Security Directory

The website tomashubik.cz represents a professional portfolio for Tomas Hubik, a Czech-based full stack developer specializing in front-end technologies such as Angular and React, with additional skills in UI/UX and graphical design. The site showcases a broad portfolio of freelance projects and indicates current employment as a lead software developer. The business model is primarily freelance and professional services targeting clients seeking development and design expertise. The website is well-structured with clear navigation and professional branding, targeting a general audience of potential clients and collaborators. Technically, the site uses a modern technology stack including JavaScript frameworks, PHP, Java, and related libraries. Hosting is provided by WEDOS, a Czech hosting provider, consistent with the domain registration data. The site includes Google Fonts and Google Analytics for tracking. The design is responsive and optimized for mobile devices, though accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, the site lacks published privacy and cookie policies, which is a compliance gap especially under GDPR. No security headers were detected, and the contact form lacks visible anti-spam protections. HTTPS usage is implied but not explicitly confirmed in the HTML content. There is no published incident response or vulnerability disclosure information. Overall, the security posture is moderate but could be improved with standard best practices. The overall risk assessment is moderate with no critical issues detected. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, enforcing HTTPS, adding anti-spam measures on forms, and providing incident response contacts. These improvements would enhance compliance, user trust, and security maturity.

P

Porta Medica s.r.o.

portamedica.cz

53

Porta Medica s.r.o. is a small healthcare consultancy based in Prague, Czech Republic, specializing in regulatory consulting for medical devices targeting the EU market. The company offers tailored solutions for manufacturers, distributors, hospitals, and IT startups to navigate complex regulatory environments. The website is professionally designed using the Wix platform, with good content quality and clear business focus. Technical infrastructure is modern and adequate for the business size, with Wix hosting and Thunderbolt framework. Security posture is generally good with HTTPS enforced and some security best practices observed, though lacking explicit security headers and incident response information. Privacy compliance is weak due to absence of visible privacy and cookie policies. Overall, the site appears trustworthy and legitimate, but could improve transparency and compliance documentation.

A

ACRO-CZ, z.s.

acro-cz.cz

48

ACRO-CZ is a professional association representing contract research organizations (CROs) in the Czech Republic, focusing on clinical research and drug development. Established in 2005, it serves as a liaison between CROs and regulatory bodies, promotes ethical and legal standards, and supports member education and collaboration. The website reflects a professional and consistent brand with clear business information and relevant content for its target audience in healthcare and clinical research sectors. Technically, the site uses modern web technologies including Bootstrap and Material Design Bootstrap, with a moderate performance profile and good mobile optimization. Security posture is moderate; while HTTPS usage is assumed, the absence of security headers and privacy policies indicates room for improvement. No blocking or WAF challenges were detected, and the domain WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the site is trustworthy and functional but would benefit from enhanced privacy compliance and security hardening.

Č

Česká asociace dodavatelů zdravotnických prostředků ("CZECHMED")

czechmed.cz

61

CzechMed is a professional association representing manufacturers and distributors of medical devices in Czechia. The organization focuses on fostering dialogue and cooperation within the healthcare industry, supporting innovation, telemedicine, public procurement, and quality assurance. The website is built on the Wix platform, featuring a professional design and structured data that clearly identifies the organization and its physical address. Technical infrastructure leverages Wix's Thunderbolt platform with modern JavaScript polyfills and security hardening scripts. Security posture is generally good with HTTPS enabled and some client-side security measures, but lacks explicit security headers and incident response contact information. Privacy and cookie policies are not found, indicating a gap in compliance. WHOIS data is unavailable, which reduces domain trustworthiness, but the website content and presentation suggest a legitimate business presence. Overall, the site is suitable for its target audience but would benefit from enhanced privacy compliance and security transparency.

C

CZECHIMPLANT, z.s.

czechimplant.cz

59

CZECHIMPLANT, z.s. is a pioneering medical cluster in the Czech Republic specializing in implantology, established in 2016. It functions as a collaborative platform uniting manufacturers, universities, and medical professionals to foster research, development, and practical application in the implantology field. The cluster supports its members through research projects, marketing, international cooperation, and events, positioning itself as a key player in the Czech healthcare technology sector. The website reflects a professional and consistent brand image with clear navigation and relevant content aimed at cluster members and stakeholders. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript libraries, and Google Web Fonts, with a custom CMS backend. It features responsive design and basic accessibility features, ensuring usability across devices. Performance is moderate with lazy loading implemented for images. SEO practices are adequately addressed through meta tags and structured navigation. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and detailed security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the website presents a low-risk profile with good business credibility and privacy compliance. Strategic improvements in security headers and incident response transparency would enhance its security posture and trustworthiness.

The website 'H.I.D.R.A Dashboard' represents an academic and governmental project focused on real-time monitoring of water quality and flood risk in urban channels of the Recife metropolitan area in Brazil. Developed by UACSA/UFRPE in partnership with Faculdade Nova Roma and supported by FACEPE, the project leverages IoT sensors and artificial intelligence to provide environmental data and predictive alerts. The platform targets academic institutions, environmental managers, and local communities, aiming to promote sustainable water management aligned with global development goals. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, Chart.js for data visualization, and Leaflet.js for interactive mapping. Hosted by Hostinger, the site demonstrates moderate performance and good mobile optimization, though accessibility and SEO features are basic. The site includes user authentication forms with login and registration capabilities, and a configurable parameter interface for monitoring thresholds. From a security perspective, the site uses HTTPS and has domain transfer protections enabled, but lacks visible security headers such as CSP or HSTS. There are no privacy or cookie policies present, and no incident response or vulnerability disclosure information is provided. The absence of these policies and security headers represents a compliance and security gap. The WHOIS data shows a recently registered domain consistent with the project timeline, registered via a hosting provider, which is typical for academic projects but reduces registrant transparency. Overall, the website is professionally designed with relevant content and clear navigation, but improvements are needed in privacy compliance, security hardening, and transparency to enhance trustworthiness and protect user data effectively.

