Security Directory

S

seyfro.social

seyfro.social

67

seyfro.social operates as a small Mastodon instance providing decentralized social networking services with a focus on privacy, ethical design, and no advertising. The platform is based on Mastodon version 4.2.20, an open-source social network software, and targets general users interested in privacy-respecting social media. The site currently has minimal active users, indicating a niche or early-stage community. Technically, the website uses modern web technologies including React and WebSocket for real-time communication, with a moderate performance profile and good mobile optimization. Security posture is moderate; while no critical vulnerabilities or exposed sensitive data were found, the absence of security headers and cookie consent mechanisms suggests room for improvement. Privacy compliance is basic with a privacy policy present but lacking cookie consent and GDPR explicit indicators. Business credibility is moderate due to lack of contact information and terms of service, but the site’s open-source nature and transparent admin identity provide trust signals. Overall, the site is safe, accessible, and professionally presented but would benefit from enhanced security and compliance features.

A

Alf & Bet, spol. s r.o.

emaespressobar.cz

54

EMA espresso bar operates a chain of specialty coffee bars in Prague, offering high-quality espresso drinks, bakery products, and coffee beans roasted under the Alf & Bet brand. The business targets coffee enthusiasts and local consumers seeking specialty coffee experiences. The website is professionally designed, mobile-optimized, and integrates modern web technologies including Solidpixels CMS and Google Tag Manager for analytics. Security posture is generally good with HTTPS enforced and secure form handling, though the absence of security headers and privacy policy pages are notable gaps. The lack of WHOIS data reduces domain trustworthiness, but the business information and contact details on the site support legitimacy. Strategic improvements in privacy compliance and security disclosures are recommended.

G

Google

go.dev

63

The website go.dev is the official site for the Go programming language, an open source language developed and supported by Google. It serves as a comprehensive resource hub for developers, offering documentation, learning materials, downloads, and community engagement. The site is well-positioned in the technology sector as a leading programming language platform with strong industry adoption and backing by a major enterprise, Google. The content is highly relevant to software developers and teams focused on building scalable, secure systems. From a technical perspective, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates Google Tag Manager and Analytics for performance and user behavior tracking. The site is hosted on Google infrastructure, ensuring fast performance and excellent mobile optimization. Accessibility and SEO practices are well implemented, contributing to a positive user experience. Security-wise, the site enforces HTTPS and uses best practices such as asynchronous loading of analytics scripts. However, it lacks explicit security policy documentation and incident response contact information, which are recommended for transparency and trust. No vulnerabilities or exposed sensitive data were detected in the content. Privacy and cookie policies are present and link to Google's official policies, indicating good compliance with GDPR and related regulations. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity. The domain registration details align with the business claims, reinforcing legitimacy. Strategic recommendations include publishing dedicated security and incident response policies, enhancing security headers, and maintaining regular audits of third-party scripts to further strengthen security posture.

C

CarSoul

carsoul.cz

49

CarSoul.cz is a Czech-based automotive company specializing in operational leasing and sales of new and certified used vehicles. The company aggregates offers from multiple dealers, providing customers with a wide selection of cars including financing options. The website presents a professional and user-friendly interface with clear navigation, customer testimonials, and certifications such as CEBIA, indicating a trustworthy market presence. The target audience includes both individual customers and companies seeking fleet management solutions. Technically, the site employs modern JavaScript frameworks and libraries including Laravel Livewire, Swiper.js, and Google Tag Manager, supporting a responsive and interactive user experience. Security posture is moderate with HTTPS usage and cookie consent mechanisms in place, but lacks visible security headers and explicit privacy or security policies. WHOIS data for the domain is unavailable, which slightly impacts trustworthiness but does not detract from the overall professional presentation. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and verifying domain registration details to improve legitimacy and compliance.

O

Obecní úřad Velké Popovice

velkepopovice.cz

47

Velké Popovice's official municipal website serves as a comprehensive portal for local residents and visitors, providing essential information such as public notices, contact details, event calendars, and citizen services. The site is positioned as a trusted local government resource with a clear focus on community engagement and transparency. Technically, the website employs a modern CMS (vismo), uses HTTPS, integrates Google Analytics with consent management, and includes accessibility and mobile optimization features. Security measures include the use of Google reCAPTCHA on forms and cookie consent banners, though explicit security policies and headers could be improved. The absence of WHOIS data limits domain trust assessment, but the website's content and contact information strongly indicate legitimacy. Overall, the site is well-maintained, user-friendly, and compliant with privacy regulations, making it a reliable digital presence for the municipality.

P

Pic-Time

pic-time.com

65

Pic-Time is a technology company specializing in providing professional photographers with an advanced online platform for photo galleries, print sales, and marketing automation. The company offers a comprehensive suite of services including AI-powered gallery search, video delivery, sales automation, and mobile app management, positioning itself as a niche leader in the photography SaaS market. The website is well-designed, mobile-optimized, and integrates multiple third-party tools for analytics, marketing, and customer support, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. The absence of WHOIS registration data is a notable concern for domain legitimacy, suggesting the need for further verification. Overall, Pic-Time presents a professional and trustworthy online presence with room for improvement in transparency and security disclosures.

