Security Directory

C

Centrum pro regionální rozvoj České republiky

crr.cz

62

Centrum pro regionální rozvoj České republiky is a well-established government agency under the Ministry of Regional Development, focused on administering European Union and national funds to improve life in Czech regions. With nearly 30 years of experience, it plays a critical role in regional development, supporting projects ranging from infrastructure to community services. The website reflects a professional and comprehensive digital presence, offering detailed information, consultation services, and event calendars tailored to its public sector audience. Technically, the site is built on WordPress with modern plugins and technologies such as Google Analytics and Tag Manager, ensuring good SEO, accessibility, and mobile responsiveness. Security practices include HTTPS enforcement and cookie consent mechanisms, though some security headers could be enhanced. The absence of WHOIS data is typical for Czech government domains and does not detract from the site's legitimacy. Overall, the security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear GDPR policies and cookie management. The site maintains high trustworthiness through official branding, verified contact information, and transparent communication channels. Strategically, the agency should continue to enhance security headers, publish incident response policies, and maintain up-to-date software to mitigate risks. The digital maturity and business credibility position the agency as a reliable and authoritative source for regional development information and services.

A

Agentura ochrany přírody a krajiny ČR

ochranaprirody.cz

63

Agentura ochrany přírody a krajiny ČR (AOPK ČR) is the official Czech government agency responsible for the protection and management of nature and landscape across the Czech Republic. The agency manages 25 protected landscape areas, national nature reserves, and monuments. The website serves as an information portal for the public, providing resources on nature conservation, regional offices, and related government institutions. The site targets general public, environmental professionals, and government stakeholders. The business model is that of a government agency providing public services in environmental protection.

S

Státní fond životního prostředí ČR

novazelenausporam.cz

62

The website novazelenausporam.cz represents a government-backed energy subsidy program administered by the State Environmental Fund of the Czech Republic. It provides comprehensive information and services related to financial support for energy-efficient housing improvements, targeting homeowners and professionals in the construction and energy sectors. The site is well-established, with a domain age consistent with the program's history since 2012, and it maintains a strong market position as a key governmental initiative promoting sustainable living. Technically, the website is built on WordPress with modern plugins and libraries such as Kadence Blocks and Quill.js, and integrates Google Analytics and Google Ads for tracking and marketing. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Hosting and domain registration are consistent and trustworthy, with no signs of privacy protection misuse or suspicious activity. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit advanced security headers and a public vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with accessible and comprehensive privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a low risk profile with high trustworthiness and professionalism. Strategic recommendations include enhancing security headers, publishing a security.txt file, and improving accessibility features to further strengthen compliance and user trust.

V

www.Veverušák.cz

veverusak.cz

57

The website www.veverusak.cz is a Czech-language content portal primarily targeting children and young people, offering competitions, events, articles, book tips, advice, and games. It positions itself as a niche community and informational site with a focus on family-friendly content. The site is well-structured with clear navigation and consistent branding, catering to a small audience segment within the Czech Republic. Technically, the site uses modern web technologies including HTTPS, Google Analytics, Google Tag Manager, and jQuery, providing a moderate level of performance and mobile optimization. However, no CMS or hosting provider information is discernible from the data. Security-wise, the site enforces HTTPS and includes a cookie consent mechanism, but lacks important security headers and explicit security policies or incident response contacts, which could be improved to enhance trust and compliance. The WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but does not indicate malicious intent. Overall, the site is safe, professional, and suitable for its target audience, with room for security and compliance enhancements.

N

Nakladatelství Kodudek

kodudek.cz

51

Nakladatelství Kodudek is a small Czech publishing house specializing in cultural, historical, and literary works, including archaeological studies and classic literature such as Hans Christian Andersen's stories. The website reflects a niche cultural publisher with a focused audience interested in Czech heritage and academic publications. The business model centers on book publishing and cultural collaborations, supported by social media presence on Twitter and Facebook. Technically, the website uses standard web technologies including jQuery and Google Analytics, with moderate performance and basic mobile optimization. Security posture is average, with HTTPS implied but lacking explicit security headers and no visible privacy or cookie policies, which impacts compliance and trust. The absence of WHOIS data reduces domain trustworthiness, though the website content and social media presence support legitimacy. Overall, the site is professional and content-rich but would benefit from improved privacy compliance and security hardening.

N

Národní pedagogické muzeum a knihovna J. A. Komenského

npmk.cz

57

Národní pedagogické muzeum a knihovna J. A. Komenského operates as a national educational and cultural institution in the Czech Republic, focusing on pedagogy, educational history, and cultural heritage. The institution provides museum exhibitions, library services, educational programs, and research opportunities, targeting educators, students, researchers, and the general public interested in Czech educational traditions. The website reflects a government-affiliated entity with strong trust signals including affiliations with the Ministry of Education and UNESCO patronage. Technically, the website is built on Drupal 9 CMS, utilizing modern web technologies such as Google Analytics for tracking and Weglot for multilingual support. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Security posture is solid with HTTPS enforced and standard security headers present, but lacks publicly visible security policies or vulnerability disclosure mechanisms. Overall, the website is professional, content-rich, and trustworthy, though the absence of WHOIS data limits domain registration transparency. The missing WHOIS information is likely due to registry policies rather than malicious intent. Privacy and cookie policies are present and indicate GDPR compliance. No critical security issues or adult content were detected, making the site safe for general audiences.

G

GEOFUN, s.r.o.

geofun.cz

57

GEOFUN, s.r.o. operates a Czech-language platform offering mobile geolocation games designed for educational and recreational purposes. The website targets a broad audience including children, families, and educational institutions, providing games that encourage outdoor exploration and learning. The company maintains a moderate market presence with active user engagement and social media integration. Technically, the website employs a modern tech stack including jQuery, Leaflet.js for mapping, and video playback technologies, supporting both web and mobile platforms. While the site is well-designed and content-rich, it lacks some advanced accessibility features and comprehensive cookie consent mechanisms. Security-wise, the site uses HTTPS and anonymizes IPs in analytics but lacks visible security headers and formal vulnerability disclosure policies. The absence of WHOIS data limits domain trust assessment, though the business information and content quality suggest a legitimate operation. Overall, the site is professional and trustworthy but could improve in privacy compliance and security transparency.

M

Městský úřad Zábřeh

zabreh.cz

48

The website zabreh.cz serves as the official online presence of the municipal government of Zábřeh, Czech Republic. It provides residents and visitors with comprehensive information about the town, including news updates, event calendars, official notices, and contact details for municipal offices. The site targets local citizens and stakeholders seeking administrative and community information. The business model is that of a government entity focused on public service delivery and community engagement. Technically, the site is built on the vismoWeb5 CMS platform and employs modern web technologies such as HTML5, CSS3, JavaScript, and integrates Google services including Analytics and reCAPTCHA. The site demonstrates good mobile optimization, accessibility features, and SEO practices, ensuring a positive user experience across devices. From a security perspective, the site uses HTTPS with a good SSL configuration and includes security best practices such as Google reCAPTCHA on forms and cookie consent mechanisms compliant with GDPR. However, explicit security headers like Content-Security-Policy are not evident, and no formal security or incident response policies are published. No vulnerabilities or suspicious content were detected. Overall, zabreh.cz is a trustworthy and professionally maintained municipal website with strong content quality and technical implementation. Strategic improvements could include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.

M

Městský úřad Znojmo

znojmocity.cz

41

The website www.znojmocity.cz serves as the official digital presence of the city of Znojmo, Czech Republic. It provides comprehensive information about the city administration, cultural events, tourism, social services, and electronic services for residents and visitors. The site targets local citizens, tourists, and specific groups such as Ukrainian citizens, offering multilingual support in Czech, English, and German. The business model is that of a government entity providing public services and information dissemination. Technically, the website is built on a custom CMS platform (vismo®) with standard web technologies including HTML5, CSS3, and JavaScript. It integrates Google Analytics for visitor tracking with privacy-conscious default settings and includes Google Translate for multilingual support. The site is mobile-optimized and accessible, with a clear navigation structure and consistent branding. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks visible advanced security headers and does not publish a security.txt or explicit security policy. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data for the domain is a concern, reducing the ability to fully verify domain legitimacy, though the official nature of the content suggests authenticity. Overall, the website is a well-maintained government portal with good content quality and user experience. The main risks relate to incomplete WHOIS transparency and minor gaps in security header implementation. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and improving incident response contact visibility to strengthen trust and compliance.

The website volnamistatrebic.cz serves as a regional job portal dedicated to the Třebíč area in the Czech Republic. Operated by the city of Třebíč, it provides a free platform for employers to post job offers and for job seekers to find employment opportunities, including part-time and student jobs. The site is supported by local partners such as the regional chamber of commerce and technical schools, enhancing its credibility and regional focus. The business model is community-oriented, aiming to address local labor market shortages by facilitating connections between employers and candidates. Technically, the website employs a traditional web stack with jQuery, jQuery UI, and various JavaScript plugins for UI enhancements and infinite scrolling. It integrates Google Analytics and retargeting services for marketing and user behavior analysis. Cookie consent management is implemented via CookieScript, indicating attention to privacy compliance. The site appears mobile-optimized with responsive design elements and basic accessibility features, though it uses somewhat outdated JavaScript libraries which may pose security risks. From a security perspective, the site uses HTTPS and has implemented cookie consent mechanisms, but lacks visible security headers in the provided data and uses an older jQuery version, which could expose it to vulnerabilities. The absence of WHOIS data for the domain is a concern, reducing trustworthiness from a domain registration standpoint. However, the presence of official city contact information and partnerships supports legitimacy. No critical security issues or adult content were detected. Overall, the site is a functional, regionally focused employment portal with good content quality and privacy compliance but would benefit from technical and security improvements, including updating libraries, adding security headers, and clarifying domain registration details.

M

Město Poděbrady, Městský úřad Poděbrady

mesto-podebrady.cz

46

Město Poděbrady operates an official municipal website serving residents and visitors with comprehensive information about city services, events, and public notices. The site is positioned as the authoritative source for local government communications and citizen engagement. The business model is a government service portal focused on transparency and accessibility. Technically, the website uses the vismo CMS platform, hosted by a Czech registrar, and integrates Google Analytics with a GDPR-compliant consent mechanism. The site is mobile-optimized and provides multilingual support via Google Translate. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers and explicit security policies are absent. Overall, the site is trustworthy and professionally maintained, with no suspicious or adult content detected.

M

Město Česká Třebová

ceska-trebova.cz

50

The website www.ceska-trebova.cz serves as the official digital presence of the town Česká Třebová in the Czech Republic. It provides residents and visitors with comprehensive municipal information including news, event calendars, public documents, and contact avenues. The site is well-structured, featuring clear navigation and a consistent branding aligned with municipal identity. It targets local citizens, businesses, and tourists seeking information about the town's services and cultural activities. Technically, the site employs a modern tech stack including HTML5, CSS3, JavaScript, and integrates Google services such as Analytics, Tag Manager, reCAPTCHA, and Translate. It is built on the Vismo CMS platform, optimized for mobile devices, and includes accessibility features. Performance is moderate with good SEO practices. From a security perspective, the site enforces HTTPS, implements standard security headers, and uses reCAPTCHA to protect forms. Privacy and cookie policies are present and GDPR compliant. However, there is no explicit security policy or incident response contact information published, and no vulnerability disclosure mechanism is evident. WHOIS data is unavailable, which slightly impacts trust assessment but does not detract from the site's official nature. Overall, the website is a reliable and professional municipal portal with good content quality and security posture. Strategic improvements include publishing security policies, incident response contacts, and vulnerability disclosure information to enhance transparency and trust.

I

INET-SERVIS.CZ, s.r.o.

dobraprace.cz

54

Dobrá práce.cz is a Czech job portal operated by INET-SERVIS.CZ, s.r.o., providing a comprehensive platform for job seekers and employers. The site offers job listings categorized by region and industry, CV submission services, email job alerts, and employer advertising options. It targets primarily the Czech job market with some international listings. Technically, the site uses modern web technologies including Bootstrap, jQuery UI, Google Analytics, and Microsoft Clarity, with a cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS and secure cookie flags, though some security headers could be improved. The absence of WHOIS data due to privacy protection slightly impacts trust but is common for this business type. Overall, the site is professional, user-friendly, and trustworthy for its audience.

I

INTERMAPS AG & GmbH

intermaps.com

64

INTERMAPS AG & GmbH is a well-established media and technology company specializing in digital mapping and app development for the tourism and travel industries, particularly focusing on ski resorts and cable car operators. With a domain age dating back to 1997 and over 200 clients across 15 countries, the company holds a strong market position in its niche. Their product portfolio includes dynamic skimaps, mobile and desktop apps, data management solutions, and analytics tools tailored for the tourism sector. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and various plugins for enhanced user experience and interactivity. Google Analytics and Google Tag Manager are used for tracking, indicating a moderate level of user data collection. The site is mobile-optimized and well-structured, though some improvements in accessibility and SEO could be made. Hosting and domain registration are stable, with no privacy protection but lacking DNSSEC. From a security perspective, the site uses HTTPS but lacks visible security headers and a cookie consent mechanism, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response plan suggests room for maturity in security governance. GDPR compliance is partially indicated by the presence of a privacy policy, but cookie consent is missing. Overall, the website is professional, trustworthy, and business-focused with a good security posture but some compliance and security best practices gaps. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent, and publishing security policies to enhance trust and compliance.

O

Oxygen Builder

oxygenbuilder.com

60

Oxygen Builder is a technology company specializing in a powerful WordPress visual website builder aimed primarily at developers and designers seeking pixel-perfect control and performance. Founded in 2017, the company has established a solid market position within the WordPress ecosystem, offering a feature-rich product that integrates design flexibility, dynamic data, and reusable components. The website demonstrates excellent content quality, professional design, and strong SEO practices, supported by structured data and social proof from a sizable user base. Technically, the site is built on WordPress with modern JavaScript libraries and integrates multiple marketing and analytics tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and domain transfer protections, though some security headers and explicit policies could be improved. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Overall, Oxygen Builder presents a credible and professional online presence with room for enhanced transparency in privacy and security disclosures.

Č

Český plynárenský svaz

plynoveteplarny.cz

53

The website www.plynoveteplarny.cz serves as an informational platform promoting the use of natural gas for central heat supply, primarily targeting municipalities, heating plant owners, and energy professionals in the Czech Republic. It is supported by the Czech Gas Association (Český plynárenský svaz) and features partnerships with major energy companies. The site provides guidance on transitioning heating plants to natural gas, emphasizing ecological benefits, economic advantages, and energy security. The content is professionally presented in Czech and includes partner logos and contact information, enhancing credibility. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, jQuery, and Google Analytics for tracking. It employs Typekit fonts for typography and appears mobile-optimized with good navigation clarity. However, no CMS or hosting provider details are evident. Performance is moderate, and accessibility is basic. The site lacks visible security headers and formal privacy or cookie policies, which are compliance gaps. From a security perspective, the site uses HTTPS and does not expose sensitive data or forms collecting personal information, reducing immediate risk. However, the absence of security headers and incident response information limits its security posture. WHOIS data is unavailable, which reduces domain trustworthiness, but the presence of official contact info and partner links supports legitimacy. Overall, the site is safe, professional, and focused on energy sector information without any adult or questionable content. Strategically, the site would benefit from adding comprehensive privacy and cookie policies with consent mechanisms, implementing security headers, and publishing incident response and vulnerability disclosure information to improve compliance and trust. Regular WHOIS data availability and domain registration transparency would also enhance legitimacy.

S

Svaz průmyslu a dopravy České republiky

spcr.cz

66

Svaz průmyslu a dopravy České republiky (SP ČR) is a leading non-governmental, non-political organization representing employers and entrepreneurs in the Czech Republic. It is the largest employer association representing a significant portion of Czech industry and transport sectors. The website demonstrates a mature digital presence built on Drupal 10, featuring modern web technologies and comprehensive content including news, events, and partner information. The organization maintains strong partnerships with major Czech companies and European business networks, reinforcing its market position. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with detailed cookie policies and GDPR-aligned consent. Overall, the site reflects a professional, trustworthy, and well-managed digital asset supporting the organization's mission.

C

COGEN Czech

cogen.cz

55

COGEN Czech is a professional association based in the Czech Republic that connects experts and companies in the cogeneration energy sector. The organization advocates for fair conditions in cogeneration, provides expertise, and creates a platform for collaboration and development within the industry. The website is built using Framer technology and incorporates common analytics and tracking tools such as Google Analytics and Facebook Pixel. The site is accessible without any WAF or security challenges, indicating good availability. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and ownership details. Security posture is moderate with no visible security headers and unknown SSL configuration. Privacy and cookie policies are not present, which impacts compliance and user trust. Overall, the site presents a professional image consistent with a small niche professional association but would benefit from enhanced security and compliance measures.

E

Eurogas

eurogas.org

75

Eurogas is a European industry association representing the gas wholesale, retail, and distribution sectors. The organization focuses on promoting gas as a sustainable energy source and advocates for its members' interests within the European energy market. The website reflects a professional and consistent brand presence, targeting industry stakeholders and policymakers. The business model centers on policy advocacy, market analysis, and industry representation. The site content is relevant and well-structured, supporting the organization's mission and services. Technically, the website is built on WordPress using the Divi theme, enhanced with plugins such as Gravity Forms and Cookiebot for consent management. It integrates Google Analytics for traffic analysis and employs modern web technologies including jQuery and slick carousel. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with room for improvement in loading speed and accessibility. From a security perspective, the site enforces HTTPS with excellent SSL configuration and implements a comprehensive cookie consent mechanism via Cookiebot. However, it lacks explicit HTTP security headers and does not publish security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data is privacy protected, which is typical for such organizations and does not raise immediate concerns. Overall, Eurogas's website presents a trustworthy and professional digital presence with solid privacy compliance and security posture. Strategic recommendations include enhancing security headers, publishing security and incident response policies, improving accessibility, and maintaining regular audits of third-party scripts to sustain security and compliance standards.

E

E.ON

eon.cz

73

E.ON Czech Republic operates as a major energy supplier providing electricity and gas services primarily to households, businesses, and municipalities. The company emphasizes competitive pricing, renewable energy solutions, and digital customer engagement through its Energie24 app and online contract management. The website reflects a mature digital presence with comprehensive service offerings and customer support. Technically, the site leverages modern web technologies including Kentico CMS, jQuery, and integrates analytics and consent management tools, ensuring good performance, SEO, and privacy compliance. Security posture is strong with HTTPS enforcement and consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS data is a notable transparency gap but does not detract from the overall legitimacy indicated by the website content and branding.

F

FarOut Guides

faroutguides.com

55

FarOut Guides operates a specialized GPS navigation app focused on long-distance hiking, biking, and paddling trails. The company positions itself as a market leader with over 250 trail guides and official partnerships with major trail organizations. Their business model centers on app sales, subscriptions, and trail guide purchases, targeting outdoor enthusiasts and thru-hikers. The website is professionally designed with consistent branding and good content relevance, supporting a medium-sized technology business founded in 2021. Technically, the site runs on WordPress with a modern tech stack including Google Analytics, Tag Manager, and various plugins for SEO and UI enhancements. Hosting is provided by A2 Hosting, and the site is secured with HTTPS and domain registrar protections. However, the site lacks visible privacy, cookie, and terms of service policies, which impacts privacy compliance scores. Security posture is good but could be improved by enabling DNSSEC and adding security headers. Overall, the site is trustworthy and safe for general audiences.

K

KČT - Klub českých turistů

kct.cz

57

KČT - Klub českých turistů is a well-established Czech non-profit organization dedicated to promoting tourism and outdoor activities. With over 135 years of history, it serves approximately 30,000 members by marking hiking trails, organizing events, publishing maps and magazines, and operating tourist huts. The website reflects a mature digital presence built on WordPress with Elementor, featuring good design and navigation tailored to its audience. Technically, the site uses modern web technologies and integrates Google Analytics for visitor insights. Security posture is adequate with HTTPS enabled, but lacks explicit security headers and formal security policies. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

G

Generace i60 o. p. s.

vdovyvdovam.cz

49

The website www.vdovyvdovam.cz is a Czech non-profit platform operated by Generace i60 o. p. s., providing practical advice, emotional support, and resources for widows coping with the loss of their partners. It offers guidance on inheritance, finances, household management, and funeral arrangements, supplemented by personal stories from widows. The target audience is widows primarily in the Czech Republic. The site includes an e-book and free email consultation services, positioning itself as a niche support resource with a compassionate approach. Technically, the website employs a modern front-end stack including jQuery, Bootstrap, Swiper, and Owl Carousel for interactive UI elements. It integrates Google Tag Manager and Google Analytics for visitor tracking and performance monitoring. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. No CMS or hosting provider details were detected from the source. From a security perspective, the site uses HTTPS but lacks visible HTTP security headers such as CSP or HSTS. It implements a cookie consent banner compliant with GDPR principles, though no explicit privacy policy or terms of service pages were found. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS registration data is a concern for domain legitimacy and trustworthiness. Overall, the website is professionally designed and content-rich, serving its community well. However, it would benefit from publishing formal privacy and security policies, improving security headers, and clarifying domain registration details to enhance trust and compliance.

A

Asociace online vydavatelů

asociaceonlinevydavatelu.cz

50

Asociace online vydavatelů is a Czech association representing independent online media publishers, focusing on advocacy, lobbying, and protecting media freedom at national and EU levels. The website is professionally designed, mobile-optimized, and provides relevant content about the association's agenda, member media, and news updates. Technically, the site uses modern web technologies including Google Analytics and Tag Manager with a cookie consent mechanism, and is served over HTTPS with good security practices, though some security headers are missing. The absence of WHOIS data reduces transparency and trust slightly but does not detract significantly from the site's legitimacy given the professional content and active social media presence. Overall, the site presents a credible and trustworthy digital presence for the association.

Y

Yolk Studio

yolkstudio.com

59

Yolk Studio is a small, established digital agency founded in 2016, specializing in web and mobile application development, branding, marketing, and UX/UI design. The company targets a broad audience from startups to corporations and showcases a portfolio of diverse projects with detailed case studies. The website is professionally designed with excellent content quality, clear navigation, and good mobile optimization. Technically, the site uses modern JavaScript libraries and tracking tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight Tag, hosted on a Czech hosting provider. Security posture is good with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies and no explicit consent mechanisms. Overall, the site is trustworthy and professional but could improve privacy and security transparency.

Č

Česká unie sportu z.s.

lazadov.cz

52

Lyžařský areál Zadov is a regional ski and outdoor recreational area located in the Šumava region of the Czech Republic. The website provides information about ski lifts, bike rentals, accommodation options, webcams, and upcoming events. The business operates seasonally with a focus on winter sports and summer outdoor activities, targeting tourists and sports enthusiasts. The site is professionally designed with consistent branding and offers multilingual support (Czech and German). The parent organization is Česká unie sportu z.s., indicating a formal sports union affiliation. Technically, the website uses common JavaScript libraries such as jQuery, Flexslider, and Fancybox, along with Google Analytics and a cookie consent mechanism. The site is mobile-optimized and includes social media integration via Facebook, Twitter, and Instagram. However, no CMS or hosting provider details are explicitly identified. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks advanced security headers and a public vulnerability disclosure policy. WHOIS data is unavailable, which reduces transparency and trustworthiness. The expired certification shown on the site should be updated or removed to avoid confusion. Overall, the security posture is adequate but could be enhanced with additional best practices. The overall risk assessment is moderate. The site appears legitimate and serves a clear business purpose, but the lack of WHOIS transparency and some security best practices suggest areas for improvement. Strategic recommendations include implementing security headers, publishing a security.txt file, updating certifications, and enhancing privacy and accessibility compliance.

S

solidpixels.

solidpixels.com

57

solidpixels. is a technology company specializing in providing a fast and professional website builder platform designed to create websites comparable to global brands. With over 15 years of experience, the company serves thousands of businesses and tens of thousands of users, offering services including website creation, landing pages, e-commerce catalogs, and content hubs. The platform emphasizes ease of use, functional design, and integration capabilities, targeting businesses and professionals seeking efficient digital presence solutions. The website demonstrates a mature digital infrastructure with modern web technologies, responsive design, and comprehensive privacy and cookie policies, reflecting a high level of digital maturity. Security posture is strong with HTTPS enforcement, secure form handling, and monitoring tools like Sentry, although explicit security policies and incident response details are not publicly available. The absence of WHOIS registration data is a notable anomaly that slightly reduces domain trustworthiness but does not detract from the overall professional presentation and operational maturity of the business. Strategic recommendations include enhancing transparency around security policies, incident response, and vulnerability disclosure to further strengthen trust and compliance.

F

Finley Agency

finley.agency

55

Finley Agency is a Czech Republic based marketing agency specializing in comprehensive marketing services including brand creation, insight and planning, video production, public relations, event management, and graphic design. The agency has been operating for approximately 7 years with over 195 projects completed and offers 24/7 support. Their target audience includes personal brands, startups, SMEs, corporations, and government entities. The website is built on WordPress with modern JavaScript libraries such as jQuery and Swiper.js, and integrates Google Analytics and Tag Manager for tracking. Security posture is good with HTTPS enabled and use of reCAPTCHA, though some security headers are missing and no cookie consent mechanism is present. WHOIS data is unavailable due to TLD restrictions or privacy protection, which is common but reduces transparency. Overall, the website is professional, well-branded, and trustworthy with good content quality and technical implementation.

I

InnovaCare Plus

innovacareplus.cz

62

InnovaCare Plus is a private healthcare provider based in Prague, offering premium medical services with a focus on preventive care, specialized diagnostics, and corporate health programs. The company emphasizes personalized coordination, comfort, and efficiency, targeting individuals, families, and businesses seeking high-quality healthcare without waiting times. Their digital presence includes an e-commerce platform for online service purchases and a comprehensive website showcasing their offerings and benefits. Technically, the website is built on WordPress with WooCommerce and Elementor, leveraging modern web technologies such as Google Fonts, GSAP animations, and Slider Revolution for a polished user experience. The site is mobile-optimized, accessible, and SEO-friendly, with integrated Google Analytics for user behavior tracking. Cookie consent and GDPR compliance are well implemented, reflecting a mature approach to privacy. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, but lacks some advanced security headers which could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust verification, though the professional site content and contact information support legitimacy. Overall, InnovaCare Plus presents a strong digital and business profile with room for security enhancements and improved domain transparency. Strategic recommendations include adding security headers, publishing a security.txt file, and enhancing incident response visibility to further strengthen trust and compliance.

O

ORT-ART Ortopedická klinika Ostrava

ort-art.cz

46

Ort-Art Ortopedie Ostrava is a specialized orthopedic clinic based in the Czech Republic, operating since 2008 and part of the Innova Healthcare group. The clinic offers comprehensive orthopedic, surgical, anesthesiology, and rehabilitation services across multiple locations in the Moravskoslezský region. The website reflects a professional healthcare provider with a strong regional presence and a focus on patient care and modern medical techniques. Technically, the site is built on WordPress with modern JavaScript libraries and integrates analytics and marketing tools such as Google Analytics, Facebook Pixel, and Smartlook. Security measures include HTTPS, reCAPTCHA, and GDPR-compliant cookie consent management, though additional HTTP security headers could enhance protection. Overall, the site demonstrates good digital maturity and compliance with privacy regulations, supporting a trustworthy and professional online presence.

P

Poliklinika Hůrka

hurka-poliklinika.cz

44

Poliklinika Hůrka is a Czech healthcare provider operating since 2020, offering specialist medical services and an integrated pharmacy with electronic prescription capabilities. It is part of the Innova Healthcare group, which includes multiple specialized clinics and healthcare services. The website is professionally designed, targeting patients in the Prague region, and provides clear contact information and service descriptions. Technically, the site is built on WordPress with modern JavaScript libraries and tracking tools, ensuring good SEO and mobile optimization. Security posture is solid with HTTPS and reCAPTCHA integration, though some security headers could be improved. Privacy compliance is strong, with GDPR-aligned cookie and privacy policies and explicit consent mechanisms. Overall, the site reflects a trustworthy and professional healthcare business with a moderate to good digital maturity level.

I

Imunogen s.r.o.

imunogen.eu

44

Imunogen s.r.o. is a specialized healthcare provider operating as part of the Innova Healthcare group in the Czech Republic. The company offers a range of outpatient medical services including gynecology, allergology, immunology, gastroenterology, pediatric neurology, and pneumology. The website is professionally designed, well-structured, and targets patients seeking specialized medical care primarily in Prague and surrounding regions. The business is positioned as a medium-sized healthcare entity with a strong local presence and multiple partner clinics.

E

EuroGOOS AISBL

eurogoos.eu

57

EuroGOOS is a well-established European non-profit organization focused on operational oceanography, marine data, and supporting marine and maritime stakeholders through sustained ocean observations and services. The website reflects a mature digital presence with a clear focus on research, policy, and sustainability in the marine domain. The organization is positioned as a key European component of the global ocean observing system, serving a broad membership and regional systems. Technically, the website is built on WordPress with a modern tech stack including SEO and analytics tools, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers are missing and no vulnerability disclosure policy is found. Overall, the website is professional, trustworthy, and compliant with GDPR, supporting EuroGOOS's mission effectively.

E

EUMETSAT

eumetsat.int

70

EUMETSAT is a European intergovernmental organization dedicated to operational satellite meteorology, climate, and environmental monitoring. The website serves as a comprehensive portal for satellite data, scientific research, and user engagement, targeting governmental agencies, meteorological services, researchers, and the public. It maintains a strong market position as a leading European satellite agency with a focus on weather and climate data provision. Technically, the website is built on Drupal 10 with modern web technologies including jQuery, Bootstrap, and Swiper.js, hosted on Microsoft Azure DNS infrastructure. It demonstrates good digital maturity with mobile optimization, accessibility features, and SEO best practices. Analytics are implemented via Google Analytics and Tag Manager with privacy-conscious configurations. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and obfuscates emails to reduce spam. However, explicit security policies and incident response contacts are not publicly available, and some security headers could be more explicitly defined. The domain WHOIS data confirms legitimacy and long-term registration consistent with an established governmental entity. Overall, the website is professional, trustworthy, and well-maintained, with minor recommendations to enhance security transparency and header configurations.

Ε

Εθνική Μετεωρολογική Υπηρεσία

emy.gr

62

The website emy.gr is the official online presence of the Hellenic National Meteorological Service, providing comprehensive weather forecasts, climate data, and meteorological warnings for Greece. It serves as a critical public service platform targeting the general population, maritime and aviation sectors, and researchers. The site is well-branded and consistent with its government affiliation, offering extensive location-based weather information and forecasts. Technically, the site employs modern frameworks such as Nuxt.js and Vue.js, with mapping via Leaflet, and integrates Google Analytics and Tag Manager for user tracking. The SSL configuration is excellent, ensuring secure communications. However, the site lacks visible privacy and cookie policies, consent mechanisms, and explicit contact information, which are important for compliance and user trust. Security headers are not detected, indicating room for improvement in security hardening. Overall, the site is professional and trustworthy but could enhance privacy compliance and security posture.

V

Veðurstofa Íslands

vedur.is

57

Veðurstofa Íslands is the official Icelandic Meteorological Office providing authoritative weather forecasts, earthquake monitoring, avalanche warnings, and hydrological data for Iceland. It serves a broad audience including the general public, government agencies, and researchers. The website is well-branded, content-rich, and professionally maintained, reflecting its government agency status. Technically, the site uses the Eplica CMS platform with legacy jQuery and integrates analytics tools such as Google Analytics and Siteimprove. While the site is functional and informative, some technical modernization is recommended, especially updating JavaScript libraries and enhancing security headers. Security posture is moderate with HTTPS in use but lacks explicit security policies and incident response contacts. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms. Overall, the domain and WHOIS data confirm a trustworthy and long-established entity. Strategic improvements in security and technical modernization would enhance the site's resilience and user trust.

L

Latvijas Vides ģeoloģijas un meteoroloģijas centrs

lvgmc.lv

56

The Latvijas Vides ģeoloģijas un meteoroloģijas centrs (LVĢMC) operates as the official Latvian governmental center for environmental, geological, and meteorological services. It serves a broad audience including government agencies, researchers, and the general public by providing environmental monitoring, geological surveys, and meteorological data. The website reflects a professional governmental presence with consistent branding and relevant content tailored to its mission. Technically, the website employs a modern technology stack including Bootstrap, Mapbox GL JS, and Google Analytics, indicating a moderate level of digital maturity. The site is mobile-optimized and uses standard web frameworks, though some accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS and includes common analytics scripts but lacks visible advanced security headers and explicit security or privacy policies. No critical vulnerabilities or exposed sensitive data were detected. The absence of privacy and terms of service pages represents a compliance gap, especially under GDPR regulations. Overall, the website is trustworthy and professionally maintained, but improvements in privacy compliance and security transparency are recommended to enhance user trust and regulatory adherence.

D

Digital Media Technology Sp. z o.o.

imgw.pl

60

The website imgw.pl represents the official Institute of Meteorology and Water Management (IMGW-PIB) in Poland, a government entity providing meteorological and hydrological data and services. The domain is well-established since 1997 and uses a professional WordPress-based infrastructure with modern plugins and integrations such as Google Analytics and marketing tools. The site targets a broad audience including the general public, government agencies, and researchers, offering weather forecasts, warnings, and climate monitoring services. Technically, the site is well-structured, mobile-optimized, and uses HTTPS, but lacks some advanced security headers and explicit privacy and cookie policies. Security posture is moderate with room for improvement in headers and public security policies. Overall, the domain registration data aligns well with the website's government affiliation and country, supporting its legitimacy.

S

Slovenský hydrometeorologický ústav

shmu.sk

52

Slovenský hydrometeorologický ústav (SHMÚ) is the official Slovak government institute responsible for meteorological, hydrological, climatological, and air quality services. The website serves as a comprehensive portal providing real-time weather data, forecasts, warnings, and scientific information targeted at the general public, researchers, and environmental professionals. It holds a strong market position as the authoritative national source for weather and environmental data in Slovakia. Technically, the website uses modern JavaScript libraries such as jQuery and integrates Google Tag Manager and Facebook SDK for analytics and marketing, all implemented with user consent mechanisms. The site is well-structured, accessible, and optimized for performance and SEO, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and basic security headers present, though there is room for improvement in advanced security policies and incident response transparency. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR and cookie regulations.

Č

Česká zemědělská univerzita v Praze

agrobiologie.cz

52

Agrobiologie.cz is an official web portal serving the Faculty of Agrobiology, Food and Natural Resources at the Czech University of Life Sciences Prague. It functions primarily as a centralized hub linking to various faculty-related web projects, including the main faculty website, intranet, e-shops, academic senate, research centers, and social media channels. The site targets students, faculty, researchers, and visitors interested in agrobiology and related disciplines. The business model is informational and service-oriented within the educational sector, supporting the university's digital presence and outreach. Technically, the website is built on WordPress using the Divi theme, supplemented by plugins such as Events Manager and MailerLite for marketing and event functionalities. The site employs modern web technologies including jQuery and Google Analytics for tracking. Performance is moderate with good mobile optimization and basic accessibility features. SEO optimization is basic but present. From a security perspective, the site uses HTTPS with a good SSL configuration and employs nonce tokens for AJAX requests, indicating some security awareness. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Cookie consent mechanisms are implemented, supporting GDPR compliance to some extent, though no explicit privacy policy or terms of service pages were found. Overall, the domain registration data aligns well with the website content, showing a consistent and legitimate presence since 2006. The site is trustworthy, professionally maintained, and serves as a reliable informational resource for the faculty and its stakeholders. Strategic improvements in security headers, privacy documentation, and incident response transparency would enhance the site's security posture and compliance.

A

AgroRisk

agrorisk.cz

48

AgroRisk is a Czech Republic-based service providing an early warning system for negative weather impacts in agriculture. The website is professionally designed with a focus on delivering timely weather alerts to farmers and agricultural professionals. The content is relevant and well-structured, targeting a niche audience in the agricultural sector. Technically, the site uses modern web technologies including Leaflet.js for mapping, Google Analytics and Tag Manager for analytics and tracking, and a cookie consent mechanism to comply with privacy regulations. However, the absence of a visible privacy policy and terms of service, as well as missing contact information, limits the site's compliance and business credibility. Security posture is moderate with HTTPS enabled and consent-based analytics, but lacks security headers and detailed incident response information. Overall, the site is accessible and safe, with no signs of WAF blocking or malicious content.

C

Comgate a.s.

comgate.cz

69

Comgate a.s. is a Czech-based financial services company specializing in payment gateways and payment terminals for e-commerce and physical retail sectors. Established in 2000, it holds a license as a payment institution from the Czech National Bank and acts as an acquirer for major card brands such as VISA and Mastercard. The company serves over 20,000 merchants and offers transparent pricing with no hidden fees, positioning itself as a cost-effective and reliable payment service provider in the Czech and surrounding markets. The website reflects a mature digital presence with comprehensive service descriptions, client testimonials, and multilingual support.

A

Asociace pro elektronickou komerci - APEK

apek.cz

51

APEK (Asociace pro elektronickou komerci) is a Czech association representing e-commerce companies and entrepreneurs. It provides its members with support through certification (APEK Trustmark), educational workshops, legal assistance, and specialized studies. The association positions itself as a leading entity in the Czech e-commerce sector, helping members stay competitive and informed. The website is professionally designed, content-rich, and targets Czech e-commerce businesses and entrepreneurs. Technically, the website uses a custom CMS with common web technologies including jQuery, Google Maps API, Google Analytics, and Google Tag Manager. It is served over HTTPS with good SSL configuration, though some modern security headers are missing. The site is mobile optimized and has good SEO practices but could improve accessibility features. From a security perspective, the site shows a solid posture with HTTPS and no visible vulnerabilities or exposed sensitive data. However, it lacks visible privacy and cookie policies, security.txt, and vulnerability disclosure mechanisms. The WHOIS data is missing, which reduces domain registration trust but does not necessarily indicate malicious intent given the professional nature of the site. Overall, the site is trustworthy and professional but would benefit from enhanced transparency on privacy and security policies and improved WHOIS data availability.

M

Mobilní hospic Justýnka

hospicjustynka.cz

56

Mobilní hospic Justýnka is a Czech non-profit organization providing comprehensive home hospice care to terminally ill patients and support to their families. The website presents a professional and well-structured digital presence, highlighting their key services such as home hospice care, social services, and free medical equipment lending. The organization targets patients and families within a 30 km radius of Ludéřov, focusing on quality of life and dignity in end-of-life care. Technically, the site is built on WordPress using the Divi theme, with modern plugins for GDPR compliance and user experience enhancements. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though additional security headers could improve defenses. The absence of WHOIS data limits domain legitimacy verification, but the website content and testimonials provide strong trust signals. Overall, the site is a reliable resource for hospice care information and services in its region.

A

Akademie věd České republiky

avcr.cz

59

Akademie věd České republiky is a prominent public non-university research institution in the Czech Republic, focusing on scientific research, public education, and technology transfer. The website serves as a comprehensive portal for news, events, publications, and multimedia content related to the academy's activities. It targets scientists, educators, students, media, and the general public interested in science and research. The institution holds a leading position in the Czech scientific community, offering a broad range of services including research support, international cooperation, and public outreach.

L

Letiště Praha, a.s.

prg.aero

60

Letiště Praha, a.s. operates the Václav Havel Airport Prague, the primary international airport serving the Czech capital. The company provides comprehensive airport services including passenger flights, cargo handling, parking, VIP lounges, and transportation facilitation. It holds a leading market position in Central Europe with a large operational scale and a strong brand presence. The website is professionally designed, mobile-optimized, and rich in content, targeting travelers, airlines, and local businesses. Technically, the website is built on Drupal 10 and integrates multiple modern analytics and marketing tools such as Google Analytics, Microsoft Clarity, Adform, and Bloomreach Exponea. The site demonstrates good performance and accessibility standards, with comprehensive privacy and cookie policies supported by a consent management platform. External service integrations for booking and transportation are clearly linked. From a security perspective, the site enforces HTTPS and maintains privacy compliance with GDPR. However, the absence of WHOIS data and security.txt files slightly reduces trustworthiness. No critical vulnerabilities or exposed sensitive data were detected. The site could improve by implementing security headers and publishing a vulnerability disclosure policy. Overall, Letiště Praha's digital presence is robust and professional, supporting its business operations effectively. Strategic improvements in security transparency and WHOIS data availability would enhance trust and compliance further.

A

Asociace pro rozvoj infrastruktury, z.s.

ceskainfrastruktura.cz

46

Asociace pro rozvoj infrastruktury (ARI) is a Czech non-profit think-tank focused on advancing public infrastructure development through promoting international best practices. The organization advocates for public-private partnerships (PPP), high-speed rail development, digitalization in construction (BIM), and sustainable urban development (Green Cities). Their target audience includes public sector officials, infrastructure professionals, and private sector stakeholders involved in infrastructure projects. The website reflects a professional and consistent brand with active engagement through events, publications, and educational programs. Technically, the website is built on WordPress with modern JavaScript libraries and integrates Google Analytics, Google Tag Manager, and reCAPTCHA for security and analytics. The site is mobile-optimized and uses HTTPS with a cookie consent mechanism, though it lacks some security headers and formal privacy and terms of service documentation. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and CAPTCHA protection on forms but could improve by adding security headers and publishing clear privacy and incident response policies. The absence of WHOIS data reduces domain transparency and trust from a registration standpoint, though the website content and external references strongly indicate legitimacy. Overall, the site is a credible and professional platform for a non-profit infrastructure association, with moderate technical maturity and a solid security posture. Strategic improvements in privacy documentation, security headers, and WHOIS transparency would enhance trust and compliance.

H

HelpfulCrowd Limited

helpfulcrowd.com

52

HelpfulCrowd Limited operates a digital marketing platform focused on leveraging free user-generated content such as customer reviews to help businesses increase traffic, trust, engagement, and sales. The company targets ecommerce and local businesses, positioning itself as a niche player in review-driven marketing solutions. The website is professionally designed, mobile-optimized, and integrates modern technologies including WordPress CMS, Google Analytics, Crisp Chat, and Cookiebot for privacy compliance. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not published. The absence of WHOIS data for the domain reduces transparency and trustworthiness, though the website content and technical implementation indicate a legitimate business. Strategic recommendations include publishing terms of service, security policies, and improving domain registration transparency.

J

Jedna báseň

jedna-basen.cz

43

Jedna báseň is a small, family-owned restaurant and catering business located in the center of Brno, Czech Republic. Founded in 2011, it offers a diverse menu including daily meals, vegetarian, vegan, and gluten-free options, as well as catering services for events such as weddings, corporate parties, and private celebrations. The business emphasizes quality, fresh ingredients, and local sourcing, positioning itself as a trusted local hospitality provider with a strong community presence. The website reflects a professional and consistent brand image with clear service offerings and customer engagement channels.