Security Directory

B

BIONIK Stapro Group s.r.o.

bionik.cz

51

BIONIK Stapro Group s.r.o. is a Czech Republic-based specialist distributor of medical devices, focusing on ultrasound machines, surgical instruments, bone implants, and external fixators. Established in 1990, the company holds exclusive representation for several reputable medical brands and provides authorized warranty and post-warranty services. Their website targets healthcare professionals and medical facilities, offering detailed product information and news updates. Technically, the website is built on WordPress with Elementor, uses modern web technologies, and includes Google Analytics and reCAPTCHA for security and analytics. The site is well-optimized for SEO and mobile devices, with a clear cookie consent mechanism and GDPR-compliant privacy policy. Security posture is strong with HTTPS enforced and security headers present, though explicit security policies and incident response information are absent. Overall, the website is professional, trustworthy, and compliant with relevant privacy regulations.

A

Arthrex s.r.o.

arthrex.cz

68

Arthrex s.r.o. is a subsidiary of Arthrex Inc., a global leader in medical technology specializing in orthopedic and sports medicine products. Operating in the Czech Republic and Slovakia since 2019, the company provides innovative surgical instruments, educational resources, and integrated solutions for healthcare professionals. The website reflects a professional and comprehensive digital presence, targeting surgeons and medical institutions with detailed product portfolios and contact information. Technically, the website is built on the Webflow platform, utilizing modern JavaScript libraries such as jQuery, Splide.js, and Slick Carousel for interactive elements. It integrates Google Analytics and Google Tag Manager for tracking and marketing purposes, with a robust cookie consent mechanism ensuring GDPR compliance. The site is mobile-optimized and features good SEO practices, though some accessibility improvements could be made. From a security perspective, the site enforces HTTPS and employs cookie consent with opt-in mechanisms. However, no explicit security headers were detected, and no dedicated security or incident response policies are published. The absence of WHOIS data limits domain trust verification, but the professional content and external references support legitimacy. Overall, the security posture is solid but could benefit from enhanced headers and transparency. The overall risk assessment is moderate-low, with recommendations to improve security headers, publish incident response and vulnerability disclosure policies, and enhance accessibility. The business credibility is high, supported by clear contact details, legal documentation, and consistent branding.

M

MedText

medtext.eu

56

MedText is a specialized communication platform designed to provide GDPR-compliant messaging solutions for healthcare organizations. The service targets healthcare providers who require secure, efficient, and compliant communication tools to improve patient care coordination. The website presents a professional and consistent brand image, emphasizing compliance certifications and user testimonials to build trust. The business model is subscription-based, focusing on organizational use rather than individual consumers. Technically, the website is built on OctoberCMS and leverages modern web technologies including Google Analytics and Tag Manager for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security is well addressed with HTTPS enforcement and claims of end-to-end encryption, although some security headers are not explicitly detected in the HTML content. Privacy compliance is strong, with a comprehensive privacy policy, cookie consent mechanism, and GDPR-focused messaging. The security posture is solid but could be improved by publishing explicit security policies and incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is privacy protected, which is common and justified for this type of healthcare communication service. Overall, the domain and website appear legitimate and trustworthy. The overall risk is low, with recommendations to enhance security headers, publish incident response information, and consider a vulnerability disclosure policy to further strengthen trust and compliance.

Zdravotnické nakladatelství Galén is a Czech-based medical publishing company specializing in medical literature and related health content. Established since 1998, it operates an online bookstore and supports medical professionals, students, and the general public interested in healthcare. The website offers a catalog of books, music projects, and medical resources, positioning itself as a niche player in the Czech healthcare publishing market. Technically, the site uses legacy JavaScript libraries and integrates Google Analytics and Tag Manager for tracking. The hosting is managed by REG-ZONER, consistent with the domain's WHOIS data. Security posture shows room for improvement, with session IDs exposed in URLs and lack of security headers. Privacy compliance is partial, with a GDPR page present but no cookie consent mechanism. Overall, the site is functional and trustworthy but would benefit from modern security and privacy enhancements.

M

Medsol s.r.o.

medsol.cz

42

Medsol s.r.o. is a specialized healthcare technology company based in the Czech Republic, focusing on medical devices, clinical and hospital information systems, and intensive care solutions. Their website clearly targets healthcare professionals, restricting access to non-experts by legal disclaimer. The company offers products such as Metavision, consumables, defibrillators, and vital signs monitors, positioning itself as a niche provider in the healthcare technology sector within the Czech and Slovak markets. Technically, the website is built on WordPress with modern frontend libraries like Bootstrap and jQuery, and integrates Google Analytics and Sklik for marketing and tracking purposes. The site is mobile optimized and presents a professional design with clear navigation. Security-wise, HTTPS is enforced, but the absence of security headers and privacy/cookie policies indicates room for improvement. The lack of WHOIS data reduces domain trust, though the website content and structure suggest a legitimate business. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security hardening.

S

SNOTY, s.r.o.

snoty.cz

48

SNOTY, s.r.o. is a Czech small business established in 1995 specializing in manufacturing promotional confectionery products such as hygienically packaged sugars, chocolate-covered almonds, biscuits, lollipops, and chocolates with custom advertising prints. The company holds a strong and stable market position in the Czech Republic, serving a diverse range of business customers seeking promotional items. The website is professionally designed with clear navigation and good mobile optimization, leveraging common web technologies including Bootstrap, jQuery, and Google Analytics. Security measures include Google reCaptcha integration, but lack of visible security headers and missing privacy and cookie policies indicate room for improvement. WHOIS data is unavailable, which slightly reduces domain trustworthiness, but the website content and contact information appear legitimate and consistent with the business claims. Overall, the site presents a moderate security posture and good business credibility.

