Security Directory

Č

ČEVAK a.s.

vodarenskavezcb.cz

59

Vodárenská věž is a public water tower and tourist attraction located in České Budějovice, Czech Republic, operated by ČEVAK a.s., a regional water utility company. The website serves as an informational and promotional platform for visitors, offering details about tours, events, and the history of the tower. The site is well-structured, visually appealing, and provides clear contact information and social media links, enhancing visitor engagement and trust. Technically, the website uses modern web technologies including Google Maps API for location services and Google Tag Manager for analytics, with a cookie consent mechanism ensuring GDPR compliance. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though some security headers could be added for improvement. The absence of WHOIS data limits full domain trust assessment, but the website content and contact details strongly indicate legitimacy. Overall, the site is a reliable and professional digital presence for the Vodárenská věž attraction.

F

FG Forrest, a.s.

vodapodkontrolou.cz

60

The website vodapodkontrolou.cz represents a professional water consumption monitoring service operated by FG Forrest, a.s., targeting households, entrepreneurs, and large companies primarily in the Czech Republic. The service offers continuous monitoring of water usage with customizable alarms and notifications to prevent water damage and reduce costs. The business model is subscription-based with monthly tariffs and a one-time installation fee, requiring no purchase of hardware by the customer. Technically, the website employs modern web technologies including JavaScript, jQuery, Google Tag Manager, and Google Maps API. The site is mobile-optimized, accessible, and SEO-friendly with comprehensive metadata and multilingual support. Performance is moderate with good user experience and clear navigation. From a security perspective, the site uses HTTPS with no visible vulnerabilities or exposed sensitive data. Cookie consent mechanisms and privacy policies are implemented in compliance with GDPR. However, explicit security policies and incident response contacts are not found, and security headers appear to be missing or not detected. Overall, the website is trustworthy and professionally maintained, though the absence of WHOIS data reduces transparency regarding domain registration. The site is safe for general audiences with no adult or questionable content. Strategic recommendations include enhancing security headers, publishing incident response information, and improving domain registration transparency.

B

Budapesti Zsidó és Izraeli Filmfesztivál

zsifi.org

53

The Budapest Jewish and Israeli Film Festival website serves as the official digital presence for an established cultural event celebrating Jewish and Israeli cinema. The festival, with over a decade of history, targets community members and film enthusiasts, emphasizing cultural storytelling and community togetherness. The website is professionally designed using WordPress and common plugins, providing a good user experience with clear navigation and mobile optimization. Privacy and cookie consent mechanisms are implemented, reflecting compliance with GDPR standards. Security posture is adequate with HTTPS enabled, though improvements such as enabling DNSSEC and adding security headers are recommended. The domain registration data aligns well with the festival's history, supporting legitimacy and trustworthiness.

N

NexGen IT s.r.o.

nexgen.cz

48

NexGen IT s.r.o. is a digital studio based in České Budějovice, Czech Republic, specializing in web design, software development, 3D visualization, and corporate identity services. The company serves clients domestically and internationally, including countries such as Slovakia, Germany, Austria, and Australia. Their business model combines service provision with the development of proprietary digital products like DMS, CMS, CRM, and an attendance system called NexDOS. The website presents a professional portfolio and client references, indicating a solid market position in the technology sector. Technically, the website employs modern JavaScript libraries including jQuery, FontAwesome, GSAP for animations, and integrates Google Maps API. The site is moderately optimized for performance and mobile responsiveness, with basic accessibility and SEO features. However, there is no detected CMS or explicit hosting provider information. The site lacks explicit privacy, cookie, and terms of service policies, which impacts compliance and user trust. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML. However, no security headers were detected, and there is no vulnerability disclosure or incident response information available. The absence of WHOIS data for the domain is a significant concern, reducing the trustworthiness of the domain registration and raising questions about legitimacy. No WAF or blocking mechanisms were detected, and the content is fully accessible. Overall, the website is professionally designed and functional, but the lack of WHOIS transparency and privacy compliance documentation lowers its security and compliance posture. Strategic improvements in security headers, privacy policies, and domain registration transparency are recommended to enhance trust and compliance.

L

Lesy ČR

klubnoveholesa.cz

69

Klub nového lesa is a community engagement platform operated under the auspices of Lesy ČR, the Czech Republic's national forestry organization. It focuses on organizing outdoor events related to forest renewal, environmental education, and public participation. The website provides event information, a mobile app for registration and rewards, and an e-shop for merchandise. The target audience includes nature enthusiasts, families, and volunteers interested in forestry and environmental stewardship. Technically, the website employs modern web technologies including Google Analytics, Facebook Pixel, Cookiebot for consent management, and Google Maps API for interactive maps. The site is mobile optimized and uses HTTPS, ensuring secure communication. Security posture is solid with cookie consent and CSRF protections, though some security headers could be improved. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR adherence. The WHOIS data is privacy protected, which is common and justified for this type of organization. Overall, the website is professional, trustworthy, and serves its community-oriented mission effectively.

D

Direct Fondee a.s.

fondee.cz

55

Fondee is a Czech Republic-based online investment platform specializing in simple, tailored ETF portfolios and corporate bond investments. The company targets retail investors seeking low-cost, transparent investment solutions, including sustainable ESG portfolios, children's accounts, and pension investment plans. The platform emphasizes ease of use, trust, and regulatory compliance, positioning itself as an emerging fintech player in the Czech market with growing media recognition. Technically, the website leverages modern web technologies including React, Google Tag Manager, and Google reCAPTCHA v3, hosted on DigitalOcean infrastructure with CDN support. The site demonstrates good mobile optimization, accessibility, and SEO practices, providing a professional and user-friendly experience. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure reduces transparency. No WHOIS registration data was found, which impacts trust assessment but the overall site content and media presence support legitimacy. Overall, Fondee presents a secure, professional, and privacy-conscious investment platform with room for improvement in transparency and contact availability. Strategic recommendations include publishing security and incident response policies, verifying domain registration details, and enhancing visible contact information.

