Security Directory

G

GABBYS IRISH PUB

gabbyspub.cz

66

GABBYS IRISH PUB is a recently established hospitality business located in the heart of Prague, Czechia, offering a traditional Irish pub experience with a focus on quality drinks, food, and live sports broadcasts. The business operates a modern digital presence with online menus, reservation capabilities, and active social media engagement, positioning itself as a local favorite for both residents and tourists seeking nightlife and entertainment. Technically, the website is built on a modern React/Next.js stack hosted and managed via ChoiceQR platform, integrating Google Fonts, Google Analytics, Facebook Pixel, and other marketing tools. The site demonstrates good performance, mobile optimization, and SEO practices, with secure HTTPS and appropriate security headers implemented. From a security perspective, the site maintains a strong posture with SSL encryption and standard security headers, though it lacks explicit published security policies or incident response contacts. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms, aligning with GDPR requirements. Overall, the site is trustworthy and professionally maintained, with a moderate risk profile typical for small hospitality businesses. Strategic improvements could include publishing security policies and incident response information to enhance transparency and trust.

H

Harvard Business School

hbs.edu

61

Harvard Business School (HBS) is a globally recognized educational institution specializing in business management education. It offers a range of programs including MBA, doctoral degrees, executive education, and online certificate courses. The school is positioned as a leader in management education and thought leadership, serving a diverse audience of students, academics, business professionals, and alumni. The website reflects a mature digital presence with a modern tech stack including React and Next.js, optimized for performance and mobile responsiveness. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response information are not prominently published. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user trust and regulatory adherence. Overall, the site demonstrates high professionalism, excellent content quality, and strong branding consistency, aligning with the prestigious reputation of Harvard Business School.

A

Allwyn

allwyn.com

75

Allwyn is a global lottery-led entertainment company that operates national lotteries and digital-first games across multiple countries including the United Kingdom, Czech Republic, Greece, Cyprus, Austria, and the United States. The company emphasizes hope, play, and social impact through its gaming offerings and partnerships with major entities such as Formula 1 and McLaren. The website is professionally designed using modern technologies like Next.js and React, optimized for mobile and SEO, and integrates Google Tag Manager and reCAPTCHA for analytics and security. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response contacts are not published. The absence of WHOIS data limits domain trust analysis but the overall digital presence and partnerships indicate a legitimate and credible business.

K

KKCG

kkcg.com

67

KKCG is a well-established investment and innovation group headquartered in Switzerland, operating across multiple sectors including entertainment, energy, technology, real estate, and diversified ventures. With a presence in over 40 countries and a significant EBITDA exceeding €1.5 billion, KKCG positions itself as a major multinational player leveraging its own resources to transform industries. The company maintains a professional and modern digital presence, utilizing advanced web technologies and analytics tools to engage its audience effectively. Social media integration and multilingual support further enhance its global reach. Security-wise, KKCG employs HTTPS, security headers, and reputable hosting and DNS providers, reflecting a strong security posture. However, the absence of an explicit privacy policy and security incident response information suggests areas for improvement in compliance and transparency. Overall, KKCG demonstrates a high level of business credibility and digital maturity, with recommendations to enhance privacy disclosures and formalize security policies to align with best practices.

T

Typotheque

typotheque.com

65

Typotheque is a specialized type foundry offering unique, high-quality fonts for print and digital screens, including custom font design services supporting a wide range of global languages. The company has a niche market position focused on designers, publishers, and organizations requiring bespoke typography solutions. The website is built on modern web technologies such as Next.js and React, hosted on Vercel, and demonstrates excellent performance, mobile optimization, and accessibility. Security posture is strong with HTTPS, security headers, and hCaptcha integration, though explicit privacy and cookie policies are missing. WHOIS data is unavailable, which slightly reduces trust but the professional website and contact information mitigate concerns. Overall, Typotheque presents a credible and professional online presence with room for improvement in privacy compliance and domain transparency.

C

CircleCell

jsonlint.com

63

JSONLint.com is a well-established online tool founded in 2008 and maintained by CircleCell. It provides free JSON validation, formatting, and compression services targeted primarily at developers and programmers working with JSON data. The website is positioned as a niche utility with a strong reputation, supported by advertising revenue and a small but focused user base. The site uses modern web technologies including React and Next.js, hosted behind Cloudflare DNS and CDN services, ensuring good performance and availability. The content is rich, relevant, and professionally presented with clear navigation and mobile optimization. Security posture is solid with HTTPS enforced and domain transfer protections in place, though some security headers and policies could be improved. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or terms of service. No contact emails or phone numbers are published, limiting direct user support channels. Overall, JSONLint.com is a trustworthy and professional service with room for enhancement in privacy and security transparency.

