Security Directory

G

Grand Automotive Central Europe

omoda-jaecoo.cz

63

The website omoda-jaecoo.cz represents the Czech market presence of the automotive brands Omoda and Jaecoo, subsidiaries of the Chinese Chery Group. It offers detailed information about various car models including electric, hybrid, and combustion engine vehicles, targeting a broad audience from young buyers to urban elites. The site includes dealer locators, news updates, and vehicle configuration options, supporting a direct-to-consumer sales model through a network of dealerships. Technically, the site uses modern JavaScript frameworks, Google Tag Manager, and analytics tools, hosted on Netim infrastructure with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacks explicit security policy disclosures. WHOIS data confirms recent domain registration consistent with the brand's market entry timeline. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

S

Énergies Renouvelables : le savoir-faire français à l'international - Accueil

savoirfairefrancais-enr.fr

45

The website www.savoirfairefrancais-enr.fr serves as an informational and promotional platform highlighting French renewable energy projects worldwide. It is supported by reputable French organizations such as the Syndicat des énergies renouvelables and ADEME, positioning it as a niche but credible resource within the energy sector. The site offers an interactive map and sector-specific project information aimed at a general audience interested in renewable energy. Technically, the site employs modern JavaScript libraries, analytics tools like Matomo and Google Analytics, and cookie consent management via tarteaucitron.js, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, though accessibility features could be improved. Security-wise, the site uses HTTPS and includes bot protection via reCAPTCHA, but lacks visible security headers and explicit privacy or security policies, which are areas for improvement. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced transparency and security practices.

The website jpo-enr.fr serves as an informational and promotional platform for the 'Journées Portes Ouvertes des énergies renouvelables' event held in France. It targets the general public interested in renewable energy by providing event details, an interactive map of participating sites, and resources such as communication kits. The site is managed by the Syndicat des énergies renouvelables and partners with reputable organizations like ADEME and AMORCE, reinforcing its credibility in the energy sector. Technically, the site is built on WordPress with common web technologies such as jQuery, Bootstrap, and Google Maps API, hosted by OVH. It demonstrates moderate performance and good mobile optimization but could improve accessibility and SEO. Security-wise, HTTPS is enforced, and secure login forms are present, but the site lacks explicit security headers and public security policies. The exposure of the Google Maps API key and absence of incident response information are areas for improvement. Overall, the site is legitimate, professional, and safe, with a solid business focus on renewable energy event promotion.

L

Lexus Select

lexusselect.cz

52

Lexusselect.cz is a specialized automotive website focused on the sale of used and stock Lexus vehicles in the Czech Republic. The site offers detailed vehicle search capabilities, financing options, and dealer location services, positioning itself as a premium Lexus vehicle reseller. The business appears to be medium-sized, founded in 2020, and operates with a clear brand identity consistent with Lexus standards. The website is well-structured, leveraging modern web technologies such as AngularJS and Bootstrap, and integrates third-party services like Google Maps and Hotjar for enhanced user experience and analytics. From a technical perspective, the site demonstrates a moderate to good performance profile with mobile optimization and SEO best practices in place. Security posture is solid with HTTPS enforced and CSRF protections evident, though there is room for improvement in implementing comprehensive security headers and publishing explicit security policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website presents a trustworthy and professional front for Lexus vehicle sales in the region. However, the absence of direct contact information on the main page and lack of visible incident response or vulnerability disclosure policies suggest areas for enhancement in transparency and security readiness. Strategic recommendations include strengthening security headers, publishing incident response details, and improving accessibility features to further elevate the site's security and compliance maturity.

Ferrero North America operates as a major confectionery company serving the US and Canadian markets with iconic brands such as Ferrero Rocher, Nutella, Tic Tac, and Kinder. The website reflects a mature digital presence with comprehensive brand information, news updates, and social responsibility initiatives. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Google Tag Manager, hosted likely on Akamai CDN, ensuring moderate to good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved and outdated libraries updated. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the strong brand presence and consistent content. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

Fondazione Piera, Pietro e Giovanni Ferrero is a well-established non-profit foundation linked to the Ferrero Group, focusing on social welfare, cultural activities, and healthy aging initiatives. The website reflects a mature digital presence with rich content, including events, exhibitions, and educational programs targeting a broad audience, especially elderly and former employees. The foundation leverages structured data and modern analytics tools to enhance user engagement and compliance. Technically, the site uses a mix of legacy and modern technologies, with room for updating some libraries to improve security. Security posture is generally good with HTTPS and secure cookies, but lacks some advanced headers and a vulnerability disclosure policy. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and aligned with the foundation's mission and business context.

C

Cdiscount Advertising

cdiscountadvertising.com

58

Cdiscount Advertising is a French digital marketing solutions provider focused on enhancing visibility and sales for suppliers, sellers, and brands on the Cdiscount e-commerce platform. The company offers a range of advertising services including display, search, video, personalized discount coupons, live shopping, and social retail targeting millions of shoppers monthly. The website is professionally designed, mobile-optimized, and compliant with GDPR and cookie regulations, featuring a detailed contact form with CAPTCHA to prevent abuse. However, the domain WHOIS data is unavailable, raising questions about domain registration status despite the professional and comprehensive website content. Technically, the site uses WordPress with popular plugins like LayerSlider and Gravity Forms, and integrates Cookiebot for consent management. Security posture is good with HTTPS and secure forms, but lacks some security headers and published incident response policies. Overall, the site is trustworthy and well-maintained but would benefit from clarifying domain registration and enhancing security transparency.

