Security Directory

S

Vlajky světa | Statnivlajky.cz

statnivlajky.cz

57

Statnivlajky.cz is a Czech informational website dedicated to providing comprehensive data about world flags, including countries, US states, and international organizations. The site has been actively maintained for over 15 years, positioning itself as a niche educational resource with quizzes, downloads, and categorized flag listings. The website targets a general audience interested in vexillology and related educational content. Technically, the site uses modern web technologies such as JavaScript, JSON-LD structured data, and WebP images, with good mobile optimization and SEO practices. However, no CMS or hosting provider details are evident, and performance is moderate. Security-wise, the site uses HTTPS and avoids exposing sensitive data but lacks visible security headers and explicit incident response or security policies. Privacy and cookie policies exist, though a cookie consent mechanism is absent. WHOIS data is unavailable, which impacts trust and transparency. Overall, the site is functional, informative, and safe for general audiences but could improve security and compliance transparency.

S

SpryMedia

sprymedia.co.uk

60

SpryMedia is a specialized web user-interface development studio based in Scotland, established since 2006. The company focuses on creating UI development tools and software projects such as DataTables, Visual Event, and SprySpell, targeting web developers and UI professionals. The website reflects a professional and focused business with a niche market position in technology and software development. Technically, the website uses standard web technologies including HTML, CSS, JavaScript, and jQuery, hosted via a UK-based registrar. The site loads a privacy-conscious analytics script (Plausible Analytics) and is accessible without WAF or blocking mechanisms. However, it lacks explicit privacy, cookie, and terms of service policies, and no direct contact emails or phone numbers are provided, only a contact form link. Security headers are not detected, indicating room for improvement in security posture. Overall, the website is well-designed and trustworthy, but could enhance compliance and security transparency.

S

sitegeist

sitegeist.de

48

sitegeist is a well-established digital agency based in Hamburg, Germany, with over 25 years of experience in digital transformation, web development, and online marketing. The company positions itself as a full-service digital agency offering strategic consulting, innovative AI solutions, and comprehensive web and marketing services. The website demonstrates a high level of digital maturity with modern technologies such as Neos CMS, PHP frameworks, and integration of AI-powered chatbots. Security posture is strong with HTTPS enforcement and good script management, though explicit security headers and policies could be improved. Privacy compliance is currently weak due to the absence of visible privacy and cookie policies. Overall, the website is professional, trustworthy, and well-optimized for performance and user experience.

C

ClassicPress

classicpress.net

65

ClassicPress is a community-driven open source content management system forked from WordPress 4.9, targeting users who prefer the classic WordPress editor experience. It positions itself as a lightweight, stable, and familiar CMS alternative, supported by a small but active volunteer community and nonprofit governance. The website offers resources including plugins, themes, documentation, and community support channels such as forums and chat. The project is sponsored by several infrastructure partners and funded via donations. Technically, the site runs on a ClassicPress CMS compatible with WordPress 6.2.6, leveraging LiteSpeed caching technology and modern HTML5 standards, resulting in fast performance and good mobile and accessibility support. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response policies are absent. Privacy compliance is good with a comprehensive privacy policy but lacks a cookie consent mechanism. WHOIS data is missing or unavailable, which reduces domain trustworthiness despite the legitimate and professional web presence. Overall, ClassicPress represents a credible niche open source CMS project with room for improvement in security transparency and domain registration clarity.

A

AJdG Solutions

ajdg.net

60

AJdG Solutions is a small technology company specializing in the development and sale of WordPress and ClassicPress plugins, with a strong focus on advertising management and WooCommerce enhancements. Their flagship product, AdRotate Banner Manager, is trusted by over 50,000 users, positioning the company as a niche leader in the WordPress plugin market. The business model centers on software license sales and support services, targeting website owners and developers seeking to optimize advertising revenue and e-commerce functionality. Technically, the website is built on WordPress using the Storefront theme and WooCommerce platform, hosted by InMotion Hosting. The site employs modern web technologies including jQuery and JavaScript, and demonstrates good mobile optimization and SEO practices. Analytics are handled via Matomo, reflecting a privacy-conscious approach. Performance is moderate, with opportunities for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and uses domain transfer protection, but lacks DNSSEC and security headers such as CSP or HSTS. No explicit security policy or incident response information is provided, and there is no cookie consent mechanism despite cookie usage. The domain registration is privacy protected but consistent with the business location and history, supporting legitimacy. Overall, the security posture is solid but could be enhanced with additional best practices. The overall risk assessment is low, with no critical vulnerabilities detected. Strategic recommendations include enabling DNSSEC, implementing security headers, adding a cookie consent banner, and publishing a security policy with incident response contacts. These improvements would strengthen compliance, user trust, and resilience against potential threats.

I

IONOS Group SE

ionos-group.com

76

IONOS Group SE is a leading European digitalization partner specializing in SMB and enterprise cloud and web presence solutions. The company operates multiple well-known brands and serves approximately 6.4 million customers across 18 markets in Europe and North America. Their business model focuses on providing comprehensive hosting, cloud, and domain registration services supported by strong customer care and infrastructure. The website reflects a mature digital presence with investor relations, corporate governance, and press information, indicating a publicly listed and transparent organization. Technically, the website is built on TYPO3 CMS, uses modern web technologies, and integrates Adobe Analytics for user tracking. The site is mobile optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be improved. Hosting appears to be managed internally or via a dedicated CDN. Performance is moderate with room for optimization. Security posture is strong with HTTPS enforced and a robust cookie consent mechanism supporting GDPR compliance. However, explicit security headers are missing, and no public security policy or incident response contacts are published. The WHOIS data is incomplete or privacy protected, which is common for large enterprises but reduces transparency. No vulnerabilities or suspicious content were detected. Overall, the website and business present a low risk profile with strong credibility and compliance. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility to further strengthen trust and compliance.

