Security Directory

The domain infocentrumloket.cz currently hosts a Webnode-generated 404 error page indicating that the domain is available for registration and website creation. There is no active business or content on the site. The domain was registered in 2016 and uses name servers consistent with its registrar REG-MEDIA4WEB. The website is hosted on a CDN (Cloudfront) and uses standard web technologies such as HTML5, CSS, and JavaScript. There are no privacy policies, cookie notices, contact information, or security policies present. No analytics or tracking scripts are detected, and no advertising or marketing tools are in use. The site is safe with no adult or explicit content. Security posture is minimal with no security headers or HTTPS status visible from the content. Overall, the site is a placeholder with very limited technical or business maturity.

D

Danske Bank

danskebank.co.uk

75

Danske Bank's UK personal banking website offers a comprehensive range of financial products including current accounts, mortgages, savings, and loans. The site targets personal banking customers in the UK and presents a professional, well-structured digital presence consistent with a large, established financial institution. The domain has been registered since 1998, reinforcing its legitimacy and market presence. Technically, the website employs modern web technologies such as JavaScript and SVG icons, with good mobile optimization and accessibility features. Security is enforced through HTTPS and secure login portals, although explicit security headers and privacy policies are not clearly visible in the provided content. Analytics usage is moderate, primarily via eGain services. Overall, the site demonstrates a solid business and technical foundation but would benefit from enhanced privacy compliance and security transparency.

D

Danske Bank

danskebank.se

72

Danske Bank Sweden operates a professional and comprehensive banking website targeting private customers with a broad range of financial products including mortgages, savings, loans, insurance, and pension services. The site reflects a mature digital presence with clear navigation, professional design, and integration of Swedish digital authentication standards such as BankID. The bank is part of the larger Danske Bank Group, with a domain registered since 2000, indicating a well-established market presence in Sweden. Technically, the website uses modern web technologies and integrates third-party analytics and advertising services, though some security enhancements like DNSSEC and explicit security headers could be improved. Privacy and cookie policies are not explicitly found in the provided content, which may impact compliance and user trust. Overall, the site is trustworthy and professionally maintained, serving a large customer base with a focus on digital banking convenience.

D

Danske Bank

danskebank.no

71

Danske Bank's Norwegian corporate banking website presents a comprehensive suite of financial services tailored for businesses of all sizes across Norway and the Nordic region. The bank positions itself as a leading Nordic corporate bank offering daily banking, financing, advisory, and international trade solutions. The website is professionally designed with clear navigation, responsive layouts, and rich content that supports business customers in various growth stages. The presence of sustainability certification (Miljøfyrtårn) and detailed customer service information enhances trust and credibility. Technically, the site employs modern web technologies including JavaScript, SVG icons, and a CSS framework (Foundation), ensuring good performance and accessibility. The site is mobile-optimized and includes SEO best practices. Security posture is strong with HTTPS enforced, security headers present, and secure login portals. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. No critical security vulnerabilities or blocking mechanisms were detected, indicating a mature security posture. However, explicit security policies and incident response details are not publicly available, suggesting room for improvement in transparency. Overall, the site reflects a stable, trustworthy, and professional banking institution with a solid digital presence.

D

Danske Bank A/S

danskebank.fi

66

Danske Bank A/S operates a comprehensive Finnish banking website targeting retail and private banking customers. The site offers a wide range of financial services including loans, savings, investments, and digital banking solutions. The bank holds a strong market position as a major Nordic financial institution with a long-established presence since 1997. The website demonstrates a mature digital infrastructure with modern technologies and good mobile optimization. Security posture is strong with HTTPS, DNSSEC, and secure login portals, although explicit security policies and incident response information are limited publicly. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

P

pitcom GmbH

fachkraefte-erzgebirge.de

61

The Fachkräfteportal Erzgebirge is a regional job portal operated by pitcom GmbH, focused on connecting job seekers and employers within the Erzgebirge region of Germany. The website offers a comprehensive job search platform with filters by job type, location, industry, and employment model. It also features company profiles, news updates, and event information relevant to the local labor market. The portal targets local professionals, companies, and trainees seeking employment or recruitment services in the region. Technically, the website employs modern web technologies including JavaScript libraries such as jQuery and Select2, Bootstrap for UI components, and integrates analytics tools like Matomo and Google Analytics 4. It uses Google Tag Manager for centralized tag management and includes marketing pixels such as Facebook Pixel and Userlike chat for customer engagement. The site is served over HTTPS with good SSL configuration and basic security headers, ensuring secure data transmission. From a security and compliance perspective, the site implements a cookie consent banner consistent with GDPR requirements and provides detailed descriptions of tracking technologies used. However, explicit privacy policy and terms of service pages were not found in the provided content, which is a compliance gap. No security policy or incident response information is published. The site shows no signs of WAF blocking or content restrictions, and no vulnerabilities or exposed sensitive data were detected. Overall, Fachkräfteportal Erzgebirge presents as a professional, regionally focused job portal with solid technical infrastructure and moderate privacy compliance. To enhance trust and security posture, it should publish clear privacy and security policies, improve security headers, and provide direct contact information for data protection and incident response.

ProAlergiky.cz is a specialized e-commerce and informational portal serving individuals with allergies, asthma, and atopic eczema in the Czech Republic. It offers a wide range of specialized products such as inhalers, air purifiers, humidifiers, and allergy-friendly bedding, combined with practical advice and health-related content. The site positions itself as the largest portal of its kind in the Czech market, targeting a niche healthcare audience with a medium-sized business model focused on retail and education. Technically, the website leverages modern JavaScript frameworks like Vue.js, integrates multiple analytics and marketing tools including Google Tag Manager, Microsoft Clarity, and Facebook Pixel, and operates on a custom e-commerce platform (CMTrade). The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS, uses secure login forms with CSRF tokens, and includes several security headers, though some recommended headers like Content-Security-Policy are not explicitly detected. Privacy compliance is partial, with a cookie consent mechanism present but no clear privacy policy or terms of service found in the provided content. WHOIS data is not publicly available, indicating privacy protection, which is common for commercial sites but slightly reduces transparency. Overall, the site is trustworthy and professionally managed but could improve privacy disclosures and security header implementations.

