professionally maintained municipal website with good content quality and privacy compliance. Strategic improvements in security policy transparency and technical security headers would further strengthen its security posture.

V

Velaro

velaro.com

69

Velaro is a well-established technology company specializing in live chat and customer engagement platforms designed to help businesses convert online prospects into customers. Their comprehensive suite includes live chat software, AI chatbots, messaging, voice communication, and knowledge base tools, targeting businesses seeking to enhance conversational marketing and sales automation. The company has a strong market position with a medium-sized operational scale and a founding date in 2000, indicating significant industry experience. Technically, Velaro's website demonstrates a mature digital infrastructure leveraging modern web technologies such as Webflow CMS, Google Tag Manager, Cloudflare security services, and Apollo.io tracking. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a high level of digital maturity and user experience focus. From a security perspective, Velaro employs HTTPS with strong SSL configurations, security headers, and client transfer protection on their domain. While no explicit security or incident response policies are published, the use of Cloudflare Turnstile captcha and absence of vulnerabilities indicate a solid security posture. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, Velaro presents a low-risk profile with strong business credibility, technical robustness, and privacy compliance. Strategic recommendations include enabling DNSSEC, publishing detailed security policies, and adding vulnerability disclosure mechanisms to further enhance trust and security transparency.

TSYS is a leading payment solutions provider specializing in scalable issuer solutions and payment processing technology. As part of the Global Payments family, TSYS serves a broad audience including financial institutions, fintech companies, and retailers worldwide. Their cloud-native, API-driven platform supports a wide range of services from digital onboarding to fraud management and loyalty programs. The website reflects a mature digital presence with professional design, clear navigation, and multimedia content that highlights their expertise and market leadership. Technically, the site leverages modern web technologies, including Sitecore CMS, advanced analytics tools, and a robust cookie consent mechanism, indicating a commitment to user privacy and data protection. Security posture is solid with HTTPS usage and privacy compliance tools, though explicit security policies and incident response contacts are not published. WHOIS data is unavailable, which is a minor concern but does not detract significantly from the site's legitimacy given the strong brand presence and content quality. Overall, TSYS presents a trustworthy and professional online presence aligned with its enterprise-scale business model.

W

Windcave

paymentexpress.com

71

Windcave operates as a global payment gateway and EFTPOS solutions provider, delivering omni-channel payment processing services to a diverse range of industries including retail, finance, hospitality, and government. The company positions itself as a trusted platform facilitating seamless payment experiences for thousands of recognizable brands worldwide. Their key offerings include online, in-store, and unattended payments, supported by features such as global acquiring, tokenization, and data insights. Technically, the website is built with standard web technologies including HTML5, CSS, JavaScript, and leverages Cloudflare for performance and security monitoring. The site demonstrates good mobile optimization, clear navigation, and professional design quality. However, some accessibility features could be enhanced, and no CMS or hosting provider beyond Cloudflare is explicitly identified. From a security perspective, the site enforces HTTPS and includes secure login mechanisms. While no critical vulnerabilities or exposed sensitive data were detected, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement. Privacy compliance is supported by a comprehensive privacy policy and terms of use, though the lack of a cookie consent mechanism is a notable gap. Overall, the website presents a professional and trustworthy front for a payment services company, but the missing WHOIS data and limited direct contact information slightly reduce trustworthiness. Strategic improvements in privacy compliance and security transparency would enhance the company's security posture and user confidence.

A

Asociace inovačního podnikání ČR, z.s.

aipcr.cz

50

Asociace inovačního podnikání ČR, z.s. is a well-established non-governmental organization focused on fostering innovative entrepreneurship within the Czech Republic. Founded in 1993, it serves as a key expert partner in innovation projects and provides a gateway to innovation activities including research, development, and technology transfer. The website reflects a professional presence with clear navigation and relevant content targeted at innovation stakeholders and entrepreneurs in the region. Technically, the site uses modern libraries such as Bootstrap and jQuery, and integrates Google Analytics for user tracking. However, the site lacks a privacy policy and terms of service pages, which are important for compliance and user trust. Security posture is moderate with cookie consent implemented but missing explicit security headers and modern charset encoding. Overall, the domain registration data supports the legitimacy and long-term presence of the organization.