The website danubegeotour.eu is a geo-tourism platform providing information about geoparks, points of interest, trails, and geo-products in the Danube region. It targets tourists, families, groups, schools, and experts interested in geo-tourism activities. The platform allows users to explore geo-related content and submit ideas for new geo-products, positioning itself as a niche informational resource in the geo-tourism sector. Technically, the website leverages Google Maps API for interactive mapping, uses modern fonts and icons, and appears to be built with a SPA framework such as Vue.js. Hosting is provided by WebSupport s.r.o. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. From a security perspective, the site uses HTTPS and includes a CSRF token, but lacks visible security headers and published privacy or cookie policies. There is no contact information for incident response or data protection officers, which limits transparency and compliance. No analytics or tracking beyond Google Maps is detected, indicating minimal user tracking. Overall, the website is functional and serves its informational purpose but requires improvements in privacy compliance, security headers, and contact transparency to enhance trust and security posture. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and providing clear contact channels for security incidents.

L

Leaders Group

leadersgroup.com

61

Leaders Group is a well-established global intelligence platform specializing in delivering market intelligence, analytics, networking, events, and media services to sports and gaming business professionals. The company operates recognized brands such as Sports Business Journal, Leaders in Sport, and Newzoo, positioning itself as a key player in the sports and gaming media industry. The website reflects a professional and consistent brand image, targeting industry professionals seeking data-driven insights and networking opportunities. Technically, the website is built on the Squarespace platform, leveraging modern web technologies and delivering a good user experience with mobile optimization and moderate performance. However, the site lacks advanced security headers and does not implement DNSSEC, which could enhance its security posture. Privacy and cookie policies are absent, indicating a gap in compliance with data protection regulations. From a security perspective, the site uses HTTPS with a valid SSL configuration and has domain transfer protections in place. No WAF or blocking mechanisms are detected, and no vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the domain's legitimacy and long-term registration, consistent with the company's history. Overall, the website is credible and professional but would benefit from improved privacy compliance, enhanced security headers, and clearer contact information to strengthen trust and regulatory adherence.

The website 'An IndieWeb Webring' is a small community-driven project aimed at connecting personal websites that implement IndieWeb building blocks. It provides a directory, random site navigation, and membership sign-in via IndieAuth or RelMeAuth, targeting IndieWeb enthusiasts. The project is open source with active maintenance and blog updates, positioning itself as a niche community resource within the IndieWeb ecosystem. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and PHP, with no detected CMS. The site is moderately performant and mobile-optimized, though accessibility and SEO are basic. Security practices include CSRF protection on forms but lack advanced HTTP security headers. The domain is privacy protected but consistent with the project's age and scope. Security posture is moderate with no critical vulnerabilities detected, but improvements are recommended in HTTPS enforcement, security headers, and explicit privacy and cookie policies. No advertising or tracking is present, supporting user privacy. Overall, the site is trustworthy and safe for general audiences. Strategic recommendations include enhancing security headers, implementing cookie consent, publishing a privacy policy with GDPR compliance, and improving contact transparency to strengthen trust and compliance.

U

U Dřeváka Beer&Grill

udrevaka.cz

66

U Dřeváka Beer&Grill is a small hospitality business operating a restaurant and bar located in Brno, Czechia. The company offers food delivery, takeaway, and reservation services through a professionally designed website that integrates an online menu and ordering platform. The business has an established market presence since 2012 and maintains active social media profiles on Google, Facebook, and Instagram to engage with customers. The website is built on modern web technologies including React and Next.js, hosted likely via the registrar's infrastructure, and leverages the ChoiceQR platform for digital ordering and management. Security posture is strong with HTTPS enforced, security headers present, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is addressed with clear privacy and cookie policies and a consent mechanism. However, explicit security policies and incident response contacts are not published. Overall, the website is well-optimized for performance, mobile use, and SEO, providing a trustworthy and user-friendly experience for mature audiences interested in dining and alcoholic beverages.

W

Wild Creatures

wildcreatures.cz

43

Wild Creatures is a small Czech craft brewery specializing in wild fermentation beers, offering both on-site visits and online sales through their e-shop. The website is professionally designed with good navigation and mobile optimization, targeting adult beer enthusiasts. The technical infrastructure includes standard web technologies and Google Analytics for tracking, but lacks advanced security headers and privacy compliance features. The security posture is moderate, with an age gate implemented to restrict underage access, but missing privacy and cookie policies reduce compliance. WHOIS data is unavailable, which raises some concerns about domain registration transparency but does not directly impact the legitimacy of the business as presented on the site. Overall, the website is functional and trustworthy for its business purpose but could improve in security and privacy compliance.