D

Divilab LLC

colorlib.com

60

Colorlib is a well-established provider of free and premium WordPress themes and website templates, targeting bloggers, small businesses, and web developers. The company operates under Divilab LLC, based in Wyoming, USA, and has been active since 2013. Their business model combines free offerings with premium paid themes, supported by a community forum and detailed documentation. Technically, the website is built on WordPress with Bootstrap and optimized using WP Rocket, ensuring good performance and mobile responsiveness. The site integrates common marketing and analytics tools such as Google Tag Manager and MailChimp for newsletter subscriptions. Security-wise, the site uses HTTPS and has domain transfer protections but lacks advanced DNS security features like DNSSEC and explicit security headers. Privacy compliance is basic, with a cookie consent banner and privacy policy present, but no detailed GDPR compliance indicators or incident response information. Overall, the website is professional, trustworthy, and well-positioned in its niche, though it could improve security transparency and privacy compliance.

B

Bhashini

bhashini.co.in

63

Bhashini's website is currently a minimal placeholder page indicating a 'Launching Soon' status, with no detailed business description or contact information. The site is hosted on GoDaddy's Website Builder platform and uses standard web technologies including HTML5, CSS3, and JavaScript, with fonts loaded from Google Fonts. The technical infrastructure is basic but functional, with HTTPS enabled and a service worker registered for potential offline capabilities. However, the absence of privacy policies, terms of service, and contact details limits the site's professionalism and trustworthiness. Security headers are missing, which could expose the site to certain web-based attacks. Overall, the website is in an early stage of deployment with limited content and features.

M

MEDIA HOME BRNO

meho.cz

58

MEDIA HOME BRNO is a small Czech Republic based web and graphic design studio established in 2015. The company offers a range of services including web design, UX/UI design, branding, copywriting, SEO, and social media management, targeting businesses and individuals seeking professional digital presence. The website is professionally designed with good content quality and clear navigation, optimized for mobile devices. Technically, the site uses modern web technologies including jQuery, Swiper.js, Google Fonts, and integrates Google Analytics with a compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and cookie consent properly managed, though security headers and formal security policies are absent. Contact information is clearly provided, enhancing business credibility. No privacy policy or terms of service pages were found, which is a compliance gap. Overall, the site is safe, trustworthy, and well-positioned for its market niche.

D

D.R.J. Tiskárna Resl s.r.o.

tiskarnaresl.cz

52

D.R.J. Tiskárna Resl s.r.o. is a Czech Republic-based company operating since 2006, specializing in transportation services including international and domestic freight, bus transportation, and printing services such as production of publications, magazines, books, and textbooks. The company maintains a professional online presence with a well-structured website that clearly segments its three main divisions: Bus, Print, and Transport. The website targets both general public and business clients in the transport and printing sectors, positioning itself as an established regional player with diversified services. Technically, the website employs modern JavaScript libraries including jQuery and integrates Google Analytics, Google Tag Manager, and Google Ads for tracking and marketing purposes. The hosting and domain registration are managed by REG-GRANSY, a known registrar, with no indications of privacy protection or suspicious registrations. The website demonstrates moderate performance and good mobile optimization, though accessibility features are basic. From a security perspective, the site uses HTTPS (implied by Google Analytics and external scripts) and implements a cookie consent mechanism with granular user controls, supporting GDPR compliance. However, no explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are present. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website presents a trustworthy and professional digital front for the company, with room for improvement in security policy transparency and technical security headers. Strategic recommendations include enhancing security headers, publishing comprehensive security and incident response policies, and adding terms of service to improve compliance and trust.

M

Ministerstvo financí ČR

eeagrants.cz

76

The website eeagrants.cz serves as the official portal for the EEA and Norway Grants managed by the Ministry of Finance of the Czech Republic. It provides comprehensive information on funding programs, calls for proposals, bilateral cooperation, and news updates relevant to government entities, NGOs, researchers, and the general public interested in these grants. The site is positioned as a trusted government resource with a clear focus on transparency and accessibility. From a technical perspective, the website employs modern web technologies including HTML5, CSS3, and JavaScript, with integration of Cookiebot for cookie consent management and analytics tools such as Google Analytics and Matomo. Hosting appears to be on Microsoft Azure, inferred from session cookies. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Security-wise, the site enforces HTTPS and uses a consent mechanism for cookies, reflecting compliance with privacy regulations. However, there is room for improvement in publishing explicit security policies, incident response contacts, and implementing additional security headers. No vulnerabilities or suspicious activities were detected in the analyzed content. Overall, the website exhibits a strong security posture, good technical implementation, and high business credibility as a government entity. Strategic recommendations include enhancing transparency by publishing security and privacy policies, improving security headers, and providing clear contact information for incident response and data protection inquiries.

G

G-up Delta s.r.o.

goopan.cz

47

Goopan, operated by G-up Delta s.r.o., is a well-established company specializing in the design and construction of low-energy and passive family homes primarily in the Czech Republic and Slovakia. The website presents a professional and comprehensive digital presence with detailed product catalogs, customer references, and multiple contact channels. The company emphasizes sustainable building technologies and offers both catalog and custom home solutions. Technically, the website employs modern web technologies including HTTPS, Google Tag Manager, Facebook Pixel, Smartlook, and reCAPTCHA v3, ensuring a secure and user-friendly experience. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanisms. However, the absence of WHOIS data and explicit security headers slightly reduces trustworthiness. Overall, the site is secure, professional, and trustworthy with room for improvement in security transparency and domain registration clarity.

