Security Directory

C

CENTRUM NÁBYTKU MAXI ORION, s.r.o.

maxiorion.cz

52

CENTRUM NÁBYTKU MAXI ORION, s.r.o. is a well-established Czech furniture retailer with over 20 years of experience, operating both a large physical store in Olomouc and an online e-commerce platform. The company specializes in a wide range of furniture including living rooms, kitchens, bedrooms, office furniture, and accessories, targeting local households and businesses. Their business model combines traditional retail with digital sales and customer support, offering services such as free 3D kitchen design and installment payment options. The website reflects a consistent brand presence and provides clear contact information and customer service channels. Technically, the website uses common web technologies including jQuery, Slick Carousel, Google Tag Manager, and Facebook Pixel for marketing and analytics. The site is mobile-optimized with moderate performance and basic SEO and accessibility features. The content is well organized and professionally presented, supporting a positive user experience. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR requirements. However, it lacks published security policies, incident response contacts, and security.txt files, which are recommended for improved transparency and vulnerability management. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website and business demonstrate a solid and trustworthy online presence with room for improvement in formal security documentation and enhanced accessibility. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

P

P&F Company s.r.o.

pfcompany.cz

46

P&F Company s.r.o. is a Czech-based professional services company specializing in outsourcing solutions related to event management, car fleet management, and human resources resourcing. The company positions itself as a trusted partner offering senior expertise to improve business operations, targeting corporate clients requiring reliable outsourcing services. The website reflects a mature digital presence with a professional design, responsive layout, and clear navigation, supporting a positive user experience. Technically, the website employs modern JavaScript libraries such as jQuery, Slick Carousel, and PhotoSwipe, alongside Google Analytics for visitor tracking. The site is served over HTTPS with good SSL configuration, although explicit security headers are not detected. Cookie consent mechanisms are implemented, indicating awareness of privacy compliance, but a dedicated privacy policy page is missing. From a security perspective, the company demonstrates strong information security management through certifications like ISO 27001 and TISAX. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. No critical vulnerabilities or exposed sensitive data were identified in the website content. Overall, the security posture is good but could be improved with enhanced security headers and published incident response contacts. The overall risk assessment suggests a generally trustworthy and professional business website with minor gaps in privacy documentation and domain registration transparency. Strategic recommendations include publishing a privacy policy, adding security headers, and providing clear contact information to enhance trust and compliance.

S

STAVOSPOL s. r. o.

stavospol.cz

47

STAVOSPOL s. r. o. is a Czech Republic-based company established in 1991 specializing in the retail and distribution of building materials and related services. The company operates a network of four stores in key Moravian cities, offering a comprehensive range of construction supplies and tools. Their website reflects a regional retail business with a focus on construction materials and customer service. Technically, the website employs modern JavaScript libraries such as jQuery and Slick Carousel, uses HTTPS, and includes basic SEO and accessibility features. However, the absence of WHOIS data and explicit security headers suggests areas for improvement in transparency and security. The site includes privacy and cookie policies with consent mechanisms, indicating compliance with GDPR requirements. Overall, the business presents a professional online presence with clear contact information and social media engagement, but would benefit from enhanced security practices and domain registration transparency.

T

TRANS – TECHNIK spol. s r.o.

trans-technik.cz

44

TRANS – TECHNIK spol. s r.o. is a Czech-based supplier specializing in parts for truck bodies, fastening materials, riveting tools, adhesives, and industrial chemicals. The company targets B2B customers in the transportation and manufacturing sectors, offering a comprehensive product catalog and multilingual website support. Their market position appears stable within the Czech Republic and neighboring countries, supported by partner sites in Romania and Poland. The website is professionally designed with clear navigation and product categorization, supporting a good user experience.

Z

ZNOVÍN ZNOJMO, a. s.

znovin.cz

50

ZNOVÍN ZNOJMO, a. s. is a medium-sized Czech company specializing in the production and retail of traditional Moravian wines. The company operates a comprehensive e-commerce platform offering a wide range of wines, complemented by wine tourism services and loyalty programs. Their market position is that of an established regional wine producer with a focus on quality and customer engagement. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for wine consumers and tourists. Technically, the site uses modern JavaScript libraries and tracking tools, with good SEO and accessibility practices. Security posture is solid with HTTPS enforcement and age verification for alcohol sales, though some security headers and explicit policies could be improved. Privacy compliance is well addressed with cookie consent and a privacy policy. Overall, the business demonstrates credibility and trustworthiness with clear contact information and social media presence.

