Security Directory

S

Stredná priemyselná škola elektrotechnická Prešov

spse-po.sk

56

Stredná priemyselná škola elektrotechnická Prešov is a well-established secondary technical school in Slovakia, specializing in electrical engineering and information technology education. The institution has a strong regional presence and is actively engaged in international projects such as Erasmus+, robotics competitions, and startup innovation programs. The website reflects a vibrant educational environment with frequent updates on student achievements, events, and collaborations with industry and innovation centers. Technically, the website uses modern frameworks like Bootstrap and integrates Google Analytics for user insights. Security posture is solid with HTTPS and DNSSEC enabled, though improvements could be made in cookie consent and explicit security policies. Overall, the school demonstrates a credible and professional online presence aligned with its educational mission.

D

Doruk Vize

dorukvize.com

43

Doruk Vize is a Turkish visa consultancy and application service provider based in Ankara, established in 2024. The company offers professional assistance for various visa types including tourist, business, student, and residence visas. Their website is well-structured, professionally designed, and optimized for SEO, targeting individuals seeking visa services in Turkey. The technical infrastructure is based on WordPress with Elementor and common web libraries, hosted by a Turkish registrar and hosting provider. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and cookie consent mechanisms. No signs of blocking or WAF interference were detected, allowing full content access. Overall, the website presents a trustworthy and professional image suitable for its niche market.

I

IAM ILLUSION ART MUSEUM PRAGUE

iamprague.eu

62

IAM Illusion Art Museum Prague is a niche cultural institution focused on interactive optical illusions and trick art, located in the historic center of Prague. The museum offers immersive exhibitions featuring works by Czech and international artists, augmented reality experiences, and interactive installations. The business model centers on ticket sales and providing unique art experiences to tourists, families, and art enthusiasts. The website is professionally designed using WordPress and modern web technologies, with good mobile optimization and clear navigation. However, it lacks explicit privacy and security policies, which could be improved to enhance compliance and user trust. Security posture is solid with HTTPS and no visible vulnerabilities, but security headers and incident response information are missing. Overall, the site is trustworthy and well-positioned in its niche market, with room for improvement in privacy compliance and security transparency.

E

Escape Point

escapepoint.cz

46

Escape Point is a Czech Republic based entertainment company specializing in real-life escape games located in Prague. Established in 2017, it offers multiple themed escape rooms with various game modes targeting general audiences including groups and corporate clients for team-building. The website is professionally designed with good content quality, clear navigation, and mobile optimization. Technically, it uses a modern stack including jQuery, Bootstrap, Google Maps API, and integrates marketing and tracking tools such as Google Ads and Facebook Pixel. Security posture is solid with HTTPS, cookie consent, and reCAPTCHA, though it lacks explicit security policies and some security headers. The domain registration data is consistent and supports legitimacy. Overall, the website is trustworthy and well-positioned in its local market.

Multifire International BV is a specialized company based in the Netherlands focusing on fire protection solutions for professional clients in the construction and building safety sectors. Their offerings include fire-resistant coatings for various construction materials, fire sealing products, and fire engineering consultancy services. The website reflects a niche B2B business model targeting professionals requiring fire safety solutions. Technically, the website is built on WordPress using popular page builders and plugins, indicating a moderate level of digital maturity with room for modernization and security enhancements. Security posture is adequate with HTTPS enforced but lacks advanced security headers and public security policies, which could be improved to enhance trust and compliance. Overall, the website is professional and functional but would benefit from enhanced privacy compliance and security transparency.

Eston is a media production company specializing in filmmaking and digital content creation, offering services such as content production, film production, voice production, and creative direction. The company positions itself as an award-winning creative agency with a portfolio of over 5000 projects and multiple design awards, targeting media clients and creative professionals. The website is built on WordPress using the Eston theme and incorporates modern web technologies like Elementor, Bootstrap, and jQuery. The technical infrastructure is moderate in performance with good mobile optimization but lacks advanced security headers and DNSSEC. Security posture is adequate with HTTPS enabled but shows minor issues such as visible WordPress debug notices and missing security headers. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from improved security and privacy practices.

I

Imunno-Zlin.cz

immuno-zlin.cz

48

Imunno-Zlin.cz is a specialized healthcare provider focusing on allergy and clinical immunology services primarily for pediatric patients in Zlín, Czech Republic. The website presents a professional medical practice led by MUDr. Martina Minářová, with detailed qualifications and a clear focus on treating allergic diseases and immunopathological conditions. The business operates as a small local clinic with a clear target audience of children and limited adult patients. The site content is well-structured, informative, and localized in Czech, supporting patient engagement and service awareness. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, and Owl Carousel, ensuring a responsive and user-friendly experience. The site lacks a CMS indication and appears custom-built or static. Performance is moderate with good mobile optimization and basic accessibility features. SEO is adequately addressed with proper meta tags and structured navigation. From a security perspective, the site uses HTTPS (assumed from context) but lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance and security hardening. No forms are present on the main page, reducing attack vectors. The absence of WHOIS data is a notable concern, limiting domain trust verification. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security transparency. Overall, the website is a credible and professional representation of a local medical clinic with good content quality and technical implementation. However, security and privacy compliance could be enhanced to improve trust and regulatory adherence.