W

World4You Internet Services GmbH

world4you.at

71

World4You Internet Services GmbH is a well-established Austrian web hosting and domain registration provider founded in 1998. The company offers a broad range of services including domain registration, web hosting, WordPress hosting, email solutions, server hosting, and website building tools. Positioned as a pioneer in the Austrian market, World4You emphasizes customer service, green energy usage, and local presence with offices in Linz and Vienna. The website reflects a professional and trustworthy business with strong customer reviews and transparent contact information. Technically, the website employs modern frameworks such as Bootstrap and integrates third-party services like Sentry for error tracking and HubSpot for marketing. It is well-optimized for mobile devices and accessibility, with fast performance and good SEO practices. The site uses HTTPS with strong SSL configuration and implements a comprehensive cookie consent mechanism, demonstrating good privacy compliance. Security posture is solid with HTTPS enforcement and no visible vulnerabilities, though explicit security headers could be improved. The absence of WHOIS registrant data is a concern, potentially indicating privacy protection or query limitations, which slightly reduces domain trustworthiness. Overall, the site presents a low-risk profile with professional operations and good security hygiene. Strategic recommendations include enhancing security headers, providing explicit incident response contacts, and clarifying WHOIS data to improve domain trust. These steps would further strengthen the company's security posture and compliance standing.

S

Société Générale

societegenerale.com

73

Société Générale is a leading European financial services group with over 150 years of history, offering retail banking, corporate and investment banking, and financial solutions. The website reflects a mature, enterprise-level digital presence with comprehensive content in French and English, targeting both retail and corporate clients. The company maintains a strong market position in the finance sector, supported by consistent branding and trust indicators such as ISO 27001 certification and GDPR compliance. Technically, the website is built on Drupal CMS and integrates modern analytics and consent management tools including Piano Analytics, Hotjar, Google Tag Manager, and Didomi. The site is mobile-optimized, accessible, and employs security best practices such as HTTPS enforcement and security headers. Performance is moderate, with room for optimization. Security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well implemented with clear cookie consent mechanisms and a comprehensive privacy policy. However, the WHOIS data is unavailable, which slightly reduces transparency but is common for large enterprises. Overall, the website is professional, secure, and trustworthy, with minor recommendations to enhance vulnerability disclosure and incident response visibility.

B

BNY

bny.com

74

BNY is a globally recognized financial services company managing over $53 trillion in assets, offering services such as asset management, wealth management, and capital markets execution. The website reflects a mature digital presence with professional design, clear navigation, and strong branding consistent with a large enterprise in the finance sector. Technically, the site leverages modern frameworks like Bootstrap and Adobe Experience Manager, integrates advanced analytics and tracking tools, and implements accessibility and cookie consent mechanisms, indicating a high level of digital maturity. Security posture is strong with HTTPS, Content Security Policy, and no visible vulnerabilities, though explicit privacy and security policies are not prominently linked, which could be improved. Overall, the site is trustworthy and professional, though the absence of WHOIS data and explicit contact details slightly reduce transparency.

E

European Banks for Ukraine

eubanksforukraine.com

64

The website 'European Banks for Ukraine' serves as a humanitarian initiative aimed at facilitating access to banking services for Ukrainian refugees arriving in the European Union. It positions itself as a collaborative effort among European banks to support financial integration for displaced persons. The site is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies. While the site presents a professional design and relevant content, it lacks critical compliance elements such as privacy and cookie policies, and no direct contact information is provided. Security-wise, the site uses HTTPS and includes some script-based security hardening, but lacks explicit security headers and incident response contacts. The domain WHOIS data is missing or unavailable, which raises concerns about registration legitimacy and transparency. Overall, the site appears functional and relevant but would benefit from enhanced compliance and transparency measures.

D

Depozitarul Central Unic

dcu.md

42

Depozitarul Central Unic is a central securities depository operating in Moldova, providing essential financial market infrastructure services such as securities registration, shareholder list management, and account statements for investors. The website positions the entity as a key player in Moldova's financial market, targeting investors, issuers, and market participants. The business model revolves around facilitating transparent and efficient securities transactions and regulatory compliance within the Moldovan financial ecosystem. Technically, the website employs standard modern web technologies including HTML5, CSS3, JavaScript, and Google Fonts. It is mobile optimized with a responsive design and good SEO practices. However, it lacks advanced security headers and explicit privacy or cookie policies, which are important for compliance and user trust. The site is served over HTTPS, ensuring encrypted communications. From a security perspective, the site demonstrates a moderate security posture with HTTPS enabled and no visible exposed sensitive data or vulnerable scripts. However, the absence of security headers, privacy policies, and incident response contacts indicates room for improvement in security maturity and compliance. No WAF or blocking mechanisms were detected, and the site is fully accessible. Overall, the website is professional and trustworthy, with a clear focus on financial market services in Moldova. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, publishing vulnerability disclosure information, and enhancing accessibility features to improve compliance and security posture.

L

LuxCSD S.A.

luxcsd.com

66

LuxCSD S.A. operates as a licensed central securities depository under the Central Securities Depositories Regulation (CSDR), providing issuer and investor services primarily in fixed income and equity securities. The company offers custody, settlement, and asset servicing solutions, targeting custodian banks, issuers, and distributors. Affiliated with the Deutsche Börse Group, LuxCSD holds a reputable market position with STEP eligibility and multi-jurisdictional issuer services. The website reflects a professional and well-structured digital presence with good content quality and navigation. Technically, the website employs modern JavaScript libraries and analytics tools such as Matomo, alongside a cookie consent management system ensuring GDPR compliance. The infrastructure appears stable and moderately optimized for performance and mobile use, though explicit security headers and detailed hosting information are not evident from the data provided. From a security perspective, the site uses HTTPS and session cookies for secure user sessions, with a cookie consent banner indicating privacy awareness. However, the absence of visible security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in transparency and security maturity. The WHOIS data is notably missing or inaccessible, which raises concerns about domain registration legitimacy despite the professional business content. Overall, LuxCSD presents a credible and professional financial services platform with solid compliance and user experience. Strategic recommendations include enhancing security header implementation, publishing explicit security and incident response policies, and verifying domain registration details to strengthen trust and reduce risk.