S

SitePoint

sitepoint.com

71

SitePoint is a well-established online education platform specializing in web design and development tutorials, courses, and books covering technologies such as HTML5, CSS3, JavaScript, PHP, and responsive design. The platform targets developers, designers, and learners seeking to enhance their skills in web technologies. SitePoint offers a comprehensive library of over 700 courses, premium memberships, community engagement, and job listings, positioning itself as a key resource in the web development education market. Technically, the website leverages modern web technologies including React and Next.js, ensuring fast performance, mobile optimization, and good accessibility. The site employs secure HTTPS connections, uses Google Tag Manager for analytics, and integrates consent management for privacy compliance. The presence of structured data and SEO best practices further enhances its digital maturity. From a security perspective, SitePoint demonstrates strong security posture with HTTPS enforcement, security headers, and no visible vulnerabilities or exposed sensitive data. However, the absence of a public vulnerability disclosure policy and incident response contact information suggests areas for improvement in transparency and security readiness. Overall, SitePoint presents a low-risk profile with a professional, secure, and privacy-conscious online presence. Strategic recommendations include enhancing security transparency, publishing incident response contacts, and maintaining rigorous third-party script audits to sustain trust and compliance.

B

Brevo

sendinblue.com

70

Brevo is a large technology company offering an all-in-one AI-enabled marketing and CRM platform that integrates email, SMS, WhatsApp, chat, and more to help businesses grow customer relationships. The company is positioned as a competitive alternative to major players like HubSpot and Mailchimp, serving over 500,000 customers worldwide. Their platform includes marketing automation, sales management, customer data platform, loyalty programs, transactional messaging, and live chat solutions. The website demonstrates a high level of digital maturity with modern technologies such as Next.js, React, and extensive use of analytics and marketing tools. Security posture is strong with HTTPS, modern security headers, and no visible vulnerabilities, though the absence of a dedicated security policy or incident response contact is noted. Overall, the website is professional, well-branded, and trustworthy, but the lack of WHOIS domain registration data is a concern that slightly lowers the trust score.

A

Albert Česká republika, s.r.o.

albert.cz

74

Albert Česká republika, s.r.o. operates a large retail grocery business in the Czech Republic, offering both physical stores and online shopping services. The website provides rich content including current promotional flyers, recipes, loyalty programs, and brand information, targeting general consumers seeking grocery products and culinary inspiration. The company maintains a strong market position as a major retail player with a comprehensive digital presence.

H

Hlavné mesto SR Bratislava

bratislava.sk

61

The website bratislava.sk serves as the official digital portal for the city government of Bratislava, Slovakia. It provides comprehensive information about city operations, public services, cultural events, transportation, social services, and education. The site targets residents and visitors, offering a centralized platform for accessing municipal resources and updates. The business model is that of a public sector government service, focusing on transparency and citizen engagement. Technically, the site is built on modern web technologies including Next.js and React, leveraging Cloudflare for DNS and CDN services to ensure performance and security. Cookie consent is managed via Cookiebot, and Google Tag Manager is used for analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses Cloudflare's infrastructure, which provides a strong baseline security posture. However, explicit security headers and public security policies are not clearly published. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy compliance is partial, with cookie consent implemented but no explicit privacy policy or terms of service found. Overall, the website is trustworthy and professional, with a high legitimacy score based on domain age and WHOIS data. Strategic recommendations include publishing privacy and security policies, adding incident response contacts, and enhancing transparency around data protection to improve compliance and user trust.

A

AG Geronimo S.R.O.

aggeronimo.cz

50

AG Geronimo S.R.O. is a Czech marketing and communication agency specializing in creating impactful marketing campaigns, brand rebranding, and corporate identity services. The company targets businesses seeking to enhance their market presence through strategic marketing ideas and multimedia content. The website demonstrates a strong market position with notable clients and successful case studies, indicating a medium-sized agency with professional capabilities. Technically, the website is built on modern frameworks such as Next.js and React, utilizing advanced web technologies like Swiper.js for interactive content and WebP images for performance optimization. The site is well-optimized for mobile devices and offers a fast, responsive user experience with good SEO and accessibility features. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. No signs of WAF or content blocking were detected, and no vulnerabilities were apparent in the provided data. Overall, the website is professional and trustworthy, though it would benefit from enhanced privacy compliance and security best practices to strengthen user trust and regulatory adherence.

L

Lovable

lovable.dev

73

Lovable is a technology company providing an AI-powered SaaS platform that enables users to build software products and websites through a chat interface. Positioned as an innovative no-code/low-code solution, it targets developers, entrepreneurs, and teams seeking rapid software development with AI assistance. The platform offers tiered plans including Free, Pro, and Enterprise, supporting collaboration, integrations, and custom domain publishing. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Netlify, and integrates with services like Firebase, Supabase, and GitHub. The site demonstrates excellent design, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and dedicated security and abuse reporting pages, though the absence of a security.txt file is noted. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-positioned in its market niche.

K

Kontent.ai

kontent.ai

78

Kontent.ai is a technology company offering a modern headless content management system designed to streamline content operations, reduce risk, and accelerate time to value for businesses. The website presents a professional and consistent brand image targeting enterprises and businesses seeking advanced CMS solutions. The technical infrastructure leverages modern frameworks such as React and Next.js, hosted on Azure DNS, and integrates marketing and analytics tools like Google Tag Manager and Visual Website Optimizer. The website demonstrates good performance and mobile optimization, though accessibility features are basic. Security posture is solid with HTTPS enforced and domain transfer protection, but lacks DNSSEC and explicit security policies. Privacy compliance is limited by the absence of visible privacy and cookie policies. Overall, the domain registration is privacy protected but consistent with legitimate tech business practices. The website is safe, professional, and trustworthy, with room for improvement in privacy and security transparency.