P

Pavel Miřejovský

dusty.cz

51

The website dusty.cz represents a personal portfolio for Pavel Miřejovský, a Czech freelance designer specializing in computer graphics, print material preparation, web presentation design, and GUI design for mobile applications. The site targets clients seeking professional design services in the Czech Republic and operates as a small-scale freelance business. The website is simple, with basic content and consistent branding, but lacks comprehensive business or legal documentation such as privacy or cookie policies. Technically, the site uses standard HTML5, CSS, JavaScript, and modern web fonts (WOFF2). It appears to be a static site without a CMS or complex frameworks. Mobile optimization is good, but accessibility and SEO are basic. No advanced analytics or advertising technologies are detected, indicating minimal tracking or marketing automation. From a security perspective, the site lacks visible security headers and no HTTPS status was provided, which may indicate suboptimal security posture. The absence of WHOIS data is a concern for domain legitimacy and transparency. No privacy or cookie policies are present, which impacts GDPR compliance. Contact information is clearly provided, but no incident response or vulnerability disclosure mechanisms are found. Overall, the website is functional and serves its purpose as a personal portfolio but has room for improvement in security, privacy compliance, and domain transparency. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and improving domain registration visibility to enhance trust and compliance.

S

Semetric Media

semetricmedia.com

61

Semetric Media is a small independent consulting practice specializing in content management, search, and web analytics. Established in 2009, it serves clients primarily in the US and Europe, focusing on pragmatic and goal-oriented solutions. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to business clients seeking consulting services. Technically, the site is built on Squarespace, leveraging modern web technologies and Google Tag Manager for analytics, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and cookie consent mechanisms. Privacy compliance is basic, with a privacy statement present but no cookie banner or GDPR explicit indicators. Overall, the site is trustworthy and professional but could improve in security and privacy transparency.

The domain websitesdude.com currently serves a 404 Not Found error page hosted by Admiral, a service provider specializing in copyright access control and privacy consent management for digital publishers. The page content indicates the domain is used to support digital copyright compliance, GDPR privacy consent, and subscription/donation functionalities, but no active business website content is present. The technical infrastructure leverages Google Cloud Platform and AWS DNS services, with HTTPS enforced and frequent certificate rotation, indicating a secure hosting environment. However, the absence of DNSSEC and security headers suggests room for improvement in domain and web security hardening. The security posture is solid with no executable or malicious content hosted, and incident response contact is provided via [email protected]. Overall, the domain registration is consistent and legitimate, but the lack of active content, contact information, and privacy/cookie policies limits the website's business credibility and user trust. The site is safe with no adult or questionable content detected.

The domain subseasecurity.com currently serves a 404 Not Found error page with embedded information indicating that the domain is used by Admiral, a service provider specializing in copyright access control and privacy consent management for digital publishers. The site content is minimal and primarily informational about the domain's purpose rather than providing a functional business website. The technical infrastructure is based on Google Cloud Platform with AWS DNS services, and the domain is registered through NameCheap with a stable registration history since 2016. Security practices mentioned include HTTPS enforcement and frequent certificate rotation, but no advanced security headers or vulnerability disclosure mechanisms are present. Overall, the site lacks substantive content, contact information, and user engagement features, resulting in a low content quality and business credibility score.

B

Bayerisches Staatsministerium für Wirtschaft, Landesentwicklung und Energie

by-cz.eu

65

The website www.by-cz.eu serves as the official platform for the INTERREG Bayern - Tschechien program, a European Union funded cross-border cooperation initiative between Bavaria and the Czech Republic for the 2021-2027 funding period. It provides comprehensive information about funding opportunities, project application processes, and program updates. The site is managed under the auspices of the Bavarian State Ministry for Economic Affairs, Regional Development and Energy, reflecting a strong governmental affiliation and public sector focus. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, and employs Matomo analytics configured to respect user privacy. The site is well-structured, mobile-optimized, and includes accessibility features such as easy language and sign language options. Security is well-handled with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. From a security and compliance perspective, the site shows good privacy compliance with GDPR-aligned cookie consent and a detailed privacy policy. However, no explicit security policy or incident response contact information is published, and WHOIS data is unavailable due to registry privacy protections. Despite this, the presence of official ministry logos and consistent branding supports the site's legitimacy. Overall, the website is a trustworthy, professional government portal with a clear mission to support cross-border regional development projects. Strategic recommendations include enhancing security headers, publishing a security.txt file, and providing explicit incident response contacts to further strengthen security posture and user trust.

A

Asociace vodní turistiky a sportu z.s.

avts.cz

43

Asociace vodní turistiky a sportu z.s. is a Czech non-profit association dedicated to representing and protecting the interests of water tourists and water sports enthusiasts in the Czech Republic. Founded in 2019, it serves a broad community of over 54,000 members including clubs, associations, companies, and individuals. The association actively participates in legislative processes, water management proceedings, and safety standardization to ensure sustainable and safe water tourism. It also engages in educational and advocacy projects to promote water sports and river accessibility. The website provides comprehensive information about the association's goals, members, and current activities, targeting water sports enthusiasts and related organizations.

A

ARCHITECTURAL STUDIO CREATE

create.works

56

The website www.create.works represents an architectural studio named ARCHITECTURAL STUDIO CREATE based in Bratislava, Slovakia. The business focuses on architecture with an emphasis on ecological solutions and modern design. The site is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies such as JavaScript, CSS, and HTML5. The technical infrastructure is typical for small service-oriented businesses using website builders, offering moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and privacy compliance mechanisms such as cookie consent or privacy policies. Contact information is clearly provided, enhancing business credibility, though social media links appear to be generic Wix accounts rather than company-specific profiles. WHOIS data is privacy protected, which is common for small businesses, and no suspicious patterns were detected. Overall, the website is professional and functional but would benefit from enhanced privacy compliance and security best practices.

I

Intuit Inc.

intuit.com

79

Intuit Inc. is a leading financial software company providing a suite of products including TurboTax, Credit Karma, QuickBooks, and Mailchimp. The company targets individual consumers, small and medium businesses, and accounting professionals, offering SaaS-based solutions that empower users with financial confidence. Intuit holds a strong market position as a trusted brand in the finance and technology sectors. The website reflects a mature digital infrastructure leveraging modern web technologies such as React and Next.js, optimized for performance and mobile responsiveness. Security posture is robust with HTTPS enforcement, comprehensive security headers, and privacy compliance mechanisms including GDPR adherence and cookie consent management. While WHOIS data is privacy protected, the domain and website content align with Intuit's corporate identity, supporting legitimacy. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with industry best practices.

P

Privacy service provided by Withheld for Privacy ehf

indieweb.org

46

IndieWeb.org is a community-driven platform promoting independent personal websites as an alternative to the corporate web. It provides resources, standards, and events to empower individuals to own their online identity and content. The website is built on MediaWiki and hosted on Linode, featuring a clean, accessible design with good navigation and mobile optimization. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and serves a niche technology community focused on decentralization and personal web ownership.

S

Soprema Iberia

soprema.es

56

Soprema Iberia is a well-established company specializing in waterproofing and insulation solutions for the construction industry, boasting over 100 years of experience. The company targets construction professionals including installers, distributors, and project designers, offering a broad portfolio of products and services focused on sustainable building practices. Their market position is strong within Spain and Europe, supported by comprehensive product documentation, training programs, and personalized technical advice. Technically, the website employs modern web technologies, integrates multiple analytics and marketing tools, and is hosted on reliable infrastructure with good performance and mobile optimization. Security posture is robust with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit security and incident response policies are not prominently published. Overall, the website reflects a professional and trustworthy digital presence aligned with the company's business goals.

S

Soprema Srl

soprema.it

55

Soprema Italia is a well-established company specializing in waterproofing and insulation solutions for the construction industry. The website reflects a mature digital presence with comprehensive product offerings, technical documentation, and training resources aimed at professionals such as architects and engineers. The company positions itself as a leader in sustainable building materials with a strong emphasis on innovation and environmental responsibility. Technically, the website uses modern web technologies and integrates marketing automation tools like Pardot and Google Tag Manager, hosted on AWS infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

M

Mountain Town LLC

retro.social

58

Retro Social is a small, niche decentralized social network operating on the Mastodon platform, themed around retro-futurism and the 19A0s aesthetic. Owned by Mountain Town LLC and operated by Andrew Roach, it serves a community fascinated by forgotten futures and offers access to the broader fediverse. The platform leverages open-source Mastodon software version 4.2.20 and is hosted on DreamHost infrastructure. Registration is periodically open and always available to Patreon backers, indicating a community-supported business model. Technically, the website uses modern web technologies including JavaScript, SVG, and CSS with a responsive design optimized for mobile devices. The site is well-structured with good SEO and accessibility basics, though some advanced accessibility features could be improved. Hosting on DreamHost and use of Mastodon software indicate a stable and recognized technical foundation. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and explicit security headers, which are recommended to enhance security posture. No incident response or vulnerability disclosure information is provided, and cookie consent mechanisms are absent, indicating room for improvement in privacy compliance. The WHOIS data shows privacy protection for the registrant, which is justified for this type of small social network. Overall, Retro Social presents a trustworthy and professional niche social platform with good business credibility and technical implementation. Strategic improvements in security headers, privacy compliance, and incident response transparency would strengthen its security posture and user trust.

R

RRT s.r.o.

autaslovensky.sk

52

AUTÁSLOVENSKY.sk is a specialized service provider focused on integrating Slovak and Czech language translations into vehicle control systems. With over 17 years of experience and more than 17,500 vehicles served, the company operates primarily in Slovakia and the Czech Republic, offering on-site installation and custom software development for automotive brands. The website reflects a professional and trustworthy business with clear contact channels and customer testimonials. Technically, the site uses modern web technologies including Google Tag Manager, reCAPTCHA v3, and LiveChat, ensuring user interaction and marketing capabilities. Security posture is solid with HTTPS and form protections, though additional HTTP security headers and incident response information could enhance resilience. Overall, the site is well-structured, GDPR compliant, and presents a credible business presence in the automotive localization niche.

Envo Demos is a newly established WordPress-based blog focused on philosophy content, branded as 'Mindblown'. The website currently hosts minimal content, including a welcome post, and targets a general audience interested in philosophical topics. The business model is primarily content-driven with no evident commercial services or products. Technically, the site uses WordPress with standard block editor features and jQuery libraries, hosted by WEDOS Internet, a reputable registrar and hosting provider. The site demonstrates basic mobile optimization and accessibility but lacks advanced SEO and performance tuning. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers, which are recommended for improved protection. Privacy compliance is minimal, with no visible privacy or cookie policies, and no contact or incident response information is provided. Overall, the site is functional but immature in terms of security and compliance maturity.

4

4DPrime

4dprime.com

62

4DPrime is a UK-based technology service provider specializing in mobile apps, websites, bespoke software, and AI solutions. Established in 2012, the company serves startups, SMEs, governments, and enterprises worldwide, positioning itself as a trusted digital partner with over two decades of experience. The website reflects a professional and modern digital presence built on the Astro framework, optimized for performance and mobile responsiveness. Security posture is solid with HTTPS and domain transfer protections, though improvements such as enabling DNSSEC and security headers are recommended. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the site demonstrates high business credibility and trustworthiness.

T

Tourismusverband Ostbayern e.V.

goldsteig-wandern.de

41

The website www.goldsteig-wandern.de serves as the official portal for the Goldsteig hiking trail, a prominent 660 km long trail in Bavaria and Bohemia, Germany. Operated by the Tourismusverband Ostbayern e.V., it provides comprehensive information on hiking routes, accommodations, events, and booking services. The site targets hiking enthusiasts and tourists seeking outdoor experiences in the region, positioning itself as a key player in regional tourism with recognized affiliations such as the Top Trails of Germany. Technically, the site employs modern web technologies, including JavaScript and CSS, and integrates third-party services like Google Translate and CCM19 for cookie consent management. The website is mobile-optimized, accessible, and SEO-friendly, offering a professional user experience. Security-wise, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and incident response contact information. Overall, the domain and website content are consistent and legitimate, with no signs of blocking or WAF interference.

The website at suckgame988.com currently serves only as a default server placeholder page, indicating that the domain is either not yet pointed to active content or is still propagating. There is no business information, contact details, or any form of user engagement present. The domain was registered in early 2023 and uses Cloudflare DNS services, but DNSSEC is not enabled. Hosting is provided by SiteGround, as indicated by the placeholder content. The technical infrastructure is minimal and lacks modern web features or CMS integration. Security posture is weak due to the absence of HTTPS and security headers, and no privacy or cookie policies are present, indicating a lack of compliance with common data protection standards. Overall, the site is not operational and provides no business or security assurances.

A

A.I.S. s.r.o.

ais.sk

54

A.I.S. s.r.o. is a Slovakian IT service provider established in 1999, specializing in computer network management, server administration, computer servicing, electronic security, and web development. The company targets businesses and organizations in need of comprehensive IT infrastructure and web solutions. Their website reflects a broad portfolio of services including hardware supply, VPN, firewall protection, and SGI hardware representation. Technically, the website uses standard HTML, CSS, and JavaScript with Google Analytics for tracking and a simple image gallery script. The site is accessible and moderately optimized but lacks advanced mobile responsiveness and accessibility features. Security posture is moderate; HTTPS is implied but no security headers or incident response contacts are published. Privacy compliance is partial, with a cookie consent banner present but no privacy policy or terms of service. Overall, the website is professional but could improve in compliance and security transparency.

Z

Zo školy do školy | IKAR

zoskolydoskoly.sk

55

The website zoskolydoskoly.sk is an e-commerce platform specializing in children's books targeted at children aged 0 to 12 years. It offers a wide catalog of books with a focus on educational and entertaining literature for young readers. The site is localized in Slovak language and hosted on a Slovak hosting provider, indicating a regional focus. The business appears to be newly established in 2024, consistent with the domain registration date. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and integrates Google Tag Manager for analytics and tracking, although it currently denies ad and analytics storage by default, showing some privacy consideration. Security posture is moderate with HTTPS and DNSSEC enabled, but lacks security headers and formal security policies. No privacy or cookie policies were found, which is a compliance gap. Contact information is not explicitly provided on the visible content, which may affect user trust and support accessibility. Overall, the website is professionally designed with good navigation and content relevance, suitable for its target audience. The content is safe with no adult or explicit material.

Stonožka is a Slovak online book retailer that is ceasing its direct online sales operations by the end of 2024. The website serves primarily as an announcement and redirect page, guiding customers to the partner platform www.bux.sk for future purchases. The business model is focused on e-commerce retail of books, targeting Slovak-speaking customers. The site content is minimal and primarily informational, with no interactive elements or advanced technical features. Technically, the website uses basic HTML and CSS with Google Fonts, but lacks modern CMS or frameworks. Security posture is weak, with no visible HTTPS confirmation, security headers, or privacy policies. Contact information is provided but limited to email and phone for complaints. Overall, the site is functional for its limited purpose but lacks comprehensive security and compliance features.

M

MOLDAVITES.COM

moldavites.com

37

The website moldavites.com serves as an informational resource focused on Moldavites, a type of natural glass formed by meteorite impacts, along with related tektites and meteorites. It targets collectors, enthusiasts, and researchers interested in these geological specimens. The site provides detailed scientific and historical content, including electron microprobe analyses and descriptive information about Moldavites' origin and characteristics. The business model appears to be primarily educational with possible ancillary sales or inquiries through contact forms, though no direct e-commerce functionality is evident. From a technical perspective, the website is built using basic HTML and CSS without modern frameworks or CMS platforms. Hosting is provided by WEDOS Internet, a Czech provider, consistent with the domain's geographic focus. The site lacks mobile optimization and accessibility features, and SEO is basic. No analytics or tracking technologies are detected, indicating minimal data collection. Security posture is weak, with no evidence of HTTPS enforcement, security headers, or DNSSEC. The WHOIS data is transparent and consistent with the website's theme and location, supporting legitimacy. However, the absence of privacy, cookie, and terms of service policies indicates non-compliance with GDPR and other privacy regulations. No incident response or vulnerability disclosure information is provided. Overall, the website is a niche informational resource with moderate trustworthiness but requires significant improvements in security, privacy compliance, and technical modernization to enhance user trust and regulatory adherence.

D

Dave Design

davedesign.cz

43

Dave Design is a Czech-based graphic and web design studio established in 1998, specializing in custom web design, graphic design, corporate identity, SEO, e-shops, and related digital services. The company serves a diverse client base ranging from small businesses to large corporations such as Vítkovice Steel. Their website reflects a professional and consistent brand image with a portfolio showcasing various projects and client references. Technically, the website uses traditional web technologies including HTML, CSS, JavaScript, and jQuery, supplemented by Google Analytics and Tag Manager for tracking. While the site is functional and well-structured, it lacks modern security headers and privacy compliance features such as a privacy policy or cookie consent mechanism. Security posture is moderate with room for improvement, especially in enforcing HTTPS and updating outdated libraries. Overall, the website is trustworthy and credible but would benefit from enhanced security and privacy practices.

O

Obchodní a technologický holding a.s.

otholding.cz

40

Obchodní a technologický holding a.s. is a Czech investment holding company focused on technology and startups. The company provides a portfolio of services including lead management, mobile app development, web notifications, LED panel rentals, and digitalization solutions for municipalities. Their market position is that of an innovator and quality leader in their sectors, targeting businesses and startups primarily in the Czech Republic and Slovakia. The website content is professional and well-structured, supporting their business model and market positioning. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and popular libraries such as jQuery, Swiper.js, and BaguetteBox.js. Google Analytics and Google Tag Manager are used for tracking, but no explicit privacy or cookie policies are present, indicating a gap in privacy compliance. The site shows moderate performance and basic mobile optimization. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, no security headers were detected, and there is no visible incident response or security policy information. The lack of WHOIS data reduces trust and transparency, which is a concern for legitimacy. Overall, the security posture is moderate but could be improved with better privacy compliance and security best practices. The overall risk assessment suggests a generally trustworthy and professional business website with some compliance and transparency gaps. Strategic recommendations include implementing privacy and cookie policies, adding security headers, improving mobile and accessibility features, and enhancing contact and incident response information to strengthen trust and security posture.

Pošumavská odpadová, s.r.o. is a regional waste management company operating primarily in the Czech Republic, serving over 48 municipalities and more than 53,000 residents. The company provides comprehensive waste services including mixed municipal waste, sorted waste, hazardous waste, bulk waste, and bio waste management. They operate multiple collection yards across several towns including Klatovy, Sušice, Kašperské Hory, and Kolinec. The website reflects a regional service provider with a focus on public and municipal waste management needs. Technically, the website uses legacy HTML with windows-1250 charset and includes common JavaScript libraries such as jQuery and Google Analytics for tracking. The site lacks modern CMS indicators and advanced frameworks, suggesting a basic but functional technical infrastructure. Performance and mobile optimization are moderate to basic, with room for improvement in accessibility and SEO. From a security perspective, the site uses HTTPS and includes Google site verification, but lacks visible security headers and privacy or cookie policies, indicating gaps in compliance and security best practices. No WHOIS data is available, which reduces transparency and trustworthiness. The site does not appear to be blocked or protected by a WAF, and no forms collecting sensitive data are present. Overall, the website is functional and provides relevant business information but requires improvements in privacy compliance, security posture, and technical modernization to enhance trust and user experience.

P

PrintLife

printlife.cz

57

PrintLife is a small local printing service provider based in Brno, Czech Republic, specializing in express printing services including business cards, flyers, posters, catalogs, and banners. The website is built on the Webnode platform and hosted via Amazon Cloudfront CDN, indicating a modern and scalable technical infrastructure. The site is well-structured, mobile-optimized, and provides clear navigation for its target audience. However, the absence of WHOIS registration data and lack of explicit contact information on the website reduce the overall trustworthiness from a security and compliance perspective. The site uses HTTPS and implements a cookie consent mechanism, but lacks visible privacy policy and security headers, which are important for GDPR compliance and security best practices. Overall, the website presents a professional business front but would benefit from enhanced transparency and security measures.

A

Algopine

algopine.com

56

Algopine is a specialized technology company providing data science, machine learning, and AI-driven predictive software services primarily targeting e-commerce, retail, and industrial sectors. Their offerings include demand forecasting, personalized recommendations, price elasticity modeling, and custom AI projects leveraging large language models and other advanced techniques. The company positions itself as a niche provider with a strong focus on delivering practical, data-driven solutions to optimize business operations for large clients. The website is professionally designed, well-structured, and mobile-optimized, reflecting a mature digital presence. Technically, the site uses modern web standards and custom analytics, though it lacks some advanced security headers and DNSSEC. Security posture is good with HTTPS enforced and domain transfer protections in place, but could be improved with additional policies and headers. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism. Overall, Algopine demonstrates a credible and trustworthy online presence with room for enhanced security and compliance documentation.

Úhlava o.p.s. is a Czech non-profit organization focused on lifelong education and regional development in the Plzeňský kraj region. The website serves as a portal for educational offerings, community events, and regional initiatives targeting a broad audience from children to seniors. The organization has a long-standing presence since 2001, reflected in the domain age and active content updates. Technically, the website uses standard web technologies including JavaScript libraries, Google Fonts, and social media SDKs, but lacks modern CMS or advanced frameworks. Security posture is moderate with no visible HTTPS or security headers in the provided data, and privacy compliance is weak due to missing privacy and cookie policies. The site integrates Google Analytics and DoubleClick for tracking and advertising, indicating moderate user tracking. Overall, the website is functional and professionally presented but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

W

Weber

weberpas-mixer.cz

41

The website 'Weberpas mixer' is a newly launched digital platform associated with the Weber brand, specializing in construction materials such as facades, plasters, coatings, insulation, flooring, and waterproofing. It serves primarily construction professionals and consumers in the Czech Republic, offering product-related tools and links to related Weber services. The site is part of the Saint-Gobain group, indicating a strong market position in the manufacturing sector. Technically, the site is built on Angular 10.1.6, with a modern frontend but limited backend or CMS indications. The site is mobile-optimized with basic accessibility and SEO features but lacks advanced analytics or tracking.

puren gmbh is a German manufacturing company specializing in high-performance polyurethane rigid foam insulation products. Their website showcases a broad product portfolio targeting architects, planners, trade professionals, industry OEMs, private builders, and the housing sector. The company emphasizes sustainability and energy efficiency in construction. Technically, the website is built on TYPO3 CMS, employs modern web technologies, and includes GDPR-compliant privacy and cookie consent mechanisms. The site is well-structured, mobile-optimized, and professionally designed, reflecting a mature digital presence. Security posture is generally good with HTTPS enforced and secure session management, though the absence of security headers and a public security policy are areas for improvement. The WHOIS data is missing or unavailable, which raises concerns about domain registration transparency, but the website's comprehensive contact information and social media presence support its legitimacy. Overall, the site scores well on content quality, technical implementation, privacy compliance, and business credibility, with recommendations to enhance security headers and publish incident response information.

P

PREFA International

prefa.com

54

PREFA International is a well-established manufacturer specializing in high-quality aluminium products for roofing, facades, and flood protection, offering a 40-year material and color guarantee. The company targets construction professionals and building owners across multiple European countries, as evidenced by their extensive network of localized websites. The business model focuses on manufacturing and distributing durable aluminium building materials, positioning PREFA as a trusted international brand in the construction sector. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript and CSS technologies. The site demonstrates good mobile optimization and SEO practices, although performance is moderate. The absence of visible analytics or tracking scripts suggests a minimal user tracking approach. However, the lack of cookie consent mechanisms indicates room for improvement in privacy compliance. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data in its HTML content. Nonetheless, the absence of security headers such as Content-Security-Policy and X-Frame-Options reduces the overall security posture. The WHOIS data is notably missing or inaccessible, which raises some concerns about domain registration legitimacy, although the professional and consistent website presence mitigates these concerns to some extent. Overall, PREFA International's website is professional and trustworthy, with solid business credibility and technical implementation. Strategic improvements in privacy compliance and security headers, along with clarifying domain registration details, would enhance the site's security and trustworthiness further.

The website kostelchudenice.cz is dedicated to the Church of St. John the Baptist in Chudenice, Czech Republic, focusing on the restoration project funded by the EU and promoting cultural tourism. It provides detailed historical and restoration information, contact details for the local parish and museum, and links to partner sites. The site is small-scale, serving a local audience interested in cultural heritage. Technically, it uses a legacy charset and common JavaScript libraries like jQuery and Fancybox, with Google Analytics for visitor tracking but lacks modern security headers and privacy compliance features. The security posture is moderate but could be improved by implementing HTTPS verification, security headers, and privacy policies. Overall, the site is functional and informative but requires enhancements in privacy compliance and security best practices to improve trust and regulatory adherence.

K

Koupelny JaS

koupelny-jas.cz

49

Koupelny JaS is a Czech retail and wholesale company specializing in ceramic tiles, bathroom equipment, and accessories. Established in 1992, it operates multiple physical stores across the Czech Republic and offers services including delivery, 3D bathroom design, and professional installation. The website is well-structured, providing detailed product catalogs and clear contact information, supporting its market position as a reputable regional player in the bathroom retail sector. Technically, the site uses modern JavaScript libraries and tracking tools such as Google Analytics 4 and Sklik.cz, with good mobile optimization and user experience. Security posture is moderate with HTTPS usage and cookie consent mechanisms, but lacks visible advanced security headers. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact details appear legitimate. Overall, the site presents a professional and trustworthy front for its business operations.

The website www.chudenice.eu is a local community informational portal focused on the town of Chudenice and its surroundings in the Czech Republic. It provides historical, cultural, tourism, and event information relevant to residents and visitors. The site is modest in scale, targeting a general audience interested in local heritage and tourism. The business model appears to be informational and community service oriented, with no direct commercial transactions evident. Technically, the site uses legacy web technologies including HTML with windows-1250 charset and IE8 compatibility, along with JavaScript libraries such as jQuery and integrations with Facebook SDK and Google Analytics for social and tracking purposes. However, the site lacks modern security practices such as HTTPS enforcement and security headers, and does not provide privacy or cookie policies, which impacts its privacy compliance and security posture. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. The domain WHOIS data is not publicly available due to EURid privacy protection, which is common for .eu domains and does not raise immediate legitimacy concerns. Overall, the site is functional for its purpose but requires improvements in security, privacy compliance, and technical modernization.

Obecní úřad Petrovice operates as the local municipal government office for Petrovice u Sušice, providing administrative and public services to residents and visitors. The website serves as an information portal offering contact details, official documents, public notices, and community updates. The target audience is primarily local citizens and stakeholders interested in municipal affairs. The business model is that of a government entity focused on local administration and public service delivery. Technically, the website employs standard web technologies including HTML, CSS, JavaScript, and integrates Google Analytics for visitor tracking alongside a cookie consent management system to comply with privacy regulations. The site demonstrates basic mobile optimization and accessibility features but lacks advanced frameworks or CMS identification. Performance is moderate with room for improvement in responsiveness and SEO. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers such as CSP or HSTS. The contact form includes anti-spam honeypot fields, indicating some attention to security. However, the absence of WHOIS data and security policy pages suggests areas for enhancement in transparency and trust. No critical vulnerabilities or adult content were detected, and privacy compliance appears adequate. Overall, the website is functional and serves its purpose as a municipal information portal but would benefit from improved security practices, enhanced technical modernization, and clearer domain registration transparency to strengthen trust and compliance.

Kovopol.cz represents a manufacturing business operating under the parent company KAVALIERGLASS a. s., specializing in the production and supply of industrial machinery including automats for nail production, accessories, and equipment for automotive repair and casting. The company targets industrial clients and machine operators primarily in the Czech Republic. The website content is basic but informative, providing product categories and contact details, though lacking modern web design and mobile optimization. Technically, the site uses simple HTML, CSS, and JavaScript without modern frameworks or CMS, and there is no evidence of HTTPS or advanced security measures. Security posture is weak due to missing HTTPS and security headers, and there are no visible privacy or cookie policies, which impacts compliance with GDPR. Overall, the site is functional but requires significant improvements in security, privacy, and technical modernization to enhance trust and user experience.

N

Nameshift.com

wfa.be

48

Nameshift.com operates a domain name marketplace and escrow service designed to facilitate safe and fast domain transfers without additional fees to buyers. The company targets individuals and businesses seeking secure domain acquisition with escrow protection. The website is built using modern web technologies such as SvelteKit and serves content via a CDN, indicating a contemporary technical infrastructure. However, the site currently shows mostly placeholder content, suggesting it may be under development or loading dynamically. From a security perspective, the website uses HTTPS for asset delivery but lacks visible security headers and formal security policies. There are no privacy or cookie policies, and no contact emails or phone numbers are provided, which limits transparency and user trust. The domain is very recently registered in May 2024, which may be appropriate for a new business but reduces historical trust indicators. The footer provides company registration and VAT details consistent with a Dutch entity. Overall, the website presents a basic but functional domain purchase service with escrow, but it lacks comprehensive privacy, security, and contact information. The technical implementation is modern but could benefit from improved accessibility, SEO, and security best practices. The risk level is moderate due to the new domain age and limited transparency. Strategic recommendations include adding privacy and cookie policies, publishing security and incident response information, providing clear contact channels, and enhancing content completeness and accessibility to improve trust and compliance.

D

Dřevoplast Ludvík s.r.o.

drevoplast.com

45

Dřevoplast Ludvík s.r.o. is a Czech family-owned manufacturing company specializing in plastic packaging and components, with over 30 years of experience serving diverse industrial sectors including automotive, food, chemical, cosmetic, healthcare, and beekeeping. The company operates both manufacturing and e-commerce channels, offering custom production and a range of plastic products. The website is professionally designed, mobile-optimized, and provides clear contact information and social media presence, reflecting a mature digital presence. Technically, the website uses modern JavaScript and CSS technologies with Google Tag Manager for analytics. It is served over HTTPS with cookie consent mechanisms in place, demonstrating good privacy compliance. However, the absence of security headers and lack of a dedicated security policy or incident response information indicate areas for improvement in security posture. The WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy and consistency with the company's claimed long history. Despite this, the website content and business information appear credible and trustworthy. Overall, the site scores well on content quality, privacy compliance, and business credibility but should address domain registration transparency and enhance security headers. Strategic recommendations include implementing security headers, publishing security and incident response policies, verifying domain registration details, and continuing to enhance privacy and security practices to strengthen trust and compliance.

Studio Artefakt s. r. o. is a Czech-based advertising and graphic design studio established in 2001, offering a range of creative services including graphic design, corporate events, professional photography, and 3D services. The company targets businesses seeking personalized and flexible marketing solutions. The website reflects a small, local creative agency with consistent branding and a basic but functional online presence. Technically, the website is built with standard HTML, CSS, and JavaScript without modern frameworks or CMS. Hosting is provided by REG-INTERNET-CZ with domain name servers at forpsi.net. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. From a security perspective, the website lacks visible security headers and privacy or cookie policies, which may indicate compliance gaps with GDPR and other regulations. HTTPS status is not confirmed from the data provided, which is a critical security aspect. No incident response or vulnerability disclosure information is present. The WHOIS data is consistent and trustworthy, supporting the legitimacy of the domain and business. Overall, the website is safe with no adult or questionable content, but improvements in security posture, privacy compliance, and technical modernization are recommended to enhance trust and user experience.

G

Gabriela Schenelová

ge-style.cz

43

GE-style.cz is a Czech Republic-based small retail business specializing in stylish women's clothing, operating both an online e-commerce platform and a physical store in Rohatec. The website offers a variety of women's fashion products including dresses, tops, skirts, and accessories, targeting female customers interested in fashionable apparel. The business presents clear contact information, including email and physical addresses, and maintains active social media profiles on Facebook and Instagram, enhancing customer engagement and trust. Technically, the website is built on a custom or proprietary e-commerce platform, utilizing modern frontend technologies such as JavaScript, CSS, and HTML5, with frameworks like Bootstrap and Tiny Slider. The site is mobile-optimized with good SEO practices and includes cookie consent mechanisms compliant with GDPR. Performance is moderate, and accessibility features are basic but functional. From a security perspective, the website enforces HTTPS and employs cookie consent for privacy compliance. However, it lacks visible security headers and does not provide incident response or vulnerability disclosure information, which are areas for improvement. The absence of WHOIS data for the domain reduces trustworthiness from a domain registration perspective, although the website content and business information appear legitimate and consistent with a small retail operation. Overall, GE-style.cz demonstrates a solid business and technical foundation with good privacy compliance but could enhance its security posture and domain transparency to improve trust and resilience against potential threats.