C

Clearstream

clearstream.com

68

Clearstream is a leading provider of post-trade infrastructure and securities and fund services, operating as part of the Deutsche Börse Group. The company serves international and domestic capital markets with a comprehensive suite of financial services including securities custody, fund services, collateral management, and digital solutions. The website reflects a mature and professional digital presence with modern technologies such as React and Next.js, and integrates analytics and cookie consent mechanisms to comply with privacy regulations. Security posture is strong with HTTPS enforcement, secure forms, and standard security headers, though explicit security policies and incident response information are not publicly detailed. Overall, Clearstream's website demonstrates a high level of professionalism, trustworthiness, and compliance suitable for its enterprise-level financial services business.

Euroclear is a globally recognized financial market infrastructure provider specializing in securities settlement, custody, collateral management, and related services. The company holds a leading market position with a comprehensive portfolio of services targeting financial institutions and market participants. Their website reflects a mature digital presence with detailed service descriptions and strong branding consistency. Technically, the site leverages modern JavaScript libraries, Adobe Experience Manager CMS, and integrates analytics and user feedback tools, indicating a well-maintained infrastructure. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and vulnerability disclosures are absent. Overall, the site demonstrates high professionalism and trustworthiness, supporting Euroclear's enterprise stature.

O

OeKB CSD GmbH

oekb-csd.at

64

OeKB CSD GmbH operates as a central securities depository providing critical infrastructure services for the Austrian capital market. The company offers a range of services including digital securities issuance, custody, settlement via the European TARGET2-Securities platform, asset servicing, and payment processing for matured securities. Positioned as a key player within the Austrian financial ecosystem and part of the OeKB Group, it targets capital market participants such as issuers and account holders. The website content is professional, well-structured, and primarily in German with English support, reflecting a medium-sized enterprise with a solid market presence. Technically, the website employs modern web technologies including JavaScript and jQuery, with responsive design elements suitable for mobile devices. While no explicit CMS or hosting provider is identified, the site demonstrates moderate performance and good SEO practices. However, some accessibility features could be improved. Security-wise, HTTPS is enforced, and no obvious vulnerabilities or exposed sensitive data are present. The absence of security headers and explicit security policies suggests room for enhancement in security posture. The WHOIS data is unavailable due to NIC.AT registry restrictions, limiting domain registration transparency. Despite this, the website and business information appear consistent and trustworthy. No blocking or WAF mechanisms were detected, allowing full content access. Privacy compliance is supported by a comprehensive privacy policy and GDPR adherence, though cookie consent mechanisms are lacking. Overall, the site reflects a professional financial services provider with a solid digital presence but could benefit from improved security headers, cookie consent implementation, and enhanced transparency regarding incident response and vulnerability disclosure.

Česká zima is a Czech Republic-based online catalog specializing in winter accommodation and skiing in the Czech mountains. Established in 2008, it offers a platform for property owners to list apartments, chalets, and hotels with direct contact information, targeting winter tourists and skiers. The website provides additional services such as snow condition reports, ski lift information, and live webcams, positioning itself as a niche resource for winter tourism in the region. Technically, the site uses basic HTML, CSS, and JavaScript with Google AdSense for monetization. The hosting is managed by Wedos, a Czech provider, and the domain is long-standing and consistent with the business focus. Security posture is moderate with HTTPS enabled but lacking important security headers and privacy compliance mechanisms. No privacy or cookie policies were found, indicating compliance gaps. Overall, the site is functional and relevant but would benefit from improved security and privacy practices.

I

Počasí - předpověď počasí, aktuální informace | In-počasí

in-pocasi.eu

45

The website www.in-pocasi.cz is a Czech language weather forecasting portal providing detailed meteorological information including current weather, radar maps, numerical models, and weather news. It targets the general public interested in weather updates primarily in the Czech Republic. The business model appears to be advertising-supported, leveraging multiple ad networks and tracking services integrated with a consent management platform to comply with privacy regulations. Technically, the site uses modern web technologies such as SVG for interactive maps, JavaScript libraries for UI and analytics, and is served over HTTPS ensuring secure communication. The site is mobile optimized and accessible with good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers are not clearly visible in the provided data. The absence of WHOIS registration data is a notable gap, reducing domain trustworthiness, but the website content and technology usage suggest a legitimate media service. Privacy compliance is partially met with cookie consent but lacks a clearly identified privacy policy page. Overall, the site is professional and trustworthy for its intended purpose.

D

Debant s.r.o.

tuzemsko.cz

51

Dovolenavcr.cz is an online travel and accommodation platform focused on the Czech Republic, operated by Debant s.r.o. The website offers a comprehensive listing of lodging options across various Czech regions, including last minute deals and hotel bookings. It targets tourists and travelers seeking accommodation within the Czech Republic, providing regional travel information and special offers. The business model appears to be based on advertising and paid listings from accommodation providers. Technically, the site uses standard web technologies including HTML, CSS, JavaScript, Google Fonts, Google Analytics, and Google Adsense. While the site is accessible and functional, it shows signs of basic mobile optimization and lacks advanced security headers. The security posture is adequate with HTTPS enabled and a cookie consent mechanism in place, indicating GDPR compliance. However, the absence of WHOIS data for the domain reduces trust slightly, though the website content and business information appear consistent and legitimate. Overall, the site serves as a niche regional travel portal with moderate digital maturity and a stable security baseline.