T

Tena Tex

tenatex.cz

58

Tena Tex is a Czech-based retailer specializing in upholstery fabrics, artificial leather (koženky), and upholstery supplies. The company has been operating since 2003 and targets upholstery professionals and customers in the Czech Republic. Their website showcases a well-structured product catalog with detailed descriptions, stock availability, and pricing. The business model is primarily e-commerce retail with a focus on quality and customer service, including free samples and consultations. Technically, the website is built using modern frontend technologies such as React, Next.js, and Material UI, indicating a contemporary digital infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Performance is moderate, with room for improvement in accessibility and SEO. From a security perspective, the site uses HTTPS but lacks visible security headers and formal security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of privacy and cookie policies suggests incomplete compliance with GDPR and related regulations. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces domain trustworthiness but is common for small businesses. Overall, Tena Tex presents a professional and trustworthy online presence with a solid business foundation. Strategic improvements in privacy compliance, security headers, and WHOIS transparency would enhance their security posture and trust signals.

D

Design Wizard

designwizard.com

72

Design Wizard is an established online graphic design and video creation platform founded in 2000, offering a freemium SaaS model with a large library of templates, premium images, and videos. The platform targets individuals and businesses seeking easy-to-use design tools for social media, print, and web content creation. Technically, the website leverages modern frameworks such as React and Next.js, hosted likely on AWS infrastructure, with good performance and mobile optimization. Security posture is solid with HTTPS enforced and domain locks, though improvements like DNSSEC and CSP headers are recommended. Privacy compliance is generally good with clear privacy and terms pages, but lacks a visible cookie consent mechanism. Overall, the website is professional, trustworthy, and well-positioned in the graphic design SaaS market.

S

Sole Retriever

soleretriever.com

69

Sole Retriever operates as a specialized digital platform focused on delivering timely sneaker news, release dates, and raffle information for popular brands such as Nike, Jordan, New Balance, adidas, and Crocs. Positioned as a leading source in the sneaker enthusiast community, the website offers curated content and a mobile app to engage its target audience of sneaker collectors and consumers. The business model likely revolves around content monetization through advertising and affiliate marketing. Technically, the site leverages modern web technologies including Next.js and React, hosted on Vercel, with CMS support from Sanity.io and backend services via Supabase. This infrastructure supports fast performance, good mobile optimization, and accessibility. Security posture is strong with HTTPS enforcement and multiple security headers, although the absence of explicit privacy and cookie policies indicates room for compliance improvement. The WHOIS data is notably missing, which raises some concerns about domain legitimacy despite the professional web presence. Overall, the site is trustworthy and well-maintained but should address privacy compliance and domain transparency to enhance credibility further.

J

J&T BANKA, a.s.

jtbank.cz

65

J&T BANKA, a.s. is a well-established private and investment bank based in the Czech Republic, serving high-net-worth individuals, companies, and institutions with a broad range of financial services including deposit and investment products, project financing, and family office services. The website reflects a mature digital presence with a modern tech stack based on Next.js and React, supported by Kentico Kontent CMS, delivering a professional and mobile-optimized user experience. Security posture is strong with HTTPS enforcement, security headers, and dedicated compliance contact points including a whistleblowing channel. However, the absence of WHOIS domain registration data is a notable gap that slightly impacts trustworthiness. Overall, the site demonstrates a high level of professionalism, privacy compliance, and business credibility.

O

404: This page could not be found.

onlineapp.pro

49

The domain onlineapp.pro currently serves only a 404 error page indicating that the requested content is not found. There is no accessible business content, contact information, or policies available on the site. The technical infrastructure is based on React and Next.js frameworks, but the site is not operational or populated with meaningful content. The WHOIS data for this .pro domain is unavailable or privacy protected, providing no registrant or domain age information. This lack of transparency combined with the absence of website content severely limits trust and credibility. Security posture is poor with no HTTPS or security headers detected, and no privacy or cookie policies are present. Overall, the site appears inactive or improperly configured, posing a high risk for users seeking legitimate services or information.

T

Testuj.to s.r.o.

testujto.sk

66

Testuj.to s.r.o. operates a Slovak-based product testing and review platform that connects brands with a large community of testers. The company leverages micro-influencer communities to generate authentic user-generated content, including reviews, photos, and videos. Positioned as the largest tester community in Slovakia, Testuj.to offers brands a marketing tool to gather genuine consumer feedback and enhance product visibility. The platform targets consumers interested in testing products for free or at a discount and sharing their experiences, primarily within Slovakia and the Czech Republic. Technically, the website is built on modern frameworks such as React and Next.js, hosted on AWS infrastructure, and integrates multiple analytics and tracking tools including Google Analytics, Facebook Pixel, Hotjar, and Microsoft Clarity. The site demonstrates good mobile optimization, SEO practices, and a professional design.

