High-risk security reports

T

TOSIN, s.r.o.

parochne.com

47

Parochne.com is an e-commerce and retail business specializing in wigs, hair extensions, and related hair care products, operating primarily in Slovakia with multiple physical store locations. The website presents a professional and consistent brand image targeting general consumers interested in hair solutions. The technical infrastructure includes modern UI libraries and Google services, with moderate performance and good mobile optimization. Security posture is moderate with use of HTTPS and reCAPTCHA but lacks explicit security headers and privacy policy documentation. WHOIS data is missing or unavailable, which raises concerns about domain legitimacy despite active website presence. Overall, the site is functional and trustworthy for retail customers but would benefit from improved transparency and security practices.

Č

České centrum fundraisingu

frin.cz

48

České centrum fundraisingu operates FRIN.cz, an annual acceleration program designed to support Czech charitable organizations in enhancing their fundraising campaigns. The website presents a professional and well-structured platform offering mentoring, training, and resources tailored to non-profits. The organization is well-established, with a domain age dating back to 2001, and maintains partnerships with reputable entities such as Erste Stiftung and Česká spořitelna. Technically, the site leverages WordPress with modern frameworks and plugins, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS, cookie consent, and use of security plugins, though explicit security policies and incident response details are not publicly available. Overall, the site demonstrates high trustworthiness and compliance with GDPR, supported by accessible privacy and cookie policies.

Jiří Pytela operates a small-scale IT service business based in the Czech Republic, specializing in computer and network management, web design, and training services. The website presents clear service offerings and contact information, targeting individuals and small businesses seeking IT support and education. The digital presence is basic but functional, with moderate mobile optimization and use of Google Analytics for visitor tracking. However, the absence of privacy and cookie policies, as well as missing WHOIS registration data, indicates gaps in compliance and trustworthiness. Security posture is limited, with no detected security headers and unknown SSL status, suggesting room for improvement in protecting user data and enhancing site security. Overall, the website serves its purpose as a local IT service portal but would benefit from enhanced security and compliance measures.

HESTEGO a.s. is a Czech company specializing in GDPR compliance and personal data processing services. The website provides comprehensive information about data processing practices, legal bases, data subject rights, and contact details for data protection officers. The company targets businesses and individuals requiring GDPR-related services, positioning itself as a niche provider in the Czech market. The website is professionally designed using Bootstrap and jQuery, with a focus on clarity and compliance information. Technical infrastructure is moderate with standard web technologies and no detected CMS or advanced platforms. Security posture is adequate but could be improved by adding security headers and formal security policies. No cookie policy or terms of service are present, which are recommended for full compliance. Overall, the site is safe, professional, and trustworthy with clear business legitimacy supported by consistent WHOIS data.

The website projekty4g.cz presents an extremely minimal online presence with only a single image and no textual or metadata content. The domain is registered since 2013, indicating some longevity, but the lack of content and contact information suggests the site is either under construction or abandoned. There is no evidence of privacy, cookie, or terms of service policies, nor any security or incident response information. The technical infrastructure is minimal with no detectable CMS, frameworks, or scripts, and no security headers or HTTPS status provided. Overall, the digital maturity is very low, and the site lacks basic security and compliance features.

V

Vertical Images s.r.o.

survia.cz

44

SURVIA, operated by Vertical Images s.r.o., is a specialized service provider offering drone-based data acquisition primarily for precision agriculture, forestry, and scientific research in the Czech Republic. The company provides consulting services to support UAV deployment and decision-making in agricultural contexts. The website presents a professional image with clear service descriptions and contact information, targeting farmers, researchers, and related professionals. Technically, the site uses legacy jQuery, Google Analytics, and Google reCAPTCHA, with responsive design for mobile devices. However, the absence of WHOIS data and missing explicit privacy and cookie policies reduce transparency and privacy compliance. Security posture is moderate with room for improvement in headers and library updates. Overall, the site is functional and professional but would benefit from enhanced security and compliance measures.

The website www.izic.cz currently serves as a placeholder page indicating that a new website is under preparation. It provides minimal business information limited to a contact phone number and email address. The lack of substantive content, privacy policies, or terms of service suggests the site is not yet operational or publicly launched. The domain WHOIS data is unavailable, indicating the domain may be unregistered, recently registered, or privacy-protected with no public data. This raises concerns about the legitimacy and trustworthiness of the domain at this time. Technically, the site is minimalistic, loading only Google Fonts and basic HTML/CSS. There is no evidence of a CMS, analytics, or security headers. The site is accessible without WAF or security challenges but lacks HTTPS information, which is critical for secure communications. Mobile optimization and SEO are basic at best due to the placeholder nature. From a security perspective, the absence of HTTPS, security headers, and privacy policies represents significant vulnerabilities and compliance gaps. No incident response or security contact information is provided. The site does not collect user data via forms or tracking scripts, reducing immediate risk but also limiting business functionality. Overall, the site scores very low on content quality, technical implementation, security posture, privacy compliance, and business credibility. Strategic recommendations include securing the domain registration, implementing HTTPS, developing comprehensive privacy and cookie policies, enhancing website content and structure, and establishing security best practices before public launch.