W

William H. Coleman, Inc.

cancuntravelmart.com

45

Cancun Travel Mart is a well-established tourism event organizer specializing in connecting international tour operators and buyers with suppliers from Cancun and other Mexican destinations. Managed by William H. Coleman, Inc., the event has a strong market position as a premier Mexican Caribbean tourism business development platform with over three decades of history. The website reflects a professional digital presence built on WordPress with Elementor, featuring good design quality, clear navigation, and mobile optimization. However, it lacks critical privacy and cookie policies, which are important for compliance and user trust. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and formal security policies. Contact information is comprehensive and transparent, enhancing business credibility.

F

Foursquare

swarmapp.com

62

Swarm by Foursquare is a well-established location-based social networking service that enables users to check in and track places. The company has a strong market presence with a mobile app available on iOS and Android platforms. The website is professionally designed, mobile-optimized, and uses modern web technologies including WordPress and Yoast SEO. Privacy and terms of service pages are present and comprehensive, indicating good compliance with data protection regulations such as GDPR. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers are missing. No incident response or vulnerability disclosure policies are publicly available. Overall, the website is trustworthy, safe, and provides a good user experience.

A

artEcho, s.r.o.

earch.cz

48

EARCH.cz is a Czech online magazine focused on architecture, design, and technology, operated by artEcho, s.r.o. The website offers a rich variety of content including articles, videos (EARCH.tv), job listings, and a catalog of firms and products related to the architecture industry. It maintains partnerships with several industry players, enhancing its market position as a reputable media outlet in the Czech Republic. The site targets architects, designers, and enthusiasts interested in modern architecture and related technologies. Technically, the website employs a modern technology stack including Laravel Livewire, Google Tag Manager, Google Adsense, and Plausible Analytics. The site is mobile-optimized with good SEO practices and moderate performance. However, some security headers are missing, and there is no visible cookie consent mechanism, which could be improved for better privacy compliance. From a security perspective, the site uses HTTPS with CSRF protection on forms, but lacks published security policies, incident response contacts, or vulnerability disclosure information. The absence of WHOIS data for the domain reduces trustworthiness and raises questions about domain registration legitimacy. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional and trustworthy in content and design but would benefit from enhanced security headers, explicit privacy and cookie consent mechanisms, and transparency in domain registration. Strategic improvements in these areas would strengthen its security posture and compliance with GDPR requirements.

V

Via Aurea, s.r.o.

cityone.cz

49

CityOne is a Czech Republic-based platform operated by Via Aurea, s.r.o., focused on smart city solutions, projects, and expert networking. The website serves as a marketplace and information hub for smart city initiatives, covering sectors such as energy, transportation, ICT, and public services. It targets municipalities, urban planners, technology providers, and citizens interested in smart city development. The platform offers project showcases, product listings, expert profiles, news articles, and event calendars, facilitating collaboration and knowledge sharing in the smart city ecosystem. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Google Analytics, Google reCAPTCHA, and Google Maps API. The site is mobile-optimized with good navigation and content structure, though it appears to use a custom or proprietary CMS. Performance is moderate, and accessibility features are basic. Security best practices such as HTTPS and cookie consent mechanisms are implemented, but security headers are not detected, indicating room for improvement. From a security perspective, the site shows a good posture with encrypted connections and form protections via reCAPTCHA. However, the absence of WHOIS registrant data and lack of explicit privacy and security policies reduce overall trust. No vulnerabilities or malicious content were detected. Privacy compliance is partially addressed through cookie consent, but no dedicated privacy policy page was found. Overall, CityOne presents a professional and trustworthy platform for smart city stakeholders, but it would benefit from enhanced transparency in domain registration, explicit privacy and security policies, and improved security header implementation to strengthen its security posture and compliance.