B

Bělehrad Srbsko - ubytování, zajímavosti, doprava - Belgrade Serbia

belehrad.cz

45

The website belehrad.cz is a Czech language travel information portal focused on Belgrade, Serbia, providing details on accommodation, attractions, transportation, and travel tickets. It targets tourists and travelers interested in visiting Belgrade and offers monetization primarily through advertising and affiliate links. The site has been operational since 2007, indicating a stable presence in its niche market. Technically, the site uses standard HTML and JavaScript with Google Fonts, Adsense, and Analytics integrations, hosted on HostMonster. Mobile optimization and accessibility are basic but functional. Security posture is moderate with no detected security headers and no explicit privacy or terms of service pages, though a consent management platform is implemented for GDPR compliance. The domain WHOIS data is consistent with the website's claims and age, supporting legitimacy. Overall, the site is functional and informative but could improve in security and compliance documentation.

BodyFit.cz is a Czech informational website focused on promoting a healthy lifestyle through articles and a planned directory of fitness and wellness-related businesses. The site targets a general audience interested in fitness, relaxation, and body care within the Czech Republic. The business model appears to be content-driven with revenue generated primarily through advertising, notably Google Adsense. The website has been active since 2007, indicating a longstanding presence in its niche market. Technically, the site uses basic HTML, CSS, JavaScript, and jQuery, with Google Adsense scripts for monetization. The site is hosted under the REG-WEDOS registrar, with HTTPS enabled but lacking advanced security headers or modern CMS frameworks. Security posture is basic, with no visible security policies, incident response contacts, or vulnerability disclosures. Privacy compliance is minimal, with no privacy or cookie policies detected, which is a significant compliance gap given GDPR requirements. Overall, the site is functional but would benefit from modernization and improved security and privacy practices.

Rytíři nebes operates as a small online travel agency specializing in affordable flight tickets primarily targeting Czech and European customers. The website offers online reservation services and information about various airlines and ticket sellers, focusing on popular destinations such as Paris, London, New York, and others. The business model relies heavily on affiliate marketing and Google Adsense advertising. Technically, the website uses basic HTML, CSS, and JavaScript with embedded third-party affiliate widgets and ads. Hosting is provided by HostMonster, and the domain is well-established since 2007, supporting business legitimacy. However, the site lacks modern security practices, including HTTPS verification, security headers, and privacy compliance mechanisms. No contact information or privacy policies are provided, which may impact user trust and regulatory compliance.

M

my coffee story

mycoffeestory.cz

53

My Coffee Story is a small local café business based in Prague, Czech Republic, specializing in freshly prepared coffee, breakfasts, homemade desserts, and community events. The website reflects a modest but well-structured digital presence with clear information about their offerings and contact details. The business targets local customers and coffee enthusiasts, positioning itself as a neighborhood café with a cozy atmosphere and event hosting capabilities. Technically, the website is a simple static site using basic HTML, CSS, and JavaScript with Google Fonts integration, hosted on a Czech hosting provider. The site is mobile-optimized and provides a good user experience but lacks advanced technical frameworks or CMS platforms. Security posture is weak due to missing HTTPS verification, absence of security headers, and lack of privacy and cookie policies, which are critical for GDPR compliance. No forms or analytics scripts are present, reducing data collection risks but also limiting business intelligence capabilities. Overall, the website is functional and trustworthy for its business type but requires improvements in security and compliance to enhance trust and protect user data.

M

Městská část Praha 2

praha2.cz

57

Městská část Praha 2 operates as the official local government authority for the Prague 2 district in the Czech Republic. The website serves as a comprehensive portal for residents and visitors, providing access to municipal services, news, events, and community projects. It maintains a strong market position as a trusted government entity with a focus on public service and community engagement. The site targets local citizens and stakeholders interested in district governance and cultural activities. Technically, the website employs a modern yet straightforward technology stack including HTML5, CSS3, JavaScript, and Google Fonts, managed via the Vismo CMS platform. It demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Hosting and domain registration align with Czech providers, ensuring regional compliance and reliability. From a security perspective, the site uses HTTPS and secure form handling but lacks advanced security headers and explicit incident response contacts. Privacy compliance is addressed with clear privacy and cookie policies, though no active cookie consent mechanism is present. No vulnerabilities or suspicious activities were detected, indicating a solid security posture appropriate for a government website. Overall, the website is professional, trustworthy, and well-maintained, with minor areas for improvement in security headers and incident response transparency. The risk level is low, and the site effectively supports its public service mission.

T

TANZANIA PARK

tanzania-park.cz

52

TANZANIA PARK is a small-scale children's entertainment center located in Prague, Czech Republic, offering a variety of indoor attractions and birthday party services. The website presents a professional and family-friendly image with clear information about its services and events. The technical infrastructure is based on Webnode CMS, leveraging AWS Cloudfront CDN and Google Analytics for performance and tracking. While the site uses HTTPS and has a valid SSL certificate, it lacks some security headers and a cookie consent mechanism, which are areas for improvement. The absence of WHOIS data limits full domain legitimacy verification but does not detract significantly from the business's apparent authenticity. Overall, the website is well-structured, visually appealing, and targets families with children effectively.

Půjčovna lodiček Slovanka is a small, local boat rental service operating in the historic center of Prague, Czech Republic. The business offers a variety of boats and pedal boats for rent, catering to tourists, families, couples, and business meetings. The website provides detailed descriptions of services and highlights scenic views of Prague landmarks from the Vltava river. The company has an established online presence since 2011 and maintains social media profiles on Facebook and Instagram. Technically, the website uses basic HTML, CSS, and JavaScript with an older jQuery version and Lightbox for image galleries. There is no evidence of a modern CMS or advanced frameworks. The site lacks HTTPS enforcement information and security headers, which indicates potential security weaknesses. The website is moderately optimized for performance and mobile devices but lacks accessibility and SEO best practices. From a security perspective, the site does not provide privacy or cookie policies, nor does it have an incident response or vulnerability disclosure mechanism. The WHOIS data is consistent and trustworthy, showing a domain age appropriate for the business history. However, the presence of hidden spammy links and suspicious hidden text unrelated to the business raises concerns about site integrity. Overall, the website is functional and provides relevant business information but requires improvements in security, privacy compliance, and technical modernization to enhance trust and user experience.