S

SNT Plus s.r.o.

sntplus.cz

57

SNT Plus s.r.o. is a Czech Republic-based company specializing in the supply and servicing of medical device technology, including ultrasound imaging, patient monitoring systems, pulmonary ventilation, and defibrillators. Established since 1999, the company targets healthcare professionals and medical service providers, offering a broad portfolio of products and professional services. Their market position is that of a reliable and established healthcare technology supplier with a professional online presence and active social media engagement. Technically, the website is built on the Webflow platform, utilizing modern web technologies such as Google Tag Manager and Google Analytics for tracking, with a responsive design optimized for mobile devices. Security posture is good with HTTPS enforced and cookie consent implemented; however, the absence of security headers and WHOIS data reduces overall trust. Privacy compliance is strong, with a comprehensive GDPR policy and cookie banner with consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, though improvements in security headers and domain registration transparency are recommended.

H

Handicap trade s.r.o.

handicaptrade.cz

40

Handicap trade s.r.o. is a Czech company specializing in the development, manufacture, and distribution of locomotion aids and medical supplies, including orthopedic braces, crutches, and rehabilitation products. The company holds a significant market position domestically, covering approximately one-third of the Czech market and exporting a portion of its production. The website reflects a professional business focused on healthcare products with a clear product catalog and user-friendly navigation. Technically, the website employs modern frontend technologies such as Bootstrap and jQuery, with Google Analytics integrated for visitor tracking. The site is mobile responsive and well-structured, though it lacks visible privacy and cookie policies, which impacts compliance and user trust. Security headers are not detected in the provided data, indicating room for improvement in security hardening. From a security perspective, the site uses HTTPS, but the absence of WHOIS data and security headers reduces the overall trustworthiness. No contact emails or phone numbers are explicitly provided, which may hinder user communication and trust. There is no evidence of a formal privacy policy or cookie consent mechanism, which is a compliance gap, especially under GDPR regulations. Overall, the website is functional and content-rich but requires enhancements in privacy compliance, security best practices, and transparency of contact information to improve its risk profile and user trust.

N

Nadační fond AKUTNĚ.CZ

akutne.cz

61

AKUTNĚ.CZ is an established Czech educational and publishing portal focused on acute medicine, targeting pre- and post-graduate medical students and healthcare professionals. The platform offers a variety of educational resources including medical algorithms, publications, webinars, and conferences, positioning itself as a key player in the Czech medical education sector. The website is professionally designed with consistent branding and strong partnerships with reputable medical organizations and companies, enhancing its credibility. Technically, the website employs modern web technologies including JavaScript, CSS, and SVG graphics, with Google Analytics integrated for traffic monitoring. The site is mobile-optimized and accessible, with a cookie consent mechanism in place, though it lacks explicit privacy and terms of service documentation. Performance is moderate, and SEO practices are good, supporting user engagement and discoverability. From a security perspective, the site uses HTTPS and implements cookie consent, but lacks advanced security headers and incident response contact information. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust assessment, but the website content and business information suggest legitimate and professional operation. Overall, AKUTNĚ.CZ presents a trustworthy, well-maintained educational platform with room for improvement in privacy documentation and security best practices. Strategic enhancements in these areas would strengthen compliance and user trust.

V

Viamed s.r.o.

viamed.cz

53

Viamed s.r.o. is a Czech Republic based company specializing in the distribution of high-quality medical devices and healthcare products, focusing on sectors such as dermatology, gynecology, stomatology, and veterinary medicine. The company offers key services including ultrasound equipment, electrochirurgy, cryosurgery, and sterilization solutions, targeting healthcare professionals and institutions within the Czech market. The website is professionally designed using the Wix platform, featuring structured data that enhances search engine visibility and provides clear contact information. Technically, the site employs modern web technologies and integrates Google Analytics and Tag Manager for user tracking, though there is room for improvement in accessibility and SEO optimization. Security posture is adequate with HTTPS enabled, but lacks important security headers and privacy compliance elements such as privacy and cookie policies. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trustworthiness. Overall, the site presents a legitimate and professional business presence but should address compliance and security gaps to enhance trust and regulatory adherence.

M

Medicton Group s.r.o.

medicton.com

63

Medicton Group s.r.o. is a Czech Republic-based company specializing in the sale, service, and calibration of medical devices and healthcare technology. Established in 2003, the company offers a broad range of services including warranty and post-warranty servicing, metrological verification, audits of medical practices, and operates an e-commerce platform for medical products. Their target audience primarily consists of healthcare providers and medical facilities within the region. The company maintains a professional online presence with clear contact channels and compliance with GDPR and cookie regulations. Technically, the website is built on WordPress with modern plugins and themes, offering good mobile optimization and SEO practices. Security posture is adequate with HTTPS and reCAPTCHA implemented, though there is room for improvement in security headers and explicit security policies. Overall, Medicton Group demonstrates a mature digital infrastructure aligned with its business operations and regulatory requirements.

E

EMBITRON s.r.o.

embitron.cz

56

EMBITRON s.r.o. is a Czech Republic-based company specializing in the research, development, manufacturing, sale, and servicing of medical and physiotherapy equipment including surgical monitors, endoscopy devices, digital operating room solutions, and embedded IT medical solutions. The company targets healthcare providers and OEM/ODM partners, positioning itself as a niche player in the healthcare technology sector. The website reflects a professional and consistent brand image with multilingual support and participation in industry events, indicating active market engagement. Technically, the website is built on the Webnode CMS platform, leveraging AWS Cloudfront CDN for hosting and performance. It uses modern JavaScript libraries and Google Analytics for tracking. The site is mobile-optimized with moderate performance and basic accessibility features. However, some SEO and accessibility improvements could be made. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism with advanced user controls. No security headers were detected, and no explicit privacy policy or terms of service pages were found, which are areas for improvement. The absence of WHOIS data for the domain reduces trustworthiness, although the website content and business information appear legitimate and professional. Overall, the website scores moderately well in content quality, technical implementation, security posture, privacy compliance, and business credibility. Strategic recommendations include publishing clear privacy and terms policies, enhancing security headers, providing explicit contact information, and verifying domain registration details to improve trust and compliance.