S

STORMWARE s.r.o.

pohodove-erp.cz

53

STORMWARE s.r.o. operates the Pohodové ERP website promoting their POHODA E1 ERP system, a comprehensive business management software tailored for Czech SMEs. The company has a strong market presence with over 30 years of experience and a Microsoft partnership, offering a range of extensions and hosting services. Technically, the website is built on ASP.NET with modern JavaScript libraries and integrates Google Analytics and Maps APIs, reflecting a mature digital infrastructure. Security-wise, the site implements cookie consent and error logging but lacks visible HTTP security headers and published security policies, indicating room for improvement. Overall, the website is professional and trustworthy, though the absence of WHOIS data introduces some uncertainty regarding domain registration legitimacy.

STORMWARE s.r.o. is a Czech software company specializing in accounting and economic software solutions, notably the POHODA Start product which integrates GDPR compliance features. The company has a strong market presence in the Czech Republic, supported by over 30 years of experience and a Microsoft partnership. Their website provides detailed information about GDPR compliance, software features, and practical guidance for businesses. Technically, the website employs modern web technologies such as jQuery, Bootstrap, and Google Fonts, with good mobile optimization and user experience. Security-wise, the site implements cookie consent mechanisms and JavaScript error logging but lacks visible HTTP security headers and explicit security policies. The absence of WHOIS data limits domain trust assessment, though the website's professional content and contact details support legitimacy. Overall, the site is well-structured, informative, and compliant with privacy regulations, serving its target audience effectively.

N

Nadace Preciosa

nadacepreciosa.cz

51

Nadace Preciosa is a well-established non-profit foundation affiliated with the Preciosa company, focusing on charitable activities primarily in the Liberec region of the Czech Republic. The foundation supports social, cultural, educational, health, and sports initiatives and has donated over 250 million CZK in its 27 years of operation. The website presents a professional and consistent brand image with clear navigation and relevant content targeted at donors, volunteers, and beneficiaries. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google Tag Manager, with good mobile optimization and SEO practices. Security posture is strong with HTTPS enforced and a comprehensive cookie consent mechanism, although some security headers are missing and no explicit security policies are published. The absence of WHOIS registration data is a notable gap, reducing domain trustworthiness, but external media references and the association with Preciosa company support legitimacy. Overall, the website is professional, secure, and compliant with privacy regulations, serving its non-profit mission effectively.

G

GYMPARK | Gymnastics & parkour academy

gympark.cz

50

Gympark.cz is a small Czech Republic-based gymnastics and parkour academy offering workshops, training sessions, and parkour obstacle sales. The website serves as a portal to their e-shop and informational content but lacks comprehensive business and contact details. Technically, the site is built on WordPress using the FoundationPress theme and integrates common web technologies such as Google Analytics, Google Tag Manager, and Google Maps API. However, the site suffers from security weaknesses including lack of HTTPS, absence of security headers, and loading resources over insecure HTTP. Privacy compliance is minimal with no visible privacy or cookie policies and no consent mechanisms. Overall, the site is functional but requires significant improvements in security and compliance to meet modern standards.

F

Fotokino

fotokino.org

49

Fotokino is a well-established cultural arts organization based in Marseille, France, specializing in visual arts exhibitions, workshops, conferences, and publishing. The organization operates a physical venue and an online presence that includes an e-shop and a rich events calendar. Their market position is niche, focusing on contemporary design and visual arts with a strong local and regional cultural impact. The website reflects a professional and consistent brand image with clear contact information and active social media engagement. Technically, the site is built on WordPress with modern plugins and libraries, hosted by Infomaniak, and optimized for mobile users. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced DNS security and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professionally maintained, serving a general audience interested in arts and culture.

S

SuperOffice

superoffice.ch

73

SuperOffice is a well-established enterprise-level CRM software provider based in Switzerland, offering cloud-based solutions to help businesses build and monetize sustainable customer relationships. The company targets B2B clients, particularly sales and marketing teams, and maintains a strong market position in Europe with multiple localized domains. The website demonstrates good content quality, professional design, and clear navigation, supporting a positive user experience. Technically, the site leverages modern Microsoft ASP.NET Core technology hosted on Azure, integrates with HubSpot for forms, and uses Google Maps API and Microsoft Application Insights for telemetry, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although no dedicated security policy or incident response page was found. Privacy compliance is robust with GDPR-aligned policies and detailed cookie disclosures. Overall, the site is trustworthy and professionally maintained, with minor recommendations to enhance security transparency and incident response readiness.

S

SuperOffice

superoffice.no

10

SuperOffice is a well-established Norwegian technology company specializing in cloud-based Customer Relationship Management (CRM) solutions. Their website targets businesses seeking robust CRM tools to enhance customer relationships and increase revenue. The company operates internationally with multiple regional domains, indicating a broad market presence in Europe. Technically, the website is hosted on Microsoft Azure and leverages modern technologies such as ASP.NET Core, Cloudflare CDN, and Google Tag Manager, reflecting a mature digital infrastructure. Security measures include HTTPS enforcement, security headers, and cookie consent mechanisms, demonstrating compliance with GDPR and industry best practices. However, the absence of explicit security policies and incident response contacts suggests areas for improvement. Overall, the website is professional, secure, and trustworthy, with a strong business credibility score.

S

SuperOffice

superoffice.com

76

SuperOffice operates as a cloud-based CRM provider offering software solutions designed to enhance business relationships and revenue generation. The company maintains a professional and consistent web presence with localized versions for multiple countries, indicating a medium-sized international operation in the technology sector. Their business model is SaaS, targeting businesses seeking CRM solutions. Technically, the website leverages modern Microsoft Azure cloud infrastructure, ASP.NET Core framework, and integrates analytics and marketing tools such as Google Tag Manager and HubSpot. The site is mobile optimized and performs moderately well. Security posture is strong with HTTPS enforced and use of Azure Application Insights for monitoring, though explicit security headers and policies could be improved. Privacy compliance is robust, featuring a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. However, WHOIS data is not publicly available, likely due to privacy protection, which slightly impacts trust but is justified for this business type. Overall, the website is professional, secure, and trustworthy with room for enhanced transparency in security policies and incident response.

C

COSMO

cosmo-info.de

51

COSMO is a German company specializing in heating and ventilation products and services, targeting both end consumers and professional markets. Their website showcases a range of products including solar technology, radiators, underfloor heating, and air ventilation systems, supported by tools like energy saving calculators and floor planners. The company positions itself as a provider of high-quality, innovative heating and ventilation solutions with a focus on comfort and energy efficiency. Technically, the website is built on Drupal 10, leveraging modern front-end libraries such as Swiper.js for interactive elements, and integrates third-party services like Google Maps API and Adobe Launch for analytics and marketing. Usercentrics CMP is implemented for cookie consent, reflecting GDPR compliance efforts. Hosting is provided by Adacor, a reputable German hosting provider. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy compliance is partial due to the absence of a visible privacy policy and terms of service. Overall, the website is professional, well-structured, and trustworthy, with good content quality and technical implementation. Strategic improvements include publishing comprehensive privacy and security policies, adding security headers, and providing vulnerability disclosure information to enhance trust and compliance.

C

Centrální evidence psů ČR

evidencepsu.cz

47

Evidence psů is a Czech Republic based online platform dedicated to the registration of dogs via microchip in the national dog registry. It offers services including dog registration, sale of unique dog tags with QR codes, a lost and found dog database, and a blog with dog-related information. The platform targets dog owners in the Czech Republic and positions itself as a national registry with additional value-added services. Technically, the website employs modern web technologies such as Google Analytics, Facebook Pixel, Google reCAPTCHA, and Smartsupp chat, ensuring a responsive and user-friendly experience. The site is hosted on HTTPS with cookie consent mechanisms and privacy policies aligned with GDPR requirements. Security posture is good with HTTPS and form protections, though explicit security headers are missing. The absence of WHOIS data for the domain reduces trust from a domain registration perspective, but the professional presentation and comprehensive contact information support legitimacy. Overall, the website is well-structured, secure, and compliant, serving a niche market effectively.

M

Manni Group

mannigroup.com

70

Manni Group is a well-established Italian industrial company specializing in steel processing, sandwich panels, energy efficiency, and off-site construction technologies. The company has a strong market position in Europe with multiple subsidiaries and a focus on innovation and sustainability. The website is professionally designed, multilingual, and optimized for user experience and SEO. Technically, it uses WordPress with modern integrations such as HubSpot and Google Analytics, and implements good security practices including HTTPS and cookie consent mechanisms. However, there is room for improvement in DNS security and publishing explicit security policies. Overall, the security posture is strong with no critical vulnerabilities detected. The domain registration data aligns well with the business claims, enhancing trustworthiness.

F

Filières de Santé Maladies Rares

filieresmaladiesrares.fr

47

Filières de Santé Maladies Rares is a French healthcare informational platform dedicated to rare diseases, providing resources, directories, research bulletins, and training for patients, caregivers, and healthcare professionals. The website positions itself as a national coordination point for rare disease filières in France, offering comprehensive content relevant to its audience. Technically, the site is built on WordPress with modern plugins and SEO optimizations, delivering a good user experience with mobile responsiveness and moderate performance. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers could be improved and explicit privacy policies are missing. The absence of WHOIS data limits domain trust verification, but the site content and infrastructure indicate legitimate operation. Overall, the site is professional, trustworthy, and safe for general audiences.

A

Air Attitude

airattitude.fr

54

Air Attitude is a French environmental platform founded in 2020 that encourages citizens and organizations to participate in actions aimed at improving air quality, combating climate change, and reducing energy consumption. The website serves as a community engagement tool, showcasing contributors and mapping their impact. Technically, the site is built on WordPress with Elementor and uses modern technologies including Google Maps API, Mapbox, and Matomo analytics, hosted on OVH with Cloudflare DNS. Security posture is solid with HTTPS enabled and privacy-respecting analytics, though it lacks explicit privacy and cookie policies and contact information. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and clearer contact channels.

The Brain Health Center of the Rockies is a small non-profit organization focused on brain health education, community engagement, and support for patients with neurological conditions such as Multiple Sclerosis and Neuromyelitis Optica. Their website is professionally designed using Squarespace, featuring event information, educational resources, and connections to healthcare providers. The technical infrastructure is modern and mobile-optimized, leveraging common web technologies and APIs. Security posture is adequate with HTTPS enforced, but lacks important security headers and privacy compliance documentation, which are areas for improvement. The domain WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of organization. Overall, the website is trustworthy and serves its community well but should enhance privacy and security transparency.

The Autoimmune Association is a well-established nonprofit organization dedicated to autoimmune disease awareness, advocacy, education, and research. With over 30 years of history and an international reach, it serves patients, caregivers, healthcare professionals, researchers, and policymakers. The website reflects a professional and comprehensive digital presence, offering extensive resources, news updates, and engagement opportunities. The organization leverages modern web technologies and SEO best practices to maintain a high-quality user experience across devices. Security posture is solid with HTTPS and domain protections, though there is room for improvement in DNSSEC and security headers. Privacy compliance is adequate but could be enhanced by implementing cookie consent mechanisms. Overall, the site demonstrates high business credibility and trustworthiness, supported by multiple certifications and transparent contact information.

PANA is a French non-profit organization operating a national digital support network for associations, providing digital accompaniment, training, and individual support. The website is built on WordPress using Themify Ultra theme and integrates Google Maps API for location-based services. The technical infrastructure is modern and includes Bootstrap and jQuery, hosted by OVH sas. Security posture is adequate with HTTPS and domain protections but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. The website is professional, well-branded, and trustworthy with multiple contact points and structured data. Overall, the site serves its target audience effectively but should improve privacy and security disclosures.

H

Hotel a Pension SEEBERG

seeberg.cz

56

Hotel a Pension SEEBERG is a family-run hospitality business located in Františkovy Lázně, Czech Republic, offering accommodation, wellness, dining, and leisure services. The website reflects a well-established small business with a focus on comfort, wellness, and eco-friendly experiences. The company targets tourists, families, and wellness seekers, positioning itself as a romantic and relaxing destination with a 30-year history. Technically, the website uses modern JavaScript libraries and frameworks such as jQuery, OwlCarousel, and Foundation, and integrates Google Analytics, Facebook Pixel, and Google Tag Manager for marketing and analytics. The site is mobile-optimized and provides a good user experience with clear navigation and rich multimedia content. Security-wise, the site enforces HTTPS and has cookie consent mechanisms, but lacks visible security headers and explicit security or incident response policies. WHOIS data is not publicly available, indicating privacy protection, which is common for small businesses but slightly reduces trust. Overall, the website is professional, trustworthy, and compliant with basic privacy regulations, but could improve security posture and transparency.

CPI Property Group is a prominent European real estate owner specializing in commercial office properties, with a strong presence in the Czech Republic. The website showcases Mayhouse, a modern office building in Prague 4, emphasizing tenant amenities such as fitness facilities, bicycle storage, and a shared terrace. The company positions itself as a leader in sustainable real estate, highlighting certifications like BREEAM In-Use V6 and LEED. The site is professionally designed, mobile-optimized, and provides clear contact channels for leasing inquiries. Technically, the website employs modern tracking and analytics tools including Google Tag Manager and Facebook Pixel, alongside a cookie consent mechanism ensuring GDPR compliance. The site uses Google Maps API for location display and features asynchronous script loading to optimize performance. While no explicit CMS or hosting provider is identified, the site demonstrates good SEO and accessibility practices. From a security perspective, the site enforces HTTPS and uses standard tracking scripts responsibly. However, it lacks explicit security headers and does not provide visible security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces transparency but does not significantly detract from the site's legitimacy given the professional presentation and trust signals. Overall, the website is a reliable and professional platform for commercial real estate leasing, with strong business credibility and good technical implementation. Strategic improvements in security headers and incident response transparency would further enhance trust and compliance.

Z

Zlatý Anděl

zlatyandel.cz

52

Zlatý Anděl is a Czech Republic-based shopping center offering a variety of retail shops, restaurants, and office spaces. The website is professionally designed with clear navigation and mobile optimization, targeting local shoppers and business tenants. The technical infrastructure includes modern JavaScript frameworks, cookie consent management, and Google Tag Manager for analytics. Security posture is strong with HTTPS and cookie consent but could be improved by adding security headers and visible contact information. The absence of WHOIS data reduces domain trustworthiness, though the website's professional appearance and social media presence support legitimacy. Overall, the site is low risk but would benefit from enhanced transparency and security disclosures.

I

IQ Structures s.r.o.

iqstructures.com

59

IQ Structures s.r.o. is a specialized technology company focused on providing innovative optical security features to protect valuables such as IDs, passports, banknotes, and brand documents. The company is recognized within the security printing industry and offers award-winning holography solutions. Their business model targets governments, security printers, and brand owners seeking advanced anti-counterfeiting technologies. The website reflects a professional and consistent brand image, supported by a parent company IQS Group a.s. The company participates actively in international conferences, reinforcing its market presence. Technically, the website employs modern JavaScript libraries such as jQuery, Owl Carousel, and WOW.js, alongside Google Analytics and Google Maps APIs. The site is mobile-optimized with good SEO practices and a cookie consent mechanism compliant with GDPR. However, no CMS or hosting provider details are evident, and performance is moderate. Security-wise, the site uses HTTPS and secure form submissions with validation, but lacks visible HTTP security headers and explicit incident response or security policy pages. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces domain trustworthiness, though the website content and business information appear legitimate. Overall, the website is professional and trustworthy with good privacy compliance, but would benefit from enhanced security headers, verified domain registration data, and explicit security policies to improve trust and compliance.

V

Vítovec corp. a.s.

vitovec.cz

47

Vítovec corp. a.s. is a Czech insurance brokerage company specializing exclusively in insurance and related financial products and services. The company targets both businesses and individual citizens, offering a wide range of insurance products including property, liability, cyber risk, and personal insurance. The website reflects a professional and established market position with partnerships such as being a gold partner of HC Škoda Plzeň and providing detailed insurance information and guidance. Technically, the website is built on WordPress with Elementor, leveraging modern JavaScript libraries and Google Analytics for tracking. It is well-optimized for mobile and SEO, with a comprehensive cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. The absence of WHOIS data reduces domain trustworthiness, but the website content and business information appear legitimate and professional. Overall, the site presents a trustworthy and user-friendly platform for insurance services in the Czech Republic.

C

Copylot Group

copylot.com

57

Copylot Group is a French communication consulting group that unites multiple communication agencies under a collaborative and growth-oriented business model. The group focuses on advising and supporting brands and professionals in communication through shared tools, agile methods, and collective intelligence. Their services span branding, marketing, digitalization, audiovisual communication, and marketing studies. The website is professionally designed, mobile-optimized, and uses modern technologies including Google Tag Manager, Google reCAPTCHA, and Axeptio for cookie consent management. However, the domain WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy. Security posture is moderate with HTTPS and reCAPTCHA implemented but lacks explicit security headers and published privacy policies. Contact is primarily via a web form and LinkedIn. Overall, the website presents a professional image but would benefit from improved transparency and security practices.

The website krosovykolobeh.cz is a niche sports event platform focused on organizing and promoting cross-country footbike (krosový koloběh) races and community rides primarily in the Czech Republic. It hosts a series of events under the XC Footbike CUP 2025 brand, providing detailed schedules, registration information, and equipment rental options. The site targets enthusiasts of footbiking and outdoor sports, offering a community hub for this specialized activity. Technically, the site is built using the WEDOS WebSite builder platform, leveraging standard web technologies such as HTML5, CSS3, JavaScript, Google Fonts, and Google Maps API for location services. Hosting is provided by WEDOS, a Czech hosting provider. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features and comprehensive meta-data. From a security perspective, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, indicating gaps in compliance and security best practices. No analytics or tracking scripts were detected, suggesting minimal user tracking. The WHOIS data presents a suspicious future domain creation date, which raises questions about registration legitimacy, though the website content appears genuine and detailed. Overall, the site is functional and informative for its niche audience but requires improvements in privacy compliance, security posture, and domain registration transparency to enhance trust and professionalism.

D

Destinační management turistické oblasti Beskydy-Valašsko o.p.s

beskydyportal.cz

54

The website www.beskydyportal.cz serves as a comprehensive tourism portal for the Beskydy and Valašsko regions in the Czech Republic. It offers extensive information on local attractions, accommodation options, events, cycling and hiking routes, and multimedia content to support tourism activities. The portal targets families, couples, and individual tourists seeking regional travel experiences. The business operates as a regional destination management organization, supported by Czech Ministry for Regional Development funding, and maintains partnerships with official tourism entities. Technically, the site employs a modern web stack including Bootstrap, jQuery, Google Maps API, Mapy.cz API, and Leaflet.js for interactive maps. It integrates social media SDKs and tracking pixels such as Facebook Pixel and uses Google reCAPTCHA for form security. The site is mobile-optimized with responsive design and includes cookie consent mechanisms, although it lacks explicit privacy and terms of service pages. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. However, it lacks visible security headers and does not publish a privacy policy or incident response contacts, which are important for GDPR compliance and user trust. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of WHOIS data limits domain legitimacy verification, but the presence of official logos and consistent branding supports trustworthiness. Overall, the site is a well-structured, content-rich tourism portal with good technical implementation and moderate security posture. To enhance trust and compliance, it should publish privacy and terms policies, implement security headers, and provide clearer contact information. Domain registration details should be verified to ensure legitimacy and reduce risk.

B

BESIP

besip.cz

60

BESIP is the primary governmental entity responsible for coordinating road safety efforts in the Czech Republic. It operates as an expert body under the Ministry of Transport, focusing on education, awareness campaigns, and safety strategies for various road users including pedestrians, cyclists, drivers, and motorcyclists. The website serves as a comprehensive resource for road safety information, educational materials, and campaign updates, targeting a broad audience from the general public to professionals in the field. Technically, the website is built on ASP.NET WebForms with integration of modern JavaScript libraries such as jQuery, Bootstrap, and Swiper.js. It employs Kentico CMS for content management and includes features like Google Maps integration and social sharing tools. The site is mobile-optimized and demonstrates good SEO practices, although some legacy technology components remain. From a security perspective, the site enforces HTTPS and includes CSRF protection tokens in forms. It implements a cookie consent mechanism aligned with GDPR requirements. However, no explicit security headers were detected, and no public security or incident response policies are available. The absence of WHOIS data limits domain registration transparency, but the official government domain and consistent branding support legitimacy. Overall, BESIP's website is a well-structured, authoritative platform for road safety in the Czech Republic, with a solid technical foundation and good privacy compliance. Enhancements in security headers and public security policies would further strengthen its posture.

V

VAŠE LIGA z.s.

vaseliga.cz

61

VAŠE LIGA z.s. operates a Czech Republic-based sports league platform offering monthly organized matches across multiple sports including squash, badminton, tennis, ping-pong, beach volleyball, and padel. The platform targets active sports enthusiasts in various Czech cities, providing a structured and community-driven sports experience. The website demonstrates a solid market niche with a medium-sized operation and partnerships with local sponsors and foundations. Technically, the site employs a modern JavaScript stack with frameworks like Svelte and jQuery, integrates Google Maps and social media SDKs, and uses Google Tag Manager for analytics and marketing. The site is mobile-optimized and features a cookie consent mechanism aligned with GDPR requirements. Security posture is good with HTTPS enforced and secure login forms, though it lacks some HTTP security headers and explicit incident response contacts. The absence of WHOIS data reduces domain trustworthiness, but the website content and partner references support legitimacy. Overall, the site is professional, user-friendly, and trustworthy for its target audience.

S

STOPNI TO s.r.o.

stopnito.cz

48

STOPNI TO s.r.o. operates the website www.stopnito.cz, providing specialized chip timing and GPS tracking services for various sports events primarily in the Czech Republic. Their offerings include race timing, online results publication, GPS tracking maps, start and finish line equipment, and race registration support. The company targets sports event organizers and participants, positioning itself as a niche service provider with a localized market focus. The website content is professionally presented, with clear navigation and relevant service descriptions, supporting a small business model.

MyCat.cz is a Czech-based company operated by HN Consulting Brno s.r.o., providing a specialized information system designed to simplify administrative tasks for language schools. The platform offers comprehensive management tools including course scheduling, invoicing, library and publication management, translation tracking, and communication via email and SMS. The system targets language school management, teachers, students, and HR personnel, serving over 95 schools across Central Europe. The website is professionally designed, multilingual, and includes client testimonials that reinforce its market credibility. Technically, the website employs modern web technologies such as Google Tag Manager, Google Analytics, Google Fonts, and popular JavaScript libraries like Swiper.js and Owl Carousel. It is mobile-optimized and structured for good SEO performance. However, there is no evidence of a CMS or hosting provider disclosed. The site includes cookie consent mechanisms and GDPR-related pages, indicating a baseline compliance with privacy regulations. From a security perspective, the site uses HTTPS and includes cookie consent but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or malicious content were detected in the analysis. The absence of WHOIS data for the domain is a concern and reduces the overall trust score, though the website content and contact information appear legitimate. Overall, MyCat.cz presents a solid business offering with a professional web presence and moderate technical maturity. To enhance trust and security posture, the company should address the missing WHOIS data, publish security policies, and implement recommended HTTP security headers.

ATE is a globally recognized brand specializing in automotive brake technology and aftermarket products. The company offers a wide range of braking components including disc brakes, drum brakes, brake fluids, hydraulic parts, and related services such as partner finder and certified brake centers. The website reflects a mature business with a consistent brand presence and a focus on both B2B and B2C markets. Technically, the website employs modern web technologies including Google Tag Manager, reCAPTCHA Enterprise, and ConsentManager for cookie compliance, indicating a good level of digital maturity. Security posture is solid with HTTPS enforced and bot protection in place, though there is room for improvement in security headers and published security policies. Overall, the site is professional, well-structured, and compliant with GDPR requirements, supporting a trustworthy online presence.

G

Grosset Janin

grossetjanin.com

46

Grosset Janin is a well-established French company specializing in custom wooden chalet construction and renovation, with a history dating back to 1950. The company targets clients seeking bespoke chalet solutions, offering turnkey projects and renovation services. The website is professionally designed, bilingual (French and English), and optimized for performance and mobile devices. The technical infrastructure is based on WordPress with modern optimization tools like NitroPack and includes integrations such as Google Tag Manager and Google Maps API. Security posture is solid with HTTPS enforced and domain locking, though improvements can be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a visible privacy policy and terms of service. Overall, the website reflects a credible and trustworthy business with room for enhanced transparency and security documentation.

D

Denotevrenychlesu.cz

denotevrenychlesu.cz

43

Denotevrenychlesu.cz is a Czech non-profit event website dedicated to organizing the 'Den otevřených lesů' (Open Forest Day), an event that invites the public to experience forests differently by visiting various forest locations managed by private, municipal, and church owners. The website targets families and nature enthusiasts, providing educational content and event information. The business operates on a small scale with a focus on public engagement and environmental education. Technically, the site is built on WordPress using Elementor and JetEngine plugins, integrating Google Maps for location display. The site is mobile-optimized and SEO-friendly but lacks privacy and cookie policies, which are compliance gaps. Security posture is good with HTTPS enabled and no visible vulnerabilities, though security headers are missing. Overall, the site is trustworthy and professionally presented but could improve privacy compliance and security hardening.

R

RATP Dev Australia

ratpdevaustralia.com.au

66

RATP Dev Australia is a regional branch of the global RATP Dev group, specializing in the operation and maintenance of urban and intercity transportation systems. The company leverages the extensive experience of its parent, RATP Group, a major public transport operator with over a century of history. The website presents a professional image with detailed references to global operations, emphasizing expertise in automated metro systems and various transit modes. Technically, the site is built on Drupal 10 and integrates modern analytics tools with privacy-conscious configurations. Security posture is generally good with HTTPS and cookie consent implemented, though there is room for improvement in security headers and transparency of policies. WHOIS data is incomplete, which slightly impacts trust but does not detract from the overall legitimacy indicated by the website content and branding.

R

RATP Dev

ratpdev.it

53

RATP Dev Italy is a subsidiary of the global RATP Dev group, specializing in operating and maintaining urban and intercity transportation systems across multiple continents. The company offers a wide range of transportation services including bus, tramway, rail, metro, sightseeing, mobility on demand, paratransit, and cable car operations. The website reflects a mature enterprise with a consistent brand and professional content targeting transportation authorities and the general public. Technically, the site is built on Drupal 10 with integration of Google Analytics, Matomo, and Google Maps API, indicating a modern digital infrastructure with moderate performance and good mobile optimization. Security posture is moderate with some privacy-conscious configurations in analytics but lacks explicit security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

R

RATP Dev

ratpdevusa.com

64

RATP Dev USA operates as a regional branch of the global RATP Dev group, providing urban and intercity transportation services across multiple continents. The company offers a wide range of transit solutions including bus, tramway, paratransit, metro, rail, cable cars, and sightseeing services. Their market position is strong as one of the largest multi-modal urban public transit operators with over 120 subsidiaries in 17 countries. The website reflects a professional and consistent brand image targeting transit agencies and passengers. Technically, the website is built on Drupal 10 CMS and leverages modern web technologies including Google Analytics, Matomo for analytics, and Google Maps API for geolocation features. The site is moderately performant, mobile-optimized, and has good SEO and accessibility basics. However, some security best practices such as security headers are missing, and no explicit security or incident response policies are published. Security posture is adequate with HTTPS enabled and privacy-conscious analytics configurations, but the lack of WHOIS data and absence of privacy policy and contact information reduce trust. No signs of malware or phishing were detected. Overall, the site is safe and business-focused but would benefit from improved transparency and security disclosures. The risk assessment indicates moderate risk primarily due to missing WHOIS data and incomplete privacy and security disclosures. Strategic recommendations include publishing privacy and security policies, adding security headers, providing clear contact information, and establishing a vulnerability disclosure process.

E

EFFIA

effia.com

65

EFFIA is a prominent parking service provider operating primarily in France and Belgium, offering parking space reservations and subscription plans across more than 500 locations. The company targets drivers and commuters seeking convenient and cost-effective parking solutions near city centers and train stations. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content to its audience. Technically, the site is built on Drupal CMS and integrates modern tools such as Google Maps API, Didomi for consent management, and analytics platforms like Piano Analytics and Google Tag Manager. Security posture is solid with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with visible cookie consent mechanisms and a comprehensive privacy policy. However, the absence of WHOIS registration data for the domain www.effia.com raises some concerns about domain legitimacy, though the website content and business presence appear credible. Overall, the site scores well in content quality, technical implementation, and security, but could improve business credibility by providing more transparent domain registration and direct contact information.

I

Integsoft, Inc.

integsoft.com

58

Integsoft, Inc. is a specialized technology company focused on Java-based system integration, API monitoring, and security solutions. Their offerings include custom Java development, system integration using Mule ESB, single sign-on with Keycloak, Big Data analytics, and their proprietary modular product Integration Eye®. The company targets enterprise clients across diverse sectors such as insurance, energy, banking, healthcare, automotive, and transportation. The website reflects a professional and consistent brand image with strong client testimonials and partnerships with MuleSoft and Red Hat, indicating a solid market position in their niche. Technically, the website employs a modern technology stack including JavaScript libraries like jQuery, Bootstrap framework, and various UI components such as LayerSlider and Owl Carousel. Integration with Google Analytics and Hotjar indicates moderate user tracking for analytics and user experience improvements. The site is mobile-optimized and accessible with good SEO practices. However, some security best practices like security headers are not evident, and privacy and cookie policies are missing, which could impact compliance. Security posture is moderate with HTTPS usage implied but lacking explicit security headers and incident response information. The absence of WHOIS data for the domain raises some legitimacy concerns, though the professional presentation and contact details mitigate this risk. Overall, the site is safe, trustworthy, and well-designed but would benefit from enhanced privacy and security disclosures. Strategic recommendations include implementing comprehensive privacy and cookie policies, publishing security and incident response contacts, adding security headers, and verifying domain registration details to improve trust and compliance.

E

EUREGNIA s.r.o.

euregnia.cz

62

EUREGNIA s.r.o. is a Czech-based professional services company specializing in tax advisory, accounting, economic consulting, payroll, and document digitization services primarily serving businesses and entrepreneurs in the Uherské Hradiště region. The company positions itself as a trusted regional expert with memberships in relevant professional associations and a focus on professionalism, discretion, and liability insurance. The website is well-structured, mobile-optimized, and uses modern web technologies such as Bootstrap, jQuery, and Owl Carousel to deliver a good user experience. Privacy and cookie policies are comprehensive and GDPR compliant, with clear user consent mechanisms implemented. However, the absence of WHOIS registration data raises some concerns about domain legitimacy, although the website content and business information appear consistent and professional. Security posture is moderate with HTTPS usage and cookie consent but lacks explicit security headers and incident response information. Overall, the website presents a credible and professional business front with room for improvement in security and transparency.

R

RATP Dev

ratpdev.com

66

RATP Dev is a global operator specializing in the operation and maintenance of urban and interurban transportation networks across five continents. The company offers a wide range of services including metro, tramway, bus, train, sightseeing, demand-responsive transport, and specialized services for persons with reduced mobility. The website reflects a mature enterprise with a strong international presence and multiple subsidiaries. Technically, the site is built on Drupal 10, uses modern analytics and mapping technologies, and implements cookie consent mechanisms, indicating a reasonable level of digital maturity. Security posture is good with HTTPS and some privacy measures, but lacks explicit security policies and vulnerability disclosure mechanisms. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, though the website content and branding align with the known RATP Group. Overall, the site is professional and trustworthy but would benefit from enhanced transparency in privacy and security disclosures.

A

Alexion Pharmaceuticals, Inc.

ultsolrems.com

70

The website ultsolrems.com serves as the official portal for the ULTOMIRIS and SOLIRIS Risk Evaluation and Mitigation Strategy (REMS) program managed by Alexion Pharmaceuticals, Inc. It provides critical information and resources aimed at healthcare providers, pharmacies, and healthcare settings to ensure safe prescribing and dispensing of these medications. The site emphasizes patient safety through vaccination and awareness of meningococcal infection risks, aligning with FDA REMS requirements. The business model is focused on regulatory compliance and education within the pharmaceutical healthcare sector, targeting US-based healthcare professionals and institutions.

N

Národní kulturní památka Vyšehrad

praha-vysehrad.cz

49

Národní kulturní památka Vyšehrad operates as a national cultural monument in Prague, providing visitors with guided tours, cultural events, educational programs, and venue rental services. The website reflects a well-established institution supported by the City of Prague, targeting tourists, local visitors, and educational groups. The business model centers on cultural heritage preservation combined with revenue from ticket sales and merchandise. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, and Google Maps API, likely built on a Ruby on Rails framework, hosted by Active24. The site is mobile optimized with good navigation and content quality. Security posture is moderate with CSRF protections and HTTPS usage implied, but lacks explicit security headers and comprehensive security policies. Privacy compliance is basic with a GDPR-aligned privacy policy but no cookie consent mechanism. Overall, the domain registration data supports the legitimacy and trustworthiness of the site.

O

Obec Palkovice

palkovice.cz

57

Obec Palkovice operates as a municipal government portal serving the residents and visitors of Palkovice and Myslík in the Czech Republic. The website provides comprehensive local information including official announcements, event calendars, citizen services, and contact details. It positions itself as a trusted source of community information and public service facilitation. Technically, the site is built as a modern Angular single-page application, integrating Google services such as Analytics, Tag Manager, Maps, and YouTube APIs, indicating a moderate level of digital maturity. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and implements a cookie consent mechanism, but lacks visible advanced security headers or published security policies. No critical vulnerabilities or suspicious content were detected. Overall, the site is credible and trustworthy but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

K

Koupelny Ptáček

koupelny-ptacek.cz

68

Koupelny Ptáček is a prominent Czech retail company specializing in bathroom design and product sales, operating 61 studios across the Czech Republic and positioning itself as the largest bathroom gallery in the country. The website is professionally designed, primarily targeting Czech consumers interested in bathroom renovations and products. Technically, the site employs a modern tech stack including jQuery, Google Tag Manager, Google Analytics, and Cookiebot for privacy compliance, with integration of Google Maps and Facebook SDK for enhanced user experience and marketing. Security posture is strong with HTTPS enforced, CSRF protection tokens, and cookie consent management, though additional security headers could improve defenses. The absence of WHOIS data limits domain trust verification, but the website's professionalism and compliance measures support its legitimacy. Overall, the site demonstrates a mature digital presence with good privacy and security practices, suitable for its retail business model.