S

Správa železnic, státní organizace

spravazeleznic.cz

60

Správa železnic is a Czech state organization responsible for managing the national railway infrastructure. The website serves multiple audiences including passengers, suppliers, contractors, and job seekers, providing comprehensive information about projects, services, and organizational structure. The site is well-structured with clear navigation and multilingual support, reflecting a mature digital presence. Technically, the website is built on the Liferay CMS platform and utilizes modern JavaScript libraries such as jQuery, Slick Carousel, and Unite Gallery. It integrates analytics and marketing tools including Google Analytics, Google Tag Manager, and Facebook Pixel, indicating a focus on user engagement and data-driven insights. The site is mobile-optimized and performs moderately well. From a security perspective, the site enforces HTTPS and includes privacy and cookie policies compliant with GDPR. However, no explicit security headers were detected in the provided data, and no vulnerability disclosure or security.txt files were found. The absence of WHOIS data limits domain trust verification, but the official nature and content quality suggest legitimacy. Overall, the website presents a professional and trustworthy digital front for a major government transportation entity, with room for improvement in security header implementation and domain registration transparency.

The International Testing Agency (ITA) is a specialized organization dedicated to managing independent anti-doping programs for international sports federations, major event organizers, and other anti-doping bodies. Established in 2018 and based in Switzerland, ITA positions itself as a global leader in promoting fairness and integrity in sports through comprehensive testing, education, and regulatory compliance services. The website reflects a professional and authoritative presence with extensive information about their services, partnerships, and educational initiatives targeting athletes and sports organizations worldwide. Technically, the site is built on WordPress with a modern tech stack including jQuery, Google reCAPTCHA, and SEO optimizations, hosted with Cloudflare DNS services. Security posture is solid with HTTPS and anti-bot protections, though some improvements are recommended such as enabling DNSSEC and adding security headers. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Overall, the site demonstrates high business credibility and trustworthiness, supported by partnerships with major sports and anti-doping organizations.

I

International Board on Books for Young People

ibby.org

51

The International Board on Books for Young People (IBBY) is a well-established non-profit organization dedicated to promoting children's literature and reading worldwide. The website reflects a professional and consistent brand presence, offering information about awards, activities, and global partnerships. The organization targets an international audience of educators, authors, and reading promoters. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and is mobile-optimized, though performance is moderate. Security posture is adequate with HTTPS and IP anonymization in analytics, but lacks explicit security headers and privacy/cookie policies. Overall, the site is trustworthy and credible, with clear contact details and social media presence, though improvements in privacy compliance and security hardening are recommended.

The International Federation of Library Associations and Institutions (IFLA) operates as a globally recognized non-profit organization dedicated to supporting libraries and information professionals worldwide. Their website serves as a comprehensive platform for advocacy, professional development, events, and resources, positioning IFLA as a leading voice in the library sector. The organization targets library associations, institutions, and professionals, offering membership benefits and fostering global collaboration. Technically, the website is built on WordPress and leverages modern web technologies including jQuery, Slick Carousel, Google Tag Manager, and Hotjar for analytics and user experience enhancement. Hosting and CDN services appear to be provided by Cloudflare, ensuring reliable performance and security. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and employs best practices such as asynchronous loading of analytics scripts. However, there is room for improvement in implementing comprehensive security headers and publishing explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected, indicating a solid security posture. Overall, the website is professional, trustworthy, and safe for general audiences. The lack of WHOIS data due to privacy protection is typical for organizations of this nature and does not detract from the site's legitimacy. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and improving transparency around incident response.

M

Ministerstvo životního prostředí

mzp.cz

65

The website represents the official Ministry of Environment of the Czech Republic, providing comprehensive information and services related to environmental protection, climate, water, air quality, and waste management. It serves a broad audience including citizens, government officials, media, and environmental professionals. The site is well-structured, professionally designed, and regularly updated, reflecting a strong market position as a national government entity. Technically, the site is built on Drupal 10 CMS with modern frontend frameworks such as Bootstrap and Slick Carousel. It integrates Piwik PRO for analytics, ensuring moderate user tracking with GDPR-compliant cookie consent mechanisms. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data. However, it lacks explicit security policy and incident response pages, and no security.txt file was found. The WHOIS data is unavailable, which is typical for Czech government domains, but the domain's legitimacy is supported by the .gov.cz TLD and official content. Overall, the site demonstrates a mature digital presence with strong business credibility and good security posture. Strategic recommendations include publishing vulnerability disclosure and incident response information, and maintaining regular security audits of third-party scripts.