S

Sanatoria Klimkovice

sanatoria-klimkovice.cz

48

Sanatoria Klimkovice is a Czech healthcare provider specializing in therapeutic and rehabilitative services for adults and children suffering from musculoskeletal, neurological, gynecological, circulatory, and metabolic disorders. The organization is recognized as a national leader in early rehabilitation following major joint replacements and offers specialized neurorehabilitation services. Their business model includes treatments covered by health insurance as well as self-paid stays, complemented by wellness and accommodation services. The website is professionally designed, mobile-optimized, and provides comprehensive information about services, partners, and contact details. Technically, the site uses a range of JavaScript libraries and APIs, including jQuery, Google Analytics, and Mapy.cz for mapping, but some libraries are outdated, posing potential security risks. Security posture is generally good with HTTPS and cookie consent mechanisms, but lacks advanced security headers and incident response disclosures. WHOIS data is unavailable, which impacts domain trustworthiness. Overall, the site is a credible and professional digital presence for a healthcare institution with room for technical and security improvements.

D

DeepIntent

deepintent.com

64

DeepIntent operates as a leading healthcare advertising demand side platform, providing healthcare marketers and pharmaceutical companies with advanced tools to create, launch, and optimize advertising campaigns. The platform leverages patented technology and real-time health intelligence to deliver precise audience targeting and measurable outcomes. Positioned strongly in the healthcare marketing sector, DeepIntent serves top pharmaceutical clients and agencies, supported by multiple industry awards and a comprehensive partner ecosystem. Technically, the website is built on modern web technologies including Webflow CMS, Google Tag Manager, and advanced JavaScript libraries such as GSAP. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Analytics and marketing tools are integrated to support data-driven decision making. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks some advanced security headers and explicit incident response information. Privacy policies are comprehensive and GDPR compliant, though cookie consent mechanisms could be enhanced. Overall, the security posture is solid but could benefit from additional transparency and controls. The overall risk assessment is low, with no signs of malicious activity or suspicious domain registration. The subdomain analyzed is consistent with the parent domain deepintent.com, a reputable entity. Strategic recommendations include improving security headers, publishing vulnerability disclosure policies, and enhancing cookie consent mechanisms to further strengthen trust and compliance.

P

phactMI

phactmi.org

62

phactMI is a non-profit collaboration of pharmaceutical industry Medical Information leaders dedicated to providing healthcare professionals with accurate, evidence-based drug information to support clinical decision making. The organization offers a searchable drug information database, scientific responses to healthcare professional inquiries, and access to clinical experts within member companies. Their market position is that of a trusted source in the pharmaceutical and healthcare information sector, primarily targeting licensed healthcare professionals in the United States and Puerto Rico. Technically, the website is built using modern web technologies including React, Google Analytics, Google Tag Manager, and various marketing and tracking tools. The site is mobile optimized with good navigation and content relevance. Performance is moderate, and SEO practices are adequately implemented. The site uses HTTPS and includes cookie consent mechanisms, but lacks explicit security headers and a dedicated security policy page. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for form protection. However, it could improve by implementing comprehensive security headers and publishing incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic but present, with clear privacy and cookie policies. Overall, phactMI presents a professional, trustworthy, and secure online presence appropriate for its healthcare-focused mission. Strategic recommendations include enhancing security headers, publishing a security policy, and improving transparency around incident response to further strengthen trust and compliance.

L

Lightspeed

lightspeedhq.com

75

Lightspeed is a leading provider of fast, intuitive point of sale (POS) and commerce platforms tailored for retail, hospitality, and golf businesses. The company positions itself as a market leader offering comprehensive SaaS solutions that enable businesses to streamline operations and enhance customer experiences. The website reflects a mature digital presence with professional branding and clear messaging targeting business customers in these sectors. Technically, the site leverages modern web technologies including WordPress CMS, Tailwind CSS, Google Tag Manager, and advanced analytics tools such as Datadog RUM and Visual Website Optimizer, indicating a high level of digital maturity and performance optimization. Security posture is strong with HTTPS enforcement, reCAPTCHA Enterprise integration, and comprehensive cookie consent management, although the absence of a dedicated security policy or incident response information suggests room for improvement in transparency and preparedness. Overall, the website is professional, trustworthy, and well-optimized, but the lack of WHOIS data and some security documentation slightly reduce the overall trust score.

C

CrazyCall Inc.

channels.app

58

Channels, operated by CrazyCall Inc., is a technology company offering a data-driven business phone system designed to enhance customer service and sales operations. The platform integrates with popular CRM and eCommerce tools, providing features such as international phone numbers, two-way SMS, and web call widgets. Positioned as a modern alternative to traditional phone systems, Channels targets businesses seeking to improve customer engagement and operational efficiency. The website is professionally designed with clear navigation and strong trust signals including customer testimonials and third-party review ratings. Technically, the site is built on WordPress with a modern tech stack including jQuery, Google Analytics, Amplitude, and Calendly integrations. The site is mobile optimized and SEO friendly, though accessibility could be improved. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks published security policies or incident response information. Overall, the domain registration is consistent with the business identity, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and implementing vulnerability disclosure mechanisms to further strengthen trust and compliance.

