Security Directory

P

Petr Sýkora

sykora.design

50

The website sykora.design represents a freelance graphic designer named Petr Sýkora, specializing in brand identity, UX, web and application design, and data visualization. The business operates as a small independent freelance service provider targeting startups and established companies. The site is hosted on Websupport.cz and built using Adobe Portfolio with custom theming and Typekit fonts. The technical infrastructure is modern and mobile-optimized but lacks advanced CMS or analytics integrations. Security posture is basic with HTTPS enabled but missing DNSSEC and security headers. Privacy and cookie policies are absent, and no direct contact information is provided on the site, which limits compliance and user trust. Social media presence is established via LinkedIn, Instagram, and Pinterest. Overall, the site is professional and functional but could improve in compliance and security transparency.

M

Metropolitní Kapitula u svatého Víta v Praze

zamekspaleneporici.cz

50

Zámek Spálené Poříčí is a hospitality and cultural heritage business offering accommodation, event hosting, and tourism services in a historic castle located in the Czech Republic. The website presents a professional and well-structured digital presence with clear information targeting tourists, school groups, and corporate clients. The technical infrastructure is modern, leveraging HTTPS, Google Fonts, and a specialized CMS platform (solidpixels). Security posture is generally good with HTTPS enforced, but lacks advanced security headers and visible privacy compliance mechanisms. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact details support legitimacy. Overall, the site is safe, user-friendly, and professionally maintained but would benefit from enhanced privacy and security disclosures.

C

Cornerstone OnDemand Foundation

cornerstoneondemand.org

58

The Cornerstone OnDemand Foundation website presents a nonprofit organization focused on building capacity for other nonprofits by providing free skill development opportunities to employees, volunteers, and communities. The site is built on the Wix platform, leveraging standard Wix technologies and scripts, indicating a moderate level of digital maturity. The content is professionally presented with a clear mission but lacks comprehensive privacy, cookie, and security policies, which are critical for trust and compliance. Security posture is basic with no evident security headers or incident response information, and WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust. Overall, the site is functional and serves its nonprofit educational purpose but would benefit from enhanced security and compliance transparency.

24/7 media s.r.o. is a small Czech Republic based company specializing in media representation, media buying, consulting, and wedding agency services including domestic and international weddings as well as airline ticket sales. The company has been established since 2006, indicating a stable presence in its niche market. The website content is minimal but provides essential contact information and links to related partner services. Technically, the website is built with basic HTML, CSS, and JavaScript without modern frameworks or CMS, and lacks mobile optimization and accessibility features. Security posture is weak due to absence of HTTPS enforcement and security headers, and no privacy or cookie policies are present, indicating compliance gaps. Overall, the site is functional but requires modernization and improved security and privacy practices to enhance trust and compliance.

M

mojevideo.sk

mojevideo.sk

58

Mojevideo.sk is a Slovak online video sharing and entertainment platform that offers a wide range of user-generated and curated videos, focusing on humor and general entertainment. The site features daily new content, user uploads, and categorized browsing, targeting a broad audience interested in video entertainment. It maintains a strong presence in the Slovak media market with a medium-sized operation and a business model primarily supported by advertising revenue. Technically, the website employs modern web technologies including JavaScript, lazy loading, and header bidding for ads, ensuring a good user experience with moderate performance and mobile optimization. Security-wise, the site enforces HTTPS and uses a consent management platform to comply with GDPR, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site is trustworthy, professionally maintained, and compliant with privacy regulations, though it lacks explicit security policies and incident response information.

A

AkčnéLetáky.sk

akcneletaky.sk

35

AkcneLetaky.sk is a Slovak online platform specializing in aggregating promotional leaflets and discount offers from a wide range of retail chains including hypermarkets, supermarkets, and specialty stores. The website serves consumers in Slovakia by providing a centralized location to find current sales and discounts, helping users save money on their purchases. The platform features categorized navigation, search functionality, and links to numerous partner retail domains, indicating a well-structured business model focused on retail marketing and consumer savings. Technically, the website employs standard web technologies such as HTML5, CSS, and JavaScript, and integrates Google services including Google Analytics and Adsense for analytics and monetization. The site is served over HTTPS, ensuring encrypted communication, and demonstrates moderate performance and good mobile optimization. However, it lacks visible security headers and does not provide privacy or cookie policies, which are important for compliance and user trust. From a security perspective, the site shows a basic security posture with HTTPS enabled and no visible vulnerabilities or exposed sensitive data. The absence of security headers and formal privacy and cookie policies represents areas for improvement. No incident response or vulnerability disclosure information is provided, which could be a gap in security readiness. The website does not appear to be blocked by any WAF or security challenge, and no adult or explicit content is present, making it safe for general audiences. Overall, AkcneLetaky.sk is a legitimate and established retail aggregator platform with good content quality and business credibility. To enhance its security and compliance posture, the site should implement privacy and cookie policies, add security headers, and provide clear contact information for security incidents. These improvements would increase user trust and align the platform with best practices in web security and privacy.

E

Eduhracky.sk

eduhracky.sk

62

Eduhracky.sk is a Slovakian e-commerce business specializing in the sale of wooden toys for children. The website offers a variety of hand-painted, ecological wooden toys targeting parents and children, positioning itself in a niche market with a focus on quality and eco-friendliness. The business has been established since 2011, supported by consistent domain registration data. Technically, the website is built on the Shopify platform using the Debut theme, leveraging modern web technologies such as lazy loading, hCaptcha for form protection, and Google Fonts. Performance and mobile optimization are good, providing a positive user experience. Security posture is solid with HTTPS enforced and some security best practices observed, though there is room for improvement in implementing additional security headers and publishing clear privacy and cookie policies. No contact emails or phone numbers were found in the provided content, which could affect customer trust and compliance. Overall, the website is professional, safe for general audiences, and legitimate, but could enhance privacy compliance and transparency.