S

SEAT

seat.cz

60

SEAT Czech Republic operates as the official online presence for the SEAT automotive brand within the Czech market, offering a comprehensive range of new and used vehicles, financing options, servicing, and accessories. The website targets both individual consumers and corporate customers, providing detailed model information, configurators, and dealer stock availability. The site reflects a strong market position as part of the Volkswagen Group, with consistent branding and professional content tailored to the Czech audience. Technically, the website leverages modern web technologies including React and Next.js frameworks, ensuring a responsive and accessible user experience across devices. Integration with Google Tag Manager and OneTrust indicates a mature approach to analytics and privacy compliance. Performance is moderate with good SEO and accessibility features. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements key security headers, demonstrating adherence to best practices. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with clear cookie consent mechanisms and a comprehensive privacy policy in Czech language. However, explicit security policies and incident response contacts are not publicly disclosed. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. The absence of WHOIS data limits domain registration trust analysis, but the official brand presence and professional implementation support legitimacy. Strategic recommendations include enhancing transparency around security policies and vulnerability disclosures to further strengthen trust.

T

Tilos Kulturális Alapítvány

tilos.hu

45

Tilos Rádió is a Budapest-based nonprofit community radio station established in 1999, operating under the Tilos Kulturális Alapítvány. The station offers diverse programming produced by contributors from various civilian professions, emphasizing independent and community-driven broadcasting. Their business model relies heavily on donations, supported by transparent fundraising campaigns and a webshop. The website reflects a mature digital presence with a modern React/Next.js infrastructure, optimized for performance and mobile devices. Social media integration and community engagement are strong, enhancing their outreach. Security-wise, the site employs HTTPS, security headers, and cookie consent mechanisms, demonstrating good compliance with GDPR and privacy standards. No critical vulnerabilities or suspicious activities were detected, and the domain's WHOIS data aligns well with the organization's history, supporting legitimacy. Overall, the site is professional, trustworthy, and well-maintained.

O

OpenAssistantGPT

openassistantgpt.io

62

OpenAssistantGPT is a technology SaaS platform specializing in building AI chatbots and AI agents powered by the OpenAI API. It targets businesses seeking to automate customer support, sales, and internal communications with smart RAG AI agents. The platform offers multiple subscription tiers, including a free plan, and supports advanced features such as SAML/SSO authentication and file attachment analysis. The company embraces open source principles, with code available on GitHub, enhancing transparency and community trust. Technically, the website is built using modern web technologies including Next.js and TypeScript, deployed likely on Vercel. The site is well-optimized for performance, mobile responsiveness, and accessibility, with a professional design and clear navigation. Integration with popular website platforms like WordPress, Shopify, Squarespace, and Wix is emphasized. From a security perspective, the site enforces HTTPS and supports enterprise-grade authentication methods. However, it lacks visible security headers and public incident response or vulnerability disclosure policies. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but no cookie consent mechanism was detected. Overall, the platform presents a credible and professional offering with strong technical foundations and good business transparency. The absence of WHOIS data due to privacy protection is common and justified for this business type. Strategic improvements in security headers, cookie consent, and public security policies would enhance trust and compliance.

C

Cornerstone OnDemand

cornerstoneondemand.com

73

Cornerstone OnDemand operates a leading enterprise AI-powered human capital management platform known as the Galaxy Platform. The company serves a global customer base of over 7,000 organizations and 140 million users, offering comprehensive talent management, learning, and workforce agility solutions. Their market position is reinforced by multiple industry awards and analyst recognitions, reflecting a strong competitive advantage in the HCM technology sector. Technically, the website leverages modern frameworks such as Next.js and React, integrates advanced analytics and marketing tools, and demonstrates excellent performance and mobile optimization. Security posture is robust with HTTPS enforcement and comprehensive security headers, though no explicit incident response or vulnerability disclosure policies are publicly visible. Privacy compliance is well addressed with clear privacy and cookie policies indicating GDPR adherence. Overall, the website and business present a professional, trustworthy, and mature digital presence, though the absence of WHOIS data introduces some uncertainty regarding domain registration transparency.

M

MegaUbytovanie.sk

megaubytovanie.sk

55

MegaUbytovanie.sk is a well-established online platform specializing in accommodation bookings across Slovakia and the Czech Republic, offering over 6000 verified listings including cottages, apartments, hotels, and private stays. The platform targets travelers seeking direct booking options with property owners, providing a multi-language user experience and a broad geographic reach within Central Europe. Technically, the website leverages modern web technologies such as Next.js and React, hosted on Amazon Cloudfront CDN, ensuring fast performance and mobile optimization. Security measures include HTTPS enforcement, security headers, and a cookie consent mechanism, although explicit privacy and terms policies are not found in the provided content. The absence of direct contact information and formal policies slightly impacts trust and compliance scores. Overall, the site demonstrates a strong market position with good technical maturity but would benefit from enhanced transparency and compliance documentation.

R

Recombee

recombee.com

67

Recombee is a technology company specializing in AI-powered recommendation and personalized search services delivered as a SaaS platform. Their offerings include real-time personalized recommendations, advanced search capabilities, and analytics tools tailored for diverse industries such as video streaming, e-commerce, media, real estate, and more. The company targets product managers and technical teams seeking to enhance user engagement and conversion rates through AI-driven personalization. With a strong market presence evidenced by partnerships with major brands and numerous client testimonials, Recombee positions itself as a leading provider in the AI recommendation space. Technically, Recombee employs a modern web stack including React and Next.js, with extensive use of RESTful APIs and SDKs for multiple programming languages. The website demonstrates excellent performance, mobile responsiveness, and SEO optimization. Integration of Google Tag Manager, Hotjar, and Usercentrics indicates a mature approach to analytics and privacy compliance. However, explicit security headers are not detected, and no dedicated security policy or incident response page is published. From a security perspective, the site uses HTTPS and implements reCAPTCHA on forms, along with consent management for cookies, reflecting good baseline security and privacy practices. The absence of WHOIS data is likely due to privacy protection, which is justified for this business type. No critical vulnerabilities or suspicious indicators are found in the content or technical setup. Overall, Recombee presents a professional, trustworthy, and technically sound platform with strong business credibility. Strategic recommendations include enhancing security header implementation, publishing a formal security policy, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.