S

Stavby mostů a.s.

smp.cz

64

Stavby mostů a.s. is a Czech Republic-based medium-sized company specializing in the construction and reconstruction of bridges including motorways, roads, rail bridges, flyovers, and footbridges. The company has a history of 21 years in business and is affiliated with the parent company VINCI Construction CS. Their key services include monolithic, reinforced-concrete, prestressed-concrete, steel, timber, prefabricated, cable-stayed, and suspension bridges. The website reflects a professional and consistent brand image with clear contact information and social media presence. Technically, the site uses Solidpixels CMS, modern JavaScript libraries, and Google Tag Manager for analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent but lacks some security headers and explicit security policies. WHOIS data is unavailable, which slightly reduces trust but the overall legitimacy is supported by the professional presentation and parent company affiliation.

The website joblungo.cz is currently a parked domain with no active business content. It displays a simple domain-for-sale message and embeds an external iframe from unrelated third-party domains. The site lacks any privacy, cookie, or terms of service policies, and no contact information or company branding is present. Technically, the site uses basic HTML and JavaScript with external advertising and tracking scripts but does not demonstrate modern web development practices or security best practices such as HTTPS enforcement or security headers. The security posture is weak due to the absence of these protections and the use of external iframes which may pose risks. Overall, the site is low trust and low quality, serving primarily as a placeholder for domain sale rather than an operational business website.

Č

České priority, z. ú.

ceskepriority.cz

67

České priority is a Czech non-profit think tank dedicated to supporting informed decision-making in public policy by integrating scientific knowledge and quality analysis. The organization collaborates with public administration, academic, non-profit, and research sectors to conduct research, provide support, and propose systemic changes. Their portfolio includes projects such as foresight, forecasting for policy (FORPOL), and strengthening analytical capacities in government. The website reflects a professional and consistent brand image with clear navigation and relevant content targeted at stakeholders in public policy and governance. Technically, the website is built on the Solidpixels CMS platform, utilizing modern JavaScript libraries and frameworks such as Swiper, Fancybox, and AOS for enhanced user experience. The site is mobile-optimized and employs HTTPS with good SSL configuration, though it lacks some security headers that could further harden its security posture. Cookie consent mechanisms are implemented, indicating awareness of privacy compliance, although explicit privacy and terms of service pages are not found. From a security perspective, the site demonstrates good practices with HTTPS and no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and vulnerability disclosure information suggests room for improvement. The WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is understandable for a non-profit entity. Overall, the site is trustworthy, professional, and serves its informational purpose effectively.

P

PROJEKT 23

projekt23.cz

39

PROJEKT 23 is a Czech non-profit initiative focused on crime prevention, social issues such as bullying, drugs, domestic violence, and providing support through storytelling, videos, and an assistance helpline. The project operates independently without corporate or institutional funding and collaborates with governmental and non-governmental organizations. Their key services include a YouTube channel, educational lectures, crime prevention projects, and an assistance hotline. The website demonstrates a consistent brand and professional content aimed at a general audience interested in social welfare and prevention. Technically, the site uses modern web technologies including optimized YouTube embeds and FontAwesome icons, with good mobile responsiveness and SEO practices. However, no privacy or cookie policies were found, and WHOIS data for the domain is unavailable, limiting trust assessment. Security headers and SSL configuration details are not provided, but HTTPS usage is implied. Overall, the site is credible and trustworthy based on content and partnerships, though improvements in privacy compliance and security transparency are recommended.

E

EOS

eosclub.app

54

EOSclub.app is a well-established SaaS platform specializing in sports club and association management. It offers a comprehensive suite of tools including member database management, payment processing linked to e-banking, communication channels, attendance tracking, match nominations, GDPR-compliant registration, document sharing, and mobile applications for iOS and Android. The platform targets a broad range of sports clubs, from small to large organizations, and boasts over 222,000 active members and 980+ clubs across 71 sports, positioning itself as a significant player in the sports management software market. Technically, the website employs modern JavaScript frameworks such as Alpine.js and Swiper.js, integrates analytics tools like Google Tag Manager and Hotjar, and uses a custom CMS hosted on eoscz.eoscms.zone. The site is well-optimized for mobile devices, features fast loading times, and demonstrates good SEO and accessibility practices. The presence of cookie consent mechanisms indicates attention to privacy compliance, although explicit privacy and terms of service documents are not found. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. No vulnerabilities or exposed sensitive data were detected in the HTML content. However, the absence of published security policies, incident response contacts, and vulnerability disclosure mechanisms suggests areas for improvement in security transparency and readiness. Overall, EOSclub.app presents a professional, trustworthy, and technically mature platform with strong business credibility. To enhance its security posture and privacy compliance, it should publish clear privacy policies, terms of service, and security incident contacts. These steps will further solidify trust and compliance with regulatory standards.

The website 'Hainichen Suche' serves as an informational guide focused on the online gambling sector in Germany, providing detailed casino reviews, bonus information, and security considerations tailored for German players. It positions itself as a niche resource within the regulated German online gambling market, targeting adult players interested in legal and safe online casino experiences. Technically, the site is built on WordPress, leveraging standard web technologies and Cloudflare for DNS and likely CDN services, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies, and no explicit contact or incident response information is provided, which impacts trust and compliance. Overall, the site is functional and relevant but would benefit from enhanced privacy, security, and contact transparency to improve user trust and regulatory compliance.

The website pizza-da-alex.de is an informational platform focused on online casinos in Germany, providing detailed reviews, payment method guides, and regulatory information. It targets adult gambling enthusiasts in Germany and operates as a niche content site without direct gambling services. Technically, it is built on WordPress, uses HTTPS, and is hosted behind Cloudflare DNS, indicating a moderate level of digital maturity. However, it lacks advanced security headers and formal privacy or cookie policies, which are critical for compliance and user trust. The site does not provide direct contact information or security incident response details, limiting its transparency. Overall, the security posture is moderate but could be improved with better headers and compliance documentation. The site is accessible without WAF blocking, and content is safe but adult-oriented due to gambling focus.