S

ScoresinLive.com

scoresinlive.com

60

ScoresinLive.com operates as a niche media website providing live sports scores and results across multiple sports, with a strong focus on soccer. The site aggregates data from various sources to deliver fast and detailed live scores for global sports leagues and competitions. Its target audience primarily consists of sports enthusiasts seeking real-time updates. The business model appears to be advertising-supported, leveraging multiple ad networks and tracking technologies to monetize traffic. Technically, the website employs a modern JavaScript stack including Prebid.js for header bidding, Google Tag Manager, and various ad network integrations. The site is mobile-optimized with responsive design and uses HTTPS for secure connections. However, it lacks advanced security headers and visible CMS or hosting provider information, indicating potential areas for technical improvement. From a security perspective, the site demonstrates basic compliance with privacy regulations through a consent management platform and anonymized analytics tracking. Nonetheless, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. No explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are published, which limits transparency and security maturity. Overall, ScoresinLive.com is a functional and content-rich sports media site with moderate technical and privacy compliance maturity. The primary risks relate to domain registration opacity and limited security policy disclosures. Strategic improvements in security posture and business transparency would enhance trust and resilience.

A

Astro-Seek.com

astro-seek.com

72

Astro-Seek.com is a specialized online platform offering free astrology charts, horoscopes, and a wide range of astrology-related tools and calculators. The site targets a general audience interested in astrology and provides advanced features such as transit charts, compatibility calculators, and predictive astrology tools. The business model is primarily free access with optional user registration for personalized services. The website demonstrates consistent branding and good content quality, positioning itself as a niche player in the online astrology market since 2016. Technically, the website uses standard web technologies including JavaScript, CSS, and HTML5, with moderate performance and basic mobile optimization. SEO practices are well implemented with comprehensive metadata and Open Graph tags. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers could be improved. Privacy compliance is supported by clear privacy and cookie policies, including GDPR considerations. The absence of WHOIS data limits full trust verification, but the website's professional presentation and extensive content suggest legitimacy. No direct contact emails or phone numbers are provided, relying instead on a contact form. Advertising is managed through Google Adsense with tracking pixels from TOPlist and WAUDIT.cz, indicating moderate user tracking. Overall, Astro-Seek.com is a well-established, content-rich astrology website with a solid technical foundation and good privacy practices, suitable for general audiences interested in astrology.

M

ModelForum

modelforum.cz

61

ModelForum.cz is a Czech language online discussion forum dedicated to modeling hobbyists, particularly those interested in plastic models. Established in 2005, it serves a niche community with features such as user registration, event calendars, and partner advertising. The site uses phpBB forum software and maintains a consistent brand presence with partner banners from relevant hobby suppliers. Technically, the site employs standard web technologies including PHP and JavaScript, with moderate performance and basic mobile optimization. Security posture is moderate, with HTTPS usage inferred but lacking advanced security headers and explicit incident response policies. Privacy and cookie policies exist but lack active consent mechanisms. Overall, the site is legitimate, stable, and trusted within its community but could benefit from enhanced security and privacy practices.

S

Sreality.cz

sreality.cz

64

Sreality.cz is the largest real estate marketplace in the Czech Republic, offering a comprehensive database of properties including apartments, houses, new developments, commercial spaces, and land plots for sale and rent. The platform is affiliated with Seznam.cz, a major Czech internet company, which enhances its market credibility and reach. The website targets individuals and businesses seeking real estate solutions within the Czech market. Technically, the site is built using modern web technologies such as React and Next.js, providing a responsive and user-friendly experience across devices. While the site enforces HTTPS and uses various third-party analytics and advertising services, explicit security headers and privacy policies were not detected in the provided HTML content, indicating areas for improvement in compliance and security transparency. The absence of WHOIS data limits domain registration trust analysis, but the professional presentation and affiliation with a reputable parent company support its legitimacy.

E

E.M.A. Europe, s. r. o.

horoskopy.cz

49

Horoskopy.cz is a Czech-language astrology and horoscope website providing daily horoscopes, Chinese horoscopes, yearly forecasts, card readings, and astrological counseling. It operates as a content portal primarily monetized through advertising, with strong affiliation to Seznam.cz, a major Czech internet company. The site targets a general audience interested in astrology and related services. Technically, the site uses modern JavaScript frameworks, integrates with Seznam.cz's advertising and consent management platforms, and employs Gemius for analytics. While the site is accessible and functional, it shows room for improvement in mobile optimization and accessibility. Security posture is adequate with HTTPS and sandboxed ad iframes, but lacks some security headers and explicit privacy policies. WHOIS data is unavailable, which slightly reduces domain transparency, but the presence of official company contact and Seznam.cz affiliation supports legitimacy. Overall, the site is a moderately mature digital property with good content quality and advertising transparency.

P

Proženy.cz

prozeny.cz

63

Prozeny.cz is a leading Czech women's online magazine offering a wide range of content including beauty, fashion, health, relationships, weight loss, children, and celebrity news. The site features multiple content sections such as horoscopes, podcasts, and recipes, targeting Czech-speaking women. The business model is primarily media publishing supported by advertising. Technically, the website employs modern JavaScript bundling, web fonts, and responsive design, indicating a mature digital infrastructure. However, the absence of WHOIS data limits domain legitimacy verification. Security posture is moderate with no visible security headers or explicit policies, and privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is accessible, safe for general audiences, and professionally designed but would benefit from enhanced security and compliance measures.

S

Stream.cz

stream.cz

58

Stream.cz is a prominent Czech online video streaming platform offering a wide range of original shows, series, and movies accessible both online and offline. It operates under the umbrella of Seznam.cz, a leading Czech internet company, which enhances its market credibility and reach. The platform targets a general audience with family-friendly content, including entertainment, news, recipes, and children's programming. Technically, the website employs modern JavaScript frameworks, integrates advanced analytics tools such as Gemius and Google Tag Manager, and maintains a fast, mobile-optimized user experience. Security-wise, the site enforces HTTPS and uses error monitoring services like Sentry, though explicit security headers and incident response policies are not publicly detailed. Privacy and cookie policies are comprehensive and GDPR-compliant, linked through Seznam.cz's legal pages. Overall, Stream.cz presents a professional, trustworthy, and well-maintained digital presence with room for improvement in transparency of security policies and WHOIS data availability.