R

Rádio JIH

radiojih.cz

10

Rádio Jih is a regional radio broadcaster serving the southern Moravia region of the Czech Republic. The website offers online streaming, program schedules, playlists, contests, and local news content, positioning itself as a key media outlet for local audiences. The business model centers on media broadcasting with advertising and event promotion, supported by partnerships with local businesses. The site demonstrates a good level of digital maturity with a WordPress CMS infrastructure, integration of GDPR-compliant cookie consent mechanisms, and active social media engagement. Technically, the website uses modern web technologies including jQuery and WordPress plugins such as Complianz for GDPR compliance. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Performance is moderate, with room for improvement in accessibility and additional security headers. From a security perspective, the site enforces HTTPS and uses cookie consent banners, but lacks published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data reduces domain trustworthiness, though the website content and compliance measures indicate legitimate operations. Overall, the website is professional, compliant with privacy regulations, and trustworthy for its audience. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and verifying domain registration details to improve trust and compliance.

ETIFLEX, s.r.o. is a small family-owned printing company based in the Czech Republic specializing in the production of labels, particularly wine labels and packaging. The company emphasizes personalized service, quality materials, and comprehensive solutions from graphic design to final production. Their market position is that of a trusted specialist in label printing with a strong focus on the wine industry and related sectors. Technically, the website is built on Joomla CMS and uses common web technologies such as jQuery, Mootools, and Bootstrap. It is mobile responsive and includes tracking tools like Google Analytics and Facebook Pixel. Security posture is moderate with HTTPS enabled and email cloaking implemented, but lacks advanced security headers and explicit privacy or cookie policies. WHOIS data is unavailable, which reduces domain trust verification. Overall, the website is professional, content-rich, and safe for general audiences.

R

RENOCAR a.s.

renocar.cz

52

RENOCAR a.s. is an established authorized dealer and service provider for BMW, MINI, and BMW Motorrad vehicles operating primarily in the Czech Republic with multiple physical branches. The company offers a comprehensive range of services including new and used vehicle sales, authorized servicing, financial services, insurance, and test drives. Their market position is strong within the automotive retail sector, supported by consistent branding and a professional online presence. The website is well-designed, mobile-optimized, and integrates modern tracking and marketing tools, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit incident response contacts are missing. The absence of WHOIS registration data is a notable gap, reducing domain registration trustworthiness but not detracting from the overall legitimacy indicated by the website content and structured data. Strategic recommendations include enhancing security headers, publishing a security policy, and improving incident response transparency to further strengthen trust and compliance.

The website www.eklasa.cz represents the official online presence of the KLASA national quality mark, a prestigious certification for Czech and Moravian food products. The platform serves both consumers and producers by providing information about certified products, news, and guidance on obtaining the KLASA mark. It holds a strong market position as a recognized national quality brand since 2003, promoting over 900 products from nearly 280 local producers. The business model revolves around certification, promotion, and quality assurance in the food sector within the Czech Republic. Technically, the website employs a moderate technology stack including jQuery, Google Analytics, Microsoft Clarity, and Facebook SDK for social integration and analytics. The site is mobile-optimized with a responsive design and includes a cookie consent mechanism aligned with GDPR requirements. However, no CMS or hosting provider details are evident, and some modern security headers are missing, indicating room for technical improvements. From a security perspective, the site uses HTTPS (assumed from external scripts loaded via HTTPS), implements cookie consent, and avoids exposing sensitive data. Yet, the absence of security headers and vulnerability disclosure mechanisms suggests a moderate security posture. The WHOIS data is unavailable, which raises concerns about domain registration transparency, though the website content and social media presence support legitimacy. Overall, the site is professionally designed, content-rich, and trustworthy for its intended audience. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and improving WHOIS transparency to bolster trust and compliance.

T

The National Heritage Institute

npu.cz

45

The National Heritage Institute is a large government organization under the Ministry of Culture of the Czech Republic, managing over a hundred state monuments and providing heritage conservation services. Their website offers information about castles, chateaux, heritage conservation projects, events, and an e-shop for related publications. The site targets the general public, tourists, and professionals interested in cultural heritage. Technically, the website uses modern web technologies including Google Tag Manager, Google Analytics, Leaflet.js for maps, and web fonts from Typekit and Google Fonts. The site is mobile-optimized with good navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit security policies are missing. No signs of WAF or content blocking were detected, and the domain registration data is consistent with the organization's government affiliation and long history. Overall, the website is trustworthy, safe, and professionally maintained.

N

National Heritage Institute

zamek-valtice.cz

45

The website represents the official online presence of Valtice Castle, a significant cultural heritage site managed by the Czech National Heritage Institute. It provides comprehensive visitor information, including tours, events, and historical context, targeting tourists and cultural enthusiasts. The site is well-positioned as a government-operated heritage site with UNESCO World Heritage status, enhancing its credibility and trustworthiness. Technically, the website employs modern web technologies such as Leaflet.js for mapping, Google Analytics for visitor tracking, and asynchronous script loading to optimize performance. The site is mobile-optimized and accessible, with a clear navigation structure and consistent branding. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security policies or incident response information. WHOIS data confirms the domain's legitimacy and appropriate age for the business history. Overall, the site demonstrates a good balance of content quality, technical implementation, and privacy compliance, suitable for its government and cultural heritage context.

V

VARTA AG

varta-ag.com

73

VARTA AG is a well-established German company with a history spanning over 130 years, specializing in energy solutions including micro and household batteries, custom lithium-ion batteries, and industrial and home energy storage systems. The company targets both consumer and industrial markets, positioning itself as an innovative leader in battery technology. The website is professionally designed, built on TYPO3 CMS, and incorporates modern marketing and analytics tools such as Google Tag Manager, Google Analytics, Facebook Pixel, and Hotjar. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a detailed privacy policy. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. The absence of WHOIS data is a concern but likely due to privacy protection or registrar policies. Overall, the website reflects a credible and professional business presence with good technical and security standards.