C

Čejka Group a.s. | stavební společnost | Česká republika

cejkagroup.cz

56

The website www.cejkagroup.cz is a small business site hosted on the Wix platform. The content is minimal and primarily technical, with no clear business description or contact information available. The site lacks privacy, cookie, and terms of service policies, which limits its compliance posture. Technically, the site uses standard Wix scripts and polyfills, indicating a modern but basic infrastructure. Security posture is limited due to missing security headers and lack of visible incident response or security policies. Overall, the site appears to be a low digital maturity small business presence with limited trust signals and transparency.

C

COLAS CZ, a.s.

colas.cz

45

COLAS CZ, a.s. is a well-established Czech company specializing in road construction and infrastructure projects, including roads, bridges, railways, and tramways. It operates as part of the global Colas Group and offers a broad range of services from construction to material supply and laboratory testing. The company targets public infrastructure clients and construction partners within the Czech Republic, maintaining a strong market position supported by a history dating back to 1994 and multiple regional subsidiaries. The website reflects a professional and comprehensive digital presence with clear navigation, detailed service descriptions, and multiple contact options. Technically, the site uses modern JavaScript frameworks and Google Analytics with a consent mechanism, hosted on Czech infrastructure providers. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information could be improved. Privacy compliance is well addressed with a clear privacy policy and cookie consent banner. Overall, the website is trustworthy, professional, and aligned with the company's business model and market presence.

M

MB74 Stavby s.r.o.

mb74stavby.cz

9

MB74 Stavby s.r.o. is a newly established Czech construction company specializing in earthworks, sewerage, drainage, foundation construction, and reinforced surfaces. Despite its recent founding in 2024, the company leverages the long-term experience of its management team and owns its machinery, positioning itself as a reliable local service provider. The website reflects a professional image with clear service offerings and partnerships with established construction firms, indicating a solid market presence within the Czech Republic construction sector. Technically, the website uses modern frontend technologies such as Bootstrap and SweetAlert2, ensuring a responsive and user-friendly experience. However, there is room for improvement in accessibility and performance optimization. Security-wise, the site uses HTTPS but lacks visible security headers and formal policies such as privacy and cookie policies, which are important for compliance and trust. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security hardening.

D

DŘEVOMIGA, spol. s r.o.

drevomiga.cz

9

DŘEVOMIGA, spol. s r.o. is a Czech company specializing in high-quality wooden constructions including turnkey wooden houses, log cabins, pergolas, garages, and timber sales. Established in 2006, the company emphasizes craftsmanship using premium spruce wood and offers tailored solutions from design to final realization. The website reflects a professional and consistent brand image with clear contact information and social media presence, targeting customers seeking custom wooden buildings primarily in the Czech Republic. Technically, the website employs modern frontend technologies such as Bootstrap and SweetAlert2, ensuring good mobile responsiveness and user experience. However, no privacy or cookie policies are present, and no analytics or tracking scripts were detected, indicating minimal user tracking but also a lack of formal privacy compliance. Security posture is moderate with HTTPS usage but missing security headers and incident response information. The WHOIS data shows a suspicious domain creation date in the future (2025), inconsistent with the company's stated founding year, which may warrant further verification. Overall, the website is functional, trustworthy, and professionally presented but would benefit from enhanced privacy compliance and security practices.

T

Trustwave

trustwave.com

78

Trustwave is a globally recognized cybersecurity and managed security services provider specializing in managed detection and response. Following its acquisition by LevelBlue, it has become the world's largest pure-play MSSP, offering a broad portfolio of services including advisory, penetration testing, email and database security, and incident response. The company targets enterprises and organizations across multiple sectors such as technology, government, healthcare, and retail. The website reflects a mature digital presence with professional branding and comprehensive service descriptions. Technically, the site is built on HubSpot CMS, leveraging modern web technologies and analytics tools, with good mobile optimization and SEO practices. Security posture is strong with HTTPS enforcement, security headers, and secure forms, though explicit security policy and vulnerability disclosure pages could be enhanced. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. WHOIS data is unavailable, likely due to privacy or registry policies, but the overall trustworthiness is supported by the company's market position and content quality.

A

Arbeitsgemeinschaft Medienwerbung GmbH im Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke

energieeffizienz-fachbetrieb.org

46

The website www.elektrohandwerk.de is a professionally maintained platform operated by the Arbeitsgemeinschaft Medienwerbung GmbH under the Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke (ZVEH). It focuses on providing comprehensive information about energy efficiency, electrical installations, and related services targeted primarily at private homeowners and electrical trade professionals in Germany. The site offers educational content, interactive tools, brochures, and a search function to find qualified electrical specialists, positioning itself as a leading resource in the German energy efficiency and electrical trade sector. Technically, the website is built on the TYPO3 CMS platform and employs modern web technologies including JavaScript, CSS3, and HTML5. It integrates a consent management platform (Usercentrics) for GDPR compliance and uses Google Tag Manager and TikTok Pixel for analytics and marketing. The site is hosted on RZone servers, indicating a professional hosting environment. Performance and mobile optimization are good, with accessible navigation and SEO best practices implemented. From a security perspective, the site enforces HTTPS and uses a consent management platform to manage user privacy. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security headers and a published security or incident response policy. No vulnerability disclosure or security.txt file is present, which could be improved to enhance transparency and trust. Overall, the website demonstrates a high level of professionalism, content quality, and compliance with privacy regulations. It serves as a trustworthy information source for energy efficiency and electrical services in Germany, with strong branding and a clear target audience. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen the security posture and user trust.

A

Arbeitsgemeinschaft Medienwerbung GmbH im Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke

echeck.de

46

The website www.elektrohandwerk.de is a professionally maintained platform operated by the Arbeitsgemeinschaft Medienwerbung GmbH under the Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke (ZVEH). It serves as an authoritative source of information on electrical safety checks (E-CHECK) and related energy efficiency topics for private consumers in Germany. The site promotes certified electrical contractors and provides educational content on photovoltaic systems, IT, and e-mobility. Technically, the site uses the TYPO3 CMS, modern JavaScript libraries, and integrates Usercentrics for GDPR-compliant cookie consent. It employs Google Tag Manager and TikTok analytics for user tracking with moderate tracking levels. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Contact information is provided via a dedicated contact page, but no direct emails or phone numbers are present on the analyzed page. Overall, the site is trustworthy, well-branded, and compliant with privacy regulations.

Z

Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke

zveh.de

41

The Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke (ZVEH) operates as the central association representing the interests of companies in the German electrical and information technology trades. The website serves as a comprehensive information and service portal targeting industry professionals, members, and apprentices. It offers resources such as news, educational content, event information, and partner services, positioning itself as a key player in the sector. The site is well-branded and professionally maintained, reflecting its authoritative market position. Technically, the website is built on TYPO3 CMS and integrates modern web technologies including Usercentrics for consent management, Google Analytics, Google Tag Manager, and TikTok analytics for tracking and marketing purposes. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Hosting is provided by RZone, as indicated by the nameservers. From a security perspective, the site enforces HTTPS and uses a consent management platform to comply with GDPR. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. However, the site lacks publicly available security policies and incident response contacts, which are recommended for enhanced transparency and readiness. Overall, the website demonstrates a high level of professionalism, compliance, and technical maturity, with a strong focus on user privacy and business credibility. Strategic improvements in security policy disclosure and incident response communication would further strengthen its security posture and trustworthiness.

S

Studo GmbH

studo.co

75

Studo GmbH is a medium-sized technology company specializing in digital solutions for students and higher education institutions, primarily in Austria and neighboring countries. Their flagship product, the Studo Campus App, supports over 500,000 daily users and offers a suite of services including digital campus cards, workload measurement, and administrative tools. The company positions itself as a trusted partner for universities, emphasizing quality, sustainability, and personal collaboration since its founding in 2016. Technically, the website demonstrates a mature and modern infrastructure leveraging Cloudflare DNS and CDN services, Piwik PRO for analytics, and optimized assets such as WebP images. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a high level of digital maturity. Security practices include HTTPS enforcement, TÜV SÜD certification covering data protection and software quality, and annual accessibility audits, though some improvements like DNSSEC and security.txt publication are recommended. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and GDPR consent on forms, although a visible cookie consent banner is missing. Business credibility is reinforced by multiple trust indicators including certifications, testimonials from university officials, and awards. Overall, the website and business present a low-risk profile with strong professionalism and trustworthiness. Strategic recommendations include enhancing DNS security, publishing vulnerability disclosure information, and implementing explicit cookie consent mechanisms to further improve compliance and security posture.

P

Sign in - Matomo

pubmetrics.online

52

The website pubmetrics.online serves as a login portal for the Matomo analytics platform, a free and open-source web analytics solution. The platform targets website administrators and analytics users who require detailed visitor tracking and reporting capabilities. The domain is newly registered in 2023 and hosted by One.com, indicating a relatively new deployment of the service. The site’s content is minimal, focusing primarily on user authentication to access analytics data.

E

Platforma EOS pro sportovní kluby a jiné organizace | eos.cz

eos.cz

53

EOS.cz is a Czech-based SaaS platform designed to streamline administration, communication, and web presence for sports clubs and other organizations such as communities, associations, and clubs. The platform offers a comprehensive suite of tools including member management, payment processing, communication channels, attendance tracking, nominations, electronic applications, GDPR compliance features, document sharing, and mobile applications. It serves a significant user base with over 222,000 active members and 980+ clubs across 71 sports, positioning itself as a leading solution in its niche. The website is professionally designed, mobile-optimized, and features rich multimedia content including video testimonials and app store badges, enhancing user trust and engagement. Technically, the site employs modern JavaScript frameworks like Alpine.js and Swiper.js, integrates analytics and tracking tools such as Google Tag Manager and Hotjar, and implements cookie consent mechanisms, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and standard security headers present, though explicit privacy policies and terms of service documents are not found, representing an area for improvement. WHOIS data is unavailable, which slightly impacts domain trustworthiness, but the overall professional presentation and extensive client testimonials support legitimacy. No adult or questionable content is present, making the site safe for general audiences.

P

Profit Visions s.r.o.

profit-visions.com

58

LINK-V is a small technology company based in the Czech Republic, specializing in bespoke web and mobile app development, digital automation, and business management solutions. Their offerings include Timeless Web and App services, as well as Grace Engine and Grace Manager tools designed to streamline development workflows and business operations. The company positions itself as an innovator blending technology, automation, and style to deliver future-proof digital products with ongoing support. Technically, the website is built with modern HTML5, CSS3, and JavaScript technologies, featuring custom scripts and SVG graphics. The site is well-structured, mobile-optimized, and includes tracking via a proprietary analytics service (data.grace.link). However, no major CMS or hosting provider details are disclosed. Performance is moderate, with good navigation and SEO practices. From a security perspective, the site uses HTTPS but lacks visible security headers and published security policies. The contact form uses POST method, indicating basic secure data submission. No vulnerabilities or exposed sensitive data were detected, but privacy and cookie policies are missing, representing compliance gaps. WHOIS data is limited due to TLD restrictions and privacy protection, but the domain appears legitimate with consistent company contact details. Overall, the website demonstrates a professional and credible business presence with moderate technical maturity and security posture. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance trust and reduce risk.

Cafe DECADA is a small local hospitality business operating a cafe in Prague, Czech Republic. The website presents basic business information including contact details, social media links, and location. The business targets local customers and offers cafe services with reservation options. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies such as JavaScript, CSS, and HTML5. The site is moderately optimized for mobile devices and has a good design quality with clear navigation. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and privacy compliance features such as privacy and cookie policies. WHOIS data is unavailable, likely due to privacy protection, which is common for small businesses. Overall, the website is trustworthy and professional but could improve in privacy compliance and security best practices.

A

Alf & Bet, spol. s r.o.

prague.coffee

60

The website www.prague.coffee represents Alf & Bet, spol. s r.o., a small hospitality business specializing in specialty coffee and artisan bread in Prague. The business operates multiple locations offering coffee, bread, bakery, and roastery services. The site is professionally designed with consistent branding and good content quality, targeting general consumers interested in quality coffee and bakery products in Prague. Technically, the site uses Solidpixels CMS, integrates Google Analytics and Google Maps, and employs modern web fonts and JavaScript. The site is mobile optimized and performs moderately well, though SEO is limited due to a noindex directive. Security posture is adequate with HTTPS enabled but lacks security headers and formal privacy or cookie policies, which reduces compliance and trust. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. Overall, the domain appears legitimate with privacy-protected WHOIS data, which is common for small businesses. The site content is safe for general audiences with no adult or explicit material.

R

restauracezenklovka.cz

restauracezenklovka.cz

50

The website restauracezenklovka.cz is currently a domain parking and sale landing page with minimal content and no active business presence. The site primarily serves to advertise the domain for sale, with no privacy policies, contact information, or business details provided. The technical infrastructure is basic, relying on simple JavaScript and external ad/tracking scripts, with no detected CMS or advanced frameworks. Security posture is weak, lacking HTTPS enforcement and security headers, and no compliance documentation is present. Overall, the site does not represent an operational business and carries a low trust and credibility profile.

O

optik studio Jana Čížková s.r.o.

optik.studio

58

Optik Studio Jana Čížková s.r.o. is a small retail optical business based in the Czech Republic, specializing in the sale of branded eyewear and providing expert optical services. The website presents a professional and consistent brand image, targeting consumers seeking quality eyeglasses and optical care in Prague. The company maintains an active blog and social media presence, enhancing customer engagement. Technically, the website is built on the Webnode CMS platform, hosted via Amazon Cloudfront CDN, and employs modern web technologies including Google Analytics and Tag Manager for tracking. The site is mobile-optimized and performs moderately well, with good SEO practices in place. Security-wise, the site uses HTTPS with a valid SSL certificate and implements a cookie consent banner, but lacks advanced security headers and explicit privacy or security policies. WHOIS data is unavailable due to privacy protection, which is common and justified for this business type. Overall, the website is trustworthy and functional but could improve in privacy transparency and security hardening.

D

DreamFit Praha

dreamfit.cz

58

DreamFit Praha operates fitness and wellness clubs located in Prague 8, offering a range of services including personal training, group classes, physiotherapy, massages, and specialized training zones such as cross training and performance gyms. The website is professionally designed using the Wix platform, reflecting a small local business with a clear focus on health and fitness services. The business targets general fitness enthusiasts and wellness clients in the Prague area. Technically, the site leverages Wix's Thunderbolt framework and standard JavaScript polyfills, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and some script-based security hardening, but lacks explicit security headers and visible privacy or cookie policies, which are important for compliance and trust. No WHOIS data is available from the CZ NIC registry, likely due to privacy protection, but the website content and technical indicators suggest legitimacy. Overall, the site is safe, professional, and trustworthy, though improvements in privacy compliance and security headers are recommended.

The website www.bloombergconnects.org is currently inaccessible due to a PerimeterX Web Application Firewall (WAF) challenge page requiring human verification via captcha. This security mechanism blocks automated access and prevents retrieval of any meaningful content or business information from the site. Consequently, no metadata, privacy policies, contact details, or business descriptions are available for analysis. The WHOIS data is malformed and does not provide registrar, creation, or registrant details, further limiting trust and legitimacy assessment. The site loads several security and analytics scripts including New Relic and PerimeterX, indicating monitoring and protection measures are in place. However, the lack of accessible content and business information results in a low overall trust and credibility score.

The website www.vhs.cloud presents minimal accessible content, primarily consisting of an iframe loading a session-specific page. The domain is registered since 2016 with a reputable registrar and shows no signs of privacy protection or suspicious activity. However, the lack of visible business information, contact details, privacy policies, and terms of service limits the ability to fully assess the business or compliance posture. Technically, the site uses basic web technologies including jQuery and custom JavaScript, but lacks modern frameworks or CMS indications. Security posture is weak due to absence of security headers and DNSSEC, and no clear HTTPS enforcement information is available. Overall, the site appears to be a small-scale or internal service with limited public-facing content.

E

Erlebnis Elbe

erlebnis-elbe.de

60

Erlebnis Elbe is a small tourism business focused on providing boat tours and leisure experiences on the Elbe river in Germany. The website is built on the Wix platform, leveraging Wix's proprietary technologies and hosting services. The digital infrastructure is standard for small businesses using Wix, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and formal privacy policies. Contact information and compliance documentation are missing, which limits trust and privacy compliance. Overall, the website serves its purpose for local tourism but requires improvements in privacy, security, and contact transparency to enhance credibility and compliance.

L

Lüneburger Heide GmbH

heidschnuckenweg.de

47

The website www.heidschnuckenweg.de serves as a comprehensive tourism portal dedicated to the Heidschnuckenweg hiking trail in the Lüneburger Heide region of Germany. It provides detailed information about the trail's 13 stages, accommodation options, seasonal hiking tips, and related services. The site is professionally designed with consistent branding and targets hikers, nature enthusiasts, and tourists seeking outdoor experiences in northern Germany. The business behind the site is Lüneburger Heide GmbH, a regional tourism organization, positioning itself as a key promoter of this popular hiking destination. Technically, the website is built using modern web technologies including React and Next.js, hosted on Hetzner servers. It demonstrates good mobile optimization, SEO practices, and moderate performance. The site employs HTTPS with strong SSL configuration but lacks explicit security headers, which could be improved. Privacy and cookie policies are present and GDPR compliant, with a cookie consent mechanism implemented. Contact information is available via a dedicated contact page, though no direct emails or phone numbers are embedded in the main HTML. From a security perspective, the site shows a solid posture with no visible vulnerabilities or exposed sensitive data. However, it lacks dedicated security or incident response policies and does not provide a vulnerability disclosure or security.txt file. The domain registration is consistent with the hosting provider and business purpose, indicating legitimacy. No WAF or blocking mechanisms interfere with content access. Overall, the website is a trustworthy, well-maintained tourism information platform with good content quality and technical implementation. Strategic recommendations include enhancing security headers, publishing explicit security policies, and improving accessibility features to further strengthen the site's security and compliance posture.

M

Nezisková organizace | Mezi námi, o.p.s. | Praha 4

mezi-nami.cz

52

The website www.mezi-nami.cz is a Wix-hosted site with minimal accessible content and no visible business or contact information. The lack of WHOIS data and registrant details limits the ability to verify the domain's legitimacy or business identity. Technically, the site uses standard Wix scripts and includes Mailchimp integration for marketing purposes. Security posture is basic with no advanced headers or policies detected, and privacy compliance is minimal due to absence of privacy or cookie policies. Overall, the site appears to be a small-scale or personal project with limited digital maturity and business presence.

S

SK Rapid Psáry

rapid-psary.cz

45

SK Rapid Psáry is a local Czech football club with a long tradition dating back to 1931. The website serves as an information hub for club members, fans, and the local community, providing news, match schedules, team information, and an e-shop for merchandise. The club targets football enthusiasts and community members interested in local sports activities. The business model is typical for a community sports club, focusing on engagement, membership, and local sponsorships. Technically, the website is built on a modern stack using EOS CMS, Alpine.js, Swiper.js, and other JavaScript libraries loaded from reputable CDNs. The site is mobile-optimized with good navigation and content structure, though some accessibility features could be improved. Performance is moderate, with no critical errors detected. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, there is a lack of visible security headers and no privacy or cookie policies, which are important for compliance and user trust. The absence of WHOIS data limits domain trust assessment, but the website content and active social media presence support its legitimacy. Overall, the site is functional and professional for its purpose but would benefit from enhanced privacy compliance, security headers, and clearer contact information to improve trust and security posture.

P

Palmovka TEĎ

palmovkated.cz

58

Palmovka TEĎ is a community-focused web platform initiated by the Prague 8 municipal district to connect stakeholders and inform residents and visitors about local development, leisure activities, work opportunities, and quality living in the Palmovka area of Prague. The site features extensive listings of local businesses, services, and events, supported by social media channels and Google Analytics for user tracking. The domain is registered with a Czech registrar consistent with the website's local focus and language. Technically, the site uses modern web technologies including JavaScript, SVG graphics, and Google Tag Manager, with good mobile optimization and SEO practices. However, it lacks explicit privacy and cookie policies, and security headers are not detected, representing compliance and security gaps. Overall, the site is a legitimate, well-structured local community resource with moderate security posture and room for improvement in privacy compliance and security best practices.

L

Lægemiddelindustriforeningen

lif.dk

56

Lægemiddelindustriforeningen (Lif) is a Danish industry association representing research-based pharmaceutical companies. The organization focuses on advocacy, policy influence, and providing insights and analysis to support the life science sector in Denmark. The website reflects a professional and authoritative presence with comprehensive content aimed at industry stakeholders, policymakers, and the public interested in pharmaceutical developments. The business model centers on member services, policy advocacy, and industry promotion. Technically, the website is built on WordPress with modern performance optimizations such as lazy loading and Autoptimize. It uses structured data for SEO and social media integration and embeds multimedia content via Vimeo. The site is mobile-optimized and accessible, with good SEO practices. However, some security headers are missing, and no explicit security or incident response policies are published. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Contact information is transparent and consistent. The absence of WHOIS data reduces domain trust slightly but does not detract significantly from the overall legitimacy. Overall, Lif.dk is a trustworthy, well-maintained website representing a credible healthcare industry association. Strategic improvements in security policy transparency and WHOIS data availability would enhance trust further.

R

ricochet GmbH

ricochet.de

41

ricochet GmbH is a small, established advertising agency based in Nürnberg, Germany, specializing in classical and digital communication services since 1996. The company positions itself as a strategic and creative partner for businesses seeking effective advertising solutions in print, trade fairs, and digital media. The website reflects a professional and consistent brand image, targeting local businesses and organizations. Technically, the site is built on TYPO3 CMS, leveraging SVG animations and custom JavaScript, hosted on agenturserver domains. While the site is accessible and well-structured, it lacks explicit privacy, cookie, and security policies, which are critical for compliance and trust. Security posture is moderate with no evident blocking or vulnerabilities but missing security headers and incident response information. Overall, the website is functional and credible but would benefit from enhanced privacy and security transparency.

A

Arbeitsgemeinschaft Medienwerbung GmbH im Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke

elektrohandwerk.de

46

The website www.elektrohandwerk.de serves as an authoritative information and promotional platform for the German electrical trade sector, operated by the Arbeitsgemeinschaft Medienwerbung GmbH under the Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke (ZVEH). It targets end customers, businesses, and public sector clients, providing comprehensive information on electrical installations, smart home technologies, energy efficiency, photovoltaics, and e-mobility. The platform also supports career development in the electrical trades and facilitates finding qualified electrical contractors. Technically, the site is built on TYPO3 CMS, hosted on German infrastructure, and employs modern technologies including Usercentrics for consent management, Google Tag Manager, and TikTok analytics. The website is mobile-optimized with good SEO and accessibility practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks explicit security and incident response policies. Privacy compliance is strong with a comprehensive privacy policy and active consent management. Overall, the site is professional, trustworthy, and well-positioned within its industry niche.

Ö

Östgöta Correspondenten

corren.se

68

Östgöta Correspondenten (Corren) is a regional news media outlet serving the Östergötland region in Sweden. It operates as part of the larger Norrköpings Tidningar Media AB group, providing local news content primarily in Swedish. The website targets residents and Swedish-speaking audiences interested in regional news, offering digital subscriptions and advertising services as its main revenue streams. The market position is that of a leading regional news provider with a professional and consistent brand presence. Technically, the website is built using modern web technologies including Angular and Font Awesome, with good mobile optimization and accessibility features. The site employs HTTPS with strong security headers, indicating a good security posture. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. However, no explicit security policy or incident response contact information is publicly available. Security-wise, the site demonstrates good practices such as HTTPS enforcement and security headers, with no obvious vulnerabilities detected in the provided content. The lack of WHOIS data for the exact domain suggests the domain may be a subdomain or alias managed under the parent domain ntm.se, which is consistent with the business affiliation. This slightly reduces trust but does not indicate malicious intent. Overall, the website is professional, secure, and compliant with privacy regulations, serving a clear business purpose in the media sector. Strategic recommendations include publishing a dedicated security policy, adding vulnerability disclosure information, and enhancing incident response contact visibility to further strengthen trust and security posture.

D

Digitaliseringsstyrelsen

borger.dk

70

Borger.dk is the official Danish government portal providing digital access to public services, including digital post, personal overviews, and guides for citizens on various life situations. It serves as a centralized platform for Danish residents to interact with government services efficiently. The website demonstrates a high level of content quality, professional design, and clear navigation tailored to its target audience of Danish citizens. Technically, the site uses modern web technologies with good mobile optimization and accessibility features, although some security headers and explicit security policies are not evident in the provided data. The security posture is solid with HTTPS enforced and cookie consent mechanisms in place, but could be improved by publishing incident response and vulnerability disclosure information. Overall, the site is trustworthy and well-maintained, reflecting its role as a key government digital service portal.

The domain planebasin.com currently serves as a placeholder or service domain used by Admiral, a company providing copyright access control and privacy consent management services for digital publishers. The website content is limited to a 404 Not Found error page with informational text describing the domain's purpose and security/privacy practices. There is no active business website or user-facing content available. The technical infrastructure is hosted on Google Cloud Platform in Europe, with standard encryption and certificate rotation practices. However, DNSSEC is not enabled, and no advanced security headers are detected. The domain is relatively new, created in March 2023, consistent with a new service deployment. Security posture is moderate but limited by the lack of visible security headers and absence of a vulnerability disclosure policy. Privacy compliance is basic, with no cookie consent mechanism but clear statements about GDPR compliance and no third-party cookies. Overall, the website lacks business credibility signals such as contact information, terms of service, or marketing content, resulting in a low AI score and limited trustworthiness.

C

Cooper Press Ltd

cooperpress.com

63

Cooperpress is a UK-based independent publisher specializing in developer-focused email newsletters, serving over 460,000 developers weekly. Founded in 2011, the company operates with a small team and offers advertising and classifieds services targeted at a global developer audience. The website reflects a professional and consistent brand image with clear business and contact information, emphasizing trust and compliance through PCI DSS certification and a Trustwave seal. Technically, the website uses modern web technologies including JavaScript modules and Google Fonts, hosted on Amazon AWS infrastructure. The site is mobile-optimized with good SEO and accessibility basics, though some improvements could be made in security headers and DNSSEC implementation. No intrusive tracking or analytics scripts were detected, indicating a privacy-conscious approach. Security posture is solid with HTTPS enforced and PCI DSS compliance, but lacks explicit security policies or incident response contacts. The WHOIS data is consistent with the business claims, showing a long-standing domain registration and transparent registrant information. Overall, the site is trustworthy and professionally maintained with minor areas for security enhancement. Risk is low given the absence of critical vulnerabilities or suspicious indicators. Strategic recommendations include enabling DNSSEC, adding security headers, and implementing a cookie consent mechanism to enhance privacy compliance and security posture.

M

Martin Tournoij

arp242.net

54

The website arp242.net is a personal site owned by Martin Tournoij, focusing on programming topics, open source projects, and technical writings. It serves as a hub for various Go libraries, Vim plugins, and other software tools, targeting developers and the open source community. The site is well-maintained with a consistent brand and high-quality content, reflecting a small-scale but professional personal brand. Technically, the site uses modern web standards with clean HTML, CSS, and JavaScript. It integrates GoatCounter for privacy-conscious analytics and hosts numerous GitHub repositories linked directly from the site. The site is mobile optimized, accessible, and performs well, though it lacks a CMS or complex frameworks. From a security perspective, the site enforces HTTPS and avoids collecting sensitive user data, which reduces risk. However, it lacks explicit security headers, privacy and cookie policies, and vulnerability disclosure information. The WHOIS data is missing or unavailable, which raises questions about domain registration legitimacy despite the active and professional site presence. Overall, the site presents a low-risk profile with strong content and technical quality but would benefit from improved privacy compliance and clearer domain registration transparency. Strategic recommendations include publishing privacy and cookie policies, adding security headers, and providing vulnerability disclosure details to enhance trust and compliance.

G

GoatCounter

goatcounter.com

60

GoatCounter is an open source web analytics platform that emphasizes privacy and ease of use as an alternative to mainstream analytics solutions like Google Analytics and Matomo. It offers both a free hosted service supported by donations and a self-hosted option, targeting personal websites and small to medium businesses that prioritize privacy. The website is professionally designed with clear navigation and accessibility features, reflecting a mature digital presence. Technically, the site uses modern web standards including JavaScript and optimized fonts, delivering fast performance and good mobile optimization. Security posture is solid with HTTPS enforced and privacy-aware tracking methods, though explicit security headers and formal policies are absent. The lack of WHOIS data is a notable anomaly, reducing domain trustworthiness despite the professional content and external references. Overall, GoatCounter presents a trustworthy and privacy-conscious service with room for improvement in formal security disclosures and contact transparency.

godocs.io is a specialized technology website providing searchable documentation for Go programming language packages. It targets Go developers by offering a simple interface to find package documentation by import path or keyword. The website is operated by Private by Design, LLC, a US-based company founded in 2020. The business model appears to be a free service supporting the Go developer community, positioning itself as a niche documentation platform within the broader Go ecosystem. Technically, the website uses Bootstrap for styling and basic JavaScript for interactivity. DNS is managed via Hurricane Electric name servers. The site is mobile optimized with a clean and straightforward design, though accessibility features are basic. SEO optimization is minimal but present through meta tags. No CMS or advanced frameworks are detected. Performance is moderate with no evident technical debt or errors. From a security perspective, the site lacks DNSSEC and security headers, which are recommended to improve security posture. The domain is registered with clientDeleteProhibited and clientTransferProhibited statuses, indicating some protection against unauthorized changes. No privacy or cookie policies are present, and no contact or incident response information is provided, which limits compliance and trust. No analytics or tracking scripts are detected, indicating minimal user tracking. Overall, godocs.io is a functional and focused technical resource with moderate security and compliance maturity. Strategic improvements include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and providing contact and incident response information to enhance trust and compliance.

P

Pošumavská golfová liga

pgl.cz

52

Pošumavská golfová liga (PGL) is a small, community-focused non-commercial golf league based in the Czech Republic, organizing golf tournaments primarily in Western Bohemia and neighboring countries. The website serves as an information hub for events, rankings, and membership, targeting golf enthusiasts who enjoy friendly competition and social interaction. The business model relies on membership and tournament entry fees without commercial profit motives. Technically, the site uses modern Bootstrap frameworks and responsive design, ensuring good user experience and mobile optimization. However, there is room for improvement in accessibility and security headers. Security posture is moderate with HTTPS implied but lacks explicit security headers and incident response information. Privacy compliance is basic with a GDPR page but no cookie consent mechanism. Overall, the site is trustworthy and professionally presented, with active social media presence and consistent branding.

Golf.cz is a well-established Czech media portal focused on golf news, events, and equipment. Founded in 1996, it serves the Czech golf community with news coverage, travel tips, and an integrated e-commerce platform for golf products. The website demonstrates a mature digital presence with modern technologies including WordPress CMS, WooCommerce for e-commerce, and Google Tag Manager for analytics and marketing. The site is professionally designed with good navigation, mobile optimization, and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. Overall, Golf.cz presents a credible and trustworthy platform for golf enthusiasts in the Czech Republic.

HC Slavoj Velké Popovice is a local Czech ice hockey sports club with a focus on youth and adult teams, public skating sessions, and community engagement. The website serves as an information hub for news, schedules, events, and fan merchandise. It targets local sports enthusiasts, families, and community members interested in ice hockey and skating activities. The club maintains partnerships with local businesses and promotes its activities through social media channels such as Facebook and Instagram. The domain is well-established since 2005, reflecting a stable presence in the community. Technically, the website uses modern frontend technologies including TailwindCSS for styling and Swiper.js for interactive content sliders. It employs Google Analytics for visitor tracking, activated upon user consent via a cookie banner. The site is mobile-optimized and provides a good user experience with clear navigation and consistent branding. However, it lacks some standard compliance pages such as a privacy policy and terms of service, and no direct contact emails or phone numbers are visible on the homepage. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism, but it lacks visible security headers and explicit security or incident response policies. No forms or data collection fields are present on the homepage, reducing immediate attack surface. The WHOIS data aligns well with the website's business claims, showing a consistent and legitimate registration history. Overall, the website is functional and professional for its purpose but could improve in privacy compliance and security best practices. Adding privacy and terms pages, security headers, and clear contact information would enhance trust and compliance.