B

Balticum

balticum.tv

52

Balticum's website is a media streaming platform primarily targeting webOS TV users and browsers. The site uses modern web technologies such as Angular 14 and custom webOS APIs to deliver video content. However, the site lacks visible business contact information, privacy policies, and security headers, which limits trust and compliance. The absence of WHOIS data further reduces transparency. Technically, the site is functional but basic in design and optimization, with moderate performance and accessibility. Security posture is weak due to missing HTTPS confirmation and security headers. Overall, the site appears legitimate but would benefit from improved compliance and security measures.

N

Nannen & Carls Steuerberatungsgesellschaft mbH

nannen-carls.de

62

Nannen & Carls Steuerberatungsgesellschaft mbH is a well-established tax consultancy firm based in Aurich, Germany, with a history dating back to 1982. The company offers a broad range of tax and economic advisory services, emphasizing digitalization, corporate succession, inheritance tax law, audits, restructuring, and business consulting. Their website reflects a professional and modern approach, leveraging Webflow CMS and Cookiebot for GDPR-compliant cookie management. The firm targets businesses and individuals in the Aurich region and Ostfriesland, focusing on personalized client service and employee development. Technically, the website is well-structured, mobile-optimized, and uses modern web technologies, although some security headers are missing. The security posture is solid with HTTPS and cookie consent mechanisms in place, but could be improved with additional security headers and explicit incident response policies. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy of the entity. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and continuous monitoring of third-party scripts.

The website metodickyweb.cz is an educational portal focused on providing teaching ideas and inspiration for integrating information technologies into education. It targets educators and educational professionals primarily in the Czech Republic. The platform offers methodical cards, user registration for enhanced interaction such as commenting and rating, and a catalog of educational content. The business appears to be a small-scale specialized educational service established around 2015, with consistent branding and a clear focus on its niche. Technically, the site uses a basic but functional technology stack including jQuery and Font Awesome, hosted by WEDOS, a Czech hosting provider. The site is moderately optimized for mobile and SEO, with a clean design and good user experience. However, there is room for improvement in accessibility and performance optimization. No advanced CMS or frameworks are detected. From a security perspective, the site lacks important security headers and uses GET methods for sensitive forms like login and registration, which is a security concern. There is no visible privacy or cookie policy, indicating compliance gaps with GDPR and related regulations. The absence of incident response contacts and vulnerability disclosure mechanisms further limits the security maturity. No WAF or blocking mechanisms are detected, and the domain registration data aligns well with the website content, supporting legitimacy. Overall, the website is functional and trustworthy for its educational purpose but requires enhancements in security practices and privacy compliance to improve its risk posture and user trust.

A

&TANKS I stainless steel tanks

andtanks.eu

57

The website www.andtanks.eu is hosted on the Wix platform and appears to have minimal content with no visible business or contact information. The lack of privacy policy, cookie policy, terms of service, and contact details limits the site's credibility and compliance posture. Technically, the site uses Wix's standard scripts and assets, including Sentry for error monitoring, but lacks advanced security headers and SEO optimizations. The WHOIS data is not publicly available due to EURid's privacy policy for .eu domains, which is common but restricts trust assessment. Overall, the site presents a low maturity level in business and security aspects, with limited user engagement features or compliance indicators.

L

ladies dance company

salsa-zeny.cz

54

The website www.salsa-zeny.cz represents a small, specialized dance school in Prague focused on ladies' Latin dance styles such as salsa, bachata, reggaeton, and kizomba. The business is led by an experienced instructor, Lenka Němcová, and has a long-standing tradition since 2007. The site is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies. It offers clear information about dance lessons and workshops targeted at women interested in Latin dance. Technically, the site is moderately optimized with good security practices including HTTPS and security headers, but lacks comprehensive privacy and cookie policies, which are important for GDPR compliance. Contact information is limited to an email address and a Facebook social media link, with no phone number or physical address explicitly provided. Overall, the site is professional and trustworthy for its niche but could improve privacy compliance and mobile optimization.

T

Taneční škola ASTRA Praha

astra-praha.cz

39

Taneční škola ASTRA Praha is a local dance school offering a wide range of dance courses and events targeting adults, youth, and children in Prague and surrounding areas. Their services include standard and Latin dance courses, competitive dance, summer dance schools, seminars, dance clubs, wedding dance lessons, and dance performances. The website is professionally designed with clear navigation and good content quality, supporting multiple dance-related offerings and event announcements. Technically, the website employs common web technologies including Google Analytics, Google Tag Manager, and Plausible Analytics for tracking, along with Google Fonts for typography. The site is mobile-optimized and uses HTTPS, though no explicit security headers were detected. The site lacks a cookie consent mechanism despite having a GDPR-compliant privacy policy, indicating partial privacy compliance. From a security perspective, the site shows no immediate vulnerabilities or exposed sensitive data. However, the absence of WHOIS data limits domain trust assessment, and no incident response or security policy information is provided. The site does not appear to be behind a WAF or security challenge, and content is fully accessible. Overall, the security posture is moderate but could be improved with better header configurations and privacy mechanisms. The overall risk is low given the nature of the business and content, but the lack of WHOIS transparency and cookie consent are notable gaps. Strategic recommendations include implementing security headers, adding cookie consent, publishing incident response contacts, and enhancing accessibility features to improve trust and compliance.