B

Borgis

super.cz

51

Super.cz is a Czech online media portal specializing in celebrity news, entertainment stories, and related content. Operated in partnership with Seznam.cz and the publishing house Borgis, it targets a general audience interested in celebrity culture and entertainment. The website features multimedia content including photos, videos, podcasts, and quizzes, supporting an engaging user experience. Technically, the site employs modern JavaScript frameworks and asynchronous script loading to optimize performance and responsiveness. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though privacy and cookie policies are not clearly presented, which may impact compliance. The absence of WHOIS data reduces domain trust signals, but the site's professional presentation and partnerships support its legitimacy.

G

GLS

gls-group.eu

62

GLS is a well-established parcel delivery and logistics company operating across multiple countries, primarily in Europe. The website serves as a portal to regional GLS locations, offering parcel shipping services and logistics solutions. The company maintains a professional online presence with clear branding, a comprehensive privacy policy, and a cookie consent mechanism that complies with GDPR requirements. Social media engagement is evident through LinkedIn and YouTube channels, supporting brand trust and customer engagement. Technically, the website employs modern JavaScript technologies including Lottie animations for enhanced user experience and a cookie consent plugin for privacy management. The site is mobile-optimized and demonstrates good SEO practices, although explicit CMS or framework usage is not detected. Hosting appears to be managed by a reputable registrar, Deutsche Telekom AG, indicating stable infrastructure. From a security perspective, the site uses HTTPS and implements cookie consent controls, but lacks visible advanced security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of a vulnerability disclosure policy or security.txt file suggests room for improvement in transparency and security maturity. Overall, GLS's website is professional, trustworthy, and compliant with privacy regulations, suitable for its enterprise-level transportation business. Strategic enhancements in security policy publication and technical security headers would further strengthen its security posture and user trust.

Č

Česká pošta

ceskaposta.cz

68

Česká pošta is the national postal operator of the Czech Republic, providing a comprehensive range of postal, financial, and eGovernment services. The website reflects a mature and well-established organization with a broad service portfolio targeting both individual consumers and businesses. The site is professionally designed with clear navigation and multilingual support, indicating a focus on accessibility and user experience. Technically, the site is built on the Liferay CMS platform, utilizing common JavaScript libraries such as jQuery and Modernizr, and implements HTTPS with good security practices including cookie consent mechanisms and session management. However, some security headers are not explicitly detected, and no public incident response or vulnerability disclosure information is available, which could be improved to enhance transparency and security posture. Overall, the website is trustworthy and aligns with the expectations for a government-affiliated postal service, though the lack of WHOIS data limits domain registration transparency. Strategic recommendations include enhancing security header implementation, publishing incident response contacts, and adding a security.txt file to improve security maturity and stakeholder trust.

E

eMimino.cz

emimino.cz

64

eMimino.cz is a prominent Czech online community and media platform focused on pregnancy, parenting, and children. It serves as the largest community of mothers in the Czech Republic, offering discussion forums, expert advice, articles, and various interactive features such as contests and a marketplace. The platform targets parents and families seeking support and information related to pregnancy and child-rearing. Technically, the website employs a modern JavaScript stack with integrations for analytics, advertising, and consent management, reflecting a mature digital infrastructure. Security-wise, the site uses HTTPS and implements GDPR consent mechanisms, though explicit privacy and terms of service pages are not evident in the provided content. The absence of WHOIS data reduces transparency but does not negate the site's legitimacy given its active community and content richness. Overall, eMimino.cz presents a professional and trustworthy online presence with room for improvement in compliance documentation and contact transparency.

M

MAFRA, a.s.

expres.cz

62

Expres.cz is a Czech news and entertainment website operated by MAFRA, a.s., a major media company in the Czech Republic. The site offers a wide range of content including celebrity news, politics, sports, videos, and podcasts, targeting a general audience interested in current events and entertainment. The business model is primarily advertising-supported, leveraging multiple ad networks and tracking technologies to monetize content. The website is well-branded and consistent with the parent company's media portfolio.

M

Medirex

medirex.sk

63

Medirex is a Slovak healthcare company specializing in comprehensive laboratory diagnostics, offering fast and precise laboratory tests to patients and healthcare professionals. The website reflects a mature digital presence with a focus on user experience, clear navigation, and mobile optimization. The technical infrastructure leverages modern JavaScript frameworks, CDN hosting, and integrates privacy and security features such as cookie consent and reCAPTCHA. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not published. Overall, the website is trustworthy, professional, and compliant with GDPR requirements, supporting Medirex's position as a reputable healthcare diagnostics provider in Slovakia.

R

RAJAPACK

rajapack.cz

10

RAJAPACK is a leading European packaging specialist offering a wide range of packaging materials including cardboard boxes, envelopes, and bubble wrap. The company targets B2B customers such as e-shops and logistics providers, providing fast delivery and expert advice. Their market position is strong as a top packaging supplier in Europe, supported by a professional and well-branded website. Technically, the site uses modern e-commerce technologies including INTERSHOP, Algolia search, and advanced tracking tools like Dynatrace and Google Tag Manager. Security measures include HTTPS, CAPTCHA on login forms, and cookie consent management, although explicit security headers and vulnerability disclosure policies are not clearly visible. Overall, the website is well-structured, GDPR compliant, and trustworthy, though the absence of WHOIS data slightly reduces domain trustworthiness. Strategic recommendations include enhancing security header implementation, publishing a security.txt file, and improving accessibility features.

The FINAT European Label Forum website serves as a professional event platform targeting label industry professionals, primarily small to mid-sized businesses. It offers networking, educational sessions, and industry insights, positioning itself as a key European event in the manufacturing sector. The website is well-branded and content-rich, with testimonials and sponsor information enhancing credibility. Technically, the site uses modern front-end technologies including JavaScript, CSS frameworks, and Google Maps API, delivering a good user experience with mobile optimization and clear navigation. Security posture is moderate; HTTPS is implied but security headers and explicit policies are lacking. Privacy compliance is basic with presence of privacy and cookie policies but no active consent mechanisms. WHOIS data is missing or unavailable, which raises some concerns about domain registration legitimacy, though the website content and branding suggest a legitimate business event. Overall, the site scores well in content quality and business credibility but could improve in security and privacy transparency.

G

GUARANT International spol. s r.o.

fiata2025prague.cz

59

The website www.fiata2025prague.cz serves as the official platform for the FIATA REU Field Meeting 2025, an event focused on freight forwarding and logistics professionals primarily in Europe. The business behind the site is GUARANT International spol. s r.o., acting as the meeting secretariat and organizer. The site provides event information, registration details, and networking opportunities, targeting logistics industry stakeholders. The market position is that of a specialized event organizer within the transportation sector, leveraging FIATA's global network to engage regional audiences. Technically, the website is built on the Webnode CMS platform, hosted via AWS Cloudfront CDN, and employs modern web technologies including JavaScript and CSS. Google Analytics is integrated with IP anonymization to track visitor metrics. The site is mobile-optimized and provides a cookie consent mechanism compliant with GDPR principles, although no formal privacy policy or terms of service documents are present. Performance is moderate with room for improvement in SEO and accessibility. From a security perspective, the site enforces HTTPS and uses cookie consent with opt-in features. However, it lacks advanced security headers and does not publish a security policy or vulnerability disclosure. The absence of WHOIS data for the domain is a concern for domain legitimacy verification, although the website content and contact details appear professional and consistent with the business identity. Overall, the website presents a professional and functional platform for the FIATA 2025 event but would benefit from enhanced transparency in privacy and security policies, improved WHOIS data availability, and additional security hardening to strengthen trust and compliance.

O

ONDRÁŠEK INK - JET SYSTEM spol. s r.o.

ondrasek.cz

62

ONDRÁŠEK INK - JET SYSTEM spol. s r.o. is a Czech-based company specializing in comprehensive marking and automation solutions, primarily serving industrial and manufacturing sectors. Their product portfolio includes inkjet printers, thermal transfer printers, laser printers, label application systems, and collaborative robots, supported by software solutions for packaging and printing management. The company maintains a professional web presence with clear business and contact information, indicating a medium-sized enterprise with a solid regional market position. Technically, the website is built on modern frameworks such as Next.js and React, ensuring good mobile optimization and moderate performance. The site uses HTTPS with strong SSL configuration but lacks some security headers and cookie consent mechanisms, which are important for GDPR compliance. Marketing and lead generation scripts are present, indicating active customer engagement strategies. From a security perspective, the site demonstrates good practices like HTTPS enforcement and no visible sensitive data exposure. However, the absence of published security policies, incident response contacts, and cookie consent banners suggests areas for improvement in compliance and transparency. The WHOIS data is missing, which reduces domain trustworthiness from a registration standpoint but does not necessarily reflect on the business legitimacy. Overall, the website is professional and trustworthy with minor gaps in privacy compliance and security transparency. Strategic improvements in these areas would enhance the company’s digital trust and regulatory adherence.

C

Cole Townsend

twnsnd.co

67

The website www.twnsnd.co represents the personal portfolio and professional brand of Cole Townsend, a product designer and tech entrepreneur based in Boston. The site showcases his experience, selected work, and philosophy on product design and team building. The business model is centered on personal branding and service offerings in product design and entrepreneurship, targeting professionals and businesses seeking these services. The market position is niche and focused, with a clear emphasis on quality and thoughtful design. Technically, the website is built using modern web technologies including the Astro framework, JavaScript, and optimized image formats like WebP. It is hosted on Cloudflare Pages, ensuring fast performance and good mobile optimization. The site is well-structured with good SEO and accessibility features, providing an excellent user experience. From a security perspective, the site enforces HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks explicit security headers and published security policies, which could be improved. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms, which is a gap for GDPR and similar regulations. No contact information or incident response channels are provided, limiting direct communication for security or business inquiries. Overall, the website is professional, trustworthy, and safe for general audiences. The main risks relate to privacy compliance and security policy transparency. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and providing contact information for security incidents to enhance trust and compliance.

R

Rgbstock.com

rgbstock.com

56

Rgbstock.com is a free stock photo website offering over 120,000 images for personal and commercial use. It targets photographers, graphic artists, and general users seeking high-quality free images. The platform supports user uploads, enhancing its content diversity. The business model relies on advertising and affiliate partnerships, notably with Shutterstock and various ad networks. Technically, the site uses standard web technologies including Google Fonts and Adsense, with a consent management platform ensuring GDPR compliance. Security posture is moderate, with no explicit security headers detected and missing WHOIS data raising some concerns. Overall, the site is professional and trustworthy but would benefit from enhanced security practices and verified domain registration details.

L

Life of Pix

lifeofpix.com

10

Life of Pix is a niche media platform offering free high resolution photography for download and sharing, targeting photographers and general users seeking quality images. The website is well-branded and consistent, with a clear business model centered on free photo distribution and photographer engagement. The platform maintains a moderate digital maturity with a modern JavaScript framework (Vue.js) and integrates analytics and cookie consent tools to support user tracking and privacy compliance. Security posture is generally good with HTTPS enforced and cookie consent implemented, though explicit security headers are absent and no direct security policies or incident response contacts are provided. The absence of WHOIS data introduces some uncertainty regarding domain legitimacy, but the active social media presence and professional site design support trustworthiness. Overall, the site is safe for general audiences and maintains good content quality and user experience.

E

European Patent Office

epo.org

48

The European Patent Office (EPO) website serves as a comprehensive portal for patent-related services, legal information, and educational resources. It targets patent applicants, IP professionals, legal practitioners, and the general public interested in innovation and intellectual property protection in Europe. The site reflects the EPO's position as a leading governmental organization in the patent domain, offering extensive tools and information to support patent searching, application, and legal processes. Technically, the website is built on Drupal 10 with React components for specialized applications, supported by Matomo analytics for user tracking with privacy considerations. The site demonstrates modern web practices including responsive design, accessibility features, and strong SEO optimization. Performance is fast, and the site is well-structured for user navigation. From a security perspective, the site enforces HTTPS with excellent SSL configuration and implements multiple security headers. Cookie consent mechanisms and privacy policies indicate compliance with GDPR and related regulations. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable due to malformed query responses, but this is consistent with registry policies rather than suspicious activity, and the domain is legitimate for a major European governmental entity. Overall, the EPO website is a secure, professional, and authoritative resource for patent information and services, with strong privacy and compliance postures. It is recommended to maintain regular security audits, keep third-party components updated, and continue transparency in privacy practices to uphold trust and security.

B

BZ Company Internacional s.r.o.

bzcompany.cz

46

BZ Company Internacional s.r.o. is a Czech Republic-based IT service provider specializing in web development, application development, e-commerce solutions, web hosting, and online marketing services. The company positions itself as a general IT technology contractor and is a member of the VZK group, targeting primarily local businesses seeking comprehensive digital solutions. Their service offerings include responsive websites, custom e-shops, information systems, hosting, and SEO/PPC marketing campaigns. The website content is professional, well-structured, and localized in Czech, reflecting a small-sized enterprise with a clear business focus. Technically, the website employs standard web technologies such as HTML5, CSS3, JavaScript, and jQuery, with additional libraries like Slick Carousel for UI components. The site is mobile-optimized with a responsive design and includes a cookie consent mechanism compliant with GDPR. However, no advanced frameworks or CMS platforms are explicitly identified, suggesting a custom or lightweight CMS solution. Performance is moderate, and SEO practices appear adequate with proper meta tags and structured navigation. From a security perspective, the site uses HTTPS, ensuring encrypted communication. Cookie consent is implemented, but no explicit security headers (e.g., CSP, X-Frame-Options) are detected, indicating room for improvement. The absence of WHOIS data limits domain trust verification, but the presence of clear contact information and business references supports legitimacy. No signs of malware, phishing, or vulnerabilities are evident in the content. Overall, the security posture is moderate but could benefit from enhanced header policies and incident response disclosures. The overall risk assessment is low to moderate, with recommendations focusing on improving security headers, publishing detailed privacy and security policies, and enhancing WHOIS transparency. The company demonstrates a solid digital presence suitable for its market niche but should consider strengthening compliance and security practices to build greater trust and resilience.

S

SMRK studio

smrkstudio.cz

43

SMRK studio is a Czech-based innovative web design and development company specializing in WordPress-based websites and e-commerce solutions. They emphasize fresh, functional, and fast web solutions with a unique ecological branding approach, planting trees for each completed project. The company targets businesses and individuals seeking custom web solutions primarily in the Czech market. Their service portfolio includes web design, HTML and WordPress development, graphic design, web hosting, and additional digital marketing services such as SEO and PPC. Technically, the website is built on WordPress with modern web standards including HTML5, CSS3, and JavaScript. It uses Google Tag Manager for analytics and Rank Math for SEO optimization. The site is mobile-optimized, fast-loading, and well-structured with comprehensive metadata and structured data for SEO. However, no cookie consent mechanism was detected, which is a privacy compliance gap. From a security perspective, the site enforces HTTPS and uses secure forms with anti-spam measures. No major vulnerabilities or exposed sensitive data were found. Security headers are not explicitly detected, and no formal security or incident response policies are published. The lack of WHOIS data is a concern for domain legitimacy, but the website content and contact information appear professional and trustworthy. Overall, the website scores well on content quality, technical implementation, and business credibility but has room for improvement in privacy compliance and security policy transparency. The domain registration status should be verified to ensure legitimacy and trustworthiness.

M

Memodo

memodo.cz

45

Memodo is a Czech-based B2B wholesale and e-commerce company specializing in photovoltaic products and solar energy solutions. Positioned as a leading photovoltaic wholesaler in Europe, Memodo offers a wide range of products including solar panels, inverters, residential and commercial energy storage systems, energy management systems, mounting systems, charging stations, and related accessories. Their target audience primarily consists of installation companies and business partners in the renewable energy sector. The website is professionally designed with clear navigation and product categorization, supporting a seamless user experience for their business clientele. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, integrated with Google Tag Manager and Google Analytics 4 for analytics and marketing purposes. The site uses the Datamints CMS platform and includes cookie consent management, indicating a moderate level of digital maturity. Performance and mobile optimization are good, though accessibility features could be improved. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and published security policies such as privacy policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The absence of WHOIS data for the domain reduces trustworthiness and suggests a need for verification of domain registration status. Overall, Memodo presents a credible and professional online presence in the energy sector, with room for improvement in privacy compliance and security transparency. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and verifying domain registration details to strengthen trust and compliance.

D

Doucha Šikola advokáti s.r.o.

dsadvokati.cz

49

Doucha Šikola advokáti s.r.o. is a specialized law firm based in the Czech Republic focusing on energy law and commercial legal services. The firm supports projects in renewable energy and provides comprehensive legal advice in areas such as contract law, mergers and acquisitions, and intellectual property protection. Their market position is strengthened by partnerships with key industry associations and a portfolio of notable clients. Technically, the website employs modern web technologies including animation libraries and Google Tag Manager, offering a good user experience with mobile optimization and clear navigation. Security posture is moderate with cookie consent and privacy policy in place, but lacks visible security headers and explicit incident response contacts. WHOIS data is missing, which slightly reduces trust from a domain registration perspective but the professional content and client testimonials support legitimacy. Overall, the website is well-designed, content-rich, and trustworthy for its target audience.

G

GALERIE CIBULKA

galeriecibulka.cz

51

GALERIE CIBULKA is a small art gallery based in the Czech Republic, presenting exhibitions and art-related content through a website built on the Wix platform. The site targets art enthusiasts and visitors interested in gallery events and art sales. The business model focuses on promoting art exhibitions and related services locally. The website's technical infrastructure leverages Wix's Thunderbolt framework and standard JavaScript polyfills, indicating a moderate level of digital maturity. Performance and mobile optimization are adequate, but SEO and accessibility features are basic. Security posture is moderate with HTTPS enabled but lacking security headers and privacy compliance mechanisms. No WHOIS data is available, suggesting privacy protection or registration issues, which impacts trust and transparency. Overall, the site is functional but would benefit from enhanced security practices, privacy policies, and clearer contact information to improve credibility and compliance.

M

MyFonts Inc.

linotype.com

65

Linotype.com serves as a transitional informational website announcing the migration of Linotype font products to Monotype Fonts and MyFonts.com platforms. The site targets design professionals and agencies seeking font licensing solutions, emphasizing the preservation of Linotype's heritage within the Monotype ecosystem. Technically, the site employs modern web technologies including JavaScript widgets for chat and cookie consent, and integrates Google Tag Manager for analytics. The website is well-structured, mobile-optimized, and professionally designed, providing a positive user experience. Security posture is moderate; HTTPS is implied but explicit security headers are not detected, and no incident response or security policies are published. WHOIS data is missing, which is unusual and lowers domain trustworthiness, but the association with Monotype mitigates concerns. Overall, the site is credible and functional but could improve transparency and security practices.

M

MyFonts Inc.

fonts.com

64

Fonts.com currently serves as a transitional landing page informing visitors that font sales have migrated to MyFonts.com and Monotype Fonts, both operated by Monotype. The site targets designers, agencies, and organizations seeking font licensing and purchases. The business model is e-commerce and subscription-based font licensing, positioning itself as a key player in the digital typography market. The website content is professional and consistent with the brand identity of Monotype and its subsidiaries. Technically, the site employs modern web standards including HTTPS, Content Security Policy headers, and cookie consent mechanisms. It uses common marketing and analytics tools such as Google Tag Manager and Intercom. The site is mobile optimized with good SEO practices but lacks some advanced accessibility features. No CMS or hosting provider details were detected. From a security perspective, the site demonstrates good baseline security with HTTPS and CSP headers but lacks published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were found. The absence of WHOIS data for the domain is a concern but the website’s association with reputable Monotype platforms mitigates risk. Overall, the security posture is solid but could be improved with additional headers and transparency. The overall risk is moderate with no critical issues detected. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving contact information transparency to strengthen trust and compliance.

W

Webnode AG

webnode.com

72

Webnode AG operates a well-established website builder platform targeting individuals and small to medium businesses globally. The company offers a freemium SaaS model with AI-powered website creation, domain registration, e-commerce capabilities, and email hosting. Their market position is strong with over 50 million websites created, supported by a consistent brand and multilingual presence. Technically, the website leverages modern JavaScript frameworks, Google analytics and tag management, and cloud CDN hosting to deliver fast, mobile-optimized, and accessible user experiences. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security headers and incident response policies could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR, though WHOIS data is privacy protected, which is justified for this business type.

V

Vánoční lucerničky

vanocnilucernicky.cz

54

The website www.vanocnilucernicky.cz is a Czech e-commerce platform specializing in Christmas lanterns and decorations, offering a variety of handcrafted wooden and glass ornaments, LED lights, and related festive products. It targets Czech-speaking consumers interested in seasonal decorations, positioning itself as a niche retailer with a focus on Czech-made goods. The site features a professional design, clear navigation, and a comprehensive product catalog with customer reviews, enhancing user trust and engagement. Technically, the website employs a proprietary e-commerce CMS hosted on eshop-rychle.cz, utilizing modern JavaScript libraries such as Swiper.js for sliders and integrates multiple analytics and marketing tools including Matomo, Google Analytics, Facebook Pixel, and Sklik retargeting. The site is mobile-optimized with good SEO practices and basic accessibility features. Security measures include HTTPS enforcement, standard security headers, and consent management for cookies, although no explicit security policy or vulnerability disclosure mechanisms are published. From a security perspective, the site demonstrates a solid posture with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS registration data for the domain is a notable concern, reducing the trustworthiness of the domain registration. Despite this, the website content and business presentation are consistent with a legitimate small retail business. Privacy compliance is well addressed with a dedicated privacy policy and cookie consent mechanisms. Overall, the website presents a low risk with good business credibility and technical implementation. Strategic recommendations include publishing a formal security policy, adding a vulnerability disclosure page or security.txt, enhancing accessibility, and providing data protection officer contact details to improve GDPR transparency and user trust.

R

RedX International CZ s.r.o.

redx.cz

52

RedX International CZ s.r.o. operates a professional e-commerce website specializing in the manufacture and sale of high-quality quick-folding party tents, inflatable advertising tents, and related event equipment. The company positions itself as a leading European supplier with over 20 years of experience, offering a broad product range including custom printing and rental services. The website is well-designed, content-rich, and targets event organizers, businesses, and private consumers in the Czech Republic and Slovakia. Technically, the site uses modern analytics and marketing tools, including Google Analytics, Matomo, Facebook SDK, and retargeting services, with GDPR-compliant consent mechanisms. Security posture is good with HTTPS and reCAPTCHA usage, though some security headers and policies are missing. The absence of WHOIS data reduces domain trust but the professional presentation and business information support legitimacy. Overall, the site is safe, user-friendly, and professionally maintained.

S

SPEKTRE, s.r.o.

orasey.sk

56

Orasey.sk is a Slovakian e-commerce website operated by SPEKTRE, s.r.o., specializing in sophisticated hair care products including Brazilian keratin treatments, hair vitamins, and cosmetics. The company targets consumers and salons seeking quality hair care solutions, positioning itself as a niche market leader with a focus on natural beauty and hair health. The website features a professional design with clear navigation, product ratings, and customer testimonials, enhancing trust and user engagement. Technically, the site is built on the Eshop-rychlo platform, leveraging modern JavaScript libraries, Google Tag Manager, Google Analytics, Matomo, and marketing tools like Optimonk and Smartsupp chat. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security is robust with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved and no explicit security policy or incident response information is published. The security posture is solid with no detected vulnerabilities or exposed sensitive data. GDPR compliance is evident through comprehensive privacy and cookie policies with user consent options. Contact information is transparent and includes email, phone, physical address, and social media channels. The domain registration is consistent with the business identity and location, supporting legitimacy. Overall, Orasey.sk presents a trustworthy, professional, and user-friendly e-commerce platform with good privacy and security practices. Strategic improvements in security headers and incident response transparency would further enhance its security maturity and customer confidence.

P

panskystyl.cz | e-shop pro muže. Pánské oblečení a doplňky.

panskystyl.cz

55

The website panskystyl.cz is a Czech Republic based e-commerce platform specializing in men's clothing and accessories. It offers a variety of products including shirts, jackets, underwear, and jewelry targeted primarily at male customers seeking stylish and affordable fashion. The site is built on the eshop-rychle.cz platform and integrates multiple marketing and analytics tools such as Google Analytics, Matomo, and Glami tracking. The business model is retail-focused with clear product listings, pricing, and stock availability. Contact information including a phone number with business hours is prominently displayed, enhancing customer trust. Technically, the website uses HTTPS with a good SSL configuration and modern JavaScript libraries. The site is mobile optimized and provides a good user experience with clear navigation and product categorization. However, some security headers are missing, and there is no visible cookie consent mechanism, which may pose compliance risks under GDPR. The WHOIS data for the domain is unavailable, likely due to privacy protection, which is common for small businesses but reduces transparency. From a security perspective, the site follows basic best practices such as secure login forms and no exposed sensitive data. The absence of a security.txt file or explicit vulnerability disclosure policy suggests room for improvement in incident response readiness. Overall, the website appears legitimate and professional with a moderate security posture and good business credibility. Strategically, the site should implement a cookie consent banner to improve privacy compliance, add missing security headers to enhance protection, and consider publishing a vulnerability disclosure policy to build trust. Regular audits of third-party scripts and continuous monitoring of security posture are recommended to mitigate risks.

S

SLAPAKY.CZ | Štípaný přírodní kámen již od 279 Kč

slapaky.cz

45

The website www.slapaky.cz is a professional e-commerce platform specializing in the sale of natural split stone products such as sandstone, quartzite, slate, porphyry, schist, limestone, and granite. It targets both retail customers and businesses in the Czech Republic, offering a wide range of stone products for construction, landscaping, and decorative purposes. The site provides additional services including free sample shipping, delivery across the Czech Republic, and storage options. The business appears to be a small-sized entity focused on the real estate and retail sectors. Technically, the website employs modern JavaScript libraries, Google Tag Manager, Matomo analytics, and other marketing tools, ensuring a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS enforced and secure forms, although some security headers could be improved. Privacy compliance is addressed with visible privacy and cookie policies and consent mechanisms. However, the WHOIS data is missing, which reduces transparency and trustworthiness from a domain registration perspective. Overall, the website is well-structured, secure, and professionally presented, suitable for its market niche.

G

Golemos s.r.o.

eshop-rychle.cz

57

Eshop-rychle.cz is a Czech-based e-commerce platform operated by Golemos s.r.o., offering entrepreneurs and businesses an easy-to-use SaaS solution to create and manage online stores. The platform emphasizes speed, professional features, modern design, and comprehensive support, targeting small to medium-sized enterprises and individual entrepreneurs seeking to start or enhance their online sales presence. With over 7,000 e-shops relying on their services and a significant annual transaction volume, the company holds a strong market position in the Czech e-commerce sector. Technically, the website employs modern web technologies including JavaScript, jQuery, Bootstrap, and integrates marketing and analytics tools such as Google Tag Manager, Microsoft Clarity, and Exponea. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. Cookie consent mechanisms and privacy policies are well implemented, reflecting GDPR compliance. From a security perspective, the site uses HTTPS with good SSL configuration and secure form handling. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No critical vulnerabilities or exposed sensitive data were found. Incident response and security policy information are not publicly detailed. Overall, the website is trustworthy and professional, though the absence of WHOIS data reduces transparency slightly. Strategic recommendations include enhancing security headers, publishing incident response contacts, and maintaining regular audits of third-party scripts to sustain security posture.

P

Petr Válek

valekpetr.com

55

The website valekpetr.com represents a personal portfolio for Petr Válek, a UX/Product Designer based in Czechia. The site highlights his specialization in Human Centered Design with over 6 years of experience and more than 30 projects completed. The business model appears to be freelance or consultancy services targeting businesses and product teams seeking UX design expertise. The website is built on the Webflow CMS platform and uses modern web technologies such as jQuery and Typed.js to enhance user experience. Hosting and domain registration are managed by Gransy, s.r.o., a Czech registrar, consistent with the claimed location. From a technical perspective, the website is well-structured with good mobile optimization, accessibility, and SEO practices. However, there is no evidence of advanced security headers or privacy compliance mechanisms such as cookie banners or privacy policies. The domain is relatively mature, created in 2018, which aligns with the professional experience claimed. No forms are present except a mailto link for contact, minimizing data collection risks. Security posture is moderate; the domain status clientTransferProhibited is a positive indicator, but DNSSEC is not enabled and no security headers are detected. Privacy compliance is low due to the absence of privacy and cookie policies. No analytics or tracking services are detected, indicating minimal user tracking. Overall, the website is professional and safe but would benefit from enhanced security and privacy measures. Strategic recommendations include enabling DNSSEC, adding privacy and cookie policies, implementing security headers, and considering a vulnerability disclosure policy to improve trust and compliance.