I

INTERMAPS AG & GmbH

intermaps.com

64

INTERMAPS AG & GmbH is a well-established media and technology company specializing in digital mapping and app development for the tourism and travel industries, particularly focusing on ski resorts and cable car operators. With a domain age dating back to 1997 and over 200 clients across 15 countries, the company holds a strong market position in its niche. Their product portfolio includes dynamic skimaps, mobile and desktop apps, data management solutions, and analytics tools tailored for the tourism sector. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and various plugins for enhanced user experience and interactivity. Google Analytics and Google Tag Manager are used for tracking, indicating a moderate level of user data collection. The site is mobile-optimized and well-structured, though some improvements in accessibility and SEO could be made. Hosting and domain registration are stable, with no privacy protection but lacking DNSSEC. From a security perspective, the site uses HTTPS but lacks visible security headers and a cookie consent mechanism, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response plan suggests room for maturity in security governance. GDPR compliance is partially indicated by the presence of a privacy policy, but cookie consent is missing. Overall, the website is professional, trustworthy, and business-focused with a good security posture but some compliance and security best practices gaps. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent, and publishing security policies to enhance trust and compliance.

E

Eurogas

eurogas.org

75

Eurogas is a European industry association representing the gas wholesale, retail, and distribution sectors. The organization focuses on promoting gas as a sustainable energy source and advocates for its members' interests within the European energy market. The website reflects a professional and consistent brand presence, targeting industry stakeholders and policymakers. The business model centers on policy advocacy, market analysis, and industry representation. The site content is relevant and well-structured, supporting the organization's mission and services. Technically, the website is built on WordPress using the Divi theme, enhanced with plugins such as Gravity Forms and Cookiebot for consent management. It integrates Google Analytics for traffic analysis and employs modern web technologies including jQuery and slick carousel. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with room for improvement in loading speed and accessibility. From a security perspective, the site enforces HTTPS with excellent SSL configuration and implements a comprehensive cookie consent mechanism via Cookiebot. However, it lacks explicit HTTP security headers and does not publish security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data is privacy protected, which is typical for such organizations and does not raise immediate concerns. Overall, Eurogas's website presents a trustworthy and professional digital presence with solid privacy compliance and security posture. Strategic recommendations include enhancing security headers, publishing security and incident response policies, improving accessibility, and maintaining regular audits of third-party scripts to sustain security and compliance standards.

Č

Český telekomunikační úřad

ctu.cz

56

Český telekomunikační úřad (ČTÚ) is the official Czech government regulatory authority responsible for telecommunications, postal services, and radio spectrum management. The website serves as a comprehensive portal for consumers, businesses, and government entities, providing regulatory information, consumer protection resources, and access to various public services. The site is well-branded, professionally designed, and offers content in Czech and English, targeting a broad audience including consumers and industry stakeholders. Technically, the site is built on Drupal CMS with a modern tech stack including jQuery, Bootstrap, and Google APIs, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit security policies could be improved. WHOIS data is unavailable likely due to registry policies, but the domain's .gov.cz extension and consistent official content strongly indicate legitimacy. Overall, the website is a trustworthy, professional government resource with good compliance and technical maturity.

S

Studio Virtualis s.r.o.

virtualis.cz

47

Studio Virtualis s.r.o. is a small, family-owned web and graphic design studio based in Olomouc, Czech Republic, operating since 2000. The company specializes in professional web design, e-commerce solutions, branding, marketing, and web hosting services, targeting small and medium-sized businesses primarily in the local region. Their website reflects a consistent and professional brand image with clear service offerings and client references. Technically, the site uses a modern but somewhat dated technology stack including jQuery 1.11.3, Bootstrap, and Google services for analytics and tag management. Security posture is generally good with HTTPS enforced and reCAPTCHA integration; however, the absence of advanced security headers and use of an older jQuery version present moderate risks. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a detailed privacy policy in Czech. The lack of WHOIS data for the domain reduces trustworthiness and suggests a need for further verification of domain registration status. Overall, the website is professional, user-friendly, and compliant with privacy regulations, but could improve security hardening and transparency around domain registration.

A

Akademie věd České republiky

avcr.cz

59

Akademie věd České republiky is a prominent public non-university research institution in the Czech Republic, focusing on scientific research, public education, and technology transfer. The website serves as a comprehensive portal for news, events, publications, and multimedia content related to the academy's activities. It targets scientists, educators, students, media, and the general public interested in science and research. The institution holds a leading position in the Czech scientific community, offering a broad range of services including research support, international cooperation, and public outreach.