S

Salsaholics.cz | Cuban Salsa, Rueda de Casino, Multisport | Tresor Club, Vinohradská 35/25, 120 00 Prague 2 - Vinohrady, Prague, Czechia

salsaholics.cz

57

The website www.salsaholics.cz appears to be a small-scale business site built on the Wix platform. The site content is minimal and lacks detailed business descriptions, contact information, or policy disclosures. The technical infrastructure relies on Wix's standard JavaScript libraries and polyfills, with session recording scripts indicating user behavior tracking. Security posture is basic with HTTPS enabled but lacking advanced security headers and policies. The absence of WHOIS data reduces trustworthiness and raises questions about domain registration transparency. Overall, the site presents a low maturity digital presence with significant room for improvement in security, privacy compliance, and business credibility.

У

Українське незалежне інформаційне агентство УНІАН

unian.ua

61

The website www.unian.ua is the official online presence of the Ukrainian Independent Information Agency UNIAN, a major news media organization established in 1993. It provides comprehensive news coverage in Ukrainian language, including politics, economics, sports, technology, weather, and more. The site targets a broad Ukrainian-speaking audience seeking timely and reliable news. The business model is primarily content publishing supported by advertising and subscription services. The agency holds a strong market position as a trusted and long-standing news source in Ukraine. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates multiple analytics platforms such as Google Analytics, Matomo, and Gemius. It uses Google Tag Manager for marketing and tracking, and loads fonts and media efficiently. The site is mobile-optimized with responsive design and good SEO practices. Performance is moderate with room for improvement in accessibility. Security-wise, the site enforces HTTPS, implements key security headers, and uses secure forms with anti-CSRF tokens. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and GDPR compliant, with a clear cookie consent mechanism. However, explicit security policy and incident response contacts are not published, which could be improved. Overall, the website is professional, trustworthy, and well-maintained, with extensive content and transparent business information. The domain WHOIS data confirms legitimacy and consistency with the business claims. The site does not contain any adult or questionable content, making it safe for general audiences.

D

Donio

donio.cz

56

Donio.cz is a Czech crowdfunding platform established in 2019 that enables users to create fundraising campaigns free of charge, transferring 100% of collected funds to campaign owners. The platform targets individuals and organizations within the Czech Republic seeking to raise donations or crowdfund projects. Technically, the website employs modern JavaScript frameworks, integrates Cookiebot for GDPR-compliant cookie consent, and uses Google Tag Manager and Sentry for analytics and error monitoring. Hosting and DNS are managed via Cloudflare, ensuring good SSL/TLS security and performance. Security posture is solid with HTTPS enforced and consent mechanisms in place, but lacks published privacy policies, terms of service, and incident response contacts, which are important for compliance and trust. Overall, the website is professional, well-designed, and functional, but could improve transparency and compliance documentation to enhance user trust and legal adherence.

The domain sbceurasia.com is a recently registered website (August 2023) currently protected by Cloudflare's Turnstile human verification challenge, which blocks direct access to any substantive content. Due to this security mechanism, no business information, contact details, or policy documents are accessible for analysis. The website appears to be in an initial or protected state, with no visible metadata, structured data, or user-facing content. The technical infrastructure relies on Cloudflare for DNS and security, indicating a modern approach to protection but limiting transparency. The security posture is difficult to assess fully due to the lack of accessible content, but the presence of Cloudflare's WAF and challenge page suggests a baseline security measure is in place. Overall, the website's risk profile is elevated due to the absence of visible business or compliance information, and the domain's newness adds to uncertainty. Strategic recommendations include removing or adjusting the WAF challenge to allow legitimate user access, publishing clear business and privacy policies, and providing contact information to improve trust and compliance.

B

Bc. Petr Vyhnálek

tvorime-aplikace.cz

45

The website 'Tvoříme aplikace' represents a small Czech technology business led by Bc. Petr Vyhnálek, specializing in custom software development including mobile applications, web applications, database systems, and Linux server management. The business targets clients needing complex, cross-platform JAVA applications and offers services tailored especially for non-profit organizations. The website is professionally designed with clear navigation and detailed service descriptions, reflecting over 20 years of experience. Technical infrastructure includes modern frontend technologies such as Bootstrap, jQuery, and various UI libraries, ensuring good mobile optimization and user experience. Security posture is moderate with HTTPS usage implied but lacks explicit security headers and privacy compliance documentation. Contact information is comprehensive, but absence of privacy and cookie policies is a compliance gap. WHOIS data is unavailable, limiting domain trust assessment, but the website content and contact details suggest legitimacy. Overall, the site is functional, professional, and safe for general audiences.

K

KMU Digital

kmudigital.at

71

KMU.DIGITAL is a government-backed digitalization initiative in Austria, jointly run by the Federal Ministry for Economic Affairs, Energy and Tourism (BMWET) and the Austrian Economic Chamber (WKO). It aims to support small and medium enterprises (SMEs) in Austria by providing consulting and funding to help them conceive, implement, and market digital transformation projects. The program also includes a GREEN funding line to promote ecological transformation through digitalization. The website is professionally designed, content-rich, and provides official documentation and multimedia resources to its target audience of Austrian SMEs. Technically, the site uses modern web technologies, including a CMS (Gentics), JavaScript libraries, and consent management tools to comply with GDPR. Security posture is good with HTTPS enforced and consent mechanisms for external content, though some security headers and explicit policies could be improved. The domain registration data aligns with the Austrian Economic Chamber, supporting the site's legitimacy. Overall, the website is a trustworthy and authoritative resource for Austrian SMEs seeking digital and ecological transformation support.

