Security Directory

D

Darkmay s.r.o.

cestovnisystem.cz

56

Darkmay s.r.o. operates the CeSYS platform, a comprehensive SaaS solution for travel agencies primarily in the Czech Republic and neighboring countries. The platform offers multiple products including search engines, web design, sales management, and marketing tools tailored for travel agencies. With over 16 years of market presence and partnerships with major travel industry players, CeSYS holds a strong position in its niche. The website demonstrates a mature technical infrastructure leveraging modern web technologies and analytics tools with user consent mechanisms. Security posture is generally good with HTTPS and consent-based tracking, though explicit privacy and security policies are lacking. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security documentation.

NAVRCHOLU.cz is a Czech web traffic monitoring and ranking platform operated by Internet Info s.r.o., established in 1997. The service provided rankings and visitor statistics for Czech websites but ceased active measurement as of January 31, 2021, now offering only historical data. The website targets Czech internet users, website owners, and digital marketers interested in web traffic insights. The business model focused on providing traffic analytics and rankings, positioning itself as a long-standing player in the Czech digital media space. Technically, the site uses standard web technologies including JavaScript, jQuery, Google Tag Manager, and Google Analytics, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is partial, with privacy and cookie policies present but no explicit consent mechanisms. Overall, the site is professional and trustworthy but could improve in security and privacy transparency.

W

Webnode AG

webnode.cz

69

Webnode AG operates a multilingual SaaS platform enabling users to create websites easily, including AI-assisted website generation. The company targets small businesses, individuals, and hobbyists with a freemium model and premium services such as domain registration, e-commerce, and email hosting. The platform is well-established with over 50 million websites created. Technically, the website leverages modern web technologies including AngularJS, Google Analytics, Google Ads, and Cloudfront CDN, ensuring fast performance and good mobile optimization. Security posture is strong with HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. WHOIS data is unavailable, which slightly impacts trust but the overall brand presence and content quality indicate legitimacy. Strategic recommendations include publishing security policies, improving WHOIS transparency, and enhancing vulnerability disclosure.

G

GO Česká republika, s.r.o.

sumavago.cz

44

ŠUMAVAGO is a regional tourism portal operated by GO Česká republika, s.r.o., providing comprehensive information and booking services for accommodation and activities in the Šumava region of the Czech Republic. The website targets tourists and visitors interested in outdoor activities, lodging, and local events. It offers a variety of services including hotel and pension bookings, maps, galleries, and event calendars, positioning itself as a key regional tourism resource. Technically, the site uses a traditional web stack with HTML, CSS, JavaScript, jQuery, and integrates Google Analytics and Facebook SDK for marketing and tracking. However, it still relies on deprecated Flash content, which impacts modern compatibility and security. Security posture is moderate with HTTPS enabled but lacks visible security headers and formal privacy or cookie policies, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but would benefit from modernization and improved privacy and security practices.

U

UNIWEB s.r.o.

regionplzen.cz

51

REGIONPLZEN.CZ is a well-established regional news and information portal serving the Plzeňský kraj region in the Czech Republic. Operated by UNIWEB s.r.o., the portal offers daily news, a business directory, event calendars, job listings, and regional advertising services. The website targets local residents and businesses, providing relevant and timely regional content. The portal has a consistent brand presence and is supported by a parent media group, REGION24.CZ.

The WST Group is a Hungarian technology company specializing in custom software and web development services, including business integration and EDI solutions. Established with a business history dating back to 1997, the company positions itself as a reliable partner for businesses seeking tailored digital solutions to grow and engage their customers. Their website reflects a professional and consistent brand image with clear service offerings and contact channels. Technically, the site employs modern web technologies such as Google Fonts, Google Analytics, reCAPTCHA, and Hotjar for analytics and security. The site is mobile-optimized and performs moderately well, though some accessibility features could be improved. Security posture is solid with HTTPS and form protections, but lacks explicit security headers and published security policies. Privacy compliance is evident through a comprehensive privacy policy, though cookie consent mechanisms are missing. Overall, the website is trustworthy and professionally maintained, with room for enhancements in security transparency and privacy controls.

Obec Kubova Huť operates as the official municipal government office for the village of Kubova Huť in the Czech Republic. The website serves as a public information portal providing residents and visitors with essential contact details, official documents, local news, and administrative information. The site targets local citizens and tourists interested in the municipality's governance and community updates. The business model is purely governmental, focusing on public service and transparency. Technically, the website employs standard web technologies including HTML, CSS, and JavaScript, with integration of Google Analytics for visitor tracking and CookieScript for cookie consent management. The hosting appears to be provided by a regional service provider, ŠumavaNet.CZ. The site shows basic mobile optimization and accessibility features but lacks advanced modern frameworks or CMS indications. From a security perspective, the site uses cookie consent mechanisms and does not expose sensitive data. However, no security headers or explicit HTTPS enforcement details were found in the provided data. The absence of WHOIS registration data is a concern for domain legitimacy verification, although the website content and official nature suggest it is a legitimate local government site. Overall, the website is functional and serves its purpose as a municipal information portal but would benefit from enhanced security practices, explicit privacy policies, and improved technical modernization to increase trust and compliance.

S

Statutární město České Budějovice

c-budejovice.cz

51

The website www.c-budejovice.cz serves as the official online presence of the statutory city of České Budějovice, Czech Republic. It provides comprehensive information about city governance, public services, news, cultural events, and municipal resources targeted at residents, visitors, and local businesses. The site is well-branded with official logos and maintains consistent messaging aligned with its government function. The presence of social media links and a cookie consent mechanism indicates a commitment to user engagement and regulatory compliance. Technically, the site is built on the Drupal CMS platform, leveraging common web technologies such as jQuery, Google Analytics, and JW Player for multimedia content. The site is mobile-optimized with a moderate performance profile and basic accessibility features. However, some security best practices such as HTTP security headers are not visibly implemented, and WHOIS data for the domain is missing, which raises some concerns about domain registration transparency. From a security perspective, the site uses HTTPS and anonymizes IP addresses in analytics, which are positive indicators. The cookie consent banner complies with EU regulations, but there is no visible security policy or incident response information. No vulnerabilities or malware indicators were detected in the content. Overall, the site presents a moderate security posture with room for improvement in transparency and technical security controls. The overall risk assessment is moderate with a recommendation to verify domain registration details, implement additional security headers, and publish clear security and privacy policies. These steps would enhance trust and compliance, supporting the city’s digital service delivery and citizen engagement objectives.

F

FT Sun s.r.o.

chciwwwstranky.cz

36

FT Sun s.r.o. is a Czech-based digital agency specializing in data-driven digital marketing, application development, and creative services such as photo and video production. The company positions itself as a pragmatic and experienced partner for businesses seeking to leverage internet technologies effectively. Their website reflects a professional and modern digital presence with clear service offerings and a focus on client engagement through contact forms and marketing tools. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, Facebook Pixel, and reCAPTCHA for security and marketing purposes. The site is mobile-optimized and uses HTTPS, ensuring secure communications. However, the absence of certain security headers and lack of visible hosting or CMS details suggest room for technical improvements. From a security perspective, the site demonstrates good practices such as GDPR-compliant privacy and cookie policies and spam protection on forms. The lack of WHOIS data is a notable concern, as it impairs domain legitimacy verification. No critical vulnerabilities or exposed sensitive data were detected, but the site would benefit from enhanced security headers and published incident response information. Overall, FT Sun's website is a solid representation of a small technology service provider with good digital maturity and compliance posture. The main risk lies in the missing WHOIS information, which should be addressed to improve trust and transparency.

O

Obec Borová Lada

borova-lada.cz

37

Obec Borová Lada operates an official municipal government website serving the local community and visitors. The site provides comprehensive information about the municipal office, local services, tourism, public notices, and contact details. It targets residents and entrepreneurs in the Borová Lada area, positioning itself as a trusted local government resource. The business model is public sector focused, delivering essential civic information and services online. Technically, the website employs standard web technologies including jQuery, Google Analytics, Google Tag Manager, and Fancybox for UI enhancements. Hosting and web design are provided by ŠumavaNet.CZ. The site is moderately performant, mobile-optimized, and accessible with good SEO practices. Cookie consent mechanisms are implemented, though a dedicated privacy policy page is missing. From a security perspective, the site uses HTTPS and includes cookie consent but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data limits domain legitimacy verification, but the website content and structure indicate a legitimate municipal entity. Overall, the website is professional, trustworthy, and serves its public sector purpose well. Strategic improvements include publishing a privacy policy, enhancing security headers, and providing incident response information to strengthen compliance and security posture.

T

TUI Poland Sp. z o.o.

tui.cz

66

TUI Poland Sp. z o.o. operates the website www.tui.cz as a leading travel agency offering a wide range of all inclusive and last minute vacation packages, tours, and charter flights to popular destinations worldwide. The company positions itself as the number one travel agency in Europe, targeting general consumers seeking organized travel experiences. The website is professionally designed with good content quality and consistent branding, supported by official social media channels and a clear customer service contact number. Technically, the website leverages modern web technologies including React and Next.js frameworks, with integrations for Cookiebot for cookie consent management, Google Analytics, and Hotjar for analytics and user behavior tracking. The site demonstrates good mobile optimization and SEO practices, although accessibility features could be improved. Performance is moderate, with a comprehensive set of meta tags and structured data enhancing search engine visibility. From a security perspective, the website enforces HTTPS with strong SSL configuration and includes standard security headers. Cookie consent mechanisms are implemented in compliance with GDPR, and privacy policies are comprehensive and accessible. However, the absence of WHOIS data and lack of explicit security policy or incident response information represent gaps in transparency and trustworthiness. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and vulnerability disclosure information to enhance trust and compliance. Improving accessibility and adding a terms of service page would further strengthen the user experience and legal posture.

F

Fischer

fischer.cz

55

CK FISCHER is a prominent Czech travel agency specializing in holiday packages, including last minute and first minute offers, with a strong loyalty program (DERCLUB). The company operates under the parent company DER Touristik CZ a.s., part of the REWE Group. The website targets general consumers seeking quality vacation services primarily in the hospitality sector. Technically, the site uses modern JavaScript frameworks (Vue.js), integrates Google Analytics, Google Tag Manager, Usercentrics for consent management, and reCAPTCHA for bot protection. The site is mobile optimized and has good SEO practices. Security posture is solid with HTTPS and consent mechanisms, but lacks some advanced security headers and explicit security policies. WHOIS data is missing, which reduces domain trust assessment confidence but the business presence and branding indicate legitimacy. Overall, the site is professional, user-friendly, and compliant with privacy regulations.

P

PANKREA s.r.o.

pankrea.cz

54

PANKREA s.r.o. is a small creative PR agency based in the Czech Republic specializing in public relations, corporate identity, web design, marketing, and custom programming services. The company targets businesses seeking to build and promote their brand identities through professional web presence and marketing communication. The website presents a professional image with clear service offerings and client references, positioning PANKREA as a creative and expert partner in the media and marketing sector. Technically, the website uses modern tools such as Google Analytics, Google Tag Manager, and Google reCAPTCHA, and is built on the Estofan CMS platform. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site employs reCAPTCHA and cookie consent mechanisms but lacks visible security headers and publicly disclosed security policies. The absence of WHOIS data reduces domain trustworthiness, but the website content and business information appear legitimate and professional. Overall, the site scores well on content quality and technical implementation but has room for improvement in security posture and privacy transparency.

O

ONLINE HOLDING s.r.o.

hotel.cz

63

Hotel.cz is an established online hotel booking platform primarily serving the Czech Republic and Slovakia markets. Operated by ONLINE HOLDING s.r.o., it offers a wide selection of hotels and accommodation options with a focus on competitive pricing and direct hotel payments. The website positions itself as a market leader with over 10 years of experience, targeting travelers seeking convenient and reliable hotel reservations. The platform provides multilingual support and extensive filtering options to enhance user experience. Technically, the website employs modern tracking and analytics tools including Google Analytics, Microsoft Clarity, Bing UET, and OneTrust for cookie consent management, indicating a mature digital infrastructure. The site is mobile-optimized and features a responsive design, although accessibility features are basic. Performance is moderate with room for improvement in security header implementation. From a security perspective, the site uses HTTPS and cookie consent mechanisms, but lacks visible security policies, incident response contacts, or vulnerability disclosure information. The absence of WHOIS data for the domain is a notable concern, limiting the ability to fully verify domain legitimacy and ownership. No critical vulnerabilities or exposed sensitive data were detected in the content. Overall, Hotel.cz presents a professional and trustworthy front for hotel bookings, but would benefit from enhanced transparency in privacy and security policies, as well as domain registration clarity to strengthen trust and compliance posture.

L

Lesy České republiky, s.p.

vracimevodulesu.cz

68

The website 'Vracíme vodu lesu' represents a large-scale governmental forestry and environmental conservation program managed by Lesy České republiky, s.p. It focuses on water retention and revitalization of small watercourses across the Czech Republic, positioning itself as the largest program in the history of Czech forestry. The site targets the general public and stakeholders interested in environmental sustainability and forestry management. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with integrations such as Cookiebot for cookie consent, Google Analytics, and Facebook Pixel for analytics and marketing. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with visible cookie consent and a comprehensive privacy policy. Overall, the website demonstrates a mature digital presence with a strong focus on compliance and user trust.

L

Lesy České republiky

kladska.com

64

Lovecký zámeček Kladská is a small hospitality business operating a hotel and offering recreational services such as hunting and fishing in Mariánské Lázně, Czech Republic. The website is professionally designed with clear navigation and multilingual support, targeting tourists and nature enthusiasts. The business is owned by Lesy České republiky, a reputable organization, which adds credibility and trust. The website uses WordPress CMS with SEO and multilingual plugins, hosted on Azure DNS infrastructure. Cookie consent is implemented with detailed user controls, and privacy policies are linked to the parent company site, indicating good GDPR compliance. Security posture is generally good with HTTPS and no exposed sensitive data, but could be improved by enabling DNSSEC and adding security headers. No incident response or vulnerability disclosure information is published, which is a gap. Overall, the site is trustworthy, compliant, and professionally maintained, suitable for its business purpose.

L

Lesy České Republiky, s. p.

parcour.cz

32

The website www.parcour.cz represents a government-operated shooting range facility located in the Czech Republic, specifically serving the Lesní závod Konopiště region. It provides services related to shooting sports, including training, registration, and hosting of shooting competitions such as the Lovecký brokový parkúr. The site is modest in size and targets a niche audience of hunters and shooting sports enthusiasts. The business model is focused on government service provision rather than commercial enterprise. Technically, the website uses standard web technologies including JavaScript, jQuery, and Google Analytics for tracking. The site is accessible over HTTPS but lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in security and privacy compliance. The WHOIS data is missing, which raises concerns about domain registration transparency but does not necessarily indicate illegitimacy given the government affiliation. Overall, the site is functional with basic content quality and moderate technical implementation.

L

Lesy České republiky, s.p. Semenářský závod

semenarskyzavod.cz

65

Semenářský závod Lesů České republiky is a medium-sized, state-owned enterprise specializing in forestry seed production and related laboratory services. Established in 1971, it serves forest owners and nurseries with a range of products including forestry and ornamental seeds, wood products, and accredited laboratory testing. The website reflects a professional and consistent brand presence, targeting primarily forestry professionals and registered customers. The business holds ISO/IEC 17025:2018 accreditation, underscoring its commitment to quality and standards. Technically, the website is built on WordPress with modern SEO and multilingual support via WPML. It uses Google Analytics and Facebook Pixel for analytics and marketing, integrated with a GDPR-compliant cookie consent mechanism. Hosting is supported by Microsoft Azure DNS infrastructure. The site demonstrates good mobile optimization and accessibility, though some improvements in security headers and incident response transparency could be made. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy or vulnerability disclosure mechanism is noted. Privacy compliance is strong, with clear privacy and cookie policies and user consent management. Business credibility is high, supported by clear contact details, certifications, and professional content. Overall, the website is trustworthy, well-maintained, and compliant with relevant regulations, making it a reliable digital presence for the organization.

L

Lesy České republiky, s.p.

sazimelesynovegenerace.cz

59

The website 'Sázíme lesy nové generace' represents Lesy České republiky, a government-affiliated forestry management entity in the Czech Republic. It focuses on sustainable forest management, watercourse restoration, and public engagement through educational events such as 'Den lesů nové generace'. The site targets the general public interested in environmental conservation and sustainable wood use. Technically, the website employs modern web technologies including Google Analytics, Facebook Pixel, and Cookiebot for consent management, ensuring GDPR compliance. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. WHOIS data is unavailable, likely due to privacy protection, but the website's branding and social media presence support its legitimacy. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

L

Lesy ČR

klubnoveholesa.cz

69

Klub nového lesa is a community engagement platform operated under the auspices of Lesy ČR, the Czech Republic's national forestry organization. It focuses on organizing outdoor events related to forest renewal, environmental education, and public participation. The website provides event information, a mobile app for registration and rewards, and an e-shop for merchandise. The target audience includes nature enthusiasts, families, and volunteers interested in forestry and environmental stewardship. Technically, the website employs modern web technologies including Google Analytics, Facebook Pixel, Cookiebot for consent management, and Google Maps API for interactive maps. The site is mobile optimized and uses HTTPS, ensuring secure communication. Security posture is solid with cookie consent and CSRF protections, though some security headers could be improved. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR adherence. The WHOIS data is privacy protected, which is common and justified for this type of organization. Overall, the website is professional, trustworthy, and serves its community-oriented mission effectively.

H

HUMLNET CREATIVE s.r.o.

hucr.cz

43

HUMLNET CREATIVE s.r.o. is a Czech Republic-based small web development agency specializing in creating custom, modern, and professional websites tailored to client needs. Their market position is that of a regional service provider with a portfolio of local clients including schools, companies, and organizations. The company emphasizes a collaborative and tailored approach to web design and development, offering multilingual and responsive websites. Technically, the website is built on a modern stack including Bootstrap, jQuery, and OctoberCMS, with integration of Facebook SDK and Google Analytics for marketing and analytics purposes. The site is mobile-optimized and features a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and secure form handling, though additional security headers could improve defenses. The absence of WHOIS data reduces transparency but the website content and business information appear legitimate and professional. Overall, the site scores well on content quality, technical implementation, privacy compliance, and business credibility, with moderate security maturity.

P

Práce na horách. najděte si brigádu a zažijte zimu snů - Práce na horách

pracenahorach.cz

43

The website pracenahorach.cz is a niche job listing platform focused on seasonal winter employment opportunities in Czech mountain resorts, primarily targeting students and seasonal workers interested in ski instruction and related hospitality roles. The site offers curated job offers, course information, and location details, supported by partner ski schools and mountain activity providers. Technically, the site uses modern web technologies including HTML5, CSS, JavaScript, Google Analytics, Google Tag Manager, reCAPTCHA, and Smartsupp live chat, delivering a responsive and user-friendly experience. Security posture is generally good with HTTPS enforced and anti-bot measures on contact forms, though it lacks some security headers and formal privacy/cookie policies, which are compliance gaps. The absence of WHOIS data limits domain transparency but does not detract from the site's apparent legitimacy. Overall, the site is professionally designed, content-rich, and safe for general audiences.

T

Tourist Board Špindlerův Mlýn, z.s.

touristboard.cz

49

Tourist Board Špindlerův Mlýn, z.s. is a non-profit destination management organization dedicated to promoting tourism in the Špindlerův Mlýn area and the broader Krkonoše region. Supported by the city and key tourism operators, it focuses on marketing, tourism projects, and event organization to enhance the visitor experience and regional development. The website is professionally designed, mobile-optimized, and provides clear information about the organization's mission and activities, targeting tourists and local stakeholders.

F

FT Sun s.r.o.

ftsun.cz

46

FT Sun s.r.o. is a Czech digital agency specializing in data-driven digital services including application development, e-marketing, photo and video production, graphic design, and e-shop solutions. The company targets businesses seeking pragmatic and technologically standardized digital partners. The website presents a professional image with clear service offerings and a focus on GDPR compliance. Technically, the site uses modern web technologies such as Bootstrap, Owl Carousel, Google Analytics, Google Tag Manager, Facebook Pixel, and reCAPTCHA to enhance user experience and security. Security posture is solid with HTTPS enforced and consent mechanisms in place, though the absence of security headers and WHOIS data reduces overall trust. The domain WHOIS data is missing, which is a concern for domain legitimacy but the website content and business information appear consistent and professional. Overall, the site is well-structured, user-friendly, and compliant with privacy regulations, making it a credible digital agency in the Czech market.

4

42 Berlin

42berlin.de

62

42 Berlin is a tuition-free, non-profit software engineering school located in Berlin, Germany. It offers an innovative peer-to-peer learning environment focused on hands-on projects and real-world challenges, targeting aspiring software developers and students interested in coding education. The website is built on WordPress using Elementor, with modern SEO and structured data implementations, and is hosted behind Cloudflare. The site integrates multiple third-party analytics and tracking pixels including Google Analytics, TikTok, Facebook, and Reddit, with GDPR consent mechanisms in place via the Complianz plugin. Security posture is generally good with HTTPS enforced and Cloudflare protection, but lacks explicit security headers and published security policies. Contact information and privacy policies are not explicitly found in the analyzed content, which represents an area for improvement. Overall, the website is professional, trustworthy, and well-positioned in the education sector, but could enhance privacy compliance and security transparency.

4

42 Nice

42nice.fr

69

42 Nice is a tuition-free IT education institution based in France, offering innovative and inclusive training programs from bac +3 to bac +5 levels. The school emphasizes potential and merit over formal diplomas, using a project-based and peer-to-peer learning methodology. Supported by local government and business entities, 42 Nice positions itself as a modern academy addressing digital talent needs with accessible facilities and free IT equipment. Technically, the website is built on WordPress, integrates Google Analytics and CookieYes for privacy compliance, and is hosted behind Cloudflare DNS. The site is well-structured, mobile-optimized, and provides clear navigation and legal documentation. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the website reflects a professional, trustworthy, and privacy-conscious organization.

I

Innovation Academy

42seoul.kr

46

42 Seoul is an innovative software education program based in South Korea, operated by the Innovation Academy. The program offers tuition-free, self-directed learning aimed at cultivating top-tier software developers. The website reflects a medium-sized educational entity with a clear focus on growth, mentorship, and practical experience through collaborations with various companies. The business model emphasizes accessibility and challenge-driven learning without traditional academic constraints. Technically, the website employs a custom CMS with a technology stack including jQuery, Slick Carousel, Google Fonts, and Google Analytics, hosted via Megazone and utilizing Cloudflare DNS. The site is mobile-optimized with good SEO practices, though some accessibility features are basic. Performance is moderate, and the site uses HTTPS with a secure domain registration status. From a security perspective, the site enforces HTTPS and uses Cloudflare nameservers, but lacks visible security headers and a cookie consent mechanism, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a comprehensive privacy policy present but no explicit cookie consent. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy, professional, and well-aligned with its educational mission. Strategic improvements in security headers and privacy compliance would further strengthen its posture and user trust.

4

42 Bangkok

42bangkok.com

61

42 Bangkok is a tuition-free, innovative coding school located in Thailand, offering a peer-learning and project-based curriculum designed to develop the next generation of software engineers. The school operates without traditional teachers or classes, emphasizing autonomy and gamified learning. The website is professionally designed, well-structured, and optimized for SEO, targeting aspiring programmers aged 18 and above. Technically, the site is built on WordPress with modern plugins and integrates Google Analytics with user opt-out capabilities. Security posture is good with HTTPS enforced, but lacks some security headers and explicit privacy policies. WHOIS data is missing, which raises some concerns about domain registration transparency. Overall, the site is trustworthy and serves an educational mission with a strong social media presence and clear contact information.

4

42 Angoulême

42angouleme.fr

64

42 Angoulême is a free IT training school based in Charente, France, offering coding education accessible to all without diploma requirements. The website positions itself as a local educational institution with a clear mission to democratize coding skills. The business model is non-commercial, focusing on free education, targeting a broad audience interested in learning programming. The site is professionally designed with consistent branding and good content quality, reflecting the institution's educational purpose. Technically, the website is built on WordPress, leveraging common web technologies such as jQuery, Google Analytics, and Cookiebot for privacy compliance. Hosting and domain registration are managed by reputable providers (GANDI and Cloudflare DNS). The site demonstrates moderate performance and good mobile optimization, with SEO and accessibility features at a basic to good level. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and no security policy or incident response contacts are published. No vulnerabilities or suspicious content were detected, indicating a generally secure posture suitable for its educational purpose. Overall, 42 Angoulême presents a trustworthy and professional online presence for a small educational institution. Strategic improvements in security headers, publishing security policies, and providing clear contact information would enhance trust and compliance further.

H

Hive Helsinki

hive.fi

56

Hive Helsinki operates as a tuition-free coding school based in Finland, focusing on project-based and peer learning methodologies to equip individuals with coding skills for future-proof careers. The institution targets learners with no prior experience, emphasizing accessibility and practical skill development. The website reflects a well-structured, professionally designed platform with clear branding and consistent messaging aligned with its educational mission. Technically, the site is built on WordPress, leveraging modern SEO tools like Yoast SEO, and integrates analytics and consent management via Google Analytics, Google Tag Manager, and Cookiebot, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not publicly available. Overall, the domain registration data aligns with the website's claims, supporting legitimacy and trustworthiness. Strategic recommendations include publishing detailed security and incident response policies and enhancing transparency around data protection roles.

4

42 The Network

42network.org

51

42 The Network operates as the largest global tuition-free IT school network, founded in 2013 in Paris, France. It offers innovative, peer-to-peer, project-based learning across 50+ campuses in over 30 countries, targeting students and educational partners worldwide. The business model is non-profit, focusing on accessible education without traditional classes or teachers. The website reflects a strong market position with consistent branding and a professional digital presence. Technically, the website is built on WordPress using Elementor and Yoast SEO, leveraging modern web technologies and Google Analytics for performance and user insights. The site is mobile-optimized and accessible, with good SEO practices. However, some security headers are missing, and explicit privacy and cookie policies are not detected, indicating room for compliance improvement. Security posture is solid with HTTPS enabled and no exposed sensitive data, but the absence of security headers and vulnerability disclosure mechanisms suggests moderate maturity. WHOIS data is unavailable, likely due to privacy protection, which is justified for a non-profit educational entity but limits domain trust verification. Overall, the website is professional, trustworthy, and content-rich, serving its educational mission effectively. Strategic improvements in privacy compliance, security headers, and transparency would enhance trust and regulatory adherence.

Jižní Čechy is a regional tourism website dedicated to promoting the South Bohemia region of the Czech Republic. The site offers comprehensive information about local destinations, events, and activities such as cycling, hiking, and cultural festivals. It targets tourists and visitors interested in exploring the natural and cultural heritage of South Bohemia. The business model focuses on providing informational content and promoting regional tourism attractions. Technically, the website employs modern web technologies including Bootstrap for responsive design, Google Fonts, and various analytics and marketing tools such as Google Tag Manager, Google Analytics, Facebook Pixel, and Sentry for error tracking. The site is mobile optimized and features a cookie consent mechanism, indicating some level of privacy compliance. However, explicit privacy and terms of service pages are not found. From a security perspective, the site uses HTTPS and includes no visible sensitive data exposure. However, no security headers were detected in the HTML source, which is a potential area for improvement. The lack of WHOIS data and registrant information reduces the domain trustworthiness, although the website content and technical setup appear professional and legitimate for a tourism portal. Overall, the site presents a moderate risk profile with good content quality and technical implementation but with gaps in privacy compliance and domain registration transparency. Strategic recommendations include adding explicit privacy and terms pages, implementing security headers, and improving contact information visibility to enhance trust and compliance.

B

Birne by Direct

birne.com

68

Birne by Direct operates a flexible car leasing and rental service primarily targeting customers in the Czech Republic. The business model emphasizes ease of use with clear monthly fees, no mileage limits, and flexible return options. The website is built on the Shopify platform, leveraging modern web technologies and integrates multiple analytics and marketing tools such as Google Analytics, Hotjar, HubSpot, and Visual Website Optimizer. The site demonstrates good digital maturity with cookie consent mechanisms and GDPR compliance evident through a comprehensive privacy policy in Czech. Security posture is solid with HTTPS enforced and no obvious vulnerabilities, although explicit security headers could be improved. Overall, the site is professional, trustworthy, and well-optimized for its target market.

U

UNAR

unar-prohotel.cz

46

UNAR is a Czech company specializing in manufacturing hotel furniture, including mattresses, beds, folding sofas, and accessories, with a tradition dating back to 1991. The company targets hotels, pensions, and spa houses primarily in the Czech Republic and possibly neighboring regions. Their market position is that of an established medium-sized manufacturer with over 300 completed projects, emphasizing quality and custom solutions. Technically, the website employs modern web technologies such as jQuery, Foundation framework, Owl Carousel, and integrates Google Analytics and Tag Manager for tracking, alongside reCAPTCHA for form security. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, though it lacks some security headers and a security.txt file. Privacy compliance is well addressed with a cookie consent banner and a privacy policy in Czech, indicating GDPR awareness. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which should be verified to ensure trustworthiness. Overall, the website is professional and trustworthy from a content and technical perspective but would benefit from improved transparency in domain registration and enhanced security headers.

J

Judapest

judapest.store

65

Judapest Store is a small e-commerce retailer specializing in Jewish gifts, Judaica, and cultural products based in Budapest, Hungary. The website is built on the Shopify platform using the Canopy theme, offering a professional and user-friendly shopping experience with multilingual support. The business targets Jewish communities, tourists, and gift buyers interested in Jewish heritage. The store also offers Jewish Budapest walking tours, enhancing its cultural engagement. Technically, the site leverages modern e-commerce technologies and integrates multiple analytics and marketing tools, including Google Analytics and Facebook Pixel. Security is adequate with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is addressed with a cookie consent banner and a privacy policy, but no terms of service or vulnerability disclosure pages are found. Overall, the site is trustworthy and professionally maintained, with room for security enhancements and expanded compliance documentation.

P

Promaledobrodruhy.cz

promaledobrodruhy.cz

63

Promaledobrodruhy.cz is a specialized Czech retailer focused on providing high-quality outdoor clothing and equipment primarily for children and families. The business operates both an e-commerce platform and a physical store located in Prague, offering a wide range of products including exclusive brands like WeeDo. Their services extend to a loyalty program, a second-hand bazaar for used outdoor gear, and a blog providing advice and community engagement. The company targets families with children who enjoy outdoor activities, positioning itself as a trusted specialist in this niche market. Technically, the website employs a custom CMS with modern JavaScript libraries, integrates multiple analytics and marketing tools, and maintains good mobile responsiveness and SEO practices. Security-wise, the site uses HTTPS and error monitoring but lacks explicit security policies and vulnerability disclosure mechanisms. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though WHOIS data is unavailable, which slightly impacts domain trust assessment.

Y

Yellow Point, spol s r. o.

yellow-point.cz

32

Yellow Point, spol s r. o. is a Czech Republic-based sport and educational agency established in 1999, specializing in adrenaline experiences, sports skill development, and corporate event organization across the Czech Republic. The company offers a variety of services including ski schools, sport activities, corporate teambuilding events, and gift certificates, targeting a broad audience interested in active and educational leisure. The website is professionally designed, multilingual, and provides clear contact information and partner affiliations, indicating a solid market presence. Technically, the site uses modern JavaScript libraries, tracking tools, and implements cookie consent mechanisms, reflecting a moderate to good digital maturity. Security posture is adequate but could be improved by adding security headers and enhancing form protections. The absence of WHOIS data is a notable concern for domain transparency but does not detract significantly from the business credibility based on website content. Overall, Yellow Point presents as a trustworthy and professional service provider in the hospitality and sports education sector.

H

Hotel u Kabinky | Ubytování ve 4** hotelu v lázeňském středisku v Krkonoších

hoteljanskelazne.cz

43

Hotel U Kabinky is a small hospitality business located in the heart of the Krkonoše mountains in Janské Lázně, Czech Republic. It offers 4-star accommodation directly adjacent to a cable car station and spa colonnade, targeting tourists, families, and sports enthusiasts. The hotel provides rooms, apartments, and depandances, complemented by an on-site restaurant and a sports shop. Additionally, it operates a ski school and related sports services, enhancing its value proposition in the winter sports market. The website is professionally designed, multilingual, and optimized for SEO and mobile devices, reflecting a mature digital presence. Security posture is strong with HTTPS and security headers implemented, though no explicit security or incident response policies are published. The absence of WHOIS registration data is a notable gap that impacts trust but does not detract from the overall professional presentation. Privacy and cookie policies are present and GDPR compliant. Overall, the site demonstrates a solid business and technical foundation with room for improvement in transparency and security documentation.

L

Lesy České republiky, s. p.

lesycr.cz

66

Lesy České republiky, s. p. is a large state-owned forestry enterprise in the Czech Republic managing over 1.2 million hectares of state forest land and extensive watercourses. The organization provides forest management, wood sales, hunting lease management, and public education services. It operates under the Ministry of Agriculture and maintains a strong market position as a key government entity in forestry. The website reflects a mature digital presence with multilingual support, comprehensive content, and active social media engagement. Technically, the site is built on WordPress with modern SEO and analytics tools, hosted on Microsoft Azure DNS infrastructure. Security posture is solid with HTTPS, cookie consent compliance, and monitoring tools, though some security headers could be improved. Privacy compliance is robust, with clear GDPR policies and cookie management. Overall, the site demonstrates high professionalism, trustworthiness, and transparency.

Z

ZOO Dvůr Králové a. s.

safaripark.cz

48

Safari Park Dvůr Králové is a well-established zoological park in the Czech Republic specializing in African wildlife conservation and visitor engagement. The website provides comprehensive information about animal exhibits, visitor planning, educational programs, and conservation projects. It also offers accommodation services and an online shop, indicating a diversified business model focused on tourism and conservation funding. The site targets families, tourists, and educational groups, positioning itself as a key regional attraction with reputable partnerships. Technically, the website uses a modern tech stack including jQuery, Google Analytics, Facebook SDK, and a custom CMS (Toolkit). The site is mobile-optimized with good navigation and content quality. However, some technical improvements are possible, especially in security headers and performance optimization. From a security perspective, the site uses HTTPS and has a cookie consent mechanism, indicating GDPR awareness. However, it lacks explicit privacy policies, security headers, and incident response contacts, which are areas for improvement. No WAF or blocking mechanisms were detected, and the WHOIS data is consistent and trustworthy. Overall, the website is professional and trustworthy with moderate security posture and privacy compliance. Strategic improvements in security policies and transparency would enhance its risk profile and user trust.

S

Safari Park Resort

safariparkresort.cz

44

Safari Park Resort is a hospitality business located in Dvůr Králové nad Labem, Czech Republic, offering hotel accommodation, safari camping, dining, and experiential programs. The website presents a professional and consistent brand image targeting tourists interested in safari and zoo experiences. The business is small-sized, founded in 2015, and maintains a good market position regionally with partnerships for booking and certification. Technically, the website uses modern JavaScript libraries, analytics tools, and a cookie consent mechanism, but lacks explicit privacy and terms of service pages. Security posture is moderate with HTTPS implied but missing explicit security headers and policies. Contact information is clearly provided with multiple phone numbers and emails, enhancing business credibility.

O

Orange house s.r.o.

orangehouse.cz

45

Orange house s.r.o. is a Czech Republic based IT company specializing in comprehensive business communication solutions including CRM systems, CMS web platforms, and B2B commerce solutions. Founded in 2012 as a subsidiary of Xantipa Agency s.r.o., the company offers tailored software products and services such as technical support, training, and document management audits. Their market position is that of a small but established technology provider focused on enhancing business management and communication efficiency. Technically, the website employs a mix of legacy and modern JavaScript libraries, Google Analytics for tracking, and a proprietary CMS. However, some components like jQuery 1.9.1 and the Mapy.cz SDK are outdated, which may pose security risks. The site is moderately optimized for performance and mobile use but lacks advanced accessibility and SEO features. Security posture is adequate with HTTPS usage but lacks security headers and uses deprecated libraries. Privacy compliance is weak due to absence of privacy and cookie policies. Business credibility is strong with clear company information and contact details. Overall, the website is professional and trustworthy but would benefit from technical and compliance improvements.

M

Mercedes-Benz Financial Services Česká republika s.r.o.

operativni-leasing-mercedes.cz

55

The website www.operativni-leasing-mercedes.cz serves as an official platform for Mercedes-Benz Financial Services Česká republika s.r.o., offering operational leasing services for Mercedes-Benz vehicles in the Czech Republic. The site targets businesses and individuals interested in leasing various Mercedes-Benz models, providing a configurator tool and detailed vehicle information. The business is positioned as a key player in automotive financial services within its regional market, leveraging the strong Mercedes-Benz brand. Technically, the website employs modern JavaScript modules, Google Analytics, and Google Tag Manager for tracking, and is built with a focus on responsive design and user experience. The site loads moderately fast and is mobile-optimized, though some SEO and accessibility features could be enhanced. The absence of a detected CMS suggests a custom or proprietary platform. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. The missing WHOIS data is a concern for domain legitimacy but does not directly impact the website's operational security posture. Overall, the website presents a professional and trustworthy front for Mercedes-Benz leasing services, with room for improvement in security transparency and contact information availability. The risk level is moderate, primarily due to the lack of WHOIS data and some security best practices not fully implemented.

M

Místní akční skupina Krkonoše, z. s.

maskrkonose.cz

51

Místní akční skupina Krkonoše, z. s. is a Czech non-profit organization dedicated to the sustainable development of the Krkonoše rural region. The organization supports local municipalities, non-profits, and entrepreneurs by facilitating project funding, promoting local craftsmanship, and certifying authentic regional products under the brand 'Krkonoše Originální Produkt'. Their approach leverages the LEADER method to foster community-driven growth and improve quality of life in the region. The website reflects a well-structured, content-rich platform with clear navigation and up-to-date news, targeting local stakeholders and residents. Technically, the website uses the Estofan CMS platform with JavaScript libraries including jQuery and Nivo Slider for UI elements. Google Analytics and Google Tag Manager are employed for visitor tracking, with a cookie consent mechanism that denies tracking by default, indicating a basic level of privacy compliance. The site is mobile-optimized and presents a professional design, although accessibility features are basic. Performance is moderate with room for improvement. From a security perspective, the site lacks visible HTTP security headers and detailed security or incident response policies. SSL/TLS configuration details are not provided, and WHOIS data is unavailable, which reduces transparency. However, no critical vulnerabilities or suspicious content were detected. The organization’s non-profit nature justifies privacy protection in domain registration. Overall, the security posture is moderate but could be enhanced by implementing standard security headers and publishing comprehensive privacy and security policies. The overall risk assessment is low to moderate, with recommendations focusing on improving security headers, enhancing privacy disclosures, and increasing transparency in domain registration. The website is trustworthy and professional, serving its community development mission effectively.

The website www.janskelazne.cz serves as an official tourism and accommodation information portal for Janské Lázně and the SkiResort Černá hora-PEC, the largest ski resort in the Czech Republic. It offers online booking services with promotional discounts on ski passes and leisure activities, targeting tourists and visitors interested in winter sports and summer leisure in the Krkonoše region. The site demonstrates a consistent brand presence and provides clear contact information, reinforcing its role as a local tourism information center with over two decades of experience. Technically, the website employs a traditional web stack including jQuery, jQuery UI, Google Analytics, Google Tag Manager, and Google Maps API, indicating moderate digital maturity. The site is mobile-optimized with good navigation and content relevance, although some accessibility features could be improved. Performance is moderate, with external dependencies on trusted providers for fonts and analytics. From a security perspective, the site uses HTTPS and standard tracking scripts but lacks explicit security headers and privacy/cookie policies, which are critical for GDPR compliance and user trust. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency, which should be addressed to enhance trustworthiness. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, improved security practices, and verification of domain registration details to strengthen its security posture and business credibility.

S

Státní léčebné lázně Janské Lázně

restauraceterra.cz

62

Státní léčebné lázně Janské Lázně operates Restaurace Terra, a restaurant offering a high-quality culinary experience emphasizing local and seasonal ingredients in the Czech spa town of Janské Lázně. The website presents a professional and consistent brand image, targeting visitors seeking traditional and regional gastronomy within a relaxing mountain environment. Technically, the site is built on WordPress with Elementor, integrating modern web technologies and analytics tools such as Google Analytics and Facebook Pixel. Security posture is good with HTTPS and security headers, though no explicit security or incident response policies are published. Privacy compliance is well addressed with cookie consent and privacy policies in Czech language. However, the WHOIS data for the domain www.janskelazne.com is missing, which raises concerns about domain registration legitimacy. Overall, the site is trustworthy and professionally maintained but would benefit from clarifying domain registration and publishing security policies.

Neon One is a technology company specializing in providing integrated software solutions for nonprofit organizations. Their platform combines donor management, fundraising, memberships, events, and ticketing into a unified system, positioning them as a key player in the nonprofit software market. Founded in 2016, the company targets nonprofit organizations seeking streamlined management tools to enhance donor engagement and event coordination. The website reflects a professional and consistent brand image, supported by structured data and social media presence on Facebook and LinkedIn. Technically, the website is built on WordPress CMS and leverages a modern technology stack including jQuery, Google Tag Manager, Google Analytics, Pardot marketing automation, AdRoll retargeting, and Visual Website Optimizer for A/B testing. Hosting and DNS services are provided by GoDaddy and Cloudflare respectively. The site demonstrates good SEO optimization and mobile responsiveness, though accessibility features are basic. Performance is moderate, with room for improvement in loading speed and security header implementation. From a security perspective, the site uses HTTPS with a valid SSL configuration and domain registration protections such as clientDeleteProhibited status. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data. There is no published privacy policy or terms of service found in the analyzed content, though a cookie consent mechanism is implemented via CookieYes, indicating some level of privacy compliance. No incident response or vulnerability disclosure policies are published, which could be improved to enhance trust and compliance. Overall, Neon One's website presents a trustworthy and professional front for their nonprofit software services, with a solid technical foundation and marketing integration. To further strengthen their security posture and compliance, it is recommended to publish comprehensive privacy and security policies, enable DNSSEC, and implement security headers. Enhancing accessibility and providing clear contact information would also improve user trust and engagement.

P

Presseli Ltd

maxmegamenu.com

54

Max Mega Menu is a WordPress plugin provider specializing in mega menu solutions for websites. The company, Presseli Ltd, based in the UK, offers both free and premium versions of their plugin, targeting WordPress site owners and developers seeking enhanced navigation features. The website is well-structured, professionally designed, and provides extensive documentation and support resources, positioning itself as a reputable player in the WordPress plugin market with over 400,000 active installs and strong user reviews. Technically, the site is built on WordPress with common plugins such as Easy Digital Downloads and Contact Form 7, integrating Paddle for payment processing and Google Analytics for visitor tracking. The site is mobile-optimized, accessible, and uses HTTPS with anonymized IP tracking, reflecting a mature digital infrastructure. However, some security best practices like explicit security headers and incident response disclosures are absent. From a security perspective, the site demonstrates good baseline protections including HTTPS and no visible sensitive data exposure. The lack of WHOIS data reduces transparency and slightly impacts trust, but the professional content and business information mitigate concerns. Privacy compliance is well addressed with a comprehensive privacy policy and cookie disclosures, though cookie consent mechanisms could be enhanced. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would further strengthen trust and compliance.

N

Non Gamstop Casinos - OXON AA

oxonaa.org.uk

53

The website oxonaa.org.uk operates as an affiliate and informational platform specializing in non Gamstop casinos targeted at UK players seeking alternatives to UKGC-regulated gambling sites. It provides curated casino reviews, bonus information, and payment guidance, positioning itself as a niche player in the UK gambling affiliate market. The site leverages WordPress CMS with modern SEO and performance optimizations, including WP Rocket and Google Analytics integration. Security posture is adequate with HTTPS enforced but lacks visible security headers and formal privacy or cookie policies, representing compliance gaps. The WHOIS data presents an anomaly with a future domain creation date, which raises questions about registration data accuracy but does not directly undermine the site's apparent legitimacy. Overall, the site is professional and functional but should improve privacy compliance and security transparency to enhance trust and regulatory adherence.