O

ONDRÁŠEK INK - JET SYSTEM spol. s r.o.

ondrasek.cz

62

ONDRÁŠEK INK - JET SYSTEM spol. s r.o. is a Czech-based company specializing in comprehensive marking and automation solutions, primarily serving industrial and manufacturing sectors. Their product portfolio includes inkjet printers, thermal transfer printers, laser printers, label application systems, and collaborative robots, supported by software solutions for packaging and printing management. The company maintains a professional web presence with clear business and contact information, indicating a medium-sized enterprise with a solid regional market position. Technically, the website is built on modern frameworks such as Next.js and React, ensuring good mobile optimization and moderate performance. The site uses HTTPS with strong SSL configuration but lacks some security headers and cookie consent mechanisms, which are important for GDPR compliance. Marketing and lead generation scripts are present, indicating active customer engagement strategies. From a security perspective, the site demonstrates good practices like HTTPS enforcement and no visible sensitive data exposure. However, the absence of published security policies, incident response contacts, and cookie consent banners suggests areas for improvement in compliance and transparency. The WHOIS data is missing, which reduces domain trustworthiness from a registration standpoint but does not necessarily reflect on the business legitimacy. Overall, the website is professional and trustworthy with minor gaps in privacy compliance and security transparency. Strategic improvements in these areas would enhance the company’s digital trust and regulatory adherence.

R

rawpixel

rawpixel.com

10

rawpixel is a professional all-in-one graphic design platform offering free and premium stock photos, PNGs, templates, mockups, videos, fonts, and creative tools. The website is well-designed, modern, and targets graphic designers, marketers, and content creators seeking high-quality visual assets and design capabilities. The business operates on a freemium model with paid plans for enhanced access and features. Technically, the site uses Next.js and React frameworks, integrates Google Tag Manager and Pinterest scripts, and delivers content with good performance and mobile optimization. Security posture is solid with HTTPS and no exposed sensitive data, though security headers and explicit privacy/cookie policies are missing. WHOIS data is unavailable, likely due to privacy protection, which is common for commercial media sites. Overall, rawpixel presents a trustworthy and professional digital presence with room for improvement in privacy compliance and security transparency.

P

Pikwizard

pikwizard.com

74

Pikwizard is a well-established online platform founded in 2017 that offers over one million free, high-quality stock photos, PNG images, videos, and templates. It targets creators, marketers, and designers by providing royalty-free media assets with no attribution required, positioning itself as a competitive player in the free stock media market. The website is professionally designed with excellent content quality and clear navigation, supporting a positive user experience. Technically, it leverages modern web technologies including React and Next.js, hosted likely on AWS infrastructure, ensuring fast performance and mobile optimization. Security posture is solid with HTTPS enforced and domain protection statuses in place, though some security headers could be improved. Privacy compliance is basic with a comprehensive privacy policy but lacking explicit cookie consent mechanisms. Contact is primarily via a company email address. Overall, the site demonstrates strong business credibility and technical maturity with room for enhancements in security headers and privacy transparency.

S

SOLSOL s.r.o.

solsol.cz

64

SOLSOL s.r.o. is a leading Czech Republic-based distributor specializing in photovoltaic technologies including panels, inverters, batteries, and mounting systems. Established in 2012, the company operates a professional B2B e-commerce platform targeting partners and installers in the renewable energy sector. SOLSOL positions itself as the largest distributor in its market with a comprehensive partner program, extended warranties, and technical support services. The website reflects a mature digital infrastructure leveraging modern web technologies such as Next.js and Shopsys Platform, ensuring fast performance and mobile optimization. Security posture is robust with HTTPS, security headers, and error monitoring via Sentry, although explicit security policies and incident response contacts are not publicly detailed. Privacy and cookie policies are present and GDPR compliant, supporting trust and regulatory adherence. Overall, SOLSOL demonstrates a strong market presence with professional branding, clear contact channels, and a well-structured online platform.

S

Stock Spirits Group

stock.cz

78

Stock Spirits Group is a leading European spirits producer with a rich heritage dating back to 1884. The company offers a diverse portfolio of high-quality alcoholic beverages rooted in local and regional traditions, targeting mature consumers across over 50 countries. Their market position is strong, supported by sustainability initiatives and responsible drinking policies. Technically, the website is built on modern frameworks such as Next.js and React, delivering fast performance and excellent mobile optimization. Security posture is robust with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly available. Overall, the website reflects a professional and trustworthy business presence with moderate user tracking and good privacy compliance.