České dráhy, a.s. operates as the national railway company of the Czech Republic, providing comprehensive passenger rail services including ticket sales, travel planning, and specialized train offerings such as EuroCity and Railjet. The website www.cd.cz serves as a primary digital platform for customers to access schedules, purchase tickets, and obtain travel information. The site is professionally designed with clear navigation and mobile optimization, targeting general travelers within the Czech Republic and neighboring regions. From a technical perspective, the website employs modern JavaScript libraries, Google Tag Manager for analytics, and interactive UI components such as autocomplete and carousels. The site is served over HTTPS with secure login forms and cookie consent mechanisms, indicating a mature digital infrastructure. However, some security headers are not explicitly detected, and no public security policy or incident response contact is published. Security posture is generally strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with accessible privacy and cookie policies, and GDPR compliance is indicated. The absence of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given the official branding and contact information. Overall, the website presents a trustworthy and functional digital presence for a major transportation provider, with recommendations to enhance security headers and publish vulnerability disclosure information to further strengthen trust and compliance.

I

ISOTRA a.s.

isotra.ae

54

ISOTRA a.s. is a well-established Czech manufacturer specializing in high-quality interior and exterior shading products including blinds, pergolas, awnings, and insect screens. Founded in 1992, the company has a strong international presence, exporting to 46 countries and selling millions of products. Their focus on energy efficiency and environmental friendliness positions them as a technological leader in their industry. The website is professionally designed, mobile-optimized, and provides clear contact information, although it lacks explicit privacy and security policies. Technically, the site uses modern JavaScript libraries and has moderate performance and SEO optimization. Security posture is moderate with HTTPS implied but missing explicit security headers and policies. Overall, the site is trustworthy and business credible but could improve in privacy compliance and security transparency.

I

ISOTRA a.s.

isotra.com

54

ISOTRA a.s. is a well-established manufacturer specializing in high-quality interior and exterior shading products including blinds, roller blinds, pergolas, awnings, and insect screens. With over 30 years of market presence and exports to nearly 50 countries, ISOTRA positions itself as a technological leader in the shading industry, focusing on innovation and in-house production capabilities. The company targets both B2B partners and end customers, offering customized shading solutions and related services such as component production and coating. Technically, the website employs modern JavaScript libraries such as jQuery, Modernizr, and Slick Carousel, along with Google Tag Manager and Analytics for tracking. The site is mobile-optimized with good SEO practices and accessibility features, though some improvements in security headers and accessibility could be made. The presence of cookie consent and a comprehensive privacy policy indicates a strong commitment to GDPR compliance. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms but lacks visible security headers in the provided data. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is notably missing, which raises some concerns about domain registration transparency, though the professional website and business certifications mitigate this risk. Overall, ISOTRA presents a professional, trustworthy online presence with strong business credibility and technical maturity. The main risk lies in the incomplete WHOIS data, which should be investigated further to ensure domain legitimacy and ownership transparency.

I

ISOTRA a.s.

isotra.sk

51

ISOTRA a.s. is a well-established Czech manufacturer specializing in custom interior and exterior shading solutions including blinds, roller shutters, pergolas, and awnings. With over 20 years of experience and a strong international presence exporting to nearly 50 countries, ISOTRA positions itself as a technological leader in the shading industry. The company emphasizes in-house development and production capabilities, including owning tool shops and powder coating facilities, which supports their high-quality product offerings. Their website reflects a professional and comprehensive digital presence with multi-language support and detailed product information targeting both B2B and end consumers. Technically, the website employs modern JavaScript libraries such as jQuery, Modernizr, and Slick Carousel, alongside Google Tag Manager and Analytics for marketing and tracking. The site is mobile-optimized with good SEO and accessibility basics, though some accessibility improvements could be made. Security-wise, the site enforces HTTPS, uses cookie consent banners compliant with GDPR, and disables right-click context menus for basic content protection. However, it lacks explicit security policy pages and incident response contacts, which are recommended for enhanced transparency and trust. Overall, ISOTRA's website demonstrates a mature digital infrastructure with strong branding, clear contact channels, and trust signals such as certifications and awards. The security posture is solid but could benefit from additional headers and published policies. Privacy compliance is well addressed with comprehensive cookie and privacy policies. The risk profile is low with no suspicious content or vulnerabilities detected. Strategic recommendations include publishing a dedicated security policy, adding incident response contact details, enhancing security headers, and improving accessibility features. These steps will further strengthen ISOTRA's digital trustworthiness and compliance posture.