S

SORAL medical s.r.o.

dekubity.cz

53

SORAL medical s.r.o. operates the website www.dekubity.cz as a specialist supplier of healthcare technology, focusing on antidecubitus systems and medical equipment for healthcare and social services. The company has a longstanding market presence since 1990 and offers products, services, and training to healthcare providers primarily in the Czech Republic. The website is professionally designed with clear navigation, comprehensive content, and strong trust indicators including detailed contact information and GDPR-compliant policies. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript, and integrates Google reCAPTCHA for form security. It uses HTTPS with an excellent SSL configuration and includes cookie consent mechanisms. While no explicit security headers were detected, the site follows good security practices overall. The WHOIS data for the domain is unavailable, which slightly reduces trustworthiness but does not negate the legitimacy suggested by the website content and business information. Security posture is solid with no visible vulnerabilities or suspicious external links. Privacy compliance is well addressed with clear privacy and cookie policies. The website does not contain any adult or questionable content and targets healthcare professionals and institutions. Overall, the site demonstrates a mature digital presence with room for improvement in security header implementation and domain registration transparency. Strategic recommendations include enhancing security headers, publishing incident response and security policies, and verifying domain registration details to improve trust and compliance.

V

VITAPUR spol. s r.o.

vitapur.cz

52

VITAPUR spol. s r.o. is a Czech-based manufacturer specializing in healthcare products for long-term immobile patients, offering bedding, mattresses, positioning aids, and related equipment. Established in 1990, the company serves both professional healthcare institutions and private consumers, maintaining a strong market presence with over 2700 cooperating healthcare facilities. The website reflects a mature e-commerce platform with multilingual support and comprehensive product offerings. Technically, the site employs modern web technologies including Google Analytics 4, Facebook Pixel, and live chat integrations, ensuring a robust digital presence. Security posture is solid with HTTPS and form validations, though some security headers could be improved. Privacy compliance is well addressed with detailed cookie consent and privacy policies. However, the lack of WHOIS data for the domain introduces some uncertainty regarding domain registration transparency. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

M

Mölnlycke Health Care

molnlycke.cz

72

Mölnlycke Health Care is a globally recognized MedTech company specializing in innovative wound care and surgical solutions. The company positions itself as a leader in sustainable healthcare products, targeting healthcare professionals and institutions. Their website reflects a mature digital presence with comprehensive product catalogs, educational resources, and corporate information. Technically, the site employs modern JavaScript frameworks, integrates Azure Application Insights and Google Tag Manager for analytics, and supports responsive design for mobile users. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though some security headers are missing and no explicit security policy or vulnerability disclosure is published. The absence of WHOIS data limits domain trust analysis, but the professional branding and certifications support legitimacy. Overall, the site is well-structured, trustworthy, and compliant with privacy regulations.

M

Multimedium BV

multimedium.be

67

Multimedium BV is a Belgian digital agency with a strong market presence, offering custom online applications, webshops, and websites tailored to organizational needs. With over 20 years of experience, they position themselves as a reliable and solid partner for digital transformation. Their website reflects a professional and modern digital infrastructure, utilizing contemporary marketing and analytics tools such as Google Tag Manager and Mautic, alongside a robust cookie consent mechanism ensuring GDPR compliance. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and incident response information suggests areas for improvement. Overall, the website is well-designed, accessible, and trustworthy, supporting a positive business credibility profile.

P

Pieter Rubberecht

zologie.com

52

The website piru.be is a personal portfolio for Pieter Rubberecht, showcasing a variety of creative projects including board game design, illustration, infographics, branding, and video production. The site targets creative professionals and potential clients interested in visual and design services. It operates as a digital portfolio hosted on Adobe Portfolio, leveraging modern web technologies such as HTML5, CSS3, JavaScript, and Typekit fonts. The website is well-structured with good design quality and mobile optimization, providing a positive user experience. However, it lacks essential compliance and security features such as privacy and cookie policies, contact information, and security headers. HTTPS is enabled, but no advanced security configurations are detected. Overall, the site is safe, professional, and trustworthy but could improve in privacy compliance and security posture.

C

CaptchaFox

captchafox.com

52

CaptchaFox is a Germany-based technology company specializing in GDPR-compliant captcha and bot protection services for websites and mobile applications. Founded in 2020, it positions itself as a privacy-first alternative in the bot mitigation market, emphasizing compliance with European data protection standards and adaptive bot detection technologies. The website reflects a professional SaaS business model targeting companies seeking to protect their digital assets from malicious bot traffic while maintaining user privacy. Technically, the website is built using modern frameworks such as Next.js and React, hosted on bunny.net, and optimized for performance and accessibility. The site demonstrates good SEO practices and mobile responsiveness, with rich SVG graphics and structured data enhancing its digital maturity. However, explicit privacy and cookie policies are not directly found in the provided content, which could be improved to enhance transparency. From a security perspective, the site uses HTTPS and has domain transfer protections in place. There is no evidence of security.txt or vulnerability disclosure mechanisms, and security headers are not detected in the provided data. The absence of explicit contact information and security policies suggests areas for improvement in incident response readiness and user trust. Overall, CaptchaFox presents a credible and professional online presence with a strong focus on privacy and compliance. Strategic enhancements in policy disclosures, security headers, and contact transparency would further strengthen its security posture and compliance standing.