Ogilvy CZ is a well-established advertising and marketing agency operating since 1998, providing comprehensive services including advertising, PR, consulting, performance marketing, experience design, and social media marketing. The company targets businesses seeking integrated brand building and marketing solutions, holding a strong market position supported by awards and professional branding. Technically, the website is built on modern frameworks such as Next.js and React, with Drupal CMS backend, hosted by REG-WEBGLOBE. The site demonstrates good performance, mobile optimization, and SEO practices. Security posture is strong with HTTPS, security headers, and privacy policies in place, though it lacks a public vulnerability disclosure mechanism. Overall, the website is professional, trustworthy, and compliant with GDPR, reflecting a mature digital presence.

M

mBank S.A.

mbank.pl

71

mBank S.A. is a major Polish retail bank offering a comprehensive range of financial products including personal accounts, loans, deposits, insurance, and investment services. The website targets individual customers in Poland and presents a professional, well-structured digital presence with strong branding and consistent messaging. The bank leverages modern web technologies such as React and Next.js to deliver a fast, mobile-optimized experience. Security is robust with HTTPS, security headers, and privacy policies in place, although WHOIS data is unavailable which is unusual but likely due to registry policies. Overall, the site reflects a mature digital infrastructure and a strong market position in the Polish banking sector.

A

ALEXANDRIA s.r.o.

alexandria.cz

53

CK Alexandria is a Czech Republic based travel agency specializing in holiday packages primarily to popular European and exotic destinations such as Bulgaria, Greece, Turkey, Spain, Italy, Albania, Croatia, Cyprus, Montenegro, and the UAE. The company offers a broad range of services including last minute deals, animation programs, and a premium club membership, targeting general consumers seeking vacation travel. The website is built on modern technologies including Next.js and React, with integration of multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Smartlook. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enforced and cookie consent implemented, though the absence of security headers and a published privacy policy reduces compliance maturity. WHOIS data is unavailable, limiting domain trust assessment. Overall, the website presents a professional and trustworthy front for a medium-sized travel business.

VVV TOUR CZ 1, s.r.o. is a Czech travel agency specializing in holiday packages to Bulgaria, leveraging direct flights from multiple Czech cities including Pardubice, Prague, Brno, and Ostrava. The company has a long-standing presence since 2001, positioning itself as a specialist in the Bulgarian travel market with a focus on quality accommodation and comprehensive travel services. The website reflects a professional and consistent brand image, targeting Czech travelers seeking vacations in Bulgaria. Technically, the site is built on modern frameworks such as Next.js and React, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and explicit security policies. Privacy compliance is addressed with cookie consent and privacy policy, though GDPR compliance could be enhanced with more detailed disclosures. Overall, the site is trustworthy and functional, supporting the business model effectively.

C

CK Blue Style

blue-style.cz

62

CK Blue Style is a Czech travel agency specializing in offering vacation packages and tours to popular European and exotic destinations such as Greece, Egypt, Tunisia, Turkey, Morocco, Italy, Bulgaria, and more. The website provides a comprehensive catalog of travel options including last minute and first minute deals, family vacations, and premium travel experiences. The company targets a broad audience including families, seniors, and adult travelers seeking quality holiday options. Technically, the website is built using modern web technologies including React and Next.js, with integrations for analytics and cookie consent management. The site is mobile optimized and provides a good user experience with clear navigation and search capabilities. Security-wise, the site enforces HTTPS and uses asynchronous script loading, but lacks some security headers and explicit security policies. The absence of WHOIS data for the domain reduces trustworthiness from a domain registration perspective, though the website content and business presence suggest legitimate operations. Privacy compliance is partial, with cookie consent implemented but no clear privacy or terms of service pages found. Overall, the site is professional and trustworthy but would benefit from improved transparency and security practices.

T

TUI Poland Sp. z o.o.

tui.cz

66

TUI Poland Sp. z o.o. operates the website www.tui.cz as a leading travel agency offering a wide range of all inclusive and last minute vacation packages, tours, and charter flights to popular destinations worldwide. The company positions itself as the number one travel agency in Europe, targeting general consumers seeking organized travel experiences. The website is professionally designed with good content quality and consistent branding, supported by official social media channels and a clear customer service contact number. Technically, the website leverages modern web technologies including React and Next.js frameworks, with integrations for Cookiebot for cookie consent management, Google Analytics, and Hotjar for analytics and user behavior tracking. The site demonstrates good mobile optimization and SEO practices, although accessibility features could be improved. Performance is moderate, with a comprehensive set of meta tags and structured data enhancing search engine visibility. From a security perspective, the website enforces HTTPS with strong SSL configuration and includes standard security headers. Cookie consent mechanisms are implemented in compliance with GDPR, and privacy policies are comprehensive and accessible. However, the absence of WHOIS data and lack of explicit security policy or incident response information represent gaps in transparency and trustworthiness. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and vulnerability disclosure information to enhance trust and compliance. Improving accessibility and adding a terms of service page would further strengthen the user experience and legal posture.

Š

Škoda Auto a.s.

skodaplus.cz

73

Škoda Plus is a certified used car sales program operated by Škoda Auto a.s. in the Czech Republic, offering quality-assured used vehicles through authorized dealers. The website presents a professional and well-structured platform with comprehensive information about the program, vehicle offerings, financing, and insurance options. Technically, the site uses modern web technologies including React and Next.js, with integration of Google Tag Manager for analytics. Security posture is strong with HTTPS enforced and nonce attributes on scripts, although some security headers and explicit policies are missing. Privacy and cookie policies are present and GDPR compliant. The absence of WHOIS data limits domain trust assessment, but the branding and content strongly indicate legitimacy. Overall, the site is well-designed, user-friendly, and trustworthy for its target audience.

D

Direct Family s.r.o.

direct-technologies.cz

65

Direct technologies is a Czech Republic-based technology company operating as part of the Direct Family group. The company focuses on delivering agile, innovative, and reliable technology solutions in partnership with business units, leveraging modern technologies and data insights to build functional business systems. Their market position is that of a medium-sized technology partner supporting sectors including insurance, automotive, fintech, and non-profit foundations. The website demonstrates a professional digital presence with good content quality and modern technical infrastructure, including React and Next.js frameworks and AWS S3 for media hosting. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit privacy and security policies are not published. The absence of WHOIS data limits domain legitimacy verification, but the overall business credibility and trust indicators are strong.

D

Direct Investments

directinvestments.cz

66

Direct Investments is a Czech investment group specializing in building and managing a portfolio of companies primarily in the insurance, mobility, finance, and technology sectors. The group emphasizes Czech ownership and control, aiming to create trustworthy and sustainable businesses. Their market position is strong with over one million clients and a significant annual turnover. The website presents a professional image with clear information about subsidiaries and investment opportunities. Technically, the website is built using modern frameworks such as React and Next.js, ensuring good performance and mobile optimization. The presence of Google Tag Manager and cookie consent mechanisms indicates a moderate level of digital maturity and privacy awareness. However, some improvements could be made in accessibility and security headers. From a security perspective, the site uses HTTPS and has basic privacy mechanisms, but lacks visible security policies, incident response contacts, and vulnerability disclosure information. The absence of WHOIS data reduces transparency and trustworthiness from a domain registration standpoint. Overall, the website is professional and trustworthy in content and design but would benefit from enhanced security disclosures and domain registration transparency to improve its risk profile and compliance posture.

D

Direct pojišťovna a.s. spółka akcyjna oddział w Polsce

directubezpieczenia.pl

65

Direct ubezpieczenia is a Polish branch of the Czech insurance company Direct pojišťovna a.s., offering modern and transparent insurance solutions primarily in the automotive, property, and travel sectors. With over 300,000 clients in Poland and a decade of experience, the company emphasizes simplicity, fast claims processing, and customer-friendly service. The business model leverages direct sales and agent networks, with claims and customer service managed by UNEXT sp. z o.o., a trusted partner in Poland. The website reflects a professional and consistent brand image, targeting individual and corporate clients in Poland.

D

Direct Fidoo Payments s.r.o.

fidoo.com

69

Fidoo is a Czech-based financial technology company specializing in corporate expense management solutions. Their platform offers business clients a combination of prepaid Mastercard corporate cards and a comprehensive expense management application that streamlines payment approvals, receipt digitization, and reporting. The company positions itself as a modern, digital-first alternative to traditional expense handling, targeting medium-sized businesses and enterprises seeking efficiency and transparency in financial operations. The website reflects a mature digital presence with strong branding and customer testimonials, indicating a solid market position within the Czech Republic and potentially broader European markets. Technically, the website is built on modern web frameworks such as Next.js and React, hosted on AWS infrastructure, and integrates Google Tag Manager for analytics and marketing. The platform supports mobile optimization and accessibility, with clear SEO practices and fast performance. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS data is a notable gap, potentially due to privacy protection or domain registration issues, which slightly impacts trustworthiness. However, the website's content, regulatory references, and Mastercard licensing provide strong legitimacy signals. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, Fidoo presents a professional, secure, and user-friendly platform for corporate expense management, with recommendations to enhance transparency around security policies and domain registration details to further strengthen trust and compliance.

D

Direct nadace

directnadace.cz

66

Direct nadace is a Czech non-profit foundation established in 2010, originally as Nadace VIGO, focusing on social inclusion, youth development, amateur sports, volunteerism, and emergency response. It operates under the Direct group umbrella, leveraging business resources to create social impact. The website is modern, well-designed, and mobile-optimized, built on Next.js and React with media hosted on AWS S3. Privacy and cookie policies are implemented with consent management tools. Security posture is strong with HTTPS and security headers, though no explicit security or incident response policies are published. WHOIS data is unavailable, which slightly impacts trust but the website content and external references support legitimacy.

D

Direct Group, s.r.o.

directgroup.eu

64

Direct Group, s.r.o. is a large Czech financial and technology group operating multiple subsidiaries in insurance, payment services, and investments. The company serves both individual and business clients, emphasizing simplicity, speed, reliability, and friendliness in its offerings. The website reflects a mature and professional digital presence with a modern tech stack based on Next.js and React, and uses third-party services such as CookiePro for cookie consent and Google Tag Manager for analytics. Security posture is adequate with HTTPS enforced, but lacks visible security headers and explicit security policies. Privacy compliance is basic, with cookie consent implemented but no clear privacy or terms of service pages found. Overall, the site is well-branded, consistent, and trustworthy, though improvements in transparency and security documentation are recommended.

C

Cornerstone OnDemand

csod.com

74

Cornerstone OnDemand operates a leading AI-powered human capital management platform designed to empower workforce agility and talent development globally. The company serves a large enterprise customer base with comprehensive solutions including learning management, talent management, compliance, and workforce intelligence. Their market position is strong, supported by numerous industry awards and analyst recognitions. Technically, the website is built on modern frameworks such as Next.js and React, with advanced animations and integrations with marketing and analytics tools like Marketo and Google Tag Manager. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, though explicit incident response and vulnerability disclosure policies are not publicly detailed. Overall, the website reflects a mature, professional, and trustworthy enterprise digital presence.

K

KLUDI

kludi.com

64

KLUDI is a well-established German manufacturing company specializing in high-quality bathroom and kitchen fixtures, combining nearly a century of engineering expertise with innovative design. The website reflects a professional digital presence built on modern technologies such as React, Next.js, and Ant Design, hosted with Cloudflare DNS services. While the site is visually appealing and mobile-optimized, it lacks explicit privacy and cookie policies, as well as visible contact information, which are important for compliance and user trust. Security posture is generally good with HTTPS enabled and domain transfer protections, but could be improved by implementing DNSSEC and security headers. Overall, the site is functional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

Gas.be is a Belgian collaborative platform dedicated to promoting the use of renewable and green gases in household, mobile, and industrial sectors. The organization plays a pivotal role in supporting the energy transition by providing up-to-date information, studies, and practical solutions such as hybrid heating systems and bio-LNG for transport. The website is professionally designed, content-rich, and targets a broad audience including consumers, industry professionals, and policymakers in Belgium. Technically, the site leverages modern frameworks like Next.js and React, and uses Storyblok CMS for content management, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS and security headers implemented, though the site lacks visible cookie consent mechanisms and published security policies. WHOIS data is restricted due to registry policies, but the website's professional presentation and partner ecosystem support its legitimacy. Overall, Gas.be is a credible and authoritative source in the renewable gas sector in Belgium.

H

Najděte si skvělého terapeuta — Hedepy online terapie

hedepy.cz

10

Hedepy.cz is an established online therapy platform founded in 2020, offering clients access to a wide network of vetted therapists primarily in the Czech Republic and other European countries. The platform emphasizes personalized therapist matching and provides a mobile app for convenient access to therapy sessions. With over 50,000 clients served and 700+ therapists, Hedepy positions itself as a trusted player in the online mental health space. The website content is professionally designed, mobile-optimized, and includes positive client testimonials and insurance partnerships, enhancing its credibility. Technically, the website leverages modern web technologies including React and Next.js, hosted on Vercel, with integrated error monitoring via Sentry and analytics through Google Tag Manager. The platform supports multiple languages and regional domains, indicating a mature digital infrastructure. Performance and SEO optimizations are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses monitoring tools but lacks visible security headers and published security policies or incident response contacts. Privacy and cookie policies are not clearly accessible, which is a compliance gap. No vulnerabilities or suspicious domains were detected, and no WAF or blocking mechanisms interfere with content access. Overall, Hedepy.cz demonstrates a solid business and technical foundation with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

T

Testuj.to s.r.o.

testuj.to

71

Testuj.to s.r.o. operates a Czech Republic-based marketing platform that leverages micro-influencer communities to provide authentic product testing and reviews. The platform enables users to test products for free or at discounted prices and share their experiences to assist other consumers and product manufacturers. The company positions itself as the largest tester community in the Czech market, focusing on user-generated content as a marketing tool. Technically, the website is built on a modern React and Next.js stack, integrating multiple analytics and marketing tools such as Google Analytics, Microsoft Clarity, Hotjar, Facebook Pixel, and LinkedIn Insight Tag. The site demonstrates good mobile optimization, SEO practices, and security posture with HTTPS and security headers properly configured. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and social media presence enhancing trust. However, the site lacks a publicly available security policy and incident response information, which could improve transparency and security readiness. Overall, the website is professional, trustworthy, and well-positioned in its niche, with moderate to good technical maturity and security practices.

O

Ottobock

ottobock.sk

71

Ottobock is a globally recognized leader in the healthcare sector specializing in prosthetics, orthotics, and mobility solutions. The company offers a broad range of innovative products and services aimed at improving the quality of life for individuals with physical disabilities. Their market position is strong, supported by a century-long history and ISO certifications, targeting healthcare professionals, patients, and rehabilitation centers worldwide. The website is professionally designed, multilingual, and optimized for mobile users, reflecting a mature digital presence. Technically, the website leverages modern frameworks such as React and Next.js, combined with analytics and optimization tools like Google Analytics and Visual Website Optimizer. The site demonstrates good performance, accessibility, and SEO practices, ensuring a positive user experience. Security measures include HTTPS enforcement and standard security headers, although there is room for improvement in publishing explicit security policies and incident response information. From a security perspective, the site shows a solid posture with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies and an active consent mechanism, aligning with GDPR requirements. However, the absence of WHOIS data and public security disclosures slightly lowers the trust score. Overall, Ottobock's website is a trustworthy and professional platform that effectively supports its business objectives. Strategic recommendations include enhancing transparency around security policies and incident response, and improving WHOIS data visibility to strengthen domain trustworthiness.