V

Vinescapes

vinescapes.com

68

Vinescapes is a specialist consultancy and service provider focused on the wine industry, offering expertise in grape growing, winemaking, vineyard management, winery design, investment advice, training, and research. The company targets wine professionals, vineyard owners, and investors primarily in the UK market. The website is built on a modern WordPress platform using Elementor and WooCommerce, integrating various third-party services such as Google Analytics, AdRoll, and Maploom API for enhanced functionality and marketing. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response information are not published. Privacy compliance is partial, with a cookie consent mechanism present but no clear privacy policy or terms of service pages found. The absence of WHOIS registration data for the domain is a notable concern, suggesting the domain may be unregistered or privacy protected, which impacts trustworthiness. Overall, the site is professional, well-branded, and content-rich, but would benefit from improved transparency in privacy and security policies.

A

Asia Beverage Media Group Limited

cellar.asia

47

Cellar.Asia is a specialized online media publication operated by Asia Beverage Media Group Limited, focusing on the Asian wine market. The website offers wine news, reviews, educational content, and brand stories targeted at wine enthusiasts, sommeliers, and industry professionals in Asia. The business operates primarily as a content publisher and advertising platform, positioning itself as a niche leader in Asian wine media. Technically, the site is built on WordPress with modern web technologies, including Google Analytics and Tag Manager for tracking, and Cloudflare for DNS services. The site is mobile-optimized and features good SEO practices, though accessibility is basic. Security posture is solid with HTTPS and domain transfer protections, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and well-maintained, with room for improvement in privacy and security transparency.

A

adSYSTEM

onlinekasa.cz

48

Onlinekasa.cz is a Czech Republic-based provider of an online cash register solution supporting electronic evidence of sales (EET). The service targets small business owners and retailers who require a cost-effective, web-based system to issue electronic receipts via email or SMS, compliant with local regulations. The business operates on a subscription model with modular extensions for invoicing and stock management. Technically, the website is built on a custom CMS (adSYSTEM) using jQuery and standard web technologies, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and some security headers, though improvements are recommended in header completeness and cookie consent mechanisms. The absence of WHOIS data reduces domain trustworthiness, but the website content and partner ecosystem indicate a legitimate business. Overall, the site is professional and functional with room for enhanced privacy compliance and security transparency.

R

Regionální muzeum v Mikulově, p. o.

pronajmisizamek.cz

41

The website pronajmisizamek.cz is operated by the Regionální muzeum v Mikulově, a regional museum organization in the Czech Republic. It offers rental services for various historic halls and spaces within the Mikulov castle, targeting individuals and organizations seeking venues for social events, corporate celebrations, weddings, and cultural activities. The site is well-structured with detailed descriptions of each rental space and includes reservation forms for direct booking requests. Multilingual support is provided via partner domains in English and German. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and integrates Google Analytics and Tag Manager for visitor tracking. The design is professional and mobile-optimized, providing a good user experience. However, the site lacks explicit privacy and cookie policies, and no cookie consent mechanism is present, which are compliance gaps under GDPR. Security headers are not detected, though HTTPS is used, indicating room for improvement in security posture. WHOIS data is unavailable, likely due to privacy protection, but the website content and external references support legitimacy. Overall, the site is a credible small-scale venue rental platform with moderate technical maturity and some compliance and security improvements recommended.

A

Agentura ochrany přírody a krajiny České republiky

dppalava.cz

52

Dům přírody Pálavy operates as a visitor and educational center for the Pálava Protected Landscape Area under the auspices of the Czech government agency Agentura ochrany přírody a krajiny České republiky. The website provides information about the natural diversity of the region, educational programs, exhibitions, events, and a souvenir shop. The target audience includes general visitors, nature enthusiasts, and schools. Technically, the site uses a proprietary CMS (Vizus CMS), integrates Google Analytics and Tag Manager for traffic analysis, and implements a cookie consent mechanism. The site is mobile-optimized with good navigation and content relevance. Security posture is moderate with HTTPS enabled but lacks advanced security headers and explicit privacy policies. WHOIS data is missing, which reduces domain trustworthiness, but the website's government affiliation supports legitimacy. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy transparency.

A

Affidea

affidea.com

74

Affidea is a leading European healthcare provider specializing in advanced diagnostic imaging and outpatient services, operating over 315 centers across 15 countries. The company focuses on delivering personalized, high-quality care through a network of specialized medical experts and state-of-the-art technology. Their services include MRI, CT, X-Ray, Ultrasound, Mammography, Nuclear Medicine, PET/CT, laboratory analysis, and outpatient specialty consultations. The website reflects a large, well-established healthcare network with a strong presence in multiple European markets. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and integrates multiple analytics and tracking tools including Google Analytics, Microsoft Application Insights, LinkedIn Insight Tag, and Facebook Pixel. The site is mobile-optimized with good SEO practices and moderate performance. Security-wise, HTTPS is enforced and some security best practices are observed, though explicit security headers and incident response information are lacking. The WHOIS data is notably absent, with no registrar or creation date information available, which raises some concerns about transparency. However, the professional presentation, extensive contact information, and multi-country presence support the legitimacy of the business. Privacy and cookie policies are not detected in the provided content, indicating an area for compliance improvement. Overall, the website is professional and trustworthy from a business and content perspective but could enhance its privacy compliance and security posture to align with best practices and regulatory requirements.

I

IDENTITY – grafické studio & agentura

identity.cz

43

IDENTITY is a Czech graphic design studio and agency based in Pardubice, specializing in corporate identity and branding services, with a strong portfolio showcasing diverse projects. The website is professionally designed using WordPress with the Yootheme theme and UIkit framework, providing a good user experience and mobile optimization. The technical infrastructure includes modern analytics and tracking tools such as Google Analytics and Facebook Pixel, with standard security measures like HTTPS and reCAPTCHA implemented. However, some security headers and explicit security policies are missing, which could be improved to enhance security posture. Overall, the website is legitimate, trustworthy, and compliant with basic privacy regulations, though it lacks terms of service and incident response information.