4

42 The Network

42quebec.com

51

42 The Network operates a global, free IT education network with campuses including 42 Québec, the first Canadian campus located in Québec City. The organization focuses on addressing IT labor shortages by providing accessible, high-level training connecting students directly with industry needs. The website reflects a professional and well-established educational entity with clear contact information, social media presence, and comprehensive privacy and cookie policies. Technically, the site is built on WordPress with Elementor and Yoast SEO, leveraging modern web technologies and Google Maps integration for location services. Security posture is solid with HTTPS and privacy mechanisms, though some security headers could be improved. WHOIS data is unavailable due to privacy protection, which is justified for this non-profit educational network. Overall, the site is trustworthy, well-maintained, and serves its target audience effectively.

The website www.janskelazne.cz serves as an official tourism and accommodation information portal for Janské Lázně and the SkiResort Černá hora-PEC, the largest ski resort in the Czech Republic. It offers online booking services with promotional discounts on ski passes and leisure activities, targeting tourists and visitors interested in winter sports and summer leisure in the Krkonoše region. The site demonstrates a consistent brand presence and provides clear contact information, reinforcing its role as a local tourism information center with over two decades of experience. Technically, the website employs a traditional web stack including jQuery, jQuery UI, Google Analytics, Google Tag Manager, and Google Maps API, indicating moderate digital maturity. The site is mobile-optimized with good navigation and content relevance, although some accessibility features could be improved. Performance is moderate, with external dependencies on trusted providers for fonts and analytics. From a security perspective, the site uses HTTPS and standard tracking scripts but lacks explicit security headers and privacy/cookie policies, which are critical for GDPR compliance and user trust. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency, which should be addressed to enhance trustworthiness. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, improved security practices, and verification of domain registration details to strengthen its security posture and business credibility.

M

Metropolitní kapitula u sv. Víta v Praze

varhannifestival.cz

10

The website www.varhannifestival.cz represents the 14th International Organ Festival held at the St. Vitus Cathedral in Prague, organized by the Metropolitan Chapter of St. Vitus in Prague. It targets classical music enthusiasts and cultural tourists, providing detailed event information, artist lineups, and ticket purchasing options. The festival is well-established and supported by notable figures such as the Archbishop of Prague and the President of the Czech Republic, indicating strong cultural significance and trust. Technically, the website is built on the Solidpixels CMS platform, utilizing modern web technologies including Google Tag Manager and Google Fonts. It features responsive design, good accessibility, and SEO optimization. Performance is moderate with asynchronous script loading enhancing user experience. However, no hosting provider or domain age information is available due to missing WHOIS data. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. Yet, it lacks important security headers and published policies such as privacy, cookie, and terms of service, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, representing an area for improvement. Overall, the website is professional, content-rich, and trustworthy in terms of business credibility but requires enhancements in privacy compliance and security documentation. The absence of WHOIS data is a notable concern that should be addressed to improve domain legitimacy and trustworthiness.

T

The metropolitan chapter of St. Vitus in Prague

kapitula.cz

55

The Metropolitan Chapter of St. Vitus in Prague is a historic religious and cultural institution established in 973, making it the oldest legal entity with continuous activity in the Czech lands. The organization manages the St. Vitus Cathedral and other historic monuments, organizes cultural events such as organ festivals and choirs, and maintains a significant library and archive. The website reflects a professional and well-maintained digital presence, leveraging modern web technologies and a specialized CMS platform. However, the absence of WHOIS data and lack of visible privacy and cookie policies indicate areas for improvement in transparency and compliance. Security posture is generally strong with HTTPS and modern libraries, but could benefit from enhanced security headers and incident response information. Overall, the site serves as a credible and authoritative source for cultural and religious information related to the chapter.

P

Pacific Northwest Trail Association

pnt.org

53

The Pacific Northwest Trail Association (PNTA) is a dedicated non-profit organization focused on the stewardship, construction, and maintenance of the Pacific Northwest Trail, a 1,200-mile National Scenic Trail. The website serves as a comprehensive resource for hikers, volunteers, donors, and conservationists, offering maps, trip planning tools, and updates on trail conditions and organizational activities. The PNTA maintains an active digital presence with regular blog posts, newsletters, and social media engagement, positioning itself as the authoritative steward of the trail. Technically, the website is built on WordPress with a robust set of plugins including WooCommerce for e-commerce, Events Manager for event handling, and WP FullCalendar for calendar displays. The site uses modern web technologies such as jQuery, Google Maps API, and FontAwesome icons, delivering a responsive and user-friendly experience. SEO and accessibility are adequately addressed, though some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and uses secure external scripts. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and no visible security or incident response policies are published. The WHOIS data is incomplete, which slightly impacts trustworthiness, but the professional presentation and active content mitigate concerns. Overall, the PNTA website is a well-maintained, content-rich platform serving a niche outdoor and conservation community. Strategic improvements in privacy policy visibility, security header implementation, and WHOIS transparency would enhance trust and compliance.

4

4shop.sk - Zbyněk Velecký

4shop.sk

44

4shop.sk is a Slovak-based e-commerce platform provider offering customizable e-shop creation, rental, web design, marketing, and hosting services primarily targeting small to medium businesses. The company has been operating since 2004 and maintains a modular system with over 200 components, supporting a variety of business needs including B2C and B2B sales. Their market position is supported by a solid client base and a range of pricing tiers to accommodate different customer requirements. Technically, the website employs a mix of legacy and modern technologies including jQuery, Google Maps API, and reCAPTCHA, with a custom CMS platform. While the site is mobile optimized and SEO friendly, some outdated libraries pose potential security risks. Security posture is moderate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies. Overall, the site is professional, trustworthy, and compliant with GDPR, though improvements in security and technical modernization are recommended.