T

tovi

tovi.cz

34

tovi.cz is a Czech-based small technology company specializing in custom web and mobile application development, web design, process automation, and digital marketing services such as SEO and PPC. Founded in 2017, the company presents a professional portfolio of completed projects and transparent pricing examples, targeting businesses seeking tailored digital solutions. The website is well-structured, mobile-optimized, and uses modern web technologies including Google Fonts, Font Awesome, and jQuery, with analytics integrated via Google Analytics and Tag Manager. Security posture is moderate with HTTPS usage implied but lacks explicit security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies, which is a notable gap given GDPR requirements. Contact information is clearly provided with email, phone, and a contact form, enhancing business credibility. Overall, the site is professional and trustworthy but would benefit from improved privacy and security disclosures.

P

Pilulka.cz - vaše online lékárna s více než 1247 odběrnými místy po ČR

pilulka.cz

54

Pilulka.cz is a leading Czech online pharmacy offering a wide range of health-related products including supplements, cosmetics, and over-the-counter medicines. The company emphasizes prevention and modern pharmacy trends, serving a broad general audience with over 1247 pickup points across the Czech Republic. Their business model includes direct online sales and a subscription service called Pilulka PRO, which offers benefits such as free blood tests and discounts. Technically, the website is built on modern frameworks like Nuxt.js and Vue.js, hosted on a reliable CDN infrastructure, and optimized for mobile and SEO. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit privacy and cookie policies are not clearly found in the provided content. The absence of WHOIS data limits domain trust analysis, but the website's professional presentation and extensive product catalog support its legitimacy. Overall, Pilulka.cz demonstrates a mature digital presence with good security and business credibility.

I

INFO-DRÁČEK z.s.

info-dracek.cz

54

INFO-DRÁČEK z.s. is a small non-profit organization based in the Czech Republic dedicated to fostering mutual understanding of different cultures, with a particular focus on Vietnamese and Asian cultural integration. The organization operates through cultural festivals, educational projects, and community events, targeting the general public interested in cultural exchange and minority communities. Their website reflects a professional and consistent brand presence, featuring event galleries, contact information, and social media links, primarily Facebook. The business model is centered on non-profit cultural activities without commercial e-commerce components. Technically, the website is built on the Webnode CMS platform and hosted via AWS Cloudfront CDN, utilizing modern web technologies such as JavaScript and CSS. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with proper HTTPS implementation ensuring secure communication. Google Tag Manager is used for analytics and tracking, indicating moderate user tracking levels. From a security perspective, the site employs HTTPS and some basic security headers but lacks advanced headers like Content-Security-Policy. No vulnerabilities or exposed sensitive data were detected. However, the absence of privacy and cookie policies represents a compliance gap, especially under GDPR regulations. The WHOIS data for the domain is unavailable, which limits the ability to verify domain legitimacy and registration details, posing a potential risk factor. Overall, the website is safe, professional, and serves its non-profit cultural mission effectively. Strategic improvements include adding comprehensive privacy and cookie policies, enhancing security headers, and publishing incident response or security policies to bolster trust and compliance. The lack of WHOIS data should be investigated to ensure domain registration transparency and legitimacy.

U

Український журнал. Час для...

ukrzurnal.eu

7

The website ukrzurnal.eu operates as an online cultural-political monthly magazine targeting the Ukrainian diaspora in Europe. It provides archived issues, subscription options, and information about projects and partners. The content is primarily in Ukrainian with additional language options, focusing on cultural and political topics relevant to Ukrainians living in Europe. The business model centers on digital publication and community engagement through social media integration. Technically, the site uses basic web technologies including HTML, CSS, JavaScript, Facebook SDK, and Google Analytics. The site lacks modern CMS indicators and advanced frameworks, suggesting a simple, possibly custom-built platform. Performance and mobile optimization are basic, with room for improvement in accessibility and SEO practices. From a security perspective, the site does not explicitly confirm HTTPS usage in the HTML base tag, and no security headers such as CSP or HSTS are detected. External scripts are loaded without integrity checks. Privacy and cookie policies are absent, indicating potential GDPR compliance gaps. No forms collecting sensitive data are present, reducing immediate risk exposure. The WHOIS data shows the domain is registered via a Czech registrar, consistent with the European focus but no direct registrant organization is disclosed. Overall, the website is functional and serves its niche audience but requires improvements in security posture, privacy compliance, and technical modernization to enhance trust and resilience against threats.

A

ABC Kovopit-engineering, spol. s r.o.

abckovopit.cz

47

ABC Kovopit-engineering, spol. s r.o. is a Czech-based company specializing in the supply of machinery and equipment for the beverage industry, focusing on wine, liqueurs, and non-alcoholic beverage producers. Established in 1994, the company serves primarily small and medium-sized enterprises both domestically and internationally. Their offerings include processing equipment, filtration and stabilization systems, and filling and packaging machinery, complemented by consultation, leasing, sales, and service support. The website reflects a professional and consistent brand image with clear contact information and partner affiliations. Technically, the site is built on Joomla CMS with modern UI frameworks, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and cookie consent but lacks advanced security headers and formal privacy or terms policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

S

STROM PRAHA a. s.

strompraha.cz

72

STROM PRAHA a.s. is a specialized distributor of agricultural, garden, municipal, and sports equipment, notably serving as the exclusive distributor for John Deere products in the Czech Republic. The company also distributes other reputable brands such as Bednar, Kramer, Pronar, Kuhn, Mazzotti, and Milwaukee. Their target audience includes agricultural businesses, municipal service providers, and sports facility managers within the Czech market. The website reflects a medium-sized enterprise with a professional online presence, offering financing options, used machinery sales, and customer support services.