A

Apetee

apetee.com

47

Apetee is a Czech Republic-based online platform specializing in restaurant listings and table reservations. Established in 2017, it serves as a comprehensive portal for users to find restaurants, bars, pizzerias, and cafes, offering detailed information, photos, and booking capabilities. The platform also supports restaurant owners by providing a dedicated registration and management portal. Technically, the website leverages modern web technologies including Bootstrap, jQuery, and October CMS, ensuring a responsive and user-friendly experience. Security posture is adequate with HTTPS and basic security headers, though improvements are recommended in DNSSEC and advanced headers. Privacy compliance is basic with cookie consent and terms of service available, but lacks a dedicated privacy policy page and incident response details. Overall, Apetee presents a professional and trustworthy service in the hospitality sector with room for enhanced security and compliance maturity.

G

GATO TUERTO a.s

levneubytovanikv.cz

54

The website levneubytovanikv.cz represents GATO TUERTO a.s, a medium-sized hospitality business offering affordable accommodation services in the Karlovy Vary region of the Czech Republic. The company operates multiple lodging facilities including apartments and dormitories, targeting workers, travelers, and groups seeking budget-friendly stays. The site is well-branded and provides clear contact information, partner affiliations, and service descriptions, positioning itself as a local affordable accommodation provider. Technically, the website is built on WordPress using Elementor and Bootstrap frameworks, with common libraries such as jQuery and Owl Carousel. The site demonstrates good mobile optimization and SEO practices, though performance is moderate. Security posture is basic with HTTPS implied but lacks explicit security headers and formal policies. No privacy or cookie policies were found, indicating compliance gaps. Security-wise, the site shows no immediate vulnerabilities or exposed sensitive data but would benefit from enhanced security headers, privacy documentation, and incident response information. The absence of WHOIS data reduces domain legitimacy confidence, though the website content and contact details appear authentic and professional. Overall, the website is functional and trustworthy for its business purpose but should improve privacy compliance and security practices to enhance user trust and regulatory adherence.

Q

Quartex s.r.o

qinvoice.cz

48

Q.Invoice, operated by Quartex s.r.o., is a Czech Republic-based technology company specializing in AI-powered automation of incoming invoice processing. The platform offers automated data extraction, multi-level approval workflows, and integration with accounting software, targeting businesses seeking to streamline their invoice management. The website demonstrates a professional digital presence with clear business information, client testimonials, and compliance with privacy regulations. Technically, the site is built on WordPress with modern libraries and includes cookie consent mechanisms and Google Tag Manager for analytics. Security posture is solid with HTTPS and session management, though explicit security headers and incident response policies are absent. Overall, Q.Invoice presents a credible and mature SaaS offering in the invoice automation niche, with room for enhanced security transparency and WHOIS data availability.

C

Centrum pěstounských rodin z.s.

pestounskerodiny.cz

43

Centrum pěstounských rodin z.s. is a Czech non-profit organization dedicated to supporting children growing up in foster care and their families. The organization provides comprehensive services including counseling, education, psychological and therapeutic support, respite events for children, and material assistance. Their mission emphasizes stable family environments and respect for children's origins and identities. The website reflects a well-structured, content-rich platform with an active event calendar and social media presence, targeting foster families and related stakeholders in the Czech Republic. Technically, the website is built on Joomla CMS with common web technologies such as jQuery, Bootstrap, and FontAwesome. It integrates Google Fonts and uses CookieScript for cookie consent management. The site shows moderate performance and good mobile optimization but lacks some advanced accessibility features. SEO practices are adequately implemented with proper meta tags and structured data. From a security perspective, the site uses HTTPS and includes a cookie consent mechanism, but no explicit security headers or vulnerability disclosures were detected. There is no visible privacy policy or terms of service page in the provided content, which is a compliance gap. The WHOIS data confirms the domain is legitimate, registered since 2012, consistent with the organization's history. Overall, the website is trustworthy and professional but would benefit from enhanced security headers, explicit privacy and terms policies, and improved accessibility. These improvements would strengthen compliance and user trust.

C

Centrum poradenství pro rodinné a partnerské vztahy, p. o.

centrum-poradenstvi.cz

57

Centrum poradenství pro rodinné a partnerské vztahy, p. o. is a Czech non-profit social service organization providing specialized counseling and support services related to family and partner relationships, domestic violence intervention, and substitute family care. Established in 2012 and recently merged into Poradenské a krizové centrum, p. o., it serves clients primarily in the Zlín region with a focus on vulnerable populations. The website reflects this mission with clear service descriptions and contact information, though it lacks formal privacy and security policies. Technically, the site uses a modern JavaScript stack including jQuery, Bootstrap, and the Nette framework, hosted by Wedos, and integrates Facebook social media. Performance and mobile optimization are adequate, but accessibility and security headers could be improved. Security posture is moderate with HTTPS enabled and cookie consent implemented, but missing explicit security policies and incident response contacts. Overall, the site is trustworthy and professional, with a strong regional presence and transparent business information.

P

Power Exchange Central Europe, a.s.

pxe.cz

67

Power Exchange Central Europe, a.s. (PXE) operates as a regional energy commodity exchange focused on the Central European market, primarily the Czech Republic and Slovakia. It provides market participants with trading platforms, market data, and commodity price information, serving large consumers and traders in the energy sector. The company is part of the EEX Group, which enhances its market position and credibility. The website reflects a professional and well-structured digital presence, offering comprehensive market data, news, and trading information. The target audience includes energy market participants, large consumers, and traders seeking transparent and efficient commodity exchange services. Technically, the website is built on modern web technologies including Angular 12, uses Google Tag Manager for analytics, and integrates third-party widgets for market data visualization. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although accessibility could be further improved. Performance is moderate, with a clean and consistent design that supports user navigation and engagement. From a security perspective, the site enforces HTTPS, implements key security headers such as Content Security Policy and Strict-Transport-Security, and uses a cookie consent mechanism compliant with GDPR. However, explicit security policies, incident response information, and vulnerability disclosure mechanisms are not published, representing areas for improvement. No vulnerabilities or suspicious content were detected, and the domain registration data supports the legitimacy and trustworthiness of the business. Overall, PXE's website presents a secure, professional, and business-credible platform that effectively supports its role as a regional energy exchange. Strategic enhancements in security transparency and accessibility would further strengthen its digital maturity and stakeholder trust.

T

Trilby Media

getgrav.org

70

Grav is an open source flat-file CMS developed and maintained by Trilby Media, a small technology company founded in 2014. The platform targets developers and businesses seeking a fast, flexible, and easy-to-use CMS without the complexity of databases. Grav has a strong market position in the niche flat-file CMS segment, supported by multiple industry awards and a vibrant community on GitHub, forums, and Discord. The business model combines free open source software with professional consulting services and premium add-ons. Technically, the website is well-built using modern JavaScript libraries such as jQuery, Owl Carousel, and Google reCAPTCHA v3 for form security. The site is hosted behind Cloudflare DNS and uses HTTPS with good SSL configuration. The CMS itself uses Twig templating and a flat-file architecture, contributing to fast performance and excellent mobile optimization. SEO and accessibility features are well implemented. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. However, it lacks important security headers and does not publish a security policy or incident response contacts. DNSSEC is not enabled, which is a recommended improvement. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is limited due to the absence of privacy and cookie policies, which may pose regulatory risks. Overall, Grav.org is a professional, trustworthy, and technically mature website with strong business credibility. The main risks relate to privacy compliance and some security best practices. Strategic improvements in these areas would enhance trust and regulatory adherence.

A

Aquapalace Hotel Prague

aquapalacehotel.cz

45

Aquapalace Hotel Prague operates as a family and wellness hotel integrated with the largest water park in the Czech Republic, offering a broad range of leisure, accommodation, and conference services. The website presents a professional and content-rich platform targeting families, couples, and business travelers seeking entertainment, wellness, and event hosting in Prague. Technically, the site uses a modern technology stack including jQuery, Bootstrap, and various analytics and marketing tools, with a CMS identified as Topinfo CMS. The site is mobile-optimized and well-structured, providing a positive user experience. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and explicit privacy policies suggests room for improvement. The lack of WHOIS data reduces transparency and trust slightly but is offset by visible certifications and clear contact information. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced security and privacy disclosures.

M

MERKUR CASINO a.s.

merkur-casino.cz

51

MERKUR CASINO a.s. is a well-established gambling operator in the Czech Republic, operating since 1992 and part of the global Gauselmann Group. The company offers physical casinos, an online casino platform (MerkurXtip), and customer loyalty programs. The website reflects a professional and consistent brand image targeting adult users interested in gambling services. Technically, the site uses modern web technologies including Google reCAPTCHA and Google Analytics, with a cookie consent mechanism aligned with GDPR requirements. Security posture is generally strong with HTTPS enforced and bot protection, though some security headers are missing and no explicit incident response or vulnerability disclosure policies are found. The absence of WHOIS data limits domain trust analysis but the overall business credibility remains high based on content and affiliations.

ORBE is a Czech-based small marketing and web development agency operating since 2012, offering comprehensive services including website creation, PPC advertising, SEO, influencer marketing, printed advertising, and consulting. The website is professionally designed using WordPress and Elementor, with good content relevance and clear navigation targeting small and medium businesses. Technically, the site uses modern web technologies and is mobile optimized, though performance is moderate. Security posture is adequate with HTTPS enabled but lacks security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. WHOIS data confirms domain legitimacy and business history. Overall, the website presents a credible business with room for improvement in privacy and security practices.

SOILTEQ is a sustainable agriculture initiative operated by SOUFFLET AGRO a.s., focusing on improving soil fertility through innovative technologies and farmer-inspired practices. The website targets farmers and agricultural professionals interested in sustainable farming methods, offering advisory services, pilot farms, and a membership club for knowledge sharing. The business operates primarily in the Czech Republic and positions itself as a niche player in sustainable agriculture solutions. Technically, the website employs an older but functional technology stack including AngularJS 1.4.5, Bootstrap 3.3.5, and various JavaScript libraries for UI and analytics. The site is moderately optimized for performance and mobile use but lacks advanced accessibility features. The presence of Google Analytics, Facebook Pixel, and Sentry indicates a moderate level of digital maturity in tracking and error monitoring. From a security perspective, the site uses HTTPS and includes tracking scripts loaded asynchronously. However, it lacks visible security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No contact information or incident response details are provided, limiting transparency and user trust. No forms are present on the homepage to assess input security. Overall, the website is functional and professional but requires improvements in privacy compliance, security headers, and contact transparency to enhance trustworthiness and regulatory adherence. The domain registration via a reputable registrar supports legitimacy, though more detailed WHOIS data would improve trust analysis.

Q

Quartex s.r.o

qvos.cz

54

Q.VOS is a Czech-based software platform developed by Quartex s.r.o. that provides organizations with a secure, compliant whistleblower protection and internal reporting system. The platform targets companies with more than 50 employees, helping them meet legal obligations under Czech and EU whistleblower protection laws. The website demonstrates a professional presence with detailed content, client references, and certifications such as ISO 27001 and GDPR compliance. Technically, the site is built on WordPress with modern libraries and frameworks, hosted on a secure FORPSI Cloud infrastructure. Security measures include HTTPS, Google reCAPTCHA, and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data is a concern for domain legitimacy but does not detract from the business credibility evidenced by certifications and client logos. Overall, the site is well-structured, user-friendly, and compliant with privacy regulations.

P

Pěkný - Unimex s.r.o.

itsnatural.cz

63

ItsNatural.cz is an e-commerce website operated by Pěkný - Unimex s.r.o., specializing in the sale of ecological and organic spices and herbs. The company emphasizes natural ingredients and sustainable farming practices, targeting health-conscious consumers primarily in the Czech Republic. The website features a blog for educational content and a newsletter subscription to engage its audience. Technically, the site is built on the Magento platform, uses modern JavaScript libraries, and is hosted with OVH and Cloudflare DNS services. It employs Google Analytics and Google Tag Manager for tracking, with a cookie consent mechanism in place. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and published security policies. No contact emails or phone numbers are directly listed, relying on contact forms instead. Overall, the site is professional, well-branded, and trustworthy with a moderate security and privacy compliance level.

I

Institut pro regulaci hazardních her z.s.

zodpovednehrani.cz

53

The website www.zodpovednehrani.cz represents the Institut pro regulaci hazardních her z.s., a Czech non-profit organization dedicated to promoting responsible gambling through education, support services, and regulatory advocacy. The site offers resources such as a 24/7 helpline, information on gaming limits, exclusion registries, and educational videos and podcasts targeting gambling players, their families, and legal operators. The organization positions itself as a key national resource in the Czech Republic for gambling-related social support and prevention. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, and responsive design elements to ensure accessibility and user engagement. The site is well-structured with clear navigation and a professional design, optimized for mobile devices. Privacy compliance is robust, featuring a comprehensive privacy policy and a cookie consent mechanism aligned with GDPR requirements. From a security perspective, the site enforces HTTPS and implements cookie consent but lacks visible security headers such as Content-Security-Policy or X-Frame-Options, which are recommended for enhanced protection. No vulnerabilities or exposed sensitive data were detected in the HTML content. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and trustworthiness, warranting further investigation. Overall, the website demonstrates a solid commitment to content quality, privacy, and user support, but improvements in domain transparency and security header implementation would strengthen its security posture and trust profile.

J

JF Logistics GROUP s.r.o.

jflogistics.cz

50

JF Logistics GROUP s.r.o. is a Czech Republic-based logistics company specializing in domestic and international freight transportation, warehousing, express delivery, moving services, and freight forwarding. Established originally in 2006 and incorporated as a limited liability company in 2016, it operates a sizable fleet of 155 vehicles and serves a diverse client base including notable brands such as BMW, Kofola, and DHL. The company emphasizes safety, professionalism, and customer-specific logistics solutions. The website reflects a mature business with consistent branding and comprehensive service descriptions targeting business customers in the transportation sector. Technically, the website employs standard JavaScript libraries like jQuery and Owl Carousel, integrates Google Maps API for location services, and is hosted on a Czech hosting provider. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. Analytics tracking is minimal, with Google Analytics code commented out and some retargeting scripts active. No CMS or advanced frameworks are detected. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, it lacks visible security headers and published security or privacy policies, which impacts compliance and security posture. There is no evidence of incident response contacts or vulnerability disclosure mechanisms. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company’s history and no privacy protection, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, security headers, and transparency regarding data protection to improve its security and compliance posture.

I

Interiéry Beneš

natremvamto.cz

50

Interiéry Beneš is a small Czech Republic-based business specializing in luxury interior finishing services including Venetian and Viennese stuccos, concrete imitation, wallpapering, painting, coatings, moldings, and decorative trims. The company targets residential and commercial customers across the Czech Republic, emphasizing quality materials and craftsmanship with over 15 years of experience. Their market position is that of a trusted local service provider with a focus on transforming interiors with unique wall finishes. Technically, the website is built with standard web technologies including HTML5, CSS, JavaScript, and popular libraries such as jQuery and Owl Carousel. The site is hosted on a Czech hosting provider and is mobile optimized with good navigation and SEO practices. However, some modern security headers and privacy compliance features are missing, and Google Analytics is present but currently disabled. From a security perspective, the site uses HTTPS but lacks advanced security headers and formal privacy or cookie policies, which are important for GDPR compliance. No forms are present, reducing attack surface, but the absence of a vulnerability disclosure policy and incident response contacts indicates room for improvement in security posture. Overall, the website is professional and trustworthy for its business purpose but would benefit from enhanced privacy and security measures to improve compliance and user trust.

K

KAMENICTVÍ LOUHA s.r.o.

kamenictvi-louha.cz

53

KAMENICTVÍ LOUHA s.r.o. is a Czech Republic based small business specializing in natural stone products including funerary architecture, interior and exterior stone elements, and garden stone products. Operating since 2010, the company offers both custom manufacturing and an online e-commerce platform, serving customers nationwide. Their website is professionally designed with good content quality and clear navigation, targeting customers seeking durable and elegant stone solutions. Technically, the site is built on Webflow CMS with integrations for Google Analytics, Facebook Pixel, and Stripe payments, reflecting a modern digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and published security policies are absent. WHOIS data is unavailable, which slightly impacts domain trustworthiness, but overall the business appears legitimate and compliant with GDPR. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility. Overall, the website and business demonstrate a good level of digital maturity and market presence in their sector.

O

onWebChat

onwebchat.com

67

onWebChat is a technology company specializing in AI-powered live chat and chatbot software designed to enhance customer support and boost sales for businesses. The company offers a SaaS model with free and paid subscription plans, including a Pro AI plan with advanced features. Their platform supports multiple integrations with popular CMS and e-commerce systems and provides native mobile applications for Android and iOS, indicating a mature and versatile product offering. The website is professionally designed, mobile-optimized, and rich in relevant content, targeting businesses seeking to improve customer engagement through AI-driven chat solutions. Technically, the site uses modern web technologies including jQuery, Socket.IO, Bootstrap, and Google Tag Manager, ensuring a responsive and interactive user experience. Security-wise, the site enforces HTTPS with a reputable SSL certificate and implements cookie consent mechanisms, but lacks visible security headers and explicit incident response policies. The absence of WHOIS registration data reduces transparency but does not significantly detract from the site's legitimacy given the professional presentation and trust indicators such as user testimonials and social media presence. Overall, onWebChat demonstrates a solid digital maturity with room for improvement in security policy transparency and WHOIS data availability.

B

Burza cenných papírů Praha, a.s.

pse.cz

67

Burza cenných papírů Praha, a.s. (Prague Stock Exchange) is the primary stock exchange operator in the Czech Republic, with a long-standing history dating back to 1871. The website provides comprehensive market data, investor and issuer guides, and access to multiple trading markets including Prime, Standard, Free, and Start markets. The platform targets investors, issuers, and financial market participants, offering a regulated environment for trading equities, bonds, structured products, and investment funds. The exchange maintains a strong market position as the main organizer of securities trading in the country. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Google Analytics, Google Tag Manager, and the Nette Framework for AJAX and forms. The site is mobile-optimized, accessible, and features good SEO practices. Performance is moderate with a professional design and clear navigation. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and integrates Google Tag Manager with privacy controls. While some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected, the overall security posture is good with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data limits domain registration trust analysis, but the website's professional presentation and official branding support its legitimacy. Overall, the Prague Stock Exchange website is a well-maintained, secure, and authoritative platform serving the Czech financial market. Strategic recommendations include enhancing security headers, improving incident response visibility, and maintaining privacy compliance to further strengthen trust and security posture.

Česká komora autorizovaných inženýrů a techniků činných ve výstavbě (ČKAIT) is a professional chamber representing authorized engineers and technicians active in the construction sector in the Czech Republic. The website serves as an information portal for members and the public, providing news, event calendars, educational resources, and authorization services. It maintains a professional presence with consistent branding and relevant content targeted at construction professionals and stakeholders. Technically, the site is built on Drupal 8 CMS, utilizing modern web technologies such as Bootstrap, jQuery, and Owl Carousel, with Google Analytics integrated for user tracking. The site is mobile optimized and provides accessibility features, though some improvements could be made in security headers and performance optimization. Security posture is moderate with HTTPS usage and cookie consent mechanisms, but lacks visible advanced security headers. WHOIS data is unavailable, which limits domain trust assessment, but the website content and structure indicate a legitimate and established organization. Overall, the site is professional, informative, and trustworthy for its intended audience.

Č

Česká komora lehkých obvodových plášťů

cklop.cz

46

Česká komora lehkých obvodových plášťů (ČKLOP) is a Czech industry association founded in 2007 that unites manufacturers and suppliers of windows, doors, and lightweight facade systems. It serves as a professional body supporting quality standards, market development, and information dissemination for its approximately 46 member companies. The website reflects a mature digital presence with good content quality, clear navigation, and active engagement through newsletters and social media. Technically, the site uses common JavaScript libraries and tracking tools, with HTTPS enabled and cookie consent implemented, though it lacks some security headers and a published privacy policy. The absence of WHOIS data reduces domain trust but does not detract from the professional appearance and legitimacy of the business. Overall, the site is well-positioned to serve its industry audience effectively.

T

Tlačová agentúra Slovenskej republiky

vtedy.sk

9

Vtedy.sk is a Slovak historical media platform operated by the Tlačová agentúra Slovenskej republiky (TASR), the national press agency. The website serves as a public memory gallery offering historical articles, photo galleries, and video content focused on Slovak history and culture. It targets a general audience interested in educational and cultural content. The platform maintains consistent branding and is integrated with partner sites such as teraz.sk and tablet.tv. The business model centers on content publishing and archival media services within the media industry in Slovakia.

The Malta Financial Services Authority (MFSA) operates as the national regulatory and supervisory authority for financial services in Malta. The website serves as an official portal providing information and resources related to financial regulation, consumer protection, and oversight of financial firms. It targets financial institutions, regulated entities, and consumers within Malta's jurisdiction. The MFSA holds a strong market position as the primary financial regulator in Malta, offering key services including regulation, supervision, and consumer guidance. Technically, the website is built on WordPress CMS with a modern technology stack including jQuery, Google Analytics, Facebook Pixel, and Hotjar for analytics and user behavior tracking. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with asynchronous loading of scripts enhancing user experience. From a security perspective, the site enforces HTTPS and uses standard tracking and analytics tools. However, it lacks explicit security headers and does not publicly expose a security policy or incident response information. Privacy compliance is basic, with a cookie policy and consent mechanism present but no clear privacy policy or terms of service linked. WHOIS data confirms the domain's legitimacy and consistency with the MFSA's official identity. Overall, the website is professional, trustworthy, and serves its regulatory purpose effectively. Strategic improvements in privacy disclosures, security headers, and incident response transparency would enhance its security posture and compliance standing.

U

UNIFORM Praha s.r.o.

uniform.cz

41

UNIFORM Praha s.r.o. is a well-established Czech publishing company specializing in advertising periodicals, company catalogs, agricultural monthly magazines, and calendars. Founded in 1997, it serves a broad audience including businesses and consumers in the Czech Republic seeking advertising and informational publications. The company maintains a strong market position with a consistent brand presence and a comprehensive portfolio of print and online offerings. The website reflects this with rich content, partner collaborations, and a clear business focus on media and publishing services. Technically, the website employs a custom CMS or framework with a technology stack including jQuery, Google Tag Manager, Hotjar, and Owl Carousel for UI and analytics. The site is mobile optimized with good SEO practices and moderate performance. Cookie consent is implemented, reflecting awareness of privacy regulations. However, some modern security headers are missing, and no explicit security or incident response policies are publicly available. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. Tracking and analytics are present but managed with user consent. No critical vulnerabilities or suspicious content were detected. The WHOIS data confirms a consistent and legitimate registration matching the business claims, supporting trustworthiness. Overall, the website is professional, secure, and compliant with basic privacy standards. Strategic improvements in security headers, transparency of security policies, and enhanced privacy compliance would further strengthen its posture.

A

Alimpex

alimpex.cz

55

Alimpex is a well-established Czech company specializing in the wholesale and retail distribution of food products, including their own production and brand portfolio. The company serves a diverse customer base including retail clients, budget organizations, gastronomy, and ice cream sectors, offering over 4500 products with a strong logistics network ensuring delivery within 24 hours across the Czech Republic. The website reflects a mature business with a professional digital presence, leveraging modern web technologies and providing detailed product and contact information. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and registration details. Security posture is generally good with HTTPS and reCAPTCHA usage, but could be improved by adding security headers and explicit incident response contacts. Privacy compliance is addressed with a comprehensive GDPR policy, though cookie consent mechanisms are lacking. Overall, the site demonstrates a solid business and technical foundation with room for enhancements in security and privacy transparency.

D

DUP družstvo – Pivovar Poutník, Pelhřimov

pivovarpoutnik.cz

45

Pivovar Poutník is a traditional brewery located in Pelhřimov, Czech Republic, specializing in the production of unpasteurized beers using classical brewing technologies. The company positions itself as a regional brewery with a rich history dating back to at least 1552, offering a variety of beer products including light beers and special brews. Their market presence is supported by participation in local events and recognition through awards. The website is professionally designed, targeting a mature audience interested in traditional Czech beer products. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, and Google reCAPTCHA v3 for form protection. The site is mobile optimized with good SEO practices and a cookie consent mechanism, indicating a reasonable level of digital maturity. However, no CMS or hosting provider information is explicitly identified. From a security perspective, the site uses HTTPS with a valid SSL certificate and implements reCAPTCHA to protect forms. Despite this, it lacks explicit security headers and published security or incident response policies, which are areas for improvement. The absence of WHOIS data reduces the ability to fully verify domain legitimacy, though the website content and structured data suggest a legitimate business. Overall, the website presents a trustworthy and professional image with moderate technical and security maturity. Strategic improvements in security transparency and domain registration clarity would enhance trust and compliance.

Pivovarská restaurace, rodinný pivovar Berounský medvěd is a small family-owned brewery and restaurant located in Beroun, Czech Republic. The business revives a historical brewing tradition dating back to 1295 and offers a range of services including traditional beer brewing, a restaurant, cultural events, and bike rentals. The website is professionally designed using WordPress and includes rich content in Czech, targeting local visitors and tourists interested in authentic Czech beer and cultural experiences. Technical infrastructure includes common JavaScript libraries such as jQuery and Owl Carousel, with a cookie consent mechanism ensuring GDPR compliance. However, WHOIS data for the domain is missing, raising concerns about domain registration legitimacy. The website lacks explicit security headers and terms of service pages, which could be improved to enhance security posture and compliance. Overall, the site is accessible, well-structured, and trustworthy from a content perspective but requires attention to domain legitimacy and security best practices.

B

Balance 21, s.r.o.

bala21.cz

52

Balance 21, s.r.o. operates the website bala21.cz, an e-commerce platform specializing in probiotic products including kombucha-based drinks and supplements. The company targets health-conscious consumers in the Czech Republic, offering a range of probiotic beverages and capsules designed to support digestion and immunity. The website presents a professional and consistent brand image with clear business and legal information, including GDPR-compliant privacy policies and terms of service. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and integrates Google Analytics and Facebook Pixel for marketing and analytics purposes. Hosting is provided by WEDOS, consistent with the domain registration data. Security posture is adequate with HTTPS enforced and secure forms, though some security headers are missing and no incident response or vulnerability disclosure information is published. Overall, the site is trustworthy and well-positioned in its niche market.

M

MADETA a.s.

madeta.cz

48

MADETA a.s. is the largest milk processor in the Czech Republic with a long tradition dating back to 1837. The company specializes in manufacturing and retailing a wide range of dairy products including milk, cream, yogurts, cheeses, and desserts. Their market position is strong within the Czech dairy industry, supported by a comprehensive product portfolio and multiple subsidiary domains for e-commerce, wholesale, logistics, and gastronomy. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site uses modern JavaScript libraries and tracking technologies, integrating Google Analytics, Facebook Pixel, TikTok Pixel, and Microsoft Clarity for analytics and marketing purposes. Security posture is good with HTTPS enforced and reCAPTCHA protection on forms, although security headers are not detected and could be improved. Privacy compliance is robust with clear GDPR policies and cookie consent mechanisms. Overall, the site is trustworthy and professionally maintained, though WHOIS data is unavailable, likely due to privacy protection.

P

PHP7.Hosting

php7.hosting

59

PHP7.Hosting is a small technology company specializing in PHP web hosting services, offering support for PHP versions 5.3 through 7.3 with real-time switching capabilities. The company also provides domain registration, automated SSL certificates via Let's Encrypt, email services, DNSSEC, and URL redirection. Their market position is niche, targeting developers and businesses requiring flexible PHP hosting solutions. The website is professionally designed with good navigation and mobile optimization, leveraging modern frontend technologies such as Bootstrap and jQuery. However, no CMS or hosting provider details are explicitly identified. Security-wise, the site supports HTTPS with automated SSL but lacks visible security headers and published security or incident response policies, indicating room for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is functional and trustworthy but would benefit from enhanced compliance and security transparency.

The website tlds.africa operates as a domain registration service specializing in African country code top-level domains (ccTLDs) and a broad range of other domain extensions. It targets individuals and businesses seeking to establish an African online identity through domain registrations. The business is relatively small, founded in 2017, and operates under a privacy-protected domain registration, which is common in this industry. The site provides clear domain pricing, a domain search function, and contact information, positioning itself as a niche regional registrar with a focus on African domains. Technically, the website employs a standard modern web technology stack including jQuery, Bootstrap, Popper.js, and FontAwesome, ensuring a responsive and user-friendly interface. The site is mobile optimized and has a moderate performance profile. However, it lacks advanced SEO and accessibility features, and no CMS is detected. Hosting is provided by Gransy s.r.o., a known registrar and hosting provider. From a security perspective, the site uses HTTPS but lacks DNSSEC and important security headers, which are recommended to enhance domain and web security. There is no visible privacy or cookie policy, which is a compliance gap especially under GDPR. Incident response and vulnerability disclosure mechanisms are not present, indicating room for improvement in security posture and transparency. Overall, the website is functional and professional but would benefit from enhanced security measures, privacy compliance improvements, and better transparency to increase trustworthiness and regulatory adherence.

S

SIA Bio-Venta

bioventa.lv

51

SIA Bio-Venta operates as the largest biodiesel production complex in the Baltic states, specializing in the manufacture and supply of biodiesel fuels and related chemical products. The company is part of the VK Tranzits holding group, which includes several related companies in logistics and terminal services. The website reflects a professional corporate presence with clear business information, contact details, and a focus on compliance with privacy regulations through Cookiebot integration. The company targets business clients and suppliers within the energy sector, emphasizing its market leadership in the region. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, and Owl Carousel, ensuring a responsive and user-friendly experience. Cookie consent and privacy policies are well implemented, demonstrating GDPR compliance. Security posture is adequate but could be improved with additional HTTP security headers and explicit security policy disclosures. Overall, the website presents a trustworthy and professional image consistent with a large energy sector enterprise.

CPBS Institute z.s. is a Czech non-profit organization specializing in research, development, and education in the fields of population protection, crisis management, and critical infrastructure. Established in 2008, it operates with government partnerships and focuses on innovative educational technologies including virtual reality and simulation. The website reflects a professional presence with clear information about their projects, educational offerings, and contact details. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and Owl Carousel, providing a responsive and user-friendly experience. However, some compliance gaps exist, notably the absence of a dedicated privacy policy and terms of service pages. Security-wise, the site uses HTTPS and implements a cookie consent mechanism but lacks visible security headers and explicit incident response contacts. Overall, the website is trustworthy and well-positioned within its niche but would benefit from enhanced privacy and security documentation.

C

CampingPlatze.cz

campingplatze.cz

42

CampingPlatze.cz operates as a specialized online directory and booking platform for camping sites primarily in Czechia and Slovakia, targeting German-speaking tourists. The website offers detailed listings, photos, local weather, and user reviews, positioning itself as a trusted resource for camping enthusiasts in the region. The business has been established since 2009, supported by consistent domain registration data and a focused hospitality sector presence. Technically, the site uses common JavaScript libraries and CSS frameworks to deliver a responsive and user-friendly experience, though it lacks a known CMS. Security posture is adequate with HTTPS enabled and cookie consent implemented, but could be improved by adding security headers and formal policies. Privacy compliance is basic, with no explicit privacy or terms of service pages found. Overall, the site is functional, professional, and trustworthy for its niche audience.

C

CzechCamping.com

czechcamping.com

44

CzechCamping.com is a specialized online platform providing a comprehensive guide and booking service for campsites, caravans, bungalows, and mobile homes primarily in Czechia and Slovakia. Established in 2009, it serves a niche market of campers and tourists seeking detailed camping information, reviews, and direct booking options. The website offers rich content including maps, weather updates, user reviews, and multimedia to enhance user experience. Technically, the site uses a custom-built platform with common JavaScript libraries like jQuery, Owl Carousel, and Fancybox, hosted on Vas-hosting infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enforced and domain transfer protections, but lacks advanced headers like Content-Security-Policy and DNSSEC. Privacy compliance is weak due to missing privacy and terms of service pages and no explicit cookie consent mechanism. Overall, the site is trustworthy and well-established but would benefit from improved compliance and security practices.

H

HRkempy.cz

hrkempy.cz

43

HRkempy.cz is a Czech-language online catalog specializing in campsites and auto camps in Croatia, offering detailed listings, photos, videos, and online reservation capabilities. The website targets tourists primarily from the Czech Republic and neighboring countries seeking camping accommodations in Croatia. The business model appears to be a specialized directory with possible affiliate or commission-based revenue streams. Technically, the site uses a custom-built platform with common JavaScript libraries such as jQuery, Owl Carousel, and Fancybox to enhance user experience. The site is mobile-optimized and uses HTTPS, but lacks some modern security headers and comprehensive privacy compliance features. Security posture is moderate with no critical vulnerabilities detected, but improvements are recommended in privacy policy transparency and incident response readiness. The domain registration is transparent but recently created, which contrasts with the website's stated operational history, suggesting a domain transfer or re-registration. Overall, the site is functional, content-rich, and trustworthy for its niche, but would benefit from enhanced privacy and security practices.

A

Aldit s. r. o.

aldit.cz

45

Aldit s. r. o. is a Czech family-owned company specializing in the manufacturing and bespoke installation of high-quality glass lighting products. With a claimed tradition of twenty years in the glass industry, Aldit offers a range of products from crystal chandeliers to large-scale light installations, targeting luxury residential and commercial clients worldwide. The website reflects a niche luxury brand with a focus on craftsmanship and innovation in glass lighting. Technically, the website uses established JavaScript libraries such as jQuery and Owl Carousel, and integrates Google Analytics with a privacy-conscious default setting denying tracking without consent. The site is mobile-optimized and provides a good user experience, though accessibility features are basic. Security-wise, the site lacks visible security headers and does not provide detailed security or privacy policies, which are areas for improvement. The absence of WHOIS data reduces transparency and trustworthiness, although the website content and social media presence support legitimacy. Overall, the site is professional but could enhance trust and compliance by publishing privacy and security policies and improving technical security measures.

R

RX (Reed Exhibitions)

reedexhibitions.com

75

RX Global is a leading international event organizer operating over 350 events across 25 countries and 41 sectors. The company focuses on creating impactful business experiences and has a strong global footprint with multiple subsidiaries. Their website is professionally designed, mobile-optimized, and built on Drupal CMS with modern technologies. Privacy and cookie policies are comprehensive and GDPR compliant, supported by a consent mechanism. Security posture is good with HTTPS enforced and domain registration consistent with business claims. However, there is room for improvement in security headers and incident response transparency. Overall, RX Global presents a credible and trustworthy digital presence aligned with its enterprise market position.

V

VK Tranzits, SIA

vkekspedicija.lv

51

VK Ekspedīcija is a Latvian freight forwarding and logistics company specializing in the transportation of dangerous goods and wholesale of chemical products such as methanol. The company operates as part of a holding group with related subsidiaries focused on logistics, chemical production, and terminal services. Their market position is that of a regional logistics provider with a focus on specialized cargo handling. Technically, the website employs modern JavaScript libraries and frameworks including jQuery, Bootstrap, and Cookiebot for cookie consent management, indicating a moderate level of digital maturity. The site is mobile optimized and provides clear navigation and business information. Security posture is adequate with HTTPS usage and cookie consent but lacks explicit security headers and vulnerability disclosure mechanisms. Overall, the website is professional and trustworthy with good privacy compliance and business credibility.

M

MACHIN.CZ s.r.o.

machin.cz

57

MACHIN.CZ s.r.o. is a Czech Republic-based technology service provider specializing in web development, e-commerce solutions, graphic design, and digital marketing. With over 20 years of market presence and more than 650 clients served, the company offers a comprehensive suite of services including website creation, e-shop development, hosting, and marketing consultancy. The website reflects a professional and consistent brand image targeting businesses seeking digital transformation and online presence enhancement. Technically, the site employs modern frameworks such as Bootstrap, jQuery, and the Nette PHP framework, ensuring a responsive and user-friendly experience. The hosting and domain registration are consistent with the company's Czech origin and long-standing operation. Security-wise, the website enforces HTTPS, implements cookie consent mechanisms compliant with GDPR, and uses reputable analytics and advertising tools like Google Analytics and Facebook Pixel. No critical vulnerabilities or exposed sensitive data were detected, though security headers could be improved. Overall, the site demonstrates a mature digital infrastructure and a strong commitment to privacy and user experience.

M

Metatron Capital

metatroncapital.eu

60

Metatron Capital is a Slovak-based financial services company specializing in fund and portfolio management. The company offers several investment funds with distinct strategies, including long-term equity, event-driven, and AI sector funds. It maintains strong partnerships with reputable brokers, banks, auditors, and regulators, ensuring transparency and compliance. The website is built on WordPress using Elementor, featuring modern web technologies and a cookie consent mechanism compliant with GDPR principles. Security posture is good with HTTPS and no visible vulnerabilities, though security headers and explicit policies could be improved. Contact information is available via professional emails and social media, but no phone numbers or physical addresses were found in the provided content.

V

VK Tranzits, SIA

vktranzits.lv

45

VK Tranzits, SIA is a Latvian holding company specializing in energy and transportation sectors, managing subsidiaries involved in biodiesel production, chemical and oil product logistics, and freight forwarding. The company leverages its strategic location in Ventspils Freeport to offer competitive logistics and production services. The website reflects a mature digital presence with modern frontend technologies, cookie consent mechanisms, and integration of analytics tools. Security posture is adequate with HTTPS and no visible vulnerabilities, though security headers and explicit policies could be improved. Overall, the domain registration data aligns with the business identity, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving SEO metadata for better visibility.