E

Energigas Sverige

energigas.se

57

Energigas Sverige is a well-established Swedish industry association representing actors in the energy gas sector, including biogas, vehicle gas, LPG, natural gas, syngas, and hydrogen. Founded in 2003, it serves as a central hub for advocacy, information dissemination, event organization, and publication of industry standards and guidelines. The website reflects a professional and consistent brand presence targeting stakeholders and members within the Swedish energy gas market. Technically, the site uses modern web technologies such as Google Tag Manager, Google Maps API, and a cookie consent mechanism, likely built on the Umbraco CMS platform and hosted by Loopia AB. The site is mobile-optimized with good SEO and accessibility basics. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though improvements are recommended in DNSSEC, security headers, and published security policies. Privacy compliance is partial, with cookie consent implemented but no explicit privacy or terms of service pages found. Overall, the site is trustworthy and professionally maintained, with a high legitimacy score based on domain age and WHOIS data.

S

Střední průmyslová škola Třebíč

spst.cz

50

Střední průmyslová škola Třebíč is a well-established regional technical secondary school in the Czech Republic, offering a variety of vocational and technical education programs including energy, IT, mechanical engineering, and artistic metalworking. The school maintains strong industry partnerships and has received multiple certifications and awards, positioning it as a reputable educational institution in its region. The website is built on Drupal 10, leveraging modern web technologies and providing a good user experience with clear navigation and mobile optimization. However, the absence of explicit privacy and cookie policies and missing WHOIS data present compliance and trust challenges. Security posture is moderate with HTTPS implied but lacking visible security headers and incident response information. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

C

CorCo Systems a.s.

corrency.cz

59

Corrency.cz is a Czech Republic-based platform operated by CorCo Systems a.s. that focuses on revitalizing local economies through municipal projects supporting residents, children, seniors, and cultural activities. The platform collaborates with government bodies and financial institutions, positioning itself as a niche solution for regional economic development. The website demonstrates a good level of digital maturity with modern technologies such as Google Analytics, Microsoft Clarity, and Bootstrap frameworks, alongside a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS and nonce usage, though improvements in security headers and incident response transparency are recommended. The absence of WHOIS data limits domain trust verification, but the presence of credible partnerships and testimonials supports legitimacy. Overall, the site is professional, user-friendly, and trustworthy with moderate technical performance and good privacy compliance.

A

Asociace energetických specialistů, z.s.

asociacees.cz

9

Asociace energetických specialistů, z.s. is a Czech non-profit association dedicated to supporting and educating energy specialists. The organization offers accredited courses, seminars, and certification services to professionals in the energy sector, particularly focusing on energy consulting and building renovation. It collaborates with governmental bodies and environmental funds, positioning itself as a recognized entity within the Czech energy market. The website reflects a professional and consistent brand image, targeting energy specialists and related stakeholders. Technically, the site employs modern JavaScript libraries, Google Analytics, and Google Maps API, with a moderate performance and basic mobile optimization. Security posture is adequate but could be improved by implementing security headers and cookie consent mechanisms. The absence of WHOIS data reduces domain trust, though the website content and partnerships indicate legitimacy. Overall, the site is safe, professional, and relevant to its audience.

K

KXG Hospitality

petrovykameny.cz

56

Hotel Petrovy Kameny is a mountain hotel located in the Praděd Nature Reserve in the Czech Republic, operated by KXG Hospitality. It offers accommodation, wellness, restaurant services, and seasonal packages targeting tourists and wellness seekers. The website is professionally designed, multilingual, and integrates modern digital marketing and analytics tools. The technical infrastructure is based on WordPress with Previo CMS and includes Google services and Facebook Pixel for tracking. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data is due to privacy protection, which is common and justified for this business type. Overall, the site is trustworthy and well-positioned in the hospitality market.

Zerlina s.r.o. operates a small family ecological goat farm located in Rožnov pod Radhoštěm, Czech Republic. The business focuses on producing high-quality organic goat dairy products including fresh and aged cheeses, yogurts, kefir, and ice cream. Additionally, the farm offers agrotourism experiences, farm tours, and accommodation services, targeting families, individuals, and groups interested in sustainable farming and local gastronomy. The company positions itself as a trusted regional player with a strong emphasis on tradition and ecological sustainability. Technically, the website is built on WordPress with a modern tech stack including JavaScript libraries, Google reCAPTCHA for form security, and Google Analytics for visitor tracking. The site is well-optimized for mobile devices and provides a good user experience with clear navigation and professional design. Cookie consent and privacy policies are implemented in compliance with GDPR requirements. From a security perspective, the site uses HTTPS with a valid SSL certificate and integrates reCAPTCHA to protect forms. However, it lacks some recommended security headers which could enhance protection against common web threats. The absence of WHOIS registration data reduces domain trustworthiness, but the website content and business information appear legitimate and professional. Overall, Zerlina's website demonstrates a solid digital presence for a small ecological farm with good privacy compliance and user experience. Strategic improvements in security headers and domain registration transparency would further strengthen trust and security posture.

B

Bigfish

thebigfish.hu

53

Bigfish is a well-established seafood bistro and market located in Budapest, Hungary, founded in 2013. It offers a unique fusion of a fish market and a casual dining experience with a broad selection of fresh seafood and related dishes. The business targets seafood enthusiasts, local residents, and tourists seeking high-quality seafood in a vibrant urban setting. Technically, the website is built on WordPress using Elementor, with modern JavaScript libraries and integrations such as Google Maps and PixelYourSite for analytics and marketing. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and some best practices but lacks visible security headers, privacy policies, and incident response information, which are areas for improvement. The domain registration data aligns well with the business profile, supporting legitimacy. Overall, the website is professional and credible but would benefit from enhanced privacy compliance and security transparency.

P

Pension Albert

penzionalbert.cz

54

Penzion Albert is a small hospitality business operating a guesthouse in the Šumava region of the Czech Republic. The website presents a well-structured and visually appealing platform built on WordPress with Elementor, offering detailed accommodation options and amenities. The business targets families and tourists seeking nature and relaxation. Technically, the site uses modern plugins and APIs but lacks full analytics configuration and security headers. The security posture is adequate with HTTPS enabled but could be improved with additional headers and policies. Privacy compliance is currently insufficient due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from enhanced compliance and security measures.