A

Arval BNP Paribas Group

arval.cz

69

Arval.cz is a professional website representing Arval BNP Paribas Group's vehicle leasing services in the Czech Republic. The company specializes in full-service operational leasing solutions for individuals, entrepreneurs, and companies, offering new and used vehicles with flexible leasing terms. The website is well-structured, mobile-optimized, and uses modern technologies such as Drupal 10, Google Tag Manager, and OneTrust for cookie consent, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly visible. The absence of WHOIS data limits domain trust analysis, but the site’s branding and content strongly indicate legitimacy and affiliation with BNP Paribas Group.

C

CCS

ccs.cz

75

CCS operates as a prominent provider of fuel card and fleet management services primarily targeting businesses managing vehicle fleets in the Czech Republic and Slovakia. The company offers a comprehensive network of over 2,800 stations, enabling efficient fuel and charging solutions alongside vehicle monitoring. Their market position is strong within the regional energy and transportation sectors, supported by a professional and content-rich website presented in Czech. Technically, the website employs modern web technologies including Cookiebot for consent management, Google Fonts, and Typekit, and is built on the MerlinCMS platform. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enforced and a detailed cookie consent mechanism, but lacks visible advanced security headers and explicit incident response information. The absence of WHOIS data limits domain trust analysis, though the website's compliance with GDPR and use of recognized third-party services indicate legitimacy. Overall, CCS demonstrates a mature digital presence with room for improvement in security transparency and contact information availability.

M

město Písek / Městský úřad Písek

mesto-pisek.cz

46

The website mesto-pisek.cz serves as the official digital presence of the city of Písek, Czech Republic. It provides comprehensive municipal information, including news, e-services, public documents, and contact details for residents and visitors. The site is well-structured and regularly updated, reflecting its role as a trusted government resource. The target audience primarily includes local citizens and stakeholders interested in city governance and services. The business model is public sector focused, delivering essential government services and information online. Technically, the website employs a modern but straightforward technology stack centered around HTML5, CSS3, JavaScript, and the Vismo CMS platform. It integrates Google Analytics for visitor insights and Google reCAPTCHA for form security. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. Hosting details are not explicitly stated, but the domain and name servers suggest stable and consistent infrastructure. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to mitigate spam. It implements a cookie consent mechanism compliant with GDPR, allowing users to manage preferences. However, it lacks a publicly available security policy or incident response contacts, which could enhance transparency and preparedness. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data confirms the domain's legitimacy and long-standing registration, consistent with an official municipal website. Overall, the website demonstrates a solid security posture and good privacy compliance, with a professional and trustworthy presentation. Strategic improvements could include publishing formal security policies and incident response information to further strengthen user trust and compliance posture.

J

Jaroslav Šimek

jardasimek.cz

53

Jarda Simek is a professional UX/UI and 3D designer based in the Czech Republic, operating primarily as an independent or freelance creative. The website serves as a portfolio showcasing a variety of projects including brand design, product design, architectural visualization, mobile app design, and cinematic intros. The business targets digital creatives and clients seeking specialized design services, positioning itself as a niche personal brand with a focus on quality and creativity. The domain age and WHOIS data align well with the business history, indicating a stable and legitimate presence since 2018. Technically, the website employs modern frontend technologies such as Alpine.js and the model-viewer web component for 3D content, along with Google Fonts for typography. The site is hosted likely by Wedos, a Czech hosting provider, and demonstrates good mobile optimization and user experience. However, the site lacks advanced SEO and accessibility features, and no CMS or analytics tools are detected. From a security perspective, the site uses HTTPS but lacks explicit security headers and does not provide privacy or cookie policies, which are important for GDPR compliance. No forms or data collection mechanisms are present, reducing exposure to input-based vulnerabilities. The absence of incident response or vulnerability disclosure information suggests room for improvement in security maturity. Overall, the website is a well-designed, professional portfolio with moderate technical sophistication and business credibility. Key recommendations include implementing privacy and cookie policies, adding security headers, and enhancing compliance and security posture to build greater trust and meet regulatory requirements.

G

Givt

givt.cz

52

Givt.cz is a Czech non-profit platform established in 2015 that enables users to support over 3000 charitable organizations through their regular online shopping without paying extra. The platform integrates with numerous e-shops, displaying the percentage of purchase value donated to the selected charity. The website is professionally designed with good navigation and mobile optimization, reflecting a mature digital presence. Technically, it employs modern web technologies including Google Tag Manager and Analytics, with secure HTTPS hosting by REG-WEDOS. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response policies are not explicitly published. Privacy compliance is strong, with a comprehensive privacy policy and GDPR-aligned cookie consent. Overall, the site is trustworthy and well-positioned in the non-profit e-commerce donation sector.

D

Digital Solutions s.r.o.

digitalsolutions.cz

54

Digital Solutions s.r.o. is a Czech Republic-based company specializing in custom software development, including information systems, web, and mobile applications. Established in 2003, the company targets businesses seeking tailored software solutions, emphasizing rapid delivery even for large projects. The website reflects a professional and consistent brand presence with a clear focus on technology services. Technically, the site employs modern frameworks such as Nuxt.js and Vue.js, hosted on a Czech hosting provider, and uses Craft CMS as its content management system. Performance and mobile optimization are good, though accessibility is basic. Security-wise, HTTPS is enforced, and cookie consent is managed via Cookiebot, but the site lacks published privacy policies, terms of service, and explicit security policies, which are areas for improvement. Tracking technologies include Piwik PRO and Google Tag Manager, indicating moderate user tracking with basic privacy compliance. The domain WHOIS data is consistent with the business claims, showing a long-standing registration since 2003, enhancing trustworthiness. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

F

FOAMGLAS®

foamglas.nl

75

FOAMGLAS® is a company specializing in cellular glass thermal insulation products, targeting construction professionals and building owners seeking long-term, efficient insulation solutions. The website presents a professional image with consistent branding and multilingual support, indicating an international market presence. The technical infrastructure includes modern web technologies such as Bootstrap CSS, Google Tag Manager, Google Ads, and Visual Website Optimizer for marketing and analytics purposes. The site is mobile-optimized and provides a cookie consent mechanism, reflecting attention to privacy compliance. Security posture is moderate with HTTPS implied but lacking visible advanced security headers or explicit security policies. WHOIS data is unavailable, which slightly reduces trust but does not negate the professional presentation. Overall, the site is functional, secure enough for its purpose, and compliant with basic privacy regulations.

P

Promat

promat.nl

64

Promat is a specialized provider of passive fire protection solutions tailored for the construction industry, offering products such as fire-resistant boards, spray mortars, paints, and fire sealing systems. The company operates under the Etex Industry division, indicating a large-scale manufacturing and industrial presence. The website is professionally designed with good content quality, targeting construction professionals and businesses seeking fire safety solutions. Technically, the site uses modern technologies including Azure Application Insights, HubSpot, Google Tag Manager, and OneTrust for cookie consent, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. The lack of WHOIS data for the domain raises some concerns about domain registration transparency, but the website's branding and content suggest legitimacy. Overall, the site is a credible business platform with room for improvement in privacy and security disclosures.

I

ISOPARTNER Nederland

isopartner.nl

69

ISOPARTNER Nederland is a specialized distributor and producer of innovative technical insulation solutions, serving professional clients primarily in the manufacturing, construction, and energy sectors within the Netherlands. The company operates under the parent group IPCOM-Groep and offers a comprehensive range of services including custom and standard insulation products, professional advice, and logistics support. The website is well-structured, professionally designed, and provides clear navigation and multilingual support, reflecting a mature digital presence. Technically, the site is built on Drupal 10 with modern integrations such as Google Tag Manager, Usercentrics CMP for cookie consent, and Google reCAPTCHA for form security. Security posture is solid with HTTPS enforced and anti-bot measures, though explicit security headers and incident response policies are absent. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR. Overall, the website projects high business credibility and trustworthiness.

S

Swisspearl

swisspearl.com

61

Swisspearl is a Swiss-based manufacturer specializing in premium fiber cement products for building facades, roofs, interior cladding, and garden elements. The company positions itself as a leader in sustainable and innovative building materials with a heritage of over 100 years. Their website targets architects, designers, and contractors, offering detailed product information, consultation services, and sample ordering. The site is professionally designed, multilingual, and optimized for modern devices, reflecting a mature digital presence. Technically, the website employs multiple third-party marketing and analytics tools, including Google Tag Manager, Usercentrics for consent management, and visitor tracking services like TruConversion and RevealID. While HTTPS is used, explicit security headers and privacy policies are not clearly present in the provided content, indicating room for improvement in security posture and privacy compliance. The WHOIS data is unavailable or inconsistent, which raises some concerns about domain transparency but does not directly contradict the professional nature of the website. Overall, Swisspearl's digital infrastructure supports its business goals effectively but would benefit from enhanced privacy disclosures and security best practices.

J

James Hardie Europe GmbH

fermacell.nl

65

The website www.fermacell.nl represents James Hardie Europe GmbH's Fermacell brand, specializing in manufacturing and supplying innovative construction materials such as cement-bonded panels, gypsum fiber boards, and floor heating systems. The site targets construction professionals and dealers, providing product information, technical downloads, and configurator tools. The business is positioned as a large, established player in the European manufacturing sector with a focus on sustainability and innovation. Technically, the site runs on ASP.NET with Kentico CMS, integrates OneTrust for cookie consent, and uses Google Tag Manager for analytics. The design is professional, mobile-optimized, and offers clear navigation. Security posture is good with HTTPS and cookie consent but lacks explicit published security policies or incident response contacts. Privacy compliance is partial, with cookie consent but no visible privacy or terms of service pages. Overall, the site is trustworthy and business credible but could improve transparency on privacy and security policies.

T

Truhlíky Herink

truhlikyherink.cz

52

Truhlíky Herink is a small Czech e-commerce business specializing in handcrafted wooden raised garden beds and planters. The company emphasizes quality craftsmanship and offers customizable products primarily targeting gardening enthusiasts and homeowners with balconies or gardens. Their market position is that of a specialized local retailer with a focus on durable, aesthetically pleasing wooden garden products. Technically, the website is built on the Upgates e-commerce platform, utilizing modern web technologies such as Bootstrap, jQuery, and Google Analytics 4. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms with granular user control, but lacks some security headers and published security policies. The absence of WHOIS data for the domain is a notable concern, reducing trustworthiness from a domain registration perspective. Overall, the website is safe, professional, and functional, but would benefit from enhanced security practices and domain registration transparency.

D

digital mediate s.r.o.

digitalmediate.cz

36

digital mediate s.r.o. is a small Czech Republic-based digital innovation collective specializing in consulting, branding, product design, software engineering, and marketing services. The company emphasizes multidisciplinary collaboration among managers, entrepreneurs, creators, and engineers to deliver innovative digital solutions that positively impact business and culture. Their market position is niche, targeting startups and businesses seeking growth and digital transformation. The website reflects a professional and consistent brand image with clear contact and company registration information, supporting business credibility. Technically, the website uses modern web standards including HTML5, CSS3, and JavaScript with jQuery and Google Fonts. The site is mobile optimized and has good SEO fundamentals but lacks advanced frameworks or CMS indications. Performance is moderate, and accessibility is basic. No analytics or tracking scripts were detected, indicating minimal user tracking and privacy risk. Security posture is moderate with HTTPS implied but no explicit security headers detected. The absence of privacy, cookie, and terms policies is a compliance gap. No vulnerability disclosure or incident response information is provided. WHOIS data is missing, which reduces trustworthiness and suggests the need for further verification of domain registration status. Overall, the website is professional and safe but would benefit from enhanced security practices, privacy compliance, and transparency regarding domain registration to improve trust and reduce risk.