Z

Z-WARE s.r.o.

nasejidelna.cz

44

The website nasejidelna.cz represents the iCanteen system, a specialized internet-based food ordering platform primarily serving canteens in the Czech Republic. Developed and maintained by Z-WARE s.r.o., the platform offers comprehensive features such as online meal ordering, account management, notifications, and integration with existing canteen systems. The business targets institutional clients like canteens and their customers, positioning itself as a niche technology provider with a long-standing presence since 2003. Technically, the website employs a Java-based backend with modern front-end technologies including HTML5, CSS3, and JavaScript. The site is moderately optimized for mobile devices and provides a good user experience with clear navigation and relevant content. However, some technical improvements are recommended, such as adding security headers and enhancing SEO and accessibility features. From a security perspective, the site uses HTTPS and employs secure password hashing (BCrypt), but lacks visible security headers and formal security policies. No privacy or cookie policies are published, which is a compliance gap under GDPR. No incident response or vulnerability disclosure information is available, limiting transparency. Overall, the website is legitimate, professionally presented, and serves a clear business purpose. To improve trust and compliance, it should publish privacy and cookie policies, implement security headers, and provide vulnerability disclosure information. These steps will enhance security posture and regulatory compliance, supporting continued business growth and customer trust.

O

ORAX, s.r.o.

orax.cz

45

ORAX, s.r.o. is a Czech technology company specializing in custom web applications, unique websites, Windows custom software, and proprietary economic software solutions. With over 30 years of market presence and more than 50 completed projects, the company targets businesses seeking tailored software solutions to meet their specific needs. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content in Czech. Technical infrastructure includes modern JavaScript libraries such as Swiper.js and Google Analytics for visitor tracking. Security posture is moderate with cookie consent implemented but lacks visible HTTP security headers and incident response information. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but does not contradict the professional business presentation. Overall, the website demonstrates a solid business credibility and digital maturity appropriate for a small technology firm.

M

MAKRO Cash & Carry ČR s.r.o.

makro.cz

60

MAKRO Cash & Carry ČR s.r.o. operates a professional wholesale food and goods business targeting horeca, retail, and business customers in the Czech Republic. The website serves as a comprehensive platform for product assortment, promotions, customer registration, and support, reflecting a mature market position as a leading wholesale supplier. The technical infrastructure leverages modern web technologies, CDN delivery, and OAuth2 authentication, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and incident response information are absent. Overall, the site demonstrates strong business credibility and compliance with GDPR regulations.

S

Stock Spirits Group

stock.cz

78

Stock Spirits Group is a leading European spirits producer with a rich heritage dating back to 1884. The company offers a diverse portfolio of high-quality alcoholic beverages rooted in local and regional traditions, targeting mature consumers across over 50 countries. Their market position is strong, supported by sustainability initiatives and responsible drinking policies. Technically, the website is built on modern frameworks such as Next.js and React, delivering fast performance and excellent mobile optimization. Security posture is robust with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly available. Overall, the website reflects a professional and trustworthy business presence with moderate user tracking and good privacy compliance.

M

Mattoni 1873 a.s.

kmv.cz

54

Mattoni 1873 a.s. is a well-established beverage manufacturer based in the Czech Republic, specializing in premium natural mineral waters and a broad portfolio of internationally recognized beverage brands. Founded in 1873, the company has grown into a market leader in Central Europe, emphasizing sustainability and quality in its operations. The website reflects a professional corporate presence with comprehensive information about the company, its brands, and sustainability initiatives. Technically, the site employs modern web technologies including Google Analytics and Tag Manager, with good mobile optimization and user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. The absence of WHOIS data reduces transparency but does not detract significantly from the site's credibility given the professional content and trust signals. Overall, the site is a reliable digital representation of a mature, large-scale manufacturing business.

V

Vysoká škola uměleckoprůmyslová v Praze

umprum.cz

65

Vysoká škola uměleckoprůmyslová v Praze (UMPRUM) is a reputable educational institution specializing in art and design education. The website serves students, prospective students, alumni, and the general public interested in cultural events and exhibitions. It offers detailed information about departments, study programs, events, and an online learning platform. The institution holds a strong market position in the Czech Republic's education sector, focusing on creative disciplines. Technically, the website is built with modern web standards including HTML5, CSS3, JavaScript, and Bootstrap framework. It uses Matomo for analytics and provides a responsive design optimized for mobile devices. The site is served over HTTPS, ensuring secure communication. However, some security headers are missing, and cookie consent mechanisms are not explicitly implemented, indicating room for improvement in privacy compliance. From a security perspective, the site demonstrates good practices such as secure forms and no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data due to privacy protection is typical for such institutions and does not raise immediate concerns. The website lacks explicit incident response or security policy disclosures, which could be enhanced to improve trust and compliance. Overall, UMPRUM's website is professional, content-rich, and trustworthy, with minor gaps in privacy and security policy transparency. Strategic recommendations include implementing comprehensive security headers, explicit cookie consent, and publishing terms of service and security policies to strengthen compliance and user trust.

T

TANATEX Chemicals

tanatexchemicals.com

60

TANATEX Chemicals is a well-established global specialist in textile chemicals, focusing on innovation and sustainability within the textile manufacturing industry. The company offers a range of products and services including textile chemical development, lab services, hangtags, and toll manufacturing. Their market position is strengthened by a 60-year history and certifications such as BlueSign and Roadmap to Zero, indicating commitment to sustainable practices. The website reflects a professional B2B business model targeting textile industry professionals such as brands, dyehouses, and mills. Technically, the website is built on a modern stack including Laravel backend, Alpine.js frontend, and integrates Google Tag Manager and Cookiebot for analytics and privacy compliance. The site is mobile-optimized, accessible, and SEO-friendly, with good performance. However, some security headers are missing, and no explicit security or incident response policies are published. Security posture is solid with HTTPS enforced, CSRF protection on forms, and cookie consent mechanisms. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with clear privacy and cookie policies and GDPR indicators. Business credibility is high with clear contact details, professional content, and trust signals. Overall, the website presents a low risk profile with strong business credibility and good technical implementation. Strategic improvements include adding security headers, publishing a security policy, and establishing a vulnerability disclosure process to further enhance trust and security posture.