L

Lipno Region Tourism Society

lipensko.cz

55

Lipensko.cz is a regional tourism website operated by the Lipno Region Tourism Society, a non-profit entity promoting tourism in the Lipno area of the Czech Republic. The site offers comprehensive information on local attractions, activities, accommodation, events, and cultural heritage, targeting tourists including families, seniors, and adventure seekers. The business model focuses on regional tourism promotion and information dissemination, supported by partnerships with local and national tourism bodies. Technically, the website uses modern web technologies including Google Tag Manager, Google Analytics, Hotjar, and the Foundation framework, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS usage and no visible vulnerabilities, but lacks explicit security headers and privacy/cookie policies. WHOIS data is unavailable, which reduces domain trustworthiness from a registration perspective. Overall, the site is professional, content-rich, and trustworthy for its audience but would benefit from enhanced privacy compliance and security best practices.

Č

ČEVAK a.s.

cevak.cz

61

ČEVAK a.s. is a Czech water utility company specializing in the operation and management of water supply and wastewater infrastructure. The company serves residential customers, municipalities, and water infrastructure owners, providing key services such as water and sewer connections, water quality testing, customer service, and technical statements. The website reflects a well-established regional utility with a professional online presence and ISO 27001 certification indicating a commitment to information security management. Technically, the website employs modern technologies including Google Tag Manager and Google Maps API, with good mobile optimization and accessibility features. The site uses HTTPS exclusively, ensuring secure communications, and implements a comprehensive cookie consent mechanism aligned with GDPR requirements. However, some security headers are not visibly implemented, and WHOIS data for the domain is unavailable, which slightly impacts trustworthiness. From a security perspective, the site demonstrates good practices such as secure login portals and no exposed sensitive data. The absence of explicit incident response contacts and vulnerability disclosure mechanisms suggests areas for improvement. Overall, the security posture is solid but could be enhanced by adding security headers and publishing a security.txt file. The overall risk assessment is moderate with a good balance of content quality, technical implementation, and security. Strategic recommendations include improving transparency on security policies, enhancing WHOIS data visibility, and strengthening security headers to further bolster trust and compliance.

I

IDC-softwarehouse, s.r.o.

idc.cz

57

IDC-softwarehouse, s.r.o. is a Czech Republic based IT services company specializing in IT management, data center operations, and custom software development. The company has been operating since 2000 and recently became part of the MasterDC group, enhancing its market position. The website presents a professional image with clear service offerings targeted at businesses requiring reliable IT solutions. Technically, the site is built on WordPress using the Enfold theme, integrates Google services such as Maps, Analytics, Tag Manager, and reCAPTCHA, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS and reCAPTCHA, though additional security headers and explicit security policies are recommended. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. The lack of WHOIS data reduces domain trustworthiness but does not detract from the professional presentation and business legitimacy. Overall, IDC-softwarehouse appears to be a credible and established IT service provider in the Czech market.

Ž

Žufánek.cz

zufanek.cz

65

Žufánek.cz is a family-owned fruit distillery established in 2000 in the Czech Republic, specializing in the production of high-quality fruit distillates, liqueurs, absinths, and gins. The company emphasizes ecological farming and local terroir, positioning itself as a premium brand with a strong presence in the spirits market, particularly known for award-winning absinths. The website reflects a mature business with a focus on product quality and customer engagement through auctions and custom production services. Technically, the site is built on WordPress with WooCommerce and multilingual support, leveraging modern web technologies and third-party integrations such as Google Analytics and reCAPTCHA. Security posture is generally good with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and explicit privacy and security policies. Overall, the site is professional and trustworthy, targeting adult consumers interested in premium spirits. Strategic improvements in privacy transparency and security hardening would enhance compliance and trust.

Z

značkárna s.r.o.

znackarna.cz

55

Značkárna s.r.o. is a Czech branding and design agency specializing in communication, design, and digital development services. Founded in 2018, the company serves businesses seeking to build and enhance their brand identities. Their website presents a professional portfolio of clients and a skilled team, positioning them as a niche player in the branding and design market. The company emphasizes craftsmanship in communication and design, targeting businesses that value thoughtful brand development. Technically, the website is built on WordPress and employs modern web technologies including Google Analytics, Google Tag Manager, and Google Maps API. The site is mobile-optimized and uses lazy loading for images to improve performance. Hosting and domain registration are consistent and transparent, with no blocking or WAF challenges detected, indicating good digital maturity. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several security best practices such as security headers, a published security policy, and incident response contacts. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Analytics usage is moderate, relying on Google services without clear data retention disclosures. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures to improve compliance and user trust. Strategic improvements in security headers, policy transparency, and privacy mechanisms are recommended to strengthen the security posture and regulatory alignment.

H

Hankintatukku Oy

hankintatukku.fi

46

Hankintatukku Oy is a well-established Finnish manufacturer and wholesaler of dietary supplements, operating since 1982. The company holds a significant position in the Finnish market, targeting both retail partners and end consumers through a combination of wholesale distribution and an owned e-commerce platform. Their website reflects a professional and consistent brand image, providing comprehensive product information and company details primarily in Finnish, with English language support available. The business model focuses on manufacturing quality health products and distributing them through a trusted partner network and direct online sales. Technically, the website is built on WordPress with modern plugins and frameworks such as Bootstrap and Yoast SEO, ensuring good SEO optimization and mobile responsiveness. The site uses Google Analytics for visitor tracking and includes a GDPR-compliant cookie consent mechanism. Performance is moderate with room for improvement in accessibility features. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be enhanced. No incident response or explicit security policies are published. Overall, the website is trustworthy, compliant with privacy regulations, and professionally maintained. The domain registration details align well with the business claims, supporting legitimacy. The company maintains active social media profiles and displays trust badges, further enhancing credibility. There are no indications of adult or questionable content, making the site safe for general audiences.

V

ValentaDesign s.r.o.

valentadesign.cz

49

ValentaDesign s.r.o. is a small Czech internet agency specializing in e-commerce and portal design with a decade of experience. The company focuses on user research, prototyping, web and mobile design, and usability testing, serving businesses seeking to improve their online sales channels. Their market position is supported by partnerships with notable software providers and client testimonials, indicating a trusted regional presence. Technically, the website employs standard modern web technologies including Google Analytics and Hotjar for analytics and user behavior tracking, but lacks some advanced security headers and has a broken Google Maps integration due to a missing API key. Security posture is moderate with no critical vulnerabilities detected but room for improvement in headers and privacy compliance. Overall, the website is professional and trustworthy but would benefit from enhanced privacy policies and security practices.

Z

značkárna s.r.o.

webees.cz

55

značkárna s.r.o. is a Czech Republic based small business specializing in branding, communication, design, and digital development services. The company positions itself as a craftsman of communication and design, targeting businesses seeking to build and enhance their brand identity. Their website reflects a professional and consistent brand image with a clear presentation of their team and client portfolio. Technically, the site is built on WordPress, leveraging modern tools such as Google Analytics, Google Tag Manager, and Google Maps API, with lazy loading for images to optimize performance. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is good with HTTPS enforced, but lacks some security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is trustworthy and professional, but could improve in privacy transparency and security best practices.

E

EduArt Experience

eduartexperience.com

52

EduArt Experience is a Czech-based educational platform specializing in art education, art collecting, and cultural engagement. Founded in 2020, it offers a variety of educational programs, curated art stories, and a membership club aimed at art collectors and enthusiasts. The website demonstrates a strong market position within its niche, targeting individuals interested in art culture primarily in the Czech and Slovak regions. The business model revolves around educational services and community membership with exclusive benefits. Technically, the website employs modern JavaScript libraries, Google Maps API, Facebook Pixel, and Google Tag Manager for marketing and analytics. It is hosted on servers associated with wedos.com and uses HTTPS with CSRF protection for forms. The site is mobile-optimized and features good SEO practices, although accessibility features are basic. Performance is moderate, with room for improvement in security headers and DNS security. From a security perspective, the site uses HTTPS and CSRF tokens but lacks DNSSEC and important security headers such as Content-Security-Policy. There is no cookie consent mechanism or detailed privacy policy addressing GDPR compliance, which are notable gaps. No incident response or security policy information is published. The domain registration is consistent and legitimate, supporting the trustworthiness of the website. Overall, the website is professional, content-rich, and trustworthy but would benefit from enhanced privacy compliance and security hardening to meet modern standards and regulatory requirements.

M

Ministerstvo pro místní rozvoj ČR

dotaceeu.cz

60

The website dotaceeu.cz serves as the official Czech government portal dedicated to European Union funds in the Czech Republic. It provides comprehensive information on EU funding programs, project maps, calls for proposals, events, and statistical data. The portal targets a broad audience including citizens, public institutions, and businesses interested in EU funding opportunities. The site is well-established, with a domain registered since 2004, and is operated by the Ministry of Regional Development of the Czech Republic. Technically, the site is built on ASP.NET WebForms with Kentico CMS, leveraging modern JavaScript libraries and APIs such as jQuery, Bootstrap, Google Maps, and Chart.js. It integrates tracking and analytics tools like Hotjar and Google Tag Manager, alongside a live chat service for user support. Security-wise, the site enforces HTTPS, uses CSRF tokens in forms, and implements cookie consent mechanisms, though it lacks explicit HTTP security headers and dedicated security policy pages. Overall, the site demonstrates a strong security posture with no visible vulnerabilities or suspicious content. The domain WHOIS data aligns with the official government entity, confirming legitimacy and trustworthiness. Strategic recommendations include enhancing HTTP security headers, publishing security policies, and maintaining regular security audits to uphold compliance and user trust.

I

Internet Projekt, a.s.

cng.cz

65

The website www.cng.cz represents a professional platform operated by Internet Projekt, a.s., focused on providing information and services related to compressed natural gas (CNG) refueling stations across the Czech Republic. It serves vehicle owners and fleet operators who utilize CNG as an alternative fuel, offering detailed station locations, pricing, payment options, and route planning tools. The site demonstrates a solid market position within the energy and transportation sectors in the region. Technically, the website employs modern web technologies including Google Maps API for geolocation services, jQuery for DOM manipulation, and Cookiebot for cookie consent management. It integrates Google Tag Manager and Google Analytics for tracking and analytics purposes. The site is mobile-optimized with good design quality and navigation clarity, although some accessibility and SEO optimizations could be improved. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, which are positive indicators. However, the absence of visible security headers and lack of explicit privacy policy or terms of service pages represent areas for improvement. The WHOIS data for the domain is unavailable, which limits the ability to fully verify domain legitimacy and trustworthiness. Overall, the website is functional, professional, and serves its business purpose well, but it would benefit from enhanced transparency regarding privacy, security policies, and contact information to strengthen user trust and compliance posture.

W

Waldhart Software

onlineshop.ws

45

Waldhart Software operates the onlineshop.ws domain, providing specialized e-commerce solutions primarily for ski schools, snow sports schools, and related outdoor sports businesses. The website serves as a reference portal showcasing over 300 live client online shops, indicating a focused B2B business model targeting the winter and summer sports education sector. The company appears to be a small-sized entity founded in 2018, with a consistent brand presence and a clear market niche in Austria and neighboring countries. Technically, the website leverages modern web technologies including the Quasar Framework and Google Maps API, delivering a responsive and user-friendly experience. Hosting is likely provided by profiwebspace.at, with domain registration managed by InterNetX GmbH. The site uses HTTPS, but lacks DNSSEC and security headers, which are areas for improvement. No analytics or advertising scripts were detected, suggesting a privacy-conscious or minimalistic approach. From a security perspective, the site has a moderate posture with HTTPS enabled but missing important security headers and DNSSEC. There are no visible vulnerabilities or exposed sensitive data in the provided content. However, the absence of privacy and cookie policies, as well as terms of service, indicates compliance gaps with GDPR and general privacy best practices. Overall, the website is professional and trustworthy within its niche but would benefit from enhanced privacy compliance and improved security configurations to strengthen user trust and regulatory adherence.