R

RealGeek.cz - ten největší e-shop s merchem influencerů v ČR a SR - RealGeek.cz

realgeek.cz

59

RealGeek.cz operates as the largest e-commerce platform specializing in merchandise for influencers, particularly targeting Czech and Slovak YouTubers and streamers. The website offers a variety of products such as t-shirts, hoodies, and caps, with a focus on fast delivery and customer incentives like free gifts. The platform demonstrates a moderate level of digital maturity, utilizing modern tracking and marketing technologies including Google Analytics, Facebook Pixel, and Smartlook, supported by a CDN infrastructure via Amazon Cloudfront. The site is built on PrestaShop, a popular e-commerce CMS, and shows good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in implementing security headers and publishing explicit security policies. The absence of WHOIS data reduces domain trustworthiness, but the website content and operational indicators suggest a legitimate business. Overall, the site presents a professional and user-friendly experience with moderate risk factors primarily related to domain registration transparency.

T

TEMPO, obchodní družstvo

odtempo.cz

50

TEMPO, obchodní družstvo is a Czech retail cooperative operating 86 stores and a logistics center supplying daily necessities. The company collaborates with partners such as COOP and CBA and holds recognized certifications like 'Tradiční český obchod', indicating a strong regional market presence and commitment to quality. The website supports automated 24/7 store operations and offers online shopping via Foodora, complemented by a mobile app for customer convenience. Technically, the site is built on the Webnode CMS platform, leveraging AWS Cloudfront CDN and modern JavaScript libraries, providing moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, though improvements in security headers and explicit policies could enhance protection. Overall, the domain registration aligns with the business identity, and no blocking or suspicious content is detected, reflecting a trustworthy and professional online presence.

O

OptimWeb s.r.o.

optimweb.cz

66

OptimWeb s.r.o. is a Czech-based company specializing in the creation of modern, responsive websites and custom e-shops tailored to client needs. Their market position is that of a specialized provider offering cloud-hosted, scalable web solutions primarily targeting businesses, entrepreneurs, e-commerce projects, agencies, and specialists. The company emphasizes long-term partnerships, security features such as HTTPS and DNSSEC, and a user-friendly approach to technical solutions. Technically, the website leverages modern technologies including Bootstrap, Google Tag Manager, Hotjar, and is hosted on Amazon Web Services, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and multi-factor authentication mentioned, though explicit security headers and incident response policies are not publicly documented. Privacy compliance is strong with comprehensive privacy and cookie policies and user consent mechanisms. The absence of WHOIS data is a notable gap affecting domain transparency and trust, but the professional website content and client testimonials support the company's legitimacy. Overall, the website scores well on content quality, technical implementation, and privacy compliance, with room for improvement in security best practices and domain registration transparency.

E

Exvalos spol. s r. o.

exvalos.cz

55

Exvalos spol. s r. o. is a Czech Republic based small manufacturing business specializing in the distribution and supply of industrial components such as bearings, hose clamps, linear technology, adhesives, lubricants, and related products. The company maintains partnerships with major industry brands including SKF, NSK, and Schaeffler, positioning itself as a reliable B2B supplier in the manufacturing sector. Their website reflects a professional and consistent brand image with a comprehensive product catalog and clear contact information. Technically, the website employs modern web technologies including Google Fonts, FontAwesome, and Google Analytics, with a responsive design optimized for mobile devices. While the site uses HTTPS and implements cookie consent mechanisms indicating GDPR compliance, it lacks some advanced security headers and explicit security policies, suggesting room for improvement in security posture. From a security perspective, the site shows good practices such as HTTPS enforcement and no visible exposure of sensitive data. However, the absence of WHOIS data raises concerns about domain registration legitimacy, which could impact trust. No critical vulnerabilities or malware indicators were found, but the site would benefit from enhanced security headers and a published vulnerability disclosure policy. Overall, the website is safe, professional, and well-structured, serving its target industrial audience effectively. Strategic recommendations include improving security headers, publishing detailed security and incident response policies, and verifying domain registration details to enhance trust and compliance.

B

BPA sport marketing a.s.

bpa.cz

45

BPA sport marketing a.s. is a well-established Czech marketing agency specializing in sports marketing, sponsorship, and advertising, particularly focused on ice hockey. Operating since 1993, the company holds exclusive marketing partnerships with major Czech hockey leagues such as the Tipsport extraliga and Maxa liga. Their services include marketing, media presentation, event realization, and online projects, targeting sports organizations, fans, and advertisers within the Czech Republic. The website reflects a professional and consistent brand image with clear business information and active engagement in sports marketing projects. Technically, the website employs modern web technologies including Google Fonts, Google reCAPTCHA, and Google Translate for multilingual support. It is built on the Webnia CMS platform and uses HTTPS with valid SSL certificates, ensuring secure communication. The site is mobile-optimized and provides a cookie consent mechanism compliant with GDPR requirements. However, some security best practices such as security headers and explicit security policies are missing. From a security perspective, the site demonstrates a good posture with HTTPS enforcement and bot protection via reCAPTCHA. The absence of WHOIS data for the domain is a notable concern, reducing trustworthiness and suggesting the need for further domain registration verification. No critical vulnerabilities or malicious content were detected. Privacy policies and cookie management are implemented appropriately, supporting compliance with data protection regulations. Overall, BPA sport marketing a.s. presents a credible and professional online presence with solid business and technical foundations. To enhance trust and security, it is recommended to address the missing WHOIS transparency, implement security headers, and publish clear security and incident response policies.