M

Model Obaly a.s.

packshop.cz

58

Packshop.cz is a well-established Czech e-commerce platform specializing in the sale of cardboard boxes, packaging materials, adhesive tapes, and related products. Operated by Model Obaly a.s., a company with over 30 years of experience and own manufacturing capabilities, the website serves both small and large business customers as well as retail buyers. The platform offers a comprehensive product catalog, loyalty programs, and co-packing services, positioning itself as a trusted supplier in the packaging industry within the Czech Republic. Technically, the website employs modern web technologies including jQuery, Bootstrap, and various analytics and marketing tools, ensuring a responsive and user-friendly experience. Privacy and cookie policies are implemented with GDPR compliance and user consent mechanisms. Security posture is solid with HTTPS enforced and secure form handling, though improvements in security headers are recommended. Overall, the website demonstrates a professional, trustworthy, and mature digital presence aligned with its business operations.

Č

Český zahrádkářský svaz, z.s.

zahradkar.org

41

The website zahradkar.org represents a well-established Czech gardening hobby magazine published by Český zahrádkářský svaz, z.s. It targets gardening enthusiasts, seniors, and hobbyists with content including gardening tips, plant care, and related events. The business model relies on print and digital magazine sales, subscriptions, and advertising. The domain is mature and consistent with the organization's profile. Technically, the site uses common tracking and advertising technologies such as Google Tag Manager, Facebook Pixel, and Adform, but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional with moderate technical sophistication but requires improvements in security and privacy compliance.

Země Světa is a well-established Czech travel magazine with a strong online presence, including an e-commerce shop and subscription services. The website targets a broad audience interested in travel and culture, offering monothematic monthly issues and related products. The business is positioned as a niche media provider with a history dating back to 2002, supported by consistent branding and active social media channels. Technically, the site is built on WordPress with WooCommerce, leveraging modern themes and SEO tools, and is hosted with Cloudflare DNS services. The site demonstrates good mobile optimization and accessibility, with moderate performance. Security posture is solid with HTTPS and no visible vulnerabilities, though it lacks explicit security headers and incident response information. Privacy compliance is limited due to missing visible privacy and cookie policies. Overall, the site is professional and trustworthy but could improve transparency and compliance aspects.

B

Bluetech s.r.o.

bluetech.cz

62

Bluetech s.r.o. is a well-established Czech manufacturer specializing in the design and production of conveyor systems, including belt and chain conveyors, for a variety of industrial and agricultural applications. The company offers custom solutions tailored to client needs, supported by consulting, manufacturing, installation, and after-sales service. Their market position is that of a traditional, trusted supplier within the Czech Republic, supported by recognized ISO certifications that underscore their commitment to quality and environmental management. Technically, the website employs a modern set of analytics and tracking tools such as Google Analytics, Microsoft Clarity, and Ahrefs Analytics, integrated via Google Tag Manager. The site is served over HTTPS with a cookie consent mechanism in place, indicating a baseline level of privacy compliance. The technical implementation is solid with good mobile optimization and SEO practices, although some security headers appear to be missing, which could be improved. From a security perspective, the site demonstrates good practices like HTTPS enforcement and cookie consent but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The absence of WHOIS data due to privacy protection is typical for this business type and does not raise immediate concerns. Overall, the security posture is moderate with room for enhancement in headers and transparency. The overall risk assessment is low; the company presents a professional and trustworthy online presence with clear business information and certifications. Strategic recommendations include enhancing security headers, publishing detailed security and privacy policies, and establishing a vulnerability disclosure process to further strengthen trust and compliance.

T

Trigama International s.r.o.

trigama.eu

61

Trigama International s.r.o. is a Czech Republic based medium-sized IT services company specializing in custom mobile and web application development, corporate online education, IT outsourcing, and digital transformation solutions. The company targets corporate clients and educational institutions, offering a comprehensive portfolio of services including custom development, LMS, e-learning, and consulting. The website reflects a professional and consistent brand image with strong client references and partner relationships. Technically, the site employs modern tracking and marketing technologies such as Google Analytics, Google Tag Manager, and Leady, with appropriate privacy and cookie consent mechanisms in place. Security posture is solid with HTTPS enforced and reCAPTCHA protecting contact forms, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is well-structured, user-friendly, and trustworthy, supporting the company's market position as a reputable IT service provider.

J

Jeffrey Modell Foundation

info4pi.org

72

The Jeffrey Modell Foundation is a well-established global nonprofit organization dedicated to advancing advocacy, research, education, and awareness for Primary Immunodeficiency (PI). The website info4pi.org serves as a professional platform to communicate their mission, provide resources, and engage with patients, healthcare professionals, and advocates worldwide. The organization has a strong market position as a leader in the PI healthcare nonprofit sector, supported by a domain registered since 2002 and consistent branding across multiple social media channels. Technically, the website employs modern web technologies including Google Analytics and Tag Manager for user tracking, Cloudflare DNS services, and custom fonts for a polished user experience. The site is mobile-optimized and accessible, with good SEO practices evident in metadata and structured data. Hosting and domain registration are managed by reputable providers, contributing to reliable performance. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and security headers, which are recommended for enhanced protection. No privacy or cookie policies were explicitly found, indicating room for improvement in privacy compliance. No vulnerability disclosure or incident response information is provided, which could be added to strengthen trust and security posture. Overall, the website is professional, trustworthy, and well-aligned with the nonprofit's mission. Strategic recommendations include implementing explicit privacy and cookie policies, enabling DNSSEC, adding security headers, and publishing vulnerability disclosure information to enhance security and compliance.