U

UIAA

theuiaa.org

49

The UIAA website represents the International Climbing and Mountaineering Federation, a globally recognized non-profit organization dedicated to promoting safety, sustainability, and community in mountain sports. The site offers comprehensive resources including safety standards, training, event calendars, and member directories, positioning UIAA as a central authority in the mountaineering sector. The website is well-designed, mobile-optimized, and rich in relevant content, targeting climbers, mountaineers, and affiliated organizations worldwide. Technically, the site is built on WordPress with modern plugins and libraries such as WPBakery Page Builder, Ultimate VC Addons, and Google Analytics integration. It demonstrates good SEO practices, mobile responsiveness, and moderate performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response policies could be enhanced. No blocking or WAF challenges were detected, allowing full content access. WHOIS data is privacy protected, which is typical for non-profit organizations, and does not detract from the site's legitimacy given the professional presentation and consistent branding. The site maintains GDPR compliance with clear privacy and cookie policies. Overall, the UIAA website is a trustworthy, professional platform serving its community effectively, with recommendations to strengthen security headers and publish vulnerability disclosure information to further enhance trust and compliance.

A

Auto Podbabská

autopodbaba.cz

53

Auto Podbabská is a well-established automotive dealership and authorized service provider based in Prague, Czech Republic, specializing in Volkswagen and Škoda vehicles. With a 50-year history, the company offers a comprehensive range of services including new and used vehicle sales, authorized servicing, operational leasing, and sales of original parts and accessories. The website reflects a professional and consistent brand image targeting both individual consumers and corporate clients in the transportation sector. Technically, the site uses a moderate tech stack with jQuery, Google Fonts, and slick carousel, hosted by HomeAtCloud.cz, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms in place, though some security headers and updates to libraries could improve resilience. Overall, the site is trustworthy, compliant with GDPR, and provides multiple contact channels including emails dedicated to data protection and compliance. No critical vulnerabilities or suspicious content were detected.

S

SINGING ROCK s.r.o.

singingrock.cz

48

SINGING ROCK s.r.o. is a Czech-based company specializing in the manufacturing and retail of climbing and professional safety equipment. The company maintains a strong market position with an international presence, offering products such as harnesses, helmets, and fall arrest devices. Their website targets climbers and professionals working at heights, providing product information, community engagement, and B2B sales channels. The business model combines manufacturing with direct retail and wholesale distribution. Technically, the website employs a modern tech stack including jQuery, Slick Carousel, and Google Analytics for tracking. The site is mobile optimized with good navigation and content quality. While no CMS is explicitly detected, the site uses standard web technologies and scripts to deliver a responsive user experience. Performance is moderate with room for improvement in SEO and accessibility. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks visible security headers and does not provide explicit incident response or vulnerability disclosure information. No vulnerabilities or exposed sensitive data were detected in the HTML content. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the website presents a professional and trustworthy front for SINGING ROCK s.r.o., with good content quality and compliance practices. Strategic improvements in security headers, incident response transparency, and SEO could enhance the site's security posture and digital maturity.

D

Úvod - 10000 kroků ke zdraví

desettisickroku.cz

48

The website www.desettisickroku.cz represents a Czech health and urban mobility initiative focused on promoting walking as a healthy lifestyle and community engagement activity. It targets individuals, cities, schools, companies, and partners to participate in walking challenges, fostering positive health and environmental changes. The site is professionally designed with consistent branding and features numerous partners and ambassadors, indicating a well-established presence in its sector. Technically, the site uses a modern tech stack including jQuery, Bootstrap, and various JavaScript libraries, with good mobile optimization and moderate performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers are missing and older jQuery versions are used, which could be updated for improved security. Privacy compliance is good, with clear cookie policies and GDPR-aligned consent. However, WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trustworthiness but is mitigated by the professional site content and partner endorsements. Overall, the site is a credible, well-maintained platform supporting a public health cause.

6

6K spol. s r.o.

6k.cz

50

6K spol. s r.o. is a Czech company specializing in modular accounting and economic software solutions tailored for small and medium-sized businesses and accounting firms. