Security Directory

A

Amenity Hotels & Resorts

amenity.cz

55

Amenity Hotels & Resorts is a well-established Czech hospitality company specializing in nature-based vacations, wellness, and sports across multiple resort locations in the Czech Republic. The company targets families, corporate clients, and tourists seeking comfortable stays with wellness and recreational amenities. Their market position is solid as a regional hotel chain with diversified resort offerings and sister projects. Technically, the website is built on WordPress with modern plugins and SEO tools, hosted by a Czech provider, and demonstrates good digital maturity with mobile optimization and structured data. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR, with extensive marketing and analytics integration. The domain age and WHOIS data support the legitimacy of the business.

Z

ZRUP Příbram a.s.

zrup.cz

40

ZRUP Příbram a.s. is a Czech-based manufacturer and supplier specializing in modular buildings and steel modular constructions. With over 11 years of experience and a portfolio of thousands of modules produced and hundreds of projects completed, the company serves businesses and institutions seeking flexible, rapid, and quality modular construction solutions. Their services include custom manufacturing, sales, rental, and installation of modular buildings. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, supporting a positive user experience. Technically, the site uses modern JavaScript libraries such as jQuery and Swiper.js, integrates Google Tag Manager and reCAPTCHA for analytics and security, and employs a comprehensive cookie consent mechanism aligned with GDPR requirements. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, though additional HTTP security headers and published security policies would enhance protection. The absence of WHOIS data for the domain is a concern for domain legitimacy, but the website content and contact details appear authentic and professional. Overall, the site scores well in content quality, technical implementation, security, privacy compliance, and business credibility, making it a trustworthy platform for its target audience.

K

Kestřany Golf & Country Club

golfkestrany.cz

60

Kestřany Golf & Country Club is a hospitality and recreation business located in the Czech Republic, offering a comprehensive golf experience including an 18-hole course, training facilities, accommodation, restaurant services, and event hosting such as weddings and corporate events. The website reflects a well-structured and professional digital presence with clear navigation and relevant content targeting families, golf enthusiasts, and corporate clients. Technically, the site is built on WordPress with modern technologies like jQuery and integrates Google Analytics and Tag Manager for visitor tracking, complemented by a cookie consent mechanism to comply with privacy regulations. Security posture is good with HTTPS enforced and no visible sensitive data exposure, though improvements in security headers and published security policies are recommended. Overall, the site is trustworthy, with clear contact information and active social media engagement, supporting a positive business credibility profile.

G

Golfresort Terasy

golfterasy.cz

48

Golfresort Terasy is a Czech golf resort offering a comprehensive range of services including golf course access, club memberships, golf training for juniors and adults, a restaurant with scenic lake views, and event hosting such as weddings and corporate celebrations. The resort also operates an online shop and a reservation system, indicating a well-rounded hospitality and sports business model. The website is professionally designed with clear navigation and good content relevance, targeting golf enthusiasts, families, and corporate clients in the region. Technically, the site is built on WordPress using the Mioweb3 theme, leveraging common libraries like jQuery and Google Analytics for tracking, with hosting and domain registration managed by a reputable Czech provider, WEDOS. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies, which are recommended for compliance and trust. Overall, the site is trustworthy and functional, though improvements in privacy compliance and security best practices would enhance its maturity and user confidence.

G

Golfresort Monachus

golfmonachus.cz

59

Golfresort Monachus is a well-established golf and hospitality business located in the Czech Republic, offering golf courses, training, memberships, accommodation, and restaurant services. The website reflects a mature digital presence with a clear focus on golf tourism and related services. The business targets golf enthusiasts, families, and tourists seeking quality golf experiences in a natural setting. Technically, the website is built on WordPress with the Mioweb platform, utilizing modern tracking and analytics tools such as Google Analytics, Facebook Pixel, and Smartlook for user behavior insights. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enforced and no exposed sensitive data, though it lacks some advanced security headers and explicit security policies. Privacy compliance is partially addressed with a cookie consent banner but lacks a visible privacy policy or terms of service pages. WHOIS data confirms the domain's legitimacy with a long registration history consistent with the business's age. Overall, the website is trustworthy and professional but could improve in privacy and security transparency.

O

Obecně prospěšná společnost Sirius, o.p.s.

sancedetem.cz

55

Šance Dětem is a well-established non-profit organization operating a comprehensive expert web portal focused on child health, family issues, and social support in the Czech Republic. The website serves parents, professionals, and caregivers by providing educational content, contact directories, podcasts, and webinars. It is positioned as the largest expert resource of its kind in the region, supported by the parent organization Obecně prospěšná společnost Sirius, o.p.s., with a domain age of over a decade reflecting its maturity and trustworthiness. Technically, the site is built on Drupal 8 with Bootstrap styling, leveraging modern web technologies and third-party services such as Google Tag Manager, Facebook Pixel, and CookieHub for analytics and compliance. The site is mobile-optimized and accessible, with good SEO practices and a moderate performance profile. Security posture is solid with HTTPS enforced and Cloudflare DNS/CDN usage, though some security headers and incident response transparency could be improved. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and safe for general audiences, with no adult or questionable content detected.

G

G-up Delta s.r.o.

goopan.cz

47

Goopan, operated by G-up Delta s.r.o., is a well-established company specializing in the design and construction of low-energy and passive family homes primarily in the Czech Republic and Slovakia. The website presents a professional and comprehensive digital presence with detailed product catalogs, customer references, and multiple contact channels. The company emphasizes sustainable building technologies and offers both catalog and custom home solutions. Technically, the website employs modern web technologies including HTTPS, Google Tag Manager, Facebook Pixel, Smartlook, and reCAPTCHA v3, ensuring a secure and user-friendly experience. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanisms. However, the absence of WHOIS data and explicit security headers slightly reduces trustworthiness. Overall, the site is secure, professional, and trustworthy with room for improvement in security transparency and domain registration clarity.

S

Standard Chartered

sc.com

74

Standard Chartered is a global banking institution focused on wealth, corporate, and investment banking services primarily across Asia, Africa, and the Middle East. The website presents a professional and comprehensive digital presence with clear branding and extensive content targeting corporate, institutional, and affluent clients. The business model emphasizes cross-border capabilities combined with wealth management expertise. Technically, the site is built on WordPress with modern JavaScript frameworks like React and uses Google Tag Manager and OneTrust for analytics and consent management. The site is mobile-optimized and accessible with good SEO practices. Security posture is strong with HTTPS enforced and no visible sensitive data exposure, though security headers are not detected and no explicit incident response contacts or vulnerability disclosure mechanisms are found. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the site is trustworthy and professional, though WHOIS data is unavailable, which is unusual for a major bank domain and should be monitored. Strategic recommendations include improving HTTP security headers, publishing a security.txt file, and providing explicit incident response contacts.

S

Société Générale

societegenerale.com

73

Société Générale is a leading European financial services group with over 150 years of history, offering retail banking, corporate and investment banking, and financial solutions. The website reflects a mature, enterprise-level digital presence with comprehensive content in French and English, targeting both retail and corporate clients. The company maintains a strong market position in the finance sector, supported by consistent branding and trust indicators such as ISO 27001 certification and GDPR compliance. Technically, the website is built on Drupal CMS and integrates modern analytics and consent management tools including Piano Analytics, Hotjar, Google Tag Manager, and Didomi. The site is mobile-optimized, accessible, and employs security best practices such as HTTPS enforcement and security headers. Performance is moderate, with room for optimization. Security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well implemented with clear cookie consent mechanisms and a comprehensive privacy policy. However, the WHOIS data is unavailable, which slightly reduces transparency but is common for large enterprises. Overall, the website is professional, secure, and trustworthy, with minor recommendations to enhance vulnerability disclosure and incident response visibility.

N

Northern Trust

northerntrust.com

73

Northern Trust is a well-established financial services company specializing in wealth management, asset servicing, and investment management, targeting prominent individuals, families, and institutions primarily in Europe. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its audience. The technical infrastructure leverages modern web technologies including React, Adobe Experience Manager, and multiple analytics and marketing tools, indicating a high level of digital maturity. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response information are not publicly visible. Overall, the website presents a trustworthy and professional image consistent with an enterprise-level financial institution.

Nomura is a major financial services holding company headquartered in Japan, offering investment banking, asset management, and related financial services. The website www.nomura.com acts primarily as a frameset redirecting to the main corporate site at nomuraholdings.com. The digital infrastructure includes common analytics and tracking tools such as Google Analytics, Google Tag Manager, and Microsoft Clarity, indicating a moderate level of digital maturity. However, the site lacks visible privacy and cookie policies, security headers, and WHOIS domain registration data, which raises concerns about transparency and security posture. The absence of WHOIS data and direct content on the domain www.nomura.com suggests it may be an alias or redirect domain rather than a primary site. Overall, the website is safe and professional but requires improvements in security and compliance documentation.

M

Morgan Stanley

morganstanley.com

78

Morgan Stanley is a globally recognized financial services firm providing wealth management, investment banking, sales & trading, research, and investment management services. The website reflects a mature digital presence with comprehensive content targeting individuals, families, institutions, and governments. The firm leverages advanced web technologies including Adobe Experience Manager, multiple analytics platforms, and robust consent management mechanisms. Security posture is strong with HTTPS enforcement and Content Security Policy implementation, though explicit security policies and incident response contacts are not publicly disclosed. The absence of WHOIS data is notable but does not detract from the overall legitimacy given the professional branding and extensive social media presence. Strategic recommendations include publishing security policies and vulnerability disclosure information to enhance transparency and trust.

L

Lloyds Banking Group plc

lloydsbankinggroup.com

67

Lloyds Banking Group plc operates as the largest UK retail and commercial financial services provider, serving approximately 26 million customers. The company offers a broad range of financial services including retail banking, commercial banking, investment services, and insurance through well-known subsidiaries such as Lloyds Bank, Bank of Scotland, Halifax, and Scottish Widows. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency targeting UK retail and commercial customers. Technically, the site is built on Adobe Experience Manager and integrates modern analytics and tag management tools such as Google Tag Manager and Tealium, alongside accessibility features like the ReciteMe toolbar. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. WHOIS data is unavailable from the provided raw output, which is unusual for a corporate domain but the website content and branding strongly indicate legitimacy. Overall, the site demonstrates a high level of professionalism, accessibility, and compliance with privacy regulations.

BNP Paribas CIB is a globally recognized financial services firm specializing in corporate and institutional banking, offering a broad range of services including capital markets, securities services, advisory, finance, and treasury. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to corporate clients. Technically, the site is built on WordPress with modern SEO and cookie consent tools, ensuring good performance and compliance with privacy regulations. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and published policies. Overall, the domain registration and website content align well, indicating a trustworthy and legitimate corporate entity.

K

Krajská zdravotní, a.s.

kzcr.eu

47

Krajská zdravotní, a.s. is a major healthcare provider operating multiple hospitals and specialized medical services in the Ústecký region of the Czech Republic. The website serves patients, healthcare professionals, and employees with information about services, news, and organizational details. The company holds a strong regional market position as a public healthcare entity. Technically, the website is built on ASP.NET Web Forms with standard web technologies and includes modern features such as Google Tag Manager and cookie consent mechanisms. Security posture is adequate with HTTPS enforced and secure form handling, but lacks advanced security headers and incident response disclosures. Overall, the site is professional, trustworthy, and compliant with basic privacy regulations, though improvements in security transparency and contact information visibility are recommended.

A

Astana International Exchange

aix.kz

71

Astana International Exchange (AIX) is a regional stock exchange established in 2016 and operating under the Astana International Financial Centre (AIFC) framework. It serves as a key financial market gateway for Kazakhstan and Central Asia, offering trading, clearing, settlement, and market data services. The exchange benefits from strong international partnerships with shareholders such as Goldman Sachs, Shanghai Stock Exchange, NASDAQ, and the Silk Road Fund, positioning it as a credible and trusted market player in the region. The website reflects a professional and well-maintained digital presence with comprehensive business information and regulatory compliance documentation. Technically, the site is built on WordPress with modern SEO and analytics tools, providing good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site demonstrates a mature digital infrastructure aligned with its business goals and regulatory environment.

Н

Національний депозитарій України (НДУ)

csd.ua

60

Національний депозитарій України (НДУ) є ключовим центральним депозитарієм цінних паперів в Україні, що надає широкий спектр фінансових послуг, включаючи облік депозитарних активів, ведення реєстрів, організацію зборів акціонерів та підтримку клієнтів через спеціалізовані портали. Сайт орієнтований на емітентів, депозитарні установи, клієнтів та учасників ринку цінних паперів, демонструючи професійний підхід та стабільну позицію на ринку.

K

Krajowy Depozyt Papierów Wartościowych S.A.

kdpw.pl

54

Krajowy Depozyt Papierów Wartościowych S.A. (KDPW) operates as Poland's central securities depository, providing essential services such as securities registration, transaction reporting, and code assignment (LEI, ISIN, CFI, FISN). The company targets financial market participants including issuers, direct participants, pension funds, and other financial institutions. KDPW holds a key market position as a national financial infrastructure entity, offering a broad portfolio of services including innovative blockchain-based IT solutions and compensation systems. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive service descriptions. Technically, the website employs modern JavaScript libraries such as jQuery, Bootstrap, and Swiper.js, alongside Google Analytics and Tag Manager for analytics. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Overall, the security posture is robust, with no critical vulnerabilities detected. The absence of WHOIS data is typical for .pl domains and does not detract from the site's legitimacy, which is supported by consistent branding, clear business information, and a professional online presence. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving accessibility features to further strengthen compliance and trust.

K

KELER Zrt.

keler.hu

64

KELER Zrt. is a leading central securities depository and clearing house in Central and Eastern Europe with over 30 years of experience. The company provides comprehensive financial market infrastructure services, including securities custody, clearing, and facilitating Target2-Securities benefits. The website reflects a professional and modern digital presence built on React and Next.js frameworks, integrated with Sense/Net CMS and Google Tag Manager for analytics and marketing. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly detailed. Privacy compliance is well addressed with a cookie consent mechanism and a clear privacy policy. Overall, the website demonstrates high business credibility and technical maturity, supporting KELER's market position as a trusted financial institution.

E

Euronext

euronext.com

63

Euronext operates as a leading pan-European stock exchange and market infrastructure provider, offering a comprehensive suite of services including listing, trading, clearing, settlement, and market data solutions. The website reflects a mature and professional digital presence, built on Drupal 10 with modern UI components and optimized for mobile devices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published incident response contacts are absent. The absence of WHOIS data is notable but does not detract from the website's legitimacy given the professional content and market position. Overall, the site supports Euronext's role as a critical financial market infrastructure entity.

E

Een initiatief van samenwerkende banken

voorkomfraude.nl

77

Voorkomfraude.nl is a Dutch fraud awareness and prevention platform initiated by collaborating banks, aimed at educating the general public about recognizing and preventing various types of fraud. The website offers comprehensive information, including fraud types, educational videos, podcasts, and tools to report fraud. It holds a trusted position in the financial sector within the Netherlands, supported by its consistent branding and professional content. Technically, the website is built on WordPress with modern plugins such as Yoast SEO Premium and EWWW Image Optimizer, ensuring good SEO, accessibility, and performance. The site uses HTTPS with DNSSEC enabled, indicating a strong security foundation. Cookie consent mechanisms and privacy policies demonstrate GDPR compliance, although explicit security and incident response policies are not published. Security posture is solid with no detected vulnerabilities or exposed sensitive data. The site uses Clearsite Security plugin and Google Tag Manager for analytics and tracking, maintaining a balance between user experience and privacy compliance. No WAF or blocking mechanisms interfere with content accessibility. Overall, the site scores well on content quality, technical implementation, security, privacy compliance, and business credibility, making it a reliable resource for fraud prevention education. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure mechanisms to further enhance trust and compliance.

A

Annertech

annertech.com

62

Annertech is a specialized digital agency focused on delivering ambitious digital experiences primarily using Drupal technology. The company targets governments, non-profits, and enterprises mainly across Ireland, positioning itself as a trusted partner in the digital transformation space. Their key services include Drupal development and enterprise digital solutions, supported by a professional and well-branded website that reflects their market positioning. Technically, the website is built on Drupal 10, leveraging modern analytics tools such as Matomo and Google Analytics, and employs Cookiebot for GDPR-compliant cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital infrastructure. The use of Google Tag Manager and other marketing tools further supports their digital marketing efforts. From a security perspective, the website enforces HTTPS and includes standard security headers, demonstrating good security hygiene. Cookie consent mechanisms and privacy policies are in place, supporting GDPR compliance. However, the absence of explicit security policies, incident response contacts, and Terms of Service pages suggests areas for improvement in transparency and governance. Overall, the website presents a professional and trustworthy digital presence with moderate risk due to incomplete WHOIS data and missing contact information. Strategic recommendations include publishing comprehensive security and incident response policies, adding Terms of Service, and enhancing contact transparency to improve trust and compliance.

I

International Swaps and Derivatives Association, Inc. (ISDA)

swapsinfo.org

59

ISDA SwapsInfo is a specialized financial data platform affiliated with the International Swaps and Derivatives Association, Inc. (ISDA). It provides transparency and detailed analytics on over-the-counter derivatives markets, focusing on interest rate and credit derivatives. The platform offers interactive charts, downloadable data, and weekly market analysis reports, targeting financial professionals, regulators, and market participants. The website content is professionally presented, consistent with ISDA's branding, and leverages authoritative data sources such as DTCC and BIS.

C

CzechTourism

czechtourism.com

71

CzechTourism is a government agency under the Ministry for Regional Development of the Czech Republic, focused on promoting tourism within the country. The website serves as an official platform to disseminate information and market the Czech Republic as a travel destination. The site uses modern web technologies such as Vue.js and integrates marketing tools like Google Tag Manager and reCAPTCHA, indicating a moderate level of digital maturity. However, the absence of visible privacy and cookie policies and lack of security headers suggest areas for improvement in compliance and security. The WHOIS data is not publicly available, likely due to privacy protection, which is justified for a government entity. Overall, the site is professional and trustworthy but could enhance its security posture and privacy transparency.

I

Počasí - předpověď počasí, aktuální informace | In-počasí

in-pocasi.eu

45

The website www.in-pocasi.cz is a Czech language weather forecasting portal providing detailed meteorological information including current weather, radar maps, numerical models, and weather news. It targets the general public interested in weather updates primarily in the Czech Republic. The business model appears to be advertising-supported, leveraging multiple ad networks and tracking services integrated with a consent management platform to comply with privacy regulations. Technically, the site uses modern web technologies such as SVG for interactive maps, JavaScript libraries for UI and analytics, and is served over HTTPS ensuring secure communication. The site is mobile optimized and accessible with good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers are not clearly visible in the provided data. The absence of WHOIS registration data is a notable gap, reducing domain trustworthiness, but the website content and technology usage suggest a legitimate media service. Privacy compliance is partially met with cookie consent but lacks a clearly identified privacy policy page. Overall, the site is professional and trustworthy for its intended purpose.

C

Coinmate s.r.o

golf18.cz

67

Coinmate s.r.o operates a leading Czech cryptocurrency exchange platform focused on serving European customers, particularly those trading in euros and Czech koruna. Established in 2013, the company offers a range of services including quick buy options, automated recurring purchases, a professional trading platform integrated with TradingView, and API access for trading bots. The platform emphasizes security, regulatory compliance, and customer trust, supported by local financial institutions and advanced custody infrastructure. Technically, the website is built on modern Angular framework with integrations for analytics, marketing, and cookie consent, hosted behind Cloudflare for performance and security. Security posture is strong with HTTPS, 2FA, and separation of client funds, though explicit security policies and vulnerability disclosures could be improved. Overall, Coinmate presents a professional, trustworthy, and technically mature platform with a solid market position in the European crypto exchange sector.

S

Startups Magazine

startupsmagazine.co.uk

61

Startups Magazine is a UK-based digital and print media company focused on providing content and resources for tech startups and entrepreneurs. The website offers articles, podcasts, events, and magazines tailored to the startup ecosystem, positioning itself as a niche media outlet with a small but professional presence. The company was founded in 2018 and maintains a consistent brand image and active social media engagement. Technically, the website is built on Drupal 8 CMS, hosted via GoDaddy, and integrates multiple marketing and analytics tools including Google Analytics, Facebook Pixel, HubSpot, and Apollo.io. The site is mobile-optimized and performs moderately well with good SEO and accessibility basics. Security-wise, the site uses HTTPS with good SSL configuration and some security headers but lacks published security policies or incident response contacts. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected, which could pose GDPR compliance risks. Overall, the site is trustworthy and professional but could improve privacy and security transparency.

Z

Zlínský kraj

socialnisluzbyzk.cz

59

The website socialnisluzbyzk.cz serves as an official electronic catalog of social services for the Zlínský kraj region in the Czech Republic. It is operated by the regional government and provides comprehensive information and resources for users seeking social assistance, including detailed service listings, contact information, and guidance for various life situations. The site targets a broad audience including potential service users, their families, and social service professionals. The business model is a public service platform aimed at facilitating access to social care resources regionally. Technically, the website employs a traditional tech stack with jQuery, Bootstrap, and Select2 for UI components, alongside Google Tag Manager for analytics and Cloudflare Turnstile for spam protection on contact forms. The site appears to be custom-built without a common CMS and is hosted likely via the registrar's infrastructure. Performance and mobile optimization are moderate, with basic accessibility features and good SEO practices. From a security perspective, the site uses HTTPS and includes anti-spam measures but lacks visible security headers such as CSP or HSTS. There are no privacy or cookie policies published, which is a compliance gap under GDPR. The WHOIS data confirms the domain's legitimacy and consistency with the regional government entity. Overall, the security posture is moderate but could be improved with enhanced headers and explicit privacy compliance. The overall risk assessment is low given the site's public service nature and lack of sensitive transactions, but improvements in privacy transparency and security hardening are recommended to enhance trust and compliance.

P

Poski.com s.r.o.

poski.com

51

Poski.com s.r.o. is a Czech Republic-based technology company specializing in modern web design, e-commerce solutions, real estate software, and creative online marketing services. With over 20 years of market presence and more than 1000 successful projects, Poski.com positions itself as a trusted regional player serving businesses seeking digital growth and tailored online solutions. Their offerings include custom e-shop development, real estate CRM software, and comprehensive marketing strategies aimed at boosting client success. The website reflects a professional and well-structured digital presence with extensive client testimonials and case studies, reinforcing their credibility and market position. Technically, the website employs a modern technology stack including Google Analytics, Google Tag Manager, Facebook Pixel, Hotjar, and other marketing and tracking tools. The site is mobile-optimized, SEO-friendly, and demonstrates good performance and accessibility standards. Cookie consent mechanisms and privacy policies are well implemented, indicating compliance with GDPR requirements. However, no explicit CMS or hosting provider information was detected. From a security perspective, the site uses HTTPS and has implemented cookie consent, but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were found in the analysis, but recommendations include adding security headers, publishing a security policy, and establishing a vulnerability disclosure program to enhance security posture. Overall, Poski.com presents a trustworthy and professional business website with strong content quality and digital maturity. The main concern lies in the absence of WHOIS registration data, which is inconsistent with the active and established nature of the business. This discrepancy warrants further investigation but does not currently undermine the operational legitimacy of the company. Strategic recommendations focus on improving security transparency and WHOIS data consistency to strengthen trust and compliance.

A

Aerofilms s.r.o.

aerofilms.cz

41

Aerofilms s.r.o. operates as a niche film distributor focused on delivering quality films and cultural content to cinemas in the Czech Republic. Their business model includes film distribution, live broadcasts to cinemas, and an online streaming partnership with KVIFF.TV, targeting cinema audiences and film enthusiasts. The website is professionally designed with consistent branding and good content quality, supporting their market position as a specialized media distributor. Technically, the website uses AngularJS framework, integrates Google Tag Manager and Analytics, and employs multiple marketing and tracking tools such as Hotjar and DoubleClick. The site is mobile optimized with good SEO practices, though accessibility could be improved. Performance is moderate, and the site uses HTTPS with cookie consent mechanisms aligned with GDPR requirements. From a security perspective, the site enforces HTTPS and provides granular cookie consent controls, but lacks visible security headers which could enhance protection. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain is a concern for transparency but does not currently impact the operational legitimacy of the business. Overall, the website presents a low-risk profile with good privacy compliance and professional business credibility. Strategic improvements in security headers, accessibility, and domain transparency would further strengthen their security posture and trustworthiness.

N

Nadace SOVA

nadacesova.cz

51

Nadace SOVA is a Czech non-profit foundation dedicated to supporting children, education, research, and healthcare through financial contributions and partnerships. The website is professionally designed using simploCMS and integrates modern analytics tools such as Google Analytics and Google Tag Manager. The site is fully accessible and mobile-optimized, providing detailed information about supported projects and beneficiaries. However, the absence of WHOIS data limits the ability to verify domain registration legitimacy. Security posture is strong with HTTPS enabled and asynchronous script loading, but the site lacks explicit privacy and cookie policies, as well as clear contact information for security or data protection inquiries. Overall, the foundation presents a trustworthy and professional image, but improvements in transparency and compliance documentation are recommended.

M

Material & Technology s.r.o.

kliky-mt.cz

62

Material & Technology s.r.o. operates the website www.kliky-mt.cz, specializing in the manufacture and sale of high-quality door and window handles and fittings under the M&T brand. The company positions itself as a leading Czech manufacturer with a focus on design innovation and quality craftsmanship. Their business model includes direct sales through an e-shop and a network of distributors and service points. The website is professionally designed, mobile-optimized, and provides rich content including product catalogs, company information, and social media integration. Technically, the website employs modern web technologies such as Bootstrap, jQuery, FontAwesome, and integrates Google Analytics and Google Tag Manager for tracking and marketing purposes. The site shows good performance and SEO practices but lacks visible security headers and a published privacy policy page, which are important for compliance and security assurance. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism with granular user options, indicating awareness of privacy regulations. However, the absence of a privacy policy, security.txt, and incident response contacts are gaps that should be addressed. The WHOIS data for the domain is unavailable, which limits the ability to fully verify domain legitimacy and registration details. Overall, the website is trustworthy and professional but would benefit from enhanced transparency in privacy and security policies and verification of domain registration details to improve trust and compliance.

K

Kino Světozor

kinosvetozor.cz

62

Kino Světozor is a well-established art-house cinema located in Prague, Czechia, operating since 2004. It offers a curated program of contemporary cinema, including art-house films, mainstream quality movies, festivals, and live broadcasts. The website reflects a professional and consistent brand image targeting cinema enthusiasts and cultural event attendees. Technically, the site uses modern JavaScript libraries such as jQuery and integrates Google Tag Manager and YouTube APIs for enhanced user experience and analytics. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security headers and formal security policies. Contact information is clearly provided, supporting business credibility. Overall, the site is content-rich, user-friendly, and trustworthy, with room for improvement in privacy and security disclosures.

T

TRADE CENTRE PRAHA, a.s.

sutka.eu

48

Aquacentrum Šutka is a well-established aquatic and wellness center located in Prague, operated by TRADE CENTRE PRAHA, a.s. The facility offers a variety of services including a 50-meter indoor pool, wellness saunas, children's pools, and recreational water attractions. The website is professionally designed, providing clear navigation and relevant content primarily in Czech with English language support. The business targets families, swimmers, and wellness enthusiasts in the local region. Technically, the site uses common web technologies such as jQuery, Google Tag Manager, and Facebook SDK, and is built on the Nette Framework. Security measures include cookie consent and GDPR compliance mechanisms, though explicit security headers are not evident in the source. The WHOIS data is not publicly available due to EURid privacy policies, but the website content and business information indicate a legitimate and consistent operation. Overall, the site demonstrates a good balance of content quality, technical implementation, and business credibility.

M

Městská část Praha 10

praha10.cz

51

Městská část Praha 10 operates an official municipal website serving residents and visitors of the Praha 10 district in the Czech Republic. The site provides comprehensive information about local government activities, public services, events, and contact details. It serves as a key communication channel between the municipal office and the community, offering e-services such as document requests and visit reservations. The website maintains a consistent brand identity and targets a general audience including citizens, local businesses, and public service users. Technically, the website is built on ASP.NET WebForms with Telerik UI components and uses the EasyDNNnews CMS platform. It incorporates several JavaScript libraries including jQuery 1.9.1 and jQuery UI, along with third-party integrations like Google Custom Search, Facebook Pixel, Google Tag Manager, and Zendesk for customer support. The site is mobile-optimized, accessible, and performs moderately well, though some outdated libraries present potential security risks. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks some modern security headers such as Content-Security-Policy and X-Frame-Options, and uses an outdated jQuery version which could expose it to vulnerabilities. No explicit security policies or incident response contacts are published. The WHOIS data confirms the domain's legitimacy and long-standing presence since 1998, consistent with a municipal entity. Overall, the website is professional, trustworthy, and serves its purpose effectively. Strategic improvements in updating JavaScript libraries, enhancing security headers, and publishing security policies would strengthen its security posture and compliance. The site poses low risk and is suitable for general audiences.

T

TANZANIA PARK

tanzania-park.cz

52

TANZANIA PARK is a small-scale children's entertainment center located in Prague, Czech Republic, offering a variety of indoor attractions and birthday party services. The website presents a professional and family-friendly image with clear information about its services and events. The technical infrastructure is based on Webnode CMS, leveraging AWS Cloudfront CDN and Google Analytics for performance and tracking. While the site uses HTTPS and has a valid SSL certificate, it lacks some security headers and a cookie consent mechanism, which are areas for improvement. The absence of WHOIS data limits full domain legitimacy verification but does not detract significantly from the business's apparent authenticity. Overall, the website is well-structured, visually appealing, and targets families with children effectively.

I

IAM ILLUSION ART MUSEUM PRAGUE

iamprague.eu

62

IAM Illusion Art Museum Prague is a niche cultural institution focused on interactive optical illusions and trick art, located in the historic center of Prague. The museum offers immersive exhibitions featuring works by Czech and international artists, augmented reality experiences, and interactive installations. The business model centers on ticket sales and providing unique art experiences to tourists, families, and art enthusiasts. The website is professionally designed using WordPress and modern web technologies, with good mobile optimization and clear navigation. However, it lacks explicit privacy and security policies, which could be improved to enhance compliance and user trust. Security posture is solid with HTTPS and no visible vulnerabilities, but security headers and incident response information are missing. Overall, the site is trustworthy and well-positioned in its niche market, with room for improvement in privacy compliance and security transparency.

P

Pizza Hut

pizzahut.cz

57

Pizza Hut Czech Republic operates a professional and well-established online platform for pizza ordering, delivery, and takeaway services. The website reflects a mature digital presence with consistent branding and clear business information. The company is part of AmRest s.r.o., a recognized hospitality operator, and the domain registration aligns with this entity, confirming legitimacy. The site targets a general audience seeking convenient food ordering options with a focus on speed and user experience. Technically, the website leverages modern frameworks such as Next.js and integrates multiple analytics and marketing tools including Piwik PRO, Google Tag Manager, and SalesManago. Hosting is managed via Azure DNS, ensuring reliable infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers and a public security policy or incident response contacts are not found, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enhancing security header implementation, publishing a security policy, and establishing a vulnerability disclosure channel to further strengthen trust and compliance.

S

SLUSNY

slusny.net

57

SLUSNY is a Czech Republic-based e-commerce retailer specializing in yoyos, claiming to have the largest selection in the country and led by European champions. The website is built on WordPress with WooCommerce and Elementor, indicating a mature digital infrastructure suitable for retail operations. The site includes modern marketing and analytics tools such as Google Tag Manager and Leadhub, supporting data-driven marketing efforts. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is partially addressed with a cookie consent mechanism, though no explicit privacy policy or terms of service were found in the analyzed content. Overall, the website presents a professional retail presence with room for improvement in privacy and security transparency.

N

Neviditelná výstava – Když jsi veden smysly…

neviditelna.cz

46

Neviditelná výstava is a Czech-based exhibition website offering cultural experiences, ticket sales, and gift vouchers. The site targets a general audience interested in sensory and cultural exhibitions. The business appears to be small-sized and established since 2010, with a consistent domain registration and hosting aligned with its Czech origin. Technically, the website is built on WordPress using popular plugins such as WPBakery Page Builder and WPML for multilingual support. It employs Google Analytics and Tag Manager for tracking and uses Google reCAPTCHA for form security. However, the site lacks explicit privacy and cookie policies, which impacts its privacy compliance score. Security headers are not evident, suggesting room for improvement in security hardening. Overall, the website is professionally designed with good user experience and mobile optimization but needs enhancements in privacy and security disclosures.

A

Arval BNP Paribas Group

arval.cz

69

Arval.cz is a professional website representing Arval BNP Paribas Group's vehicle leasing services in the Czech Republic. The company specializes in full-service operational leasing solutions for individuals, entrepreneurs, and companies, offering new and used vehicles with flexible leasing terms. The website is well-structured, mobile-optimized, and uses modern technologies such as Drupal 10, Google Tag Manager, and OneTrust for cookie consent, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly visible. The absence of WHOIS data limits domain trust analysis, but the site’s branding and content strongly indicate legitimacy and affiliation with BNP Paribas Group.

B

BaSys.cz

basys.cz

68

BaSys.cz operates as an e-commerce platform specializing in professional audio equipment, targeting audio professionals and enthusiasts primarily in the Czech Republic. The website presents a focused product offering with brands like Pioneer, Bose, and Behringer, positioning itself as a niche retailer in the audio equipment market. The business model is centered on online retail with a medium-sized market presence. Technically, the site is built on Magento CMS, utilizing common web technologies such as jQuery, Bootstrap, and Google Tag Manager, indicating a moderate level of digital maturity. The site is mobile-optimized and includes cookie consent mechanisms, reflecting basic compliance with privacy regulations. Security posture is adequate with HTTPS enabled and some best practices observed, though the absence of security headers and explicit security policies suggests room for improvement. The lack of WHOIS data and absence of visible privacy policy or contact information reduce overall trust and transparency. Strategic recommendations include enhancing transparency through published policies, improving security headers, and providing clear contact channels for incident response.

R

RotaGroup, a.s.

rotagroup.cz

51

RotaGroup, a.s. is a Czech Republic based project and engineering company specializing in construction design, engineering activities, construction supervision, and BREEAM building certification. The company targets both small and large investors across the Czech Republic and has been operating since 2006. Their website presents a professional image with clear service offerings and references to recent projects, indicating an active and established market presence. Technically, the website uses HTTPS with valid SSL, Google Analytics, Google Tag Manager, and reCAPTCHA for security and analytics. The site is built on a proprietary CMS (AITOM CMS) and includes a cookie consent mechanism compliant with GDPR. Security posture is good but could be improved by adding security headers and explicit security policies. WHOIS data is missing, which reduces transparency and trustworthiness, but the website content and business presentation support legitimacy. Overall, the site is well-structured, mobile-optimized, and provides a good user experience.

P

PSHK s.r.o.

pshk.cz

52

PSHK s.r.o. is a Czech-based digital agency specializing in modern website and e-shop development combined with online marketing services such as PPC, SEO, and product feed management. The company targets small to medium enterprises, startups, non-profits, and municipalities, offering tailored web solutions and marketing strategies. Their market position is supported by over 15 years of experience and a strong portfolio of satisfied clients, as evidenced by numerous testimonials and certifications from reputable partners like Google and Seznam. Technically, the website is built on Joomla CMS, uses modern web fonts, Google Tag Manager, and Google Maps API, and is well optimized for mobile devices. Security posture is good with HTTPS enforced and anti-spam measures in forms, though some security headers are missing and no cookie consent mechanism is present. The absence of WHOIS data for the domain reduces trust slightly but does not outweigh the strong business credibility demonstrated on the site. Overall, PSHK presents as a professional and trustworthy digital service provider with a solid technical foundation and good compliance practices.

U

Univerzita Hradec Králové

uhk.cz

68

Univerzita Hradec Králové is a public university based in the Czech Republic, offering a wide range of higher education programs, lifelong learning courses, and active research initiatives. The institution targets students, academic staff, researchers, and international partners, positioning itself as a regional educational leader with multiple faculties and comprehensive academic services. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the website employs modern web technologies including Google Tag Manager, Google reCAPTCHA, and Turbolinks, ensuring a responsive and accessible user experience. The site is optimized for mobile devices and incorporates SEO best practices, although some improvements in hosting transparency and CMS identification could be made. From a security perspective, the site enforces HTTPS, uses reCAPTCHA for form protection, and implements a cookie consent mechanism compliant with GDPR. However, explicit security headers and incident response information are not present, suggesting room for enhancement in security posture and transparency. Overall, the website presents a trustworthy and professional front for the university, though the absence of WHOIS data limits full domain legitimacy verification. Strategic recommendations include improving security headers, publishing a security policy, and providing clear security incident contacts to bolster trust and compliance.

G

Givt

givt.cz

52

Givt.cz is a Czech non-profit platform established in 2015 that enables users to support over 3000 charitable organizations through their regular online shopping without paying extra. The platform integrates with numerous e-shops, displaying the percentage of purchase value donated to the selected charity. The website is professionally designed with good navigation and mobile optimization, reflecting a mature digital presence. Technically, it employs modern web technologies including Google Tag Manager and Analytics, with secure HTTPS hosting by REG-WEDOS. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response policies are not explicitly published. Privacy compliance is strong, with a comprehensive privacy policy and GDPR-aligned cookie consent. Overall, the site is trustworthy and well-positioned in the non-profit e-commerce donation sector.

Nadační fond Albert is a well-established Czech non-profit foundation focused on promoting healthy living and providing aid to socially disadvantaged children and organizations. Founded in 2009, it operates various educational and charitable projects, including grant programs and material assistance. The foundation maintains a professional online presence with clear branding, comprehensive privacy and cookie policies, and active social media engagement. Technically, the website uses modern frontend technologies such as Font Awesome, Swiper.js, and Google Tag Manager, hosted on Czech infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly documented. Overall, the site is trustworthy, compliant with GDPR, and serves its target audience effectively.

B

BigHub

bighub.cz

64

BigHub is a Czech-based AI consultancy and custom AI solutions provider established in 2016. The company specializes in helping enterprises leverage AI for competitive advantage through AI strategy, data engineering, and tailored AI applications across multiple industries including energy, retail, insurance, and healthcare. Their market position is supported by strong client testimonials, certifications, and partnerships with major technology providers such as Microsoft, Google, and Amazon. Technically, the website is built on Webflow with modern JavaScript libraries and analytics tools, demonstrating a mature digital presence with good performance and mobile optimization. Security posture is solid with HTTPS and captcha protections, though some security headers and explicit privacy policies are missing. WHOIS data is incomplete, limiting transparency on domain ownership, but the business credibility is supported by extensive case studies and certifications. Overall, the site reflects a professional and trustworthy AI service provider with room for improvement in privacy compliance and security disclosures.

T

The Procter & Gamble Company

pg.com

76

The Procter & Gamble Company operates a comprehensive and professionally designed website at us.pg.com, serving as a digital presence for its consumer goods business in the United States. The company is a global leader in manufacturing and retail of consumer products, with a strong emphasis on sustainability, innovation, and community impact. The website reflects a mature digital infrastructure using modern technologies such as React and Next.js, hosted on Azure, and integrates advanced analytics and consent management tools to ensure compliance and user experience. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security headers should be verified. Privacy compliance is robust, with clear policies and consent mechanisms in place. The WHOIS data for the subdomain is unavailable, which is typical for subdomains, but the main domain pg.com is a well-established and trusted corporate domain. Overall, the website demonstrates high professionalism, trustworthiness, and technical maturity.

D

Digital Solutions s.r.o.

digitalsolutions.cz

54

Digital Solutions s.r.o. is a Czech Republic-based company specializing in custom software development, including information systems, web, and mobile applications. Established in 2003, the company targets businesses seeking tailored software solutions, emphasizing rapid delivery even for large projects. The website reflects a professional and consistent brand presence with a clear focus on technology services. Technically, the site employs modern frameworks such as Nuxt.js and Vue.js, hosted on a Czech hosting provider, and uses Craft CMS as its content management system. Performance and mobile optimization are good, though accessibility is basic. Security-wise, HTTPS is enforced, and cookie consent is managed via Cookiebot, but the site lacks published privacy policies, terms of service, and explicit security policies, which are areas for improvement. Tracking technologies include Piwik PRO and Google Tag Manager, indicating moderate user tracking with basic privacy compliance. The domain WHOIS data is consistent with the business claims, showing a long-standing registration since 2003, enhancing trustworthiness. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.