K

Kastner & Pieš, advokátní kancelář s.r.o.

kastnerpies.cz

67

Kastner & Pieš, advokátní kancelář s.r.o. is a Czech law firm specializing in legal advisory services primarily for the life sciences, healthcare, technology, and real estate sectors. The firm offers a broad range of services including compliance, corporate law, GDPR and data protection, IT and technology law, labor law, and legislative consulting. Their target audience includes pharmaceutical companies, healthcare providers, technology startups, marketing firms, and private clients. The firm positions itself as a trusted partner for both local and international clients, emphasizing expertise in complex regulatory environments and cross-border projects. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Google Tag Manager, Google Analytics, and Google reCAPTCHA to ensure functionality, analytics, and security. The site is well-optimized for mobile devices, features a professional design, and includes comprehensive cookie and privacy policies that comply with GDPR requirements. Contact mechanisms include email, phone, and a secure contact form with CAPTCHA protection. From a security perspective, the site uses HTTPS with a strong SSL configuration and employs reCAPTCHA to protect forms from abuse. Cookie consent is managed with a detailed banner allowing granular user control. However, the site lacks some advanced security headers which could further enhance protection. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the professional presentation and content quality support a positive trust assessment. Overall, Kastner & Pieš demonstrates a mature digital presence with strong content quality, good technical implementation, and solid privacy compliance. Strategic improvements in security headers and domain registration transparency would further enhance trust and security posture.

E

EURORDIS-Rare Diseases Europe

eurordis.org

71

EURORDIS-Rare Diseases Europe is a well-established non-profit organization dedicated to advocating for and empowering people living with rare diseases across Europe. The website reflects a professional and comprehensive digital presence, targeting patients, healthcare stakeholders, and advocacy groups. The organization provides resources, engagement opportunities, and information to support its mission. Technically, the website is built on WordPress with modern plugins and analytics tools, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers could be improved. The absence of WHOIS data limits full domain legitimacy verification, but the overall site quality and trust indicators suggest a credible entity. Strategic recommendations include enhancing security headers, publishing incident response contacts, and maintaining up-to-date software.

LYMFOM HELP, z.s. is a Czech non-profit patient organization established in 2005 that supports patients with malignant lymphoma, their families, and friends. The website provides extensive educational content, patient stories, event information, and charity initiatives aimed at improving patient quality of life and awareness. The organization appears well-established within its niche healthcare sector in the Czech Republic. Technically, the website uses modern web technologies including Bootstrap, jQuery, Kendo UI, and Google Analytics, hosted on a platform likely based on ASP.NET Web Forms. The site is mobile-optimized with good navigation and content relevance. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but lacks some security headers and explicit privacy/cookie policies. WHOIS data is missing, which reduces domain trustworthiness, but the website content and external references support legitimacy. Overall, the site is a valuable resource for lymphoma patients in the Czech Republic but should improve privacy compliance and security headers.

L

Lymphoma Action

lymphoma-action.org.uk

57

Lymphoma Action is a UK-based non-profit charity dedicated exclusively to lymphoma, the fifth most common cancer. The organization provides expert information, support services, and resources to patients, carers, and healthcare professionals. With over 30 years of experience, it holds a unique market position as the sole lymphoma-focused charity in the UK, supported by a strong digital presence and multiple trust indicators including charity registrations and security certifications. The website offers comprehensive content, including helpline services, online support meetings, clinical trial databases, and fundraising opportunities, targeting a broad audience affected by lymphoma.

A

Anadolu Ebeler Derneği

anadoluebelerdernegi.org

57

Anadolu Ebeler Derneği is a Turkish non-profit professional association dedicated to midwives, providing professional support, legal consultancy, educational commissions, and organizing events and projects related to midwifery. The organization maintains a strong presence in Turkey and is affiliated with the European Midwives Association, enhancing its credibility and international connections. The website is well-structured, professionally designed, and mobile-optimized, offering clear navigation and relevant content for its target audience of healthcare professionals and families. Technically, the website employs modern web technologies including Bootstrap, jQuery, Owl Carousel, and SweetAlert2, hosted behind Cloudflare for DNS and CDN services. The site uses HTTPS with domain transfer protection enabled, though DNSSEC is not activated. Performance is moderate with room for improvement in accessibility and SEO. Analytics are implemented via Google Analytics and Google Tag Manager, with moderate user tracking. Security posture is adequate with HTTPS and transfer lock, but lacks advanced security headers and a vulnerability disclosure policy. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Contact information is clearly provided, including a contact form, email, and physical address, supporting business credibility. Overall, the website is a trustworthy and professional platform for the association, but should improve privacy compliance and security disclosures to enhance user trust and regulatory adherence.

The website represents the Udruženje medicinskih sestara-tehničara i babica Republike Srbije, a professional non-profit association for nurses, technicians, and midwives in Serbia. It offers membership services, organizes congresses and symposia, provides continuous medical education, and publishes a professional journal. The target audience includes healthcare professionals and educators primarily in Serbia and neighboring countries. The domain is well-established since 2007, supporting the organization's credibility. Technically, the site uses a custom CMS with older JavaScript libraries such as jQuery 1.8.3, Google Analytics, and social media SDKs. Hosting is via Tucows registrar with cpanelhosting.rs name servers. The site is moderately optimized for performance and mobile, but accessibility and SEO are basic. No modern frameworks or platforms are detected. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers. The use of outdated jQuery versions presents potential vulnerabilities. No privacy or cookie policies are present, indicating compliance gaps. Contact information is clearly provided, but no incident response or security policy details are found. Overall, the site is functional and credible for its purpose but requires improvements in security best practices, privacy compliance, and modernization of technical stack to reduce risks and enhance trust.

D

Den norske jordmorforening

jordmorforeningen.no

61

Den norske jordmorforening is a well-established Norwegian midwives' association founded in 1908, serving as a professional body providing advocacy, education, and member services to midwives and related healthcare professionals in Norway. The website reflects a professional and consistent brand presence, targeting midwives, students, and healthcare stakeholders with relevant content, events, and resources. Technically, the site uses eZ Publish CMS with modern web technologies including jQuery, Font Awesome, Google Analytics, and Facebook SDK, delivering a moderately performant and mobile-optimized experience. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user trust. However, WHOIS data is unavailable, limiting domain registration transparency, though the website's professional content supports legitimacy. Overall, the site is a credible digital presence for a healthcare professional association in Norway.

M

Malta Midwives Association

maltamidwivesassociation.com

61

Malta Midwives Association is a professional healthcare organization dedicated to advancing midwifery practice and providing exceptional care to women and families in Malta and Gozo. The website serves as an informational and service booking platform targeting midwives and clients. Technically, the site is built on GoDaddy Website Builder, employs modern web fonts, and integrates Google Analytics and Adsense for tracking and advertising. The security posture is moderate with HTTPS enabled but lacks security headers and explicit privacy policies. No contact emails or phone numbers are directly visible, which limits direct communication channels. Overall, the domain registration is consistent with the business claims, indicating legitimacy. Strategic improvements in privacy compliance and security headers would enhance trust and compliance.

M

Malta Union of Midwives and Nurses (MUMN)

mumn.org

62

The Malta Union of Midwives and Nurses (MUMN) operates as a professional union representing healthcare workers in Malta, including nurses, midwives, physiotherapists, ECG technicians, and social workers. The organization focuses on safeguarding workplace rights, improving working conditions, and promoting continuous professional development for its members. The website reflects a well-structured union with active news updates, member testimonials, and initiatives such as benevolent funds and educational seminars. Technically, the site is built on modern web technologies including React and integrates Google Analytics and Tag Manager for tracking. Media assets are hosted on Microsoft Azure Blob Storage, indicating a cloud-based hosting approach. Security posture is generally good with HTTPS enforced, though some security headers are missing and no explicit incident response or vulnerability disclosure information is provided. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and serves its target audience effectively.

L

Latvijas Vecmāšu Asociācija

vecmasuasociacija.lv

45

Latvijas Vecmāšu Asociācija is a Latvian non-profit professional association representing midwives. The organization focuses on promoting professional growth, defending legal and professional interests, and enhancing the prestige of the midwifery profession in Latvia. The website serves as an information portal for members and the public, providing updates, certification information, and resources. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses SEO best practices via Yoast plugin. It employs Google Analytics and Tag Manager for visitor tracking and has implemented a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. The site lacks explicit incident response or security policy pages. Overall, the website is professional, trustworthy, and well-maintained, serving a niche professional community effectively.

M

Ministerstvo financí ČR

fondyehp.cz

76

The website www.eeagrants.cz is an official online presence of the Czech Ministry of Finance dedicated to managing and communicating about the EEA and Norway Grants. It serves as a government portal providing information on grant programs, updates, and resources for stakeholders in the Czech Republic. The site targets public sector entities, grant applicants, and interested citizens. The business model is government-funded and focused on grant administration and transparency. Technically, the site employs modern web technologies including HTML5, CSS3, JavaScript, and integrates analytics tools such as Google Analytics and Matomo. Cookiebot is used for comprehensive cookie consent management, reflecting a moderate level of digital maturity. Hosting is inferred to be on Microsoft Azure, supporting scalability and reliability. The site is mobile-optimized and accessible with clear navigation. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent mechanisms. However, it lacks explicit security headers and does not provide visible security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy compliance is basic, with no explicit privacy policy page found in the provided content. Overall, the website is legitimate, professional, and trustworthy, consistent with a government entity. Recommendations include publishing a detailed privacy policy, adding security headers, providing contact information for data protection and incident response, and implementing a vulnerability disclosure policy to enhance security posture and compliance.

A

AKTIV Zdravotnické potřeby s.r.o.

aktiv.cz

56

AKTIV Zdravotnické potřeby s.r.o. operates a Czech e-commerce website specializing in the sale and rental of healthcare and medical aid products, including wheelchairs, glucose meters, walking aids, and rehabilitation equipment. The company targets seniors, patients, and healthcare providers, positioning itself as a comprehensive supplier of both new and refurbished medical supplies. The website is professionally designed with good navigation and mobile optimization, supporting a positive user experience. Technically, the site leverages the Shoptet e-commerce platform, integrates common analytics and marketing tools such as Google Analytics and Facebook SDK, and employs standard security practices including HTTPS and CSRF protection on forms. However, the WHOIS data for the domain is unavailable, which raises some concerns about domain transparency and registration legitimacy. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security policy or incident response information is provided. Overall, the website is safe, trustworthy, and well-positioned in its market segment, though improvements in transparency and security documentation would enhance its credibility.

E

European Multiple Sclerosis Platform

emsp.org

60

The European Multiple Sclerosis Platform (EMSP) is a well-established non-profit organization dedicated to supporting people living with multiple sclerosis across Europe. Founded in 2004, EMSP acts as a pan-European umbrella organization representing over 1.2 million people with MS. The website reflects a mature digital presence with comprehensive content about MS, advocacy projects, events, and resources. It targets patients, healthcare professionals, policymakers, and MS societies, positioning itself as a leading voice in MS advocacy and support. Technically, the website is built on WordPress with the BuddyBoss platform, leveraging modern JavaScript libraries such as Swiper.js and Leaflet.js for interactive features. It uses Google Analytics and Google Tag Manager for analytics and tracking, and employs hCaptcha for form spam protection. The site is hosted under eNom, LLC registrar with ehostpros.com name servers, and uses HTTPS with a good SSL configuration. Mobile optimization and SEO are well implemented, though accessibility could be improved. From a security perspective, the site follows good practices including HTTPS enforcement and spam protection on forms. However, DNSSEC is not enabled and some security headers are not explicitly detected, suggesting room for improvement. No vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with clear privacy and cookie policies, including GDPR consent mechanisms. Overall, EMSP's website demonstrates a high level of professionalism, trustworthiness, and digital maturity. It effectively supports its mission to improve the lives of people with MS through advocacy, education, and community engagement. Strategic recommendations include enabling DNSSEC, enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen security posture and trust.