S

strava.cz

strava.cz

41

The website at app.strava.cz/en is a minimal Next.js-based web application with very limited visible content or business information. The site appears to be a frontend application scaffold or a partial deployment without accessible privacy policies, terms of service, or contact details. The technical infrastructure is modern, leveraging React and Next.js frameworks, but lacks visible SEO, accessibility, or performance optimizations. Security posture cannot be fully assessed due to missing headers and SSL details, and no explicit security or incident response policies are found. Overall, the site is accessible and safe but lacks substantive content and compliance indicators, resulting in a low trust and credibility score.

E

EPS Financial

epstax.net

36

EPS Financial operates as a specialized financial services provider catering to independent tax offices, offering a suite of tax-related financial products including refund transfer programs, taxpayer advance loans, tax office loans, and merchant services tailored for tax professionals. The company positions itself as a low-cost industry leader with a significant market presence, serving over 43,000 tax offices. Technically, the website is built on WordPress with modern integrations such as Google Analytics, Google Tag Manager, and Marketo for marketing automation, reflecting a mature digital infrastructure. The site is mobile optimized and employs standard SEO practices, though accessibility features are basic. Security posture is moderate with HTTPS enforced but lacks explicit security headers and detailed privacy policies, which are areas for improvement. The WHOIS data is missing or indicates the domain may be unregistered or expired, which raises concerns about domain legitimacy despite the professional website presence. Overall, the website is functional and professional but requires enhanced transparency and security hardening to improve trust and compliance.

B

Betadenta s. r. o.

dental-hub.cz

46

Dental HUB Brno is a newly established dental center located in Brno, Czech Republic, offering comprehensive dental care and dental hygiene services. The center features two dentists and a dental hygiene team, providing services such as surgery, conservative dentistry, and pediatric dental care. The website presents a professional image with clear contact information and online appointment booking integration, positioning itself as a modern healthcare provider in the local market. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, hosted by WEDOS, and employs HTTPS for secure communication. However, it lacks explicit privacy and cookie policies, and security headers are not detected, indicating areas for compliance and security improvement. Overall, the site is accessible, well-structured, and suitable for its target audience, but could benefit from enhanced privacy and security measures.

GreenFactory, operated by Velvetleaf s.r.o., is a small retail and hospitality business based in Prague, Czech Republic, specializing in fresh salads with an emphasis on healthy eating. The company offers online ordering and operates multiple physical branches, targeting local consumers seeking convenient and nutritious food options. The website is professionally designed with good content quality, clear navigation, and mobile responsiveness, supporting a positive user experience. Technically, the site employs modern frontend technologies including jQuery, Bootstrap, Select2, and Slick Carousel, ensuring a functional and visually appealing interface. While performance is moderate and SEO is basic, the site lacks advanced accessibility features and some security best practices such as security headers and cookie consent mechanisms. From a security perspective, the website enforces HTTPS and does not expose sensitive data, but the absence of security headers and formal privacy and incident response policies indicates room for improvement. The WHOIS data is unavailable, which slightly reduces trustworthiness, though the presence of clear business contact information and customer reviews supports legitimacy. Overall, the site presents a low-risk profile but would benefit from enhanced security and privacy compliance measures.

R

Restpoint s.r.o

prague-catering.cz

41

Prague Catering, operated by Restpoint s.r.o, is a well-established catering service provider in the Czech Republic, specializing in a wide range of catering and event services including cocktails, galas, weddings, and office catering. The company has a strong market presence and has served prestigious events, indicating a reputable position in the hospitality sector. The website is professionally designed with clear navigation and relevant content tailored to event organizers and corporate clients. Technically, the site uses common libraries such as jQuery and Magnific Popup, but lacks advanced frameworks or CMS indications. Security posture is moderate with HTTPS implied but no visible security headers or privacy policy, which are areas for improvement. The cookie consent mechanism is well implemented, supporting GDPR compliance to some extent. Overall, the site is safe, trustworthy, and suitable for general audiences.

D

Digital Deers s.r.o.

digitaldeers.com

47

Digital Deers s.r.o. is a Czech-based digital agency specializing in UX strategy, digital product design, and online business development. The company positions itself as a partner for businesses seeking to increase conversions and customer acquisition through modern digital solutions. With over 14 years of experience and a portfolio of 500+ projects, it holds notable awards such as Effie Czech Republic and WebTop100, indicating a strong market presence in the Czech Republic. The website content is professional, well-structured, and targets business clients in the technology sector. Technically, the website employs modern web technologies including Google Fonts, Google Analytics, Google Tag Manager, and Google Maps API. The site is mobile optimized with good SEO practices and a cookie consent mechanism that supports GDPR compliance. However, no explicit privacy policy or terms of service pages were found, which is a compliance gap. The site lacks visible security headers and a published security or incident response policy. From a security perspective, the site uses HTTPS and has implemented cookie consent controls, but the absence of security headers and WHOIS data raises concerns. The missing WHOIS information suggests either a recent domain registration or privacy protection, which complicates trust verification. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the security posture is moderate but could be improved with better transparency and technical controls. The overall risk assessment is moderate with recommendations to publish privacy and terms policies, implement security headers, and clarify domain registration details. The website is trustworthy and professional but would benefit from enhanced compliance and security transparency to strengthen business credibility and user trust.

R

RekoSnadno.cz

rekosnadno.cz

40

RekoSnadno.cz is a small Czech Republic-based service provider specializing in apartment reconstruction and renovation. The website presents a clear business focus on affordable and easy reconstruction services, targeting homeowners or apartment owners primarily in the Prague area. The business model revolves around providing design consultation and construction services, supported by a showcase of a model reconstruction project to build customer trust. The site is professionally designed with consistent branding and clear navigation, although it lacks some compliance documentation such as privacy and cookie policies. Technically, the website is built on WordPress using Bootstrap 4.1.3, jQuery, and other modern web technologies. It is mobile optimized and includes Google Tag Manager for analytics. Performance is moderate, and SEO practices are good, but accessibility features are basic. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but the absence of security headers and incident response information indicates room for improvement. From a security perspective, the site does not expose sensitive data and uses privacy protection for WHOIS registration, which is typical for small businesses. However, the lack of privacy and cookie policies and missing security headers reduce its compliance and security maturity. No forms or social media links are present, limiting data collection and external exposure. Overall, the site is safe with no adult or questionable content. The overall risk is moderate with recommendations to implement privacy and cookie policies, add security headers, and establish incident response contacts to enhance trust and compliance. The business credibility is strong given clear contact information and professional presentation, but privacy compliance gaps should be addressed to meet GDPR requirements.

S

Stavební firma Myslík

leseni-myslik.cz

45

Stavební firma Myslík operates the website leseni-myslik.cz, specializing in scaffolding construction and rental services focused on elevator shafts primarily in Prague and surrounding regions. The company uses high-quality PERI scaffolding components and employs professionally trained staff, positioning itself as a reliable local service provider. The website content is well-structured and provides clear contact information, though it lacks formal privacy and cookie policies. Technically, the site uses modern frontend frameworks such as Bootstrap and jQuery, hosted on an ASP.NET platform, with Google Analytics for visitor tracking. Security posture is moderate with HTTPS enabled but missing key security headers and formal security policies. Overall, the site is safe, professional, and legitimate, but improvements in compliance and security practices are recommended.

K

Kontejnery Myslík

kontejnery-myslik.cz

41

Kontejnery Myslík appears to be a small local business operating in the transportation sector, likely specializing in container rental and waste management services within the Czech Republic. The website is built on WordPress using the Kadence theme and Kadence blocks plugin, indicating a moderate level of digital maturity. The site is accessible without any web application firewall or security challenge blocking access. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and ownership details. The website lacks key compliance documents such as privacy and cookie policies, and no clear contact information is provided, which impacts business credibility and privacy compliance scores. Security posture is basic with no detected security headers and unknown SSL configuration. Overall, the site provides basic business information and services but would benefit from enhanced security, compliance, and transparency measures.

M

Moravská zemská knihovna v Brně

digitalniknihovna.cz

45

The website www.digitalniknihovna.cz serves as a centralized digital library platform aggregating thousands of digitized documents from a variety of Czech libraries, museums, archives, universities, and other cultural institutions. Operated by the Moravská zemská knihovna v Brně, it targets researchers, academics, and the general public interested in Czech cultural heritage. The platform provides access to works that are otherwise unavailable on the market, positioning itself as a key national digital library aggregator in the Czech Republic. Technically, the website is built using modern web technologies including Angular 15 and Material Design components, ensuring a responsive and accessible user experience. Google Tag Manager is used for analytics and tracking, indicating a moderate level of digital maturity. The site demonstrates good mobile optimization and clear navigation, although SEO and accessibility could be further enhanced. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism, reflecting basic privacy compliance. However, no privacy policy, terms of service, or security headers were detected, and WHOIS data for the domain is unavailable, which limits the ability to fully assess domain legitimacy and security posture. No forms or sensitive data collection points were found on the homepage, reducing immediate risk exposure. Overall, the website appears trustworthy and professionally maintained, with strong institutional backing. Strategic improvements in privacy documentation, security headers, and domain registration transparency would enhance its security posture and compliance standing.

Č

Česká digitální knihovna

ceskadigitalniknihovna.cz

43

Česká digitální knihovna is a Czech national digital library portal providing access to a wide range of digitized cultural heritage materials including books, newspapers, graphics, maps, and sound recordings. The platform targets researchers, students, historians, and the general public interested in Czech cultural heritage. The website is built using modern web technologies such as Angular 15 and Material Design components, ensuring a responsive and accessible user experience. Google Tag Manager is used for analytics and tracking purposes. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and formal privacy and cookie policies. The domain registration is consistent and appropriate for the business age and purpose, indicating legitimacy.

The website 'Spinbara' is a Finnish language site with a modern web design and progressive web app features, indicating a moderate level of technical maturity. However, the site lacks visible business descriptions, contact information, privacy policies, and security disclosures, which limits its transparency and trustworthiness. The absence of security headers and privacy compliance elements suggests a low security posture and potential compliance gaps. Overall, the site appears to be a small-scale or early-stage business with limited public information and minimal digital footprint beyond basic web presence.

PROGEO Jihlava spol. s r.o. is a Czech company specializing in comprehensive geodetic services including 3D laser scanning, cadastral surveying, engineering network measurements, and project staking. The company targets construction professionals, architects, and property owners, positioning itself as a medium-sized regional player with a solid customer base and EU co-financing involvement. The website is built on WordPress, employing common JavaScript libraries and tracking tools such as Google Analytics and Leady, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent implemented, though lacking advanced security headers and a published privacy policy. WHOIS data is unavailable, which slightly reduces domain trust but the website content and contact information indicate a legitimate business presence.

T

TASHA - Nehtová kosmetika, permanentní makeup, depilace a parafín

tasha.cz

38

TASHA is a Czech Republic-based small retail and e-commerce business specializing in nail cosmetics, depilation, paraffin treatments, and permanent makeup products. The website is professionally designed using the PrestaShop platform, featuring a clear navigation structure and mobile optimization. The business targets local consumers and professionals interested in beauty and cosmetic products. The site includes essential e-commerce functionalities such as product categories, shopping cart, and user account management. Technically, the website uses modern web technologies including JSON-LD structured data and Google Fonts, but lacks advanced security headers. The site enforces HTTPS and provides cookie consent mechanisms, indicating a basic level of privacy compliance. Contact information is clearly presented, enhancing business credibility. However, WHOIS data is unavailable due to privacy protection, limiting transparency about domain registration details.

L

Linio Plan, s.r.o.

linioplan.cz

47

Linio Plan, s.r.o. is a Czech-based civil engineering company specializing in the design and project management of transportation infrastructure including roads, bridges, and related engineering structures. Established in 2007, the company offers comprehensive services from initial studies through project documentation and construction supervision. The website reflects a well-established regional player with a clear market position supported by multiple references, awards, and ISO certifications. The business targets clients requiring professional infrastructure project design and consulting services. Technically, the website is built on WordPress using modern libraries such as jQuery, Swiper.js, and AOS for animations, with GDPR compliance implemented via the Complianz plugin. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though additional security headers and explicit security policies could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Overall, the domain registration data aligns well with the business claims, indicating high legitimacy and trustworthiness.

H

Hotel Maximus Resort

maximus-resort.cz

39

Hotel Maximus Resort is a medium-sized hospitality business located in Brno, Czech Republic, offering accommodation, wellness, dining, and event services. The website reflects a well-established regional player with a focus on quality and customer experience. The technical infrastructure is based on WordPress with modern plugins and tracking tools, supporting multilingual content and online booking capabilities. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response details are not publicly disclosed. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a general audience interested in hospitality services.

H

Hotelový resort SEN****

hotelsen.cz

49

Hotelový resort SEN**** is a medium-sized hospitality business located in Senohraby, Czech Republic, offering hotel accommodation, wellness services, restaurant dining, and event hosting. The website presents a professional and well-structured digital presence with multilingual support and integrated booking capabilities. The technical infrastructure is based on WordPress CMS with common plugins for e-commerce, forms, and analytics, indicating a mature digital setup. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies are missing. The absence of WHOIS data reduces transparency and trustworthiness from a domain registration perspective. Overall, the website is functional, user-friendly, and compliant with basic privacy standards, serving its target audience effectively.

K

Knihovna Karla Dvořáčka ve Vyškově

kkdvyskov.cz

38

Knihovna Karla Dvořáčka ve Vyškově is a public library serving the Vyškov region in the Czech Republic, offering a range of educational and cultural services including book lending, e-books, public internet access, and community events. The website positions the library as a community hub with a focus on accessibility and public engagement. Technically, the site uses modern web technologies such as HTML5, CSS3, JavaScript, and integrates Google Analytics with a compliant cookie consent mechanism. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, professional, and compliant with GDPR requirements.

Maják - středisko volného času Vyškov is a contributory organization based in Vyškov, Czech Republic, dedicated to providing leisure time activities, camps, and educational programs primarily for children and youth. The organization offers a variety of seasonal camps, courses, and events designed to engage the local community and foster youth development. The website reflects a well-structured and content-rich platform that supports their mission with detailed program descriptions and partner collaborations. Technically, the website employs a modern frontend stack including Bootstrap, jQuery, and various UI libraries, ensuring a responsive and user-friendly experience. While the site is mobile-optimized and performs moderately well, there is room for improvement in SEO and accessibility compliance. The absence of advanced analytics and tracking indicates a privacy-conscious approach. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism, but lacks visible security headers and formal privacy or terms of service documentation. The WHOIS data is unavailable, which raises concerns about domain registration transparency, although the website content and contact information suggest legitimacy. Overall, the site presents a trustworthy and professional image suitable for its community-focused educational mission. Strategic improvements in security headers, privacy policy publication, and WHOIS transparency would enhance trust and compliance.

Z

ZŠ Vyškov, Purkyňova 39, p. o.

zspurkynovavyskov.cz

46

ZŠ Vyškov, Purkyňova 39, p. o. is a Czech primary school with a long-standing history since 1969, providing comprehensive education with a focus on physical education and healthy lifestyle. The school offers modern facilities, including specialized classrooms and sports amenities, and engages actively with the local community and media. The website is built on WordPress with a modern tech stack and includes multimedia content and cookie consent mechanisms. Security posture is adequate with HTTPS enabled but lacks advanced security headers. WHOIS data is unavailable, limiting domain trust verification. Overall, the site is professional and trustworthy for its educational purpose.

Základní škola a Mateřská škola Vyškov, Letní pole, příspěvková organizace is a well-established educational institution in Vyškov, Czech Republic, providing primary and preschool education services. The website serves as an informational portal for parents and the local community, offering details about school activities, contact information, and organizational structure. The domain has been active since 1998, reflecting a stable and credible presence in the education sector. Technically, the website uses traditional web technologies including HTML5, CSS, and JavaScript libraries such as jQuery, Prototype.js, and Scriptaculous. While functional, the technology stack is somewhat dated, and the site shows basic mobile optimization and accessibility features. SEO is basic but sufficient for the target audience. The site is hosted securely with HTTPS enabled, but lacks modern security headers and cookie consent mechanisms. From a security perspective, the site demonstrates a moderate posture with HTTPS enforced but missing key security headers and no visible incident response or vulnerability disclosure policies. There is no cookie consent banner, which is a compliance gap under GDPR. No tracking or advertising scripts are present, minimizing privacy risks. Contact information is clearly provided, enhancing trust. Overall, the website is safe, professional, and trustworthy, serving its educational purpose well. Strategic improvements in security headers, privacy compliance, and modernization of the technology stack would enhance its security posture and user experience.

Základní škola Vyškov, Morávkova 40, is a public primary educational institution in the Czech Republic providing comprehensive education for all grades. The school emphasizes critical thinking, individual approach, and a family-like environment to prepare students for the labor market. The website reflects a well-structured, content-rich platform targeting students, parents, and the local community. Technically, the site uses common web libraries such as jQuery, Owl Carousel, and Font Awesome, with moderate performance and good mobile optimization. Security posture is moderate with HTTPS implied but lacks advanced security headers and uses an outdated jQuery version, which could pose risks. Privacy compliance is partially met with a GDPR page but no cookie consent mechanism. The absence of WHOIS data reduces domain trustworthiness, though the site content and contact details appear legitimate. Overall, the site is functional and professional but could improve security and privacy practices.

R

Rostěnice, a.s.

rostenice.eu

40

Rostěnice, a.s. is a medium-sized agricultural production company based in the Czech Republic, specializing in farming, crop storage, biogas energy production, and fertilizer manufacturing through its subsidiary ACHP Slavkov, a.s. The company maintains a professional web presence with a focus on showcasing its operations and capabilities, targeting stakeholders in agriculture and energy sectors. Technically, the website uses standard web technologies including JavaScript, jQuery, Google Analytics, and YouTube embeds, but lacks modern CMS or advanced frameworks. The site is moderately optimized for performance and mobile use but could improve accessibility and SEO. Security posture is basic with HTTPS usage but missing security headers and privacy compliance mechanisms such as cookie consent or privacy policies. No forms or sensitive data collection are present, reducing immediate risk. WHOIS data is unavailable due to privacy protection, limiting domain trust verification. Overall, the website is functional and professional but would benefit from enhanced security and compliance features.

F

FRITZMEIER s.r.o.

fritzmeier.cz

35

FRITZMEIER s.r.o. is a well-established manufacturing company based in Vyškov, Czech Republic, specializing in the production of cabins, bodyworks, and safety frames primarily for agricultural, construction, and material handling machinery. With over 30 years of presence in the Czech market and a strong affiliation to the Fritzmeier Group, the company holds a significant position in its sector, supplying multiple European countries. The website reflects a professional business model focused on B2B manufacturing services with clear communication channels and corporate governance documents.

HESTEGO a.s. is a leading Czech engineering and manufacturing company specializing in machine covers, protective bellows, custom manufacturing, powder coating, and material cutting services. It serves key industrial sectors including manufacturing, energy, and transportation both domestically and internationally. The company positions itself as a reliable and innovative partner with a strong market presence. Technically, the website employs modern JavaScript libraries and analytics tools, ensuring good mobile responsiveness and user experience. Security posture is solid with HTTPS and anti-spam measures, though explicit security headers are not evident in the HTML source. Privacy compliance is robust with clear GDPR policies and cookie consent mechanisms. The absence of WHOIS data slightly impacts trust but the overall business credibility remains high. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining privacy best practices.

D

DOBEŠ-STAVBY s.r.o.

dobes-stavby.cz

41

DOBEŠ-STAVBY s.r.o. is a medium-sized Czech construction company specializing in building materials sales, construction works, equipment rental, earthworks, and transportation services. The company targets both B2B and B2C customers primarily in the Vyškov region. Their website reflects a solid regional market position with a comprehensive portfolio of services and references. Technically, the site is built on Kentico CMS with modern web technologies and includes standard analytics and marketing tools such as Google Analytics and Facebook integration. Security posture is moderate with some best practices like CSRF tokens but lacks explicit security headers and detailed security policies. Privacy compliance is addressed with a cookie consent banner and a privacy policy page, indicating GDPR awareness. Overall, the website is professional, trustworthy, and content-rich, supporting the company's business credibility.

A

Antreg, a.s.

antreg.cz

45

Antreg, a.s. is a Czech manufacturing company specializing in engineering technologies including CNC machining, production of tools, special lighting technology, and slaughtering devices. Established in 1996, the company serves industrial clients and has a solid market position with reputable customers such as Aero Vodochody, Tatra, and Honeywell. The website reflects a professional and consistent brand image with clear presentation of services and certifications such as ISO EN 9001. Technically, the site uses ASP.NET WebForms with jQuery and Google Maps API, indicating a mature but somewhat dated technology stack. Security posture is moderate with HTTPS implied and CSRF tokens present, but lacks explicit security headers and privacy policies. WHOIS data is missing, which raises some concerns about domain registration transparency. Overall, the site is functional, trustworthy, and business-focused but would benefit from improved privacy compliance and security hardening.

A

Agrostis Trávníky, s.r.o.

agrostis.cz

48

Agrostis Trávníky, s.r.o. is a well-established Czech company specializing in the production and distribution of grass seed mixtures, fertilizers, and related consulting services. Founded in 2002, it holds a leading position in the Czech and Slovak markets, serving both professional and consumer segments. The company emphasizes scientific research collaborations and offers a broad catalog of products tailored to various landscaping and agricultural needs. Technically, the website employs modern web technologies including Google Tag Manager and Google Analytics, with a custom CMS platform. The site is well-structured, mobile-optimized, and provides multiple contact channels, including a secure contact form. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though formal security policies and incident response contacts are absent. Overall, the website reflects a professional and trustworthy business presence with moderate tracking and good privacy compliance.

S

SolidVision, s.r.o.

solidvision.cz

40

SolidVision, s.r.o. is a leading Czech Republic-based authorized reseller and service provider specializing in 3D CAD/CAM software solutions, primarily SOLIDWORKS and SolidCAM. The company offers a comprehensive portfolio of services including software sales, certified training, technical support, digital transformation consulting, and 3D scanning services. Their market position is strong within the manufacturing and engineering sectors, supported by numerous certifications and strategic partnerships with industry leaders such as Dassault Systèmes and Helios ERP. The website reflects a mature digital presence with professional design, clear navigation, and extensive content tailored to their B2B audience. From a technical perspective, the website employs modern JavaScript libraries and multiple analytics and marketing tools, including Google Tag Manager, Microsoft Clarity, and Facebook Pixel, integrated with a GDPR-compliant cookie consent mechanism. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and security header implementation. Security posture is solid with HTTPS enforced and anonymized IP tracking in analytics, but lacks explicit security policy disclosures and some recommended HTTP security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies and multiple validated contact forms with user input validation. Overall, SolidVision demonstrates a high level of business credibility and digital maturity, with a trustworthy online presence suitable for their industry. Strategic recommendations include enhancing security headers, publishing a formal security policy, and continuing to monitor third-party scripts for vulnerabilities to maintain and improve their security posture.

S

STAEG Holding a.s.

staeg.cz

38

STAEG Holding a.s. is a Czech Republic based holding company specializing in real estate rental and management, accounting, auditing, and tax advisory services. The company operates multiple subsidiaries focused on construction, facility management, Slovakia operations, and solutions, positioning itself as a diversified regional player. The website reflects a professional and consistent brand image with clear business descriptions and contact information. Technically, the site uses a modern JavaScript stack including jQuery, Bootstrap, GSAP, and Google Maps API, supported by the Nette PHP framework, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement, GDPR-compliant cookie consent, email obfuscation, and multiple ISO certifications including ISO 9001, 14001, 45001, and NBÚ clearance. However, some security headers are missing and incident response contact details are not published. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations.

Vodovody a kanalizace Vyškov, a.s. is a regional utility company based in the Czech Republic providing water supply and sewage services primarily in the Vyškov area. The company maintains a professional website built on Drupal 11, offering customer portals, technical statements, outage notifications, and e-commerce functionality. The site is well-structured, mobile optimized, and provides clear contact information and business details. Security posture is solid with HTTPS enforced and no exposed sensitive data, though some improvements in security headers and incident response transparency are recommended. Privacy compliance is partially addressed with a GDPR page but lacks cookie consent mechanisms. Overall, the website reflects a trustworthy and credible business with a good digital presence.

A

AF themes

afthemes.com

45

AF themes is a specialized WordPress theme and hosting provider focused on news, magazine, and blog websites. Founded in 2018, the company offers a comprehensive platform including over 1,000 ready-made starter sites, premium and free themes, fully managed hosting, setup, migration, and expert growth consulting services. Their market position is strong within the independent publishing niche, powering over 200,000 websites worldwide. The business model revolves around theme/plugin sales, managed hosting, and consulting services tailored for independent publishers and small businesses.

Č

Česká společnost pro trénování paměti a mozkový jogging

trenovanipameti.cz

34

The website represents the Česká společnost pro trénování paměti a mozkový jogging, an educational institution founded in 1998 in the Czech Republic. It specializes in accredited memory training programs aimed at preventing cognitive decline in aging populations and other target groups. The organization offers courses for the public and certified memory trainers, maintaining a strong market position as the sole provider of such training in the country with international collaborations. Technically, the site is built on WordPress using the Divi theme, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. No WHOIS data was available, limiting domain trust analysis, but the website content and business information appear professional and credible. Overall, the site is safe, well-structured, and serves an educational purpose without any adult or questionable content.

R

Region Bílé Karpaty

regionbilekarpaty.cz

39

Region Bílé Karpaty is a non-profit association focused on the comprehensive development of the Zlín region and adjacent border microregions, emphasizing cross-border cooperation with Slovak partners. Established in 2000, it acts as a key regional development entity and founding member of the Euroregion Bílé - Biele Karpaty. The website provides information about the association's activities, contact details, and news updates relevant to regional stakeholders. Technically, the website uses a mix of older JavaScript libraries such as jQuery 1.7.2, Owl Carousel, Fancybox, and an outdated Google Maps API v2. The site is custom-built without a known CMS, hosted on Czech servers with REG-ACTIVE24 as registrar. Performance and mobile optimization are basic, with room for modernization and improved accessibility. Security posture is moderate; HTTPS is used, but no security headers or advanced protections are evident. The site lacks privacy and cookie policies despite using Google Analytics and Tag Manager, indicating GDPR compliance gaps. No incident response or vulnerability disclosure information is provided. Overall, the website is functional and credible for its purpose but requires improvements in privacy compliance, security headers, and modernization of technical components to enhance trust and security posture.

T

Thermona, spol. s r.o.

thermona.cz

49

Thermona, spol. s r.o. is a well-established Czech manufacturer specializing in gas condensing boilers, electric boilers, and heating system accessories. Operating since 1990, the company maintains a strong market position in the energy sector within the Czech Republic and neighboring regions. Their website reflects a professional and comprehensive digital presence, offering detailed product information, multiple contact forms, and a network of certified installation and service partners. The company emphasizes quality, reliability, and customer satisfaction through extended warranty programs and accessible support channels. Technically, the website is built on an ASP.NET WebForms platform with a modern yet somewhat dated technology stack including jQuery 1.11.3 and Bootstrap 3.3.5. The site is mobile-optimized, SEO-friendly, and integrates various third-party libraries for enhanced user experience such as Google Fonts, Font Awesome, and Google Maps API. Performance is moderate, with room for modernization particularly in updating JavaScript libraries. From a security perspective, the site enforces HTTPS and employs CAPTCHA on forms to mitigate spam. Privacy and cookie policies are comprehensive and GDPR compliant, with explicit user consent mechanisms. However, the absence of explicit security headers like Content-Security-Policy and X-Frame-Options suggests opportunities for strengthening security posture. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website presents a trustworthy and professional image with strong business credibility. The main limitation is the lack of WHOIS data, which slightly reduces domain trustworthiness. Strategic recommendations include updating JavaScript libraries, enhancing HTTP security headers, and verifying domain registration details to improve overall trust and security.

IMMERGAS is a well-established Czech company specializing in manufacturing and selling high-quality gas boilers and heating solutions, including heat pumps and air conditioning. The company has a strong market presence in the Czech Republic with over 50 years of tradition and a large service network. Their website reflects a professional business with clear product offerings and customer support channels. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and Google services, with a CMS likely based on the Nette framework. Security posture is good with HTTPS and cookie consent mechanisms, though improvements in security headers and incident response documentation are recommended. Overall, the website is trustworthy, compliant with GDPR, and provides a positive user experience.

The domain dlwordpress.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block page. This indicates that the website is protected by Cloudflare's security services and that the visitor's request triggered a security rule, resulting in a block. Due to this, no actual website content, business information, or user-facing features are accessible for analysis. The domain registration data shows a legitimate registration with Porkbun LLC since 2018 and a long expiry date in 2030, suggesting a stable domain ownership. However, the lack of DNSSEC and absence of accessible content limits the ability to assess the website's business model, services, or compliance posture. The website currently does not expose any privacy policies, cookie consent mechanisms, or contact information, which are critical for compliance and trust.

Futurama Business Park is a well-established commercial real estate property located in Prague, Czech Republic, managed by SAFICHEM INVEST, a.s. The website presents a professional image emphasizing office space leasing, sustainability, and clean energy generation. The property consists of multiple office buildings with landscaped gardens and modern amenities, targeting business tenants seeking quality office environments. Technically, the website uses modern web technologies including jQuery, Google Analytics, and Google reCAPTCHA to enhance user experience and security. The security posture is solid with HTTPS and spam protection on forms, though there is room for improvement in security headers and explicit incident response policies. Overall, the site is trustworthy, well-maintained, and compliant with privacy regulations, making it a reliable source for prospective tenants and partners.

The website www.poluscitycenter.sk operates as a health and wellness blog named 'Libido center', focusing on topics related to libido enhancement, healthy lifestyle, and diet advice. It targets a general audience interested in improving their sexual health and overall well-being. The business model is content-driven, relying on informational articles without evident e-commerce or service sales. The site is relatively small and localized to Slovakia, with content dating back to 2020. Technically, the site is built on WordPress with common plugins such as Yoast SEO and jQuery libraries. It uses HTTPS with a good SSL configuration, but lacks advanced security headers. The site is moderately optimized for performance and mobile devices, with basic accessibility features. SEO is supported by meta tags and structured data, enhancing search visibility. From a security perspective, the site benefits from HTTPS but lacks security headers and formal privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is present. The site does not appear to use tracking or advertising networks, minimizing privacy risks but also limiting monetization transparency. Overall, the website presents a moderate risk profile with room for improvement in privacy compliance and security hardening. The content is safe for general audiences, and the domain registration data aligns well with the website's purpose and geography, supporting legitimacy.

R

ROBERT DIAMONDS s.r.o.

diamond-textil.sk

44

ROBERT DIAMONDS s.r.o. operates diamond-textil.sk, an e-commerce website specializing in hotel textiles including towels, bathrobes, mattresses, bed linens, and hotel furniture. The company targets hospitality businesses and wholesale buyers primarily in Slovakia. The website presents a professional and consistent brand image with clear contact information and legal disclosures, supporting its credibility in the retail and hospitality sectors. Technically, the site uses a custom or proprietary CMS platform with common JavaScript libraries such as jQuery and Slick Carousel, hosted on Websupport infrastructure. While the site is mobile-optimized and offers a good user experience, some outdated libraries and lack of advanced security headers present moderate technical risks. Security posture is adequate with HTTPS and cookie consent mechanisms in place, but could be improved by updating libraries and implementing security headers. Privacy compliance is basic but present, with GDPR and cookie policies accessible. Overall, the domain registration data aligns well with the business, indicating legitimacy and a trustworthy online presence.

P

PENAM SLOVAKIA, a.s.

baker-street.sk

48

Baker Street is a Slovak premium bakery brand operated by PENAM SLOVAKIA, a.s., specializing in sourdough breads and bakery products crafted with traditional methods and quality ingredients. The website presents a professional and content-rich platform targeting general consumers interested in artisanal bakery goods. Technically, the site is built on WordPress, leveraging modern web technologies including Google Analytics, Tag Manager, and Google Maps, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the domain registration and business information are consistent and trustworthy, supporting a medium-sized retail business with a clear market position in Slovakia.