K

Krajowa Izba Rozliczeniowa Spółka Akcyjna (KIR)

mszafir.pl

64

The mSzafir website is a professionally designed platform operated by Krajowa Izba Rozliczeniowa Spółka Akcyjna (KIR), a reputable Polish financial infrastructure entity. It offers qualified electronic signature and seal services compliant with the eIDAS regulation, targeting businesses and individuals requiring secure digital signing solutions. The platform supports both one-time and long-term certificates accessible via a web portal and mobile applications for iOS and Android. The site includes comprehensive user guides, FAQs, and activation instructions, enhancing user experience and trust. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager, and Google reCAPTCHA for security. The site is mobile-optimized and uses a custom CMS likely provided by Ideo/edito. Security best practices such as HTTPS, CSRF tokens, and cookie consent mechanisms are implemented, though some security headers could be improved. Analytics and marketing tools are used responsibly with clear privacy policies and GDPR compliance. From a security perspective, the site demonstrates a strong posture with no visible vulnerabilities or exposed sensitive data. The lack of public WHOIS data is typical for .pl domains and is justified given the nature of the business. Overall, the domain and website present a trustworthy and professional digital presence suitable for handling sensitive electronic signature services. Strategically, the company should continue to enhance security headers and accessibility features while maintaining transparency in privacy and data protection. The integration with official KIR resources and partner domains strengthens its market position and credibility.

K

Knot Resolver

knot-resolver.cz

53

Knot Resolver is an open-source caching DNS resolver designed for scalability and flexibility, targeting a broad audience from large resolver farms to home network routers. The website positions the project as a modern, modular DNS solution trusted by notable industry players such as CETIN, Cloudflare, and Whalebone. The business model revolves around free software distribution with optional professional support services. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and integrates Matomo analytics with privacy-conscious settings. The site is well-structured, mobile-optimized, and provides clear navigation and professional content. Security posture is moderate; while no forms or sensitive data exposure is evident, the absence of security headers and explicit privacy or cookie policies indicates room for improvement. WHOIS data is unavailable due to CZ.NIC registry privacy policies, but the domain and website content appear legitimate and consistent with the business claims. Overall, the site scores well on business credibility and content quality but should enhance privacy compliance and security best practices.

C

CZ.NIC

csirt.cz

69

CSIRT.CZ is the official National Computer Security Incident Response Team of the Czech Republic, operated by CZ.NIC under a public contract with the National Cyber and Information Security Agency. The organization provides critical cybersecurity incident response, coordination, education, and proactive security services to a broad range of stakeholders including ISPs, banks, public authorities, and academic institutions within the Czech Republic. The website reflects a professional and government-affiliated entity with strong trust indicators such as accreditation by Trusted Introducer and membership in FIRST. Technically, the site uses modern web technologies including Bootstrap and Matomo analytics, is mobile optimized, and implements a cookie consent mechanism, though it lacks explicit privacy and terms of service pages. Security posture is solid with HTTPS usage and no visible vulnerabilities, but could be improved by adding security headers and formal security policies. Overall, the domain registration data aligns well with the website's claims, showing a consistent and legitimate presence since 2007.

C

CZ.NIC z.s.p.o

test-ipv6.cz

52

The website test-ipv6.cz is a specialized technical service operated by CZ.NIC z.s.p.o, a Czech domain registry organization. It provides IPv6 connectivity testing tools that help users and network administrators verify their IPv6 readiness and diagnose potential issues. The site is positioned as a niche technical resource with a focus on IPv6 adoption and network diagnostics. The business model appears to be a free service supported by CZ.NIC and community contributions, targeting technically savvy users and ISPs. From a technical perspective, the website uses standard web technologies including JavaScript, jQuery, and Piwik analytics. The hosting provider is identified as HETZNER-AS based on IP and ISP data. The site performs moderately in performance and mobile optimization, with basic accessibility and SEO features. The technical infrastructure is functional but could benefit from modern security headers and enhanced mobile responsiveness. Security posture is moderate; the site uses HTTPS for test URLs and avoids exposing sensitive data. However, it lacks explicit security headers such as Content-Security-Policy and HSTS, and does not publish privacy or cookie policies, which are compliance gaps. No incident response or vulnerability disclosure information is provided. The WHOIS data confirms domain legitimacy with consistent registration by CZ.NIC since 2011. Overall, the website is a trustworthy and useful technical resource with good business credibility but has room for improvement in privacy compliance and security best practices. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and publishing vulnerability disclosure and incident response details to enhance trust and compliance.

D

Data Management Resources, LLC

govguamdocs.com

53

GovGuamDocs.com is an informational website serving as a centralized resource for Government of Guam forms across multiple departments and agencies. It provides downloadable PDF forms and links to official government payment portals, targeting residents and businesses interacting with Guam government services. The site is operated by Data Management Resources, LLC, as indicated by the copyright notice. The website's market position is as a primary online resource for Guam government forms, with a straightforward business model focused on information dissemination. Technically, the website is built using basic HTML, CSS, and JavaScript without modern frameworks or CMS. The design is dated with fixed-width layouts and minimal mobile optimization. SEO and accessibility features are basic, and performance is moderate. The site uses Google Analytics for tracking but lacks modern privacy and cookie compliance mechanisms. From a security perspective, the site lacks HTTPS, security headers, and privacy policies, which significantly lowers its security posture. The WHOIS data for the domain is missing or unregistered, which raises concerns about domain legitimacy despite the presence of official government-related content. No incident response or vulnerability disclosure information is provided. Overall, the website is functional for its purpose but requires urgent improvements in security, privacy compliance, and domain registration legitimacy to enhance trust and protect users. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and resolving domain registration inconsistencies.

MyGuamTax.com serves as the official online portal for the Guam Department of Revenue and Taxation, providing essential tax filing, payment, vehicle registration, and passport-related services to residents and businesses in Guam. The website is positioned as the primary government platform for these services, offering a range of e-filing and payment options tailored to individuals and businesses. The portal integrates with related Guam government services and payment gateways, reinforcing its role as a centralized tax and revenue service hub. From a technical perspective, the website employs standard web technologies including JavaScript, CSS, and Google Tag Manager for analytics. While the site is functional and moderately optimized for mobile devices, there is room for improvement in accessibility and SEO. The absence of a CMS or advanced frameworks suggests a relatively straightforward technical infrastructure. Performance is moderate, with no critical errors detected. Security-wise, the site benefits from HTTPS encryption and secure login forms, but lacks visible security headers such as Content-Security-Policy and HSTS, which are recommended for enhanced protection. The absence of published security policies or incident response information indicates a gap in transparency and preparedness. Additionally, no cookie consent mechanism is present, which may impact privacy compliance. Overall, the website is trustworthy and professional, reflecting its government affiliation. However, the missing WHOIS data for the domain is a notable anomaly that reduces the trust score. Strategic improvements in security headers, privacy compliance, and technical modernization would strengthen the site's security posture and user trust.

E

Exchanger.Money

exchanger.money

59

Exchanger.Money operates as a peer-to-peer currency exchange platform specializing in WebMoney and various electronic payment systems, including cryptocurrencies. The platform emphasizes secure transactions through escrow protection and offers over 100 payment methods, targeting users within the WebMoney ecosystem and those seeking flexible currency exchange options. The website is primarily in Russian and presents a professional, user-friendly interface with clear navigation and modern design elements. Technically, the site leverages Vue.js and modern JavaScript modules, with Google Tag Manager integrated for analytics. Security posture is solid with HTTPS enforced and domain transfer protection enabled, though improvements are needed in DNS security and HTTP security headers. Privacy compliance is partial, lacking cookie consent mechanisms and explicit GDPR indicators. Overall, the platform demonstrates a moderate to good level of digital maturity and business credibility.