E

EUROPARC Federation

europarc.org

57

The EUROPARC Federation is a well-established non-profit organization representing a large network of European Protected Areas across 40 countries. It serves as a professional forum for collaboration, training, advocacy, and project management focused on nature conservation and sustainable tourism. The website reflects a mature digital presence with comprehensive content, clear navigation, and active social media engagement. Technically, the site is built on WordPress with modern plugins and APIs, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS and no obvious vulnerabilities, though some security headers could be improved. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. The lack of WHOIS transparency slightly impacts domain trust but is offset by EU funding support and professional presentation. Overall, the site is trustworthy, content-rich, and well-positioned in its sector.

P

ProZvěřinu.cz – Zvěřina přímo od myslivců

prozverinu.cz

43

ProZvěřinu.cz is an online marketplace based in the Czech Republic that connects consumers directly with hunters to purchase high-quality game meat. The platform targets local consumers interested in nutritious, diet-friendly, and low-fat wild game meat. The business operates a niche marketplace model, facilitating direct sales and location-based searches for game meat offers. The website is built on WordPress using popular plugins for directory management and GDPR compliance, indicating a moderate level of digital maturity. The technical infrastructure includes integration with Google Maps API for enhanced user experience. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, but lacks advanced security headers and explicit incident response contacts. The absence of WHOIS registration data reduces domain trustworthiness, though the website content and compliance features suggest a legitimate operation. Strategic recommendations include improving security headers, adding clear contact and incident response information, and verifying domain registration details to enhance trust and compliance.

T

TISCALI MEDIA, a.s.

tiscalimedia.cz

52

TISCALI MEDIA, a.s. is a well-established Czech media company operating a broad portfolio of internet media and services that reach over 6.7 million users monthly. Their offerings include news portals, specialized content sites in gaming, finance, science, and entertainment, as well as email and file storage services. The company is part of the Dignity group and includes subsidiaries such as ARBOmedia, a media representation firm. Technically, the website employs modern web technologies including Bootstrap, Google Analytics, and Google Maps API, delivering a responsive and professionally designed user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit privacy/cookie policies are absent. WHOIS data is missing, which slightly impacts trust but the business information and contact details are clear and professional. Overall, the website is safe, well-maintained, and credible, serving a broad general audience with no adult or questionable content.

F

FG Forrest, a.s.

fg.cz

74

FG Forrest, a.s. is a well-established Czech internet agency specializing in custom e-commerce solutions, websites, and intranets with over 27 years of experience. The company positions itself as a trusted partner for online business, serving a broad range of clients including major corporations. Their website reflects a mature digital presence with professional design, clear navigation, and comprehensive content showcasing their services, client testimonials, and industry awards. Technically, the site employs modern technologies such as Google Tag Manager, LinkedIn Insight, and Plausible Analytics, and is built on their proprietary CMS and e-commerce platform Edee.one. Security posture is strong, evidenced by HTTPS enforcement, ISO 27001 certification, and cookie consent mechanisms. However, the absence of WHOIS data limits domain registration trust analysis. Overall, FG Forrest demonstrates a robust digital maturity and business credibility suitable for their market segment.

V

Via Aurea, s.r.o.

cityone.cz

49

CityOne is a Czech Republic-based platform operated by Via Aurea, s.r.o., focused on smart city solutions, projects, and expert networking. The website serves as a marketplace and information hub for smart city initiatives, covering sectors such as energy, transportation, ICT, and public services. It targets municipalities, urban planners, technology providers, and citizens interested in smart city development. The platform offers project showcases, product listings, expert profiles, news articles, and event calendars, facilitating collaboration and knowledge sharing in the smart city ecosystem. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Google Analytics, Google reCAPTCHA, and Google Maps API. The site is mobile-optimized with good navigation and content structure, though it appears to use a custom or proprietary CMS. Performance is moderate, and accessibility features are basic. Security best practices such as HTTPS and cookie consent mechanisms are implemented, but security headers are not detected, indicating room for improvement. From a security perspective, the site shows a good posture with encrypted connections and form protections via reCAPTCHA. However, the absence of WHOIS registrant data and lack of explicit privacy and security policies reduce overall trust. No vulnerabilities or malicious content were detected. Privacy compliance is partially addressed through cookie consent, but no dedicated privacy policy page was found. Overall, CityOne presents a professional and trustworthy platform for smart city stakeholders, but it would benefit from enhanced transparency in domain registration, explicit privacy and security policies, and improved security header implementation to strengthen its security posture and compliance.

U

Unie zaměstnavatelských svazů ČR

uzs.cz

49

Unie zaměstnavatelských svazů ČR is a major Czech employers' association representing a broad spectrum of sectors including public services, healthcare, energy, education, and finance. The organization serves over 20,000 member organizations and nearly a million employees, positioning itself as a dominant voice in the Czech Republic's employer landscape. The website reflects this professional stature with clear navigation, sector-specific content, and partnership references. Technically, the site employs common web technologies such as jQuery, Google Tag Manager, and ShareThis for social sharing and analytics, indicating a moderate level of digital maturity. However, the absence of WHOIS data and lack of explicit privacy and security policies suggest areas for improvement in transparency and compliance. Security posture is moderate with HTTPS implied but missing explicit security headers and vulnerability disclosures. Overall, the site is safe, professional, and targeted at a general audience of employers and stakeholders.

K

Krajánek ve světě z.s.

krajanekvesvete.cz

55

Krajánek ve světě z.s. is a Czech non-profit organization dedicated to promoting the Czech language, literature, and culture among multilingual children aged 5 to 12 living abroad. The organization publishes a monthly magazine called Krajánek, creates educational materials, supports bilingualism and multilingualism, and offers distance learning courses and cultural projects. Their target audience primarily consists of Czech communities and mixed families living outside the Czech Republic. The website reflects a focused niche educational mission with a consistent brand and good content quality. Technically, the website is built on WordPress and uses a variety of plugins including those for download management, statistics, and interactive flipbook presentations. It integrates external services such as Google Maps API and Facebook SDK for social media engagement. The site is mobile optimized with moderate performance and basic accessibility features. SEO is basic but functional. From a security perspective, the site uses HTTPS with good SSL configuration but lacks some recommended security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is understandable for a small non-profit. Overall, the website presents a trustworthy and professional front for a small educational non-profit. Strategic improvements in privacy documentation, security headers, and WHOIS transparency could enhance trust and compliance.

Č

Český telekomunikační úřad

ctu.cz

56

Český telekomunikační úřad (ČTÚ) is the official Czech government regulatory authority responsible for telecommunications, postal services, and radio spectrum management. The website serves as a comprehensive portal for consumers, businesses, and government entities, providing regulatory information, consumer protection resources, and access to various public services. The site is well-branded, professionally designed, and offers content in Czech and English, targeting a broad audience including consumers and industry stakeholders. Technically, the site is built on Drupal CMS with a modern tech stack including jQuery, Bootstrap, and Google APIs, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit security policies could be improved. WHOIS data is unavailable likely due to registry policies, but the domain's .gov.cz extension and consistent official content strongly indicate legitimacy. Overall, the website is a trustworthy, professional government resource with good compliance and technical maturity.

G

Gransy, s.r.o.

administrace.tv

51

The website administrace.tv serves as a login portal titled 'Prima Administrace', likely intended for internal or authorized users associated with the Prima media brand. The site integrates video streaming capabilities and uses modern JavaScript frameworks such as React and Material-UI, along with external services like Google Maps and Gemius analytics. The domain is registered to Gransy, s.r.o., a Czech company, with consistent WHOIS data and a domain age appropriate for the business type. However, the site lacks publicly accessible privacy, cookie, and terms of service policies, and no contact information is provided, which limits transparency and user trust. From a technical perspective, the site uses a modern tech stack and is hosted on AWS infrastructure, but there is no evidence of DNSSEC or security headers such as CSP or HSTS, which are recommended for enhanced security. The login form includes password visibility toggling, indicating some attention to user experience and security. Analytics are implemented via Gemius, but privacy compliance appears minimal due to the absence of cookie consent mechanisms. Security posture is moderate but could be improved by implementing standard security headers, enabling DNSSEC, and publishing clear privacy and security policies. No adult or questionable content is present, and the site is accessible without WAF or blocking mechanisms. Overall, the site is functional but basic in content and security maturity. Strategic recommendations include enhancing security headers, publishing privacy and cookie policies to comply with GDPR, adding contact and incident response information, and improving accessibility and SEO features to increase professionalism and trustworthiness.

Č

Česká unie sportu

cus-sportujsnami.cz

40

Česká unie sportu operates as a non-profit organization focused on promoting sports and physical activities throughout the Czech Republic. The website serves as a hub for upcoming sports events, community engagement, and multimedia content to encourage active lifestyles. The organization maintains a consistent brand presence with active social media channels on Facebook, Instagram, and YouTube. Technically, the site is built on WordPress with common plugins for social media integration, maps, and cookie consent, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and explicit incident response information. The absence of WHOIS data reduces transparency and trustworthiness, though the website content and branding suggest legitimacy. Overall, the site is well-structured, user-friendly, and compliant with GDPR cookie requirements, but could improve in contact transparency and security best practices.

Č

Česká unie sportu

iscus.cz

48

Česká unie sportu operates an information system website providing public access to data about sports clubs and physical education units affiliated with district associations in the Czech Republic. The website serves as a resource for sports organizations and the general public interested in sports entities, offering search functionality and statistical data about registered sports units and individuals. The site is positioned as a national sports union information provider with a medium-sized organizational footprint and a focus on transparency and public information dissemination. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript, with integrations such as Google Tag Manager for analytics and Google Maps API for location services. The site is mobile-optimized with a moderate performance profile and basic accessibility features. However, no CMS or advanced frameworks are detected, indicating a custom or lightweight implementation. From a security perspective, the website uses HTTPS and implements a cookie consent mechanism, reflecting basic compliance with privacy regulations. However, it lacks visible security headers and published privacy or security policies, which are areas for improvement. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable but basic security posture. Overall, the website is functional and professional but would benefit from enhanced privacy disclosures, security policies, and contact information to improve trust and compliance. Strategic recommendations include publishing comprehensive privacy and terms of service documents, implementing security headers, and providing clear incident response contacts.

A

Asociace pro elektronickou komerci - APEK

apek.cz

51

APEK (Asociace pro elektronickou komerci) is a Czech association representing e-commerce companies and entrepreneurs. It provides its members with support through certification (APEK Trustmark), educational workshops, legal assistance, and specialized studies. The association positions itself as a leading entity in the Czech e-commerce sector, helping members stay competitive and informed. The website is professionally designed, content-rich, and targets Czech e-commerce businesses and entrepreneurs. Technically, the website uses a custom CMS with common web technologies including jQuery, Google Maps API, Google Analytics, and Google Tag Manager. It is served over HTTPS with good SSL configuration, though some modern security headers are missing. The site is mobile optimized and has good SEO practices but could improve accessibility features. From a security perspective, the site shows a solid posture with HTTPS and no visible vulnerabilities or exposed sensitive data. However, it lacks visible privacy and cookie policies, security.txt, and vulnerability disclosure mechanisms. The WHOIS data is missing, which reduces domain registration trust but does not necessarily indicate malicious intent given the professional nature of the site. Overall, the site is trustworthy and professional but would benefit from enhanced transparency on privacy and security policies and improved WHOIS data availability.

C

CTP

ctp.eu

49

CTP is a leading European commercial real estate company specializing in logistics and industrial properties. It operates across 10 countries with over 200 locations, positioning itself as the largest listed owner and developer in its sector. The company offers a broad range of commercial spaces including warehouses and office buildings, targeting businesses seeking scalable and flexible real estate solutions. The website reflects a mature digital presence with multilingual support and comprehensive business and investor information. Technically, the website is built on WordPress with modern performance optimizations such as lazy loading, Google Tag Manager, and integration of Google Maps API. The site is mobile-optimized, fast-loading, and accessible, indicating a high level of digital maturity. Security practices include HTTPS enforcement and script nonce usage, although explicit security policies and incident response information are not publicly detailed. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Contact information is transparent and accessible, enhancing business credibility. Overall, the website demonstrates professionalism, trustworthiness, and a solid foundation for business operations and customer engagement.

K

Knihovna Jiřího Mahena v Brně

kjm.cz

50

The website kjm.cz represents the official online presence of Knihovna Jiřího Mahena v Brně, a public library serving the Brno region in the Czech Republic. The site provides access to library services including book lending, event information, and branch locations, targeting the general public and library users. The business model is government-funded public service, positioning the library as a regional cultural and educational institution. The website's content is relevant and professionally presented, with consistent branding and a clear focus on library services. Technically, the site is built using modern web technologies such as Vue.js and Nuxt.js, styled with Tailwind CSS, and integrates Google Maps API for location services. The site is mobile-optimized and offers a good user experience with clear navigation. Performance is moderate, and SEO and accessibility features are basic but present. The site uses HTTPS, ensuring encrypted communication. From a security perspective, the site demonstrates a good posture with HTTPS enabled and no visible sensitive data exposure. However, it lacks important security headers such as Content-Security-Policy and HSTS, which could enhance protection against common web attacks. No vulnerabilities or exposed sensitive information were detected. Privacy compliance is partial; a cookie consent mechanism is present, but no explicit privacy policy or terms of service were found in the provided content. Overall, the site is trustworthy and safe for general audiences, with no adult or questionable content. The absence of WHOIS data and registrant information reduces the domain trustworthiness score, but the website content and presentation support legitimacy. Strategic recommendations include adding comprehensive privacy and security policies, implementing security headers, and improving WHOIS transparency to enhance trust and compliance.

E

EMERGE, a.s.

emerge.cz

50

EMERGE, a.s. is a Czech manufacturing and logistics company with nearly 30 years of experience, serving primarily automotive and industrial clients. The company holds multiple certifications including IATF 16949, ISO 9001, ISO 14001, ISO 50001, and TISAX, underscoring its commitment to quality and security standards. The website reflects a professional business presence with clear service offerings and international customer reach. Technically, the site uses modern JavaScript libraries, Google Analytics, and Google Maps API, and is mobile optimized with a cookie consent mechanism in place. Security posture is generally good with HTTPS enforced, though explicit security headers are not detected and no incident response contacts or vulnerability disclosures are published. The absence of WHOIS data is a notable concern for domain legitimacy, though the website content and certifications support a trustworthy business identity. Overall, the site is well-structured, compliant with privacy regulations, and suitable for its B2B audience.

O

Oakley

oakley.com

75

Oakley is a globally recognized brand specializing in the design and retail of high-performance sunglasses, eyewear, apparel, and accessories. The website serves the European Union market, providing a comprehensive e-commerce platform with multiple product categories and regional language support. The site is professionally designed with a strong brand presence and consistent user experience. Technically, the site leverages modern JavaScript frameworks, SAP Hybris commerce platform, and integrates advanced analytics and personalization tools, ensuring a fast and responsive user experience across devices. Security posture is strong with HTTPS enforcement, security headers, and secure form handling, although public WHOIS data is unavailable likely due to privacy protection. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting mature data protection practices. Overall, the site demonstrates a high level of digital maturity and business credibility.

B

BESIP

ibesip.cz

61

BESIP is the primary governmental body responsible for coordinating road safety efforts in the Czech Republic. It operates as an expert authority under the Ministry of Transport, focusing on education, awareness campaigns, and policy support to improve traffic safety for all road users including pedestrians, cyclists, drivers, motorcyclists, children, and seniors. The website serves as a comprehensive resource offering educational materials, campaign information, statistics, and guidance tailored to various audiences. Technically, the site is built on ASP.NET WebForms with modern JavaScript libraries and is hosted on a government domain, ensuring a professional and authoritative presence. Security measures include HTTPS enforcement, CSRF protection, and cookie consent mechanisms, although some security headers and explicit policies could be improved. The absence of WHOIS data is typical for government domains, but the domain's .gov.cz TLD and consistent branding strongly support its legitimacy. Overall, BESIP's website is a well-maintained, trustworthy platform that effectively supports its mission of enhancing road safety in the Czech Republic.

M

Restaurace, obědy, polední a denní menu v Praze 1 | Meníčka.cz

menicka.cz

56

Menicka.cz is an online platform specializing in providing daily and lunch menus, restaurant event promotions, job offers in hospitality, and discount deals primarily focused on Prague 1 and other Czech cities. The website targets general consumers looking for dining options and hospitality job seekers. Technically, the site employs a variety of modern web technologies including Google Analytics, Microsoft Clarity, Google Maps API, and several JavaScript libraries to enhance user experience and track engagement. The security posture is adequate with HTTPS enforced and reCAPTCHA implemented on forms, but could benefit from additional security headers and updating legacy libraries. Privacy compliance is limited as no explicit privacy policy or terms of service were found, though a cookie policy with consent mechanism is present. The absence of WHOIS data reduces domain transparency and trustworthiness, but the website content and structure appear professional and legitimate. Overall, the site is functional and serves its niche well but should improve transparency and security practices to enhance trust and compliance.