The website www.andtanks.eu is a small-scale business site hosted on the Wix platform. The site lacks detailed business information, contact details, and privacy or cookie policies, which limits its transparency and trustworthiness. The technical infrastructure is based on Wix's standard stack with JavaScript and Sentry for error tracking, indicating a basic digital maturity level. Security posture is minimal with no advanced headers or policies detected, and WHOIS data is fully privacy protected, preventing verification of domain ownership and age. Overall, the site presents a low-risk profile but lacks critical compliance and trust indicators.

V

Vinarsky raj

vinarskyraj.cz

56

The website 'Vinarsky raj' appears to be a small business site built on the Wix platform, targeting Czech and Polish audiences with content related to wine or vineyards. The site uses standard Wix technologies and scripts, with moderate mobile optimization and basic SEO features. However, the absence of WHOIS data and registrant information reduces transparency and trustworthiness. Security posture is moderate with HTTPS usage but lacks explicit security headers and policies. Privacy compliance is poor due to missing privacy and cookie policies. Overall, the site is functional but lacks critical business and security information, limiting its credibility and compliance.

W

Wines from Czech Republic

wineofczechrepublic.cz

63

The website www.vinazmoravyvinazcech.cz serves as a regional informational and promotional platform focused on wines from the Moravia and Bohemia regions of the Czech Republic. It targets wine enthusiasts, tourists, and consumers interested in Czech wines, offering details about wine varieties, events, and related content. The site uses modern web technologies such as React and Next.js, providing a good user experience with responsive design and clear navigation. However, the absence of WHOIS registration data and lack of visible privacy, cookie, and contact policies reduce its trustworthiness from a security and compliance perspective. No security headers or SSL configuration details were available, and no explicit security or incident response contacts were found. Overall, the site is functional and informative but would benefit from enhanced transparency and security practices.

S

Spolek vinařů Dunajovské kopce

dunajovskepecky.cz

40

Dunajovské pecky is a regional project operated by Spolek vinařů Dunajovské kopce, focused on promoting unique local places, businesses, events, and projects within the Dunajovské kopce region in the Czech Republic. The website serves as a curated guide for visitors and locals, emphasizing quality, local authenticity, and community spirit. The project is relatively new, with domain registration and founding year in 2024, targeting tourists and regional enthusiasts through recommendations, event calendars, maps, and newsletters. Technically, the website is built on Joomla CMS with Yootheme and UIkit frameworks, enhanced by accessibility features via the DJ Accessibility plugin. The site is mobile-optimized, uses modern web standards, and includes SVG graphics and Google Fonts. Hosting is provided by REG-WEBGLOBE, consistent with the domain registration data. Performance is moderate with good accessibility and SEO practices, though some improvements in security headers and privacy compliance are recommended. From a security perspective, the site uses HTTPS and includes CSRF tokens, but lacks explicit security headers and vulnerability disclosure mechanisms. No analytics or tracking scripts were detected, indicating minimal user tracking. Contact information is clearly provided, but privacy and cookie consent policies are either missing or basic, which may pose compliance risks. No signs of malicious content or vulnerabilities were found. Overall, the website presents a trustworthy and professional regional project with good content quality and technical implementation. Strategic improvements in privacy policies, cookie consent, and security headers would enhance compliance and security posture, supporting long-term trust and user confidence.

3

3DFindit / CADENAS

bimcatalogs.net

66

3DFindit, operated by CADENAS, is a specialized online platform offering free access to an extensive collection of 3D CAD and BIM models, serving industries such as mechanical engineering and architecture. The platform supports multiple search methods including 3D geometric, 2D sketch, and color search, enhancing user experience for engineers, architects, and manufacturers. The website is professionally designed with consistent branding and integrates with CADENAS' corporate ecosystem, indicating a strong market position in digital product content services. Technically, the website employs modern web technologies including JavaScript, SVG, and web components, with external integrations such as consent management and Freshworks support widgets. The site is mobile optimized and SEO friendly, though accessibility features are basic. Performance is moderate, with room for improvement in security headers and incident response transparency. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security policies and incident response contacts, which are recommended for enhanced trust and compliance. Privacy compliance is strong, with comprehensive privacy and cookie policies and GDPR adherence. Contact information is limited to a web form, with no direct emails or phone numbers publicly listed. Overall, the website presents a low-risk profile with a high degree of professionalism and business credibility. The absence of WHOIS data suggests privacy protection, which is justified for this business type. Strategic recommendations include enhancing security headers, publishing security policies, and expanding contact options to improve user trust and compliance posture.

3

3DFindit

3dfindit.com

65

3DFindit is an online platform operated by CADENAS that provides free access to a vast collection of 3D CAD and BIM models aggregated from over 4500 catalogs. The service targets engineers, architects, and designers seeking technical models for mechanical engineering and architectural projects. The website is professionally designed with consistent branding and offers multiple search modalities including 3D geometric, 2D sketch, and color search. Technically, the site uses modern web technologies such as JavaScript, SVG, and web components, and integrates third-party services like Freshworks for user interaction. While HTTPS is used, explicit security headers and detailed security policies are not evident, indicating room for improvement in security posture. The absence of WHOIS data for the domain is unusual but the association with CADENAS supports legitimacy. Overall, the site is trustworthy, well-structured, and compliant with privacy regulations, though it lacks direct contact information and explicit incident response details.

The analyzed content corresponds to a Chrome browser internal error page (chrome-error://chromewebdata/) displayed when a website is inaccessible or offline. This page contains no actual website content, business information, or external links. It primarily serves as a placeholder with embedded JavaScript and CSS for the Chrome offline dinosaur game. Consequently, no privacy, cookie, or terms of service policies are present, nor is there any contact or security policy information. The technical infrastructure is limited to Chromium internal scripts and canvas-based game logic, with no hosting or CMS details available. Security posture cannot be meaningfully assessed due to the nature of the content. Overall, this is not a public-facing website but a browser-generated error page, and thus lacks business credibility or compliance indicators.

E

EDELWEISS Werbeagentur GmbH

edelweiss-werbeagentur.at

53

EDELWEISS Werbeagentur GmbH is a small Austrian full-service advertising agency specializing in sustainable brand building for small and medium-sized enterprises. Their services include corporate design, logo creation, website and webshop development, SEO, social media marketing, and traditional advertising. The company emphasizes long-term partnerships and comprehensive marketing solutions. Technically, the website is built on a custom CMS with modern front-end technologies such as UIkit and jQuery, and integrates Google Analytics and Google Ads for marketing and analytics. The site is mobile-optimized and SEO-friendly, providing a professional user experience. Security-wise, the site uses HTTPS and implements a detailed cookie consent mechanism, but lacks advanced HTTP security headers and explicit security policies or incident response contacts. WHOIS data is unavailable, which slightly reduces trust but the website content and business presence appear legitimate and professional. Overall, the site scores well on content quality, technical implementation, privacy compliance, and business credibility, with room for improvement in security best practices and transparency.

The website plus4u.net appears to represent a digital services platform focused on enabling users to compose their own online services from various applications. The site uses modern web technologies including React, UU5 framework, and Google Tag Manager for analytics. However, the visible content in the provided HTML snapshot is minimal, primarily technical scaffolding without substantive user-facing content or business details. The WHOIS data is unavailable or indicates the domain is not registered, which raises significant concerns about the legitimacy and trustworthiness of the domain. No contact information, privacy policies, or terms of service are present, limiting compliance and user trust. Security posture is weak due to lack of visible security headers and SSL configuration details. Overall, the site appears to be in an early or incomplete state or possibly a placeholder.

Unicorn a.s. is a well-established European IT company founded in 1990, specializing in delivering large-scale information systems and IT solutions. The company targets business customers primarily in the Czech Republic and broader European market, offering a range of IT products, services, and solutions that provide competitive advantages and high added value. The website reflects a professional business presence with consistent branding and clear contact information, supporting its market position as a reputable technology provider. Technically, the website employs modern web technologies including React and UU5 frameworks, with integration of Google Tag Manager for analytics and marketing. The site is hosted with a reputable registrar and DNS providers, though DNSSEC is not enabled. Performance and mobile optimization are good, though accessibility features are basic. SEO is adequately addressed with proper meta tags and structured data. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and does not provide explicit privacy or cookie policies, which impacts GDPR compliance. No incident response or vulnerability disclosure information is published, indicating room for improvement in security transparency and governance. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance, security header implementation, and published security policies to strengthen its security posture and regulatory adherence.

The Technical University of Košice (TUKE) is a well-established public university in Slovakia, offering a broad range of higher education and research programs in innovative technical fields. The website reflects a strong market position as a leading educational institution with a large student body and international collaborations, including Erasmus+ and the Ulysseus European University alliance. The digital presence is modern, leveraging Next.js and React technologies, with excellent mobile optimization and user experience. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional, trustworthy, and well-aligned with the university's mission and audience.

H

Hotel Troja, ubytování a restaurace v Praze 8 | hoteltroja.cz

hoteltroja.cz

54

Hotel Troja is a hospitality business located in Prague 8, offering hotel accommodation, restaurant services, conference room rentals, and event hosting including weddings. The website presents a professional and user-friendly interface with integrated booking systems from third-party providers. The business targets general audiences seeking lodging and dining in the Prague area. Technically, the site uses jQuery and custom JavaScript with CSS styling, managed via the adSYSTEM CMS platform. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is moderate with HTTPS usage but lacks visible security headers and explicit incident response policies. Privacy and cookie policies are present and GDPR compliant. WHOIS data is unavailable, which limits domain trust verification, but the website content and contact details appear legitimate. Overall, the site is functional and trustworthy for its business purpose.

F

FRABEX GmbH

frabex.com

51

FRABEX GmbH is an Austrian company specializing in the distribution of high-quality bearings and linear technology products, representing brands such as FBJ, HIWIN, and MYT. The company serves a diverse clientele including industrial, agricultural, commercial, and private customers, offering both a physical presence and an online webshop tailored for business customers. Their market position is strengthened by being the European distribution center for FBJ and a key dealer for HIWIN in Austria, supported by an in-house linear workshop enabling customized solutions. Technically, the website is built on modern web technologies including UIkit and jQuery, with a proprietary CMS by EWAY. The site is mobile optimized, SEO friendly, and includes essential accessibility features. Performance is moderate with good design and navigation clarity, supporting a positive user experience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security policies and incident response contacts, which are recommended for enhanced trust and compliance. No vulnerabilities or exposed sensitive data were detected, and the WHOIS data confirms the legitimacy and consistency of the domain registration. Overall, FRABEX GmbH presents a professional and trustworthy online presence with solid business credibility and compliance posture. Strategic improvements in security transparency and incident response readiness would further strengthen their security maturity and customer trust.

The website totalizatorsportowy.pl currently serves as a parked domain page with no active business content or services. The domain is registered since 2003 via Aftermarket.pl Limited, a domain aftermarket provider, and the website content aligns with this by indicating the domain is for sale. There is no visible business information, contact details, or privacy and cookie policies, which significantly limits the site's credibility and trustworthiness. Technically, the site uses basic HTML, CSS, and JavaScript with external scripts for advertising and tracking, but lacks HTTPS enforcement and security headers, exposing it to potential security risks. The embedded iframe points to an external suspicious domain, which could pose security concerns. Overall, the site is low trust and minimal in content, serving primarily as a domain sales landing page.

The website www.pawduketreats.com/retail-order-form/ presents itself as an e-commerce platform promoting an online slot gaming application named WASLOT, targeting the Indonesian market. It offers bonus promotions and claims a high user rating with numerous reviews. The site is built on or heavily integrated with the Etsy platform, utilizing various modern JavaScript libraries and tracking tools such as Google Tag Manager, Bing Ads, and Sentry for error monitoring. However, the absence of WHOIS registration data and domain legitimacy concerns reduce overall trust. The site lacks visible privacy, cookie, or terms of service policies, which impacts compliance and user trust. Security headers are not detected, and no explicit company contact information is provided, limiting transparency. Overall, the site appears functional but has significant gaps in security posture and compliance.

S

Home | Smart Mobile Gamers

smartmobilegamers.org

41

The website www.smartmobilegamers.org appears to be a basic Wix-built site with minimal content and no visible business or contact information. The lack of privacy policies, terms of service, or security disclosures indicates a low level of digital maturity. Technically, the site uses standard Wix scripts and polyfills but lacks advanced SEO, accessibility, and security features. The absence of WHOIS data and registrant information reduces trust and raises concerns about domain legitimacy. Overall, the security posture is weak with no evident security headers or incident response mechanisms. The site is accessible without WAF or security challenges but provides limited business or user engagement value.

T

Tourismus Marketing Gesellschaft Sachsen mbH

sachsen-angebote.de

52

Tourismus Marketing Gesellschaft Sachsen mbH operates the website www.sachsen-angebote.de to promote tourism offers and facilitate accommodation bookings in the Saxony region of Germany. The site targets tourists and travelers interested in exploring Saxony, providing curated travel packages and booking options. The business is positioned as a regional tourism marketing entity with a medium-sized operational scale. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including JavaScript, CSS, and accessibility tools such as Eye-Able. Hosting is provided by SchlundTech, a reputable provider. The site demonstrates good mobile optimization and basic SEO practices, with consent management implemented for GDPR compliance. From a security perspective, the site enforces HTTPS and integrates consent management, but lacks explicit security headers and a published security policy. No vulnerabilities or malicious content were detected. Privacy compliance is partial due to the absence of a visible privacy policy and terms of service. Contact information is available via a clearly labeled phone number and booking form. Overall, the website presents a professional and trustworthy front for regional tourism marketing, with moderate technical maturity and security posture. Strategic improvements in privacy policy publication, security header implementation, and incident response readiness would enhance compliance and trustworthiness.

The website www.priserkyvhlave.cz is an educational platform in Czech language focused on teaching about monsters through interactive games and resources, primarily targeting schools and children. It is a project supported and co-financed by the European Union and the Czech Ministry of Interior, indicating a non-commercial, public service nature. The site uses modern web technologies such as React and Next.js, providing a good user experience with responsive design and clear navigation. However, the site lacks visible privacy, cookie, and terms of service policies, and no contact information is provided, which limits transparency and user trust. From a technical perspective, the site is built on a modern JavaScript framework with client-side rendering and moderate performance. No analytics or tracking scripts were detected, suggesting minimal user tracking. Security posture is limited due to the absence of security headers and no visible SSL configuration details. The WHOIS data for the domain is unavailable, likely due to privacy protection or domain registration issues, which negatively impacts the trustworthiness assessment. Overall, the website is safe and suitable for general audiences, with no adult or explicit content detected. The lack of WHOIS transparency and privacy policies are the main concerns. Strategic recommendations include implementing comprehensive privacy and cookie policies, improving security headers, providing clear contact and incident response information, and verifying domain registration details to enhance trust and compliance.

A

Atlas předsudků

atlaspredsudku.cz

39

Atlas předsudků is a Czech Republic based educational and informational website focused on debunking prejudices and misinformation about foreigners and integration within the country. The site is funded by the European Union and the Czech Ministry of Interior, positioning it as a government-backed public awareness campaign. It offers interactive quizzes, detailed factual content, and multimedia resources to educate the general public on migration and integration topics. The target audience is the Czech general public interested in social issues and combating misinformation. Technically, the website uses modern web technologies including Bootstrap 5 and Google Analytics, with a cookie consent mechanism that respects user privacy by default denying ad and analytics cookies. The site is hosted on a Czech hosting provider and uses a domain registered in 2020, consistent with its recent campaign nature. Security posture is moderate with room for improvement in security headers and incident response transparency. No privacy policy or terms of service pages were found, which is a compliance gap. Overall, the website is professional, trustworthy, and serves an important social function with good content quality and user experience.

OPA Group s. r. o. operates the website oculocin.cz, specializing in the development, manufacturing, and distribution of natural eye care products, including eye drops designed to treat chronic conjunctivitis and irritated eyes without antibiotics. The company positions itself as a provider of safe, effective, and innovative healthcare products with certifications such as ISO 13485 and CE MDD 0434, targeting consumers seeking natural and hygienic eye care solutions. The website is professionally designed using WordPress with multilingual support and SEO optimization, providing clear product information and customer engagement through a registration form and social media links. Technically, the site employs modern web technologies and is hosted by Wedos, with good SSL configuration and basic security practices in place. However, security headers and explicit security policies could be enhanced. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the website demonstrates a high level of business credibility and technical maturity, with no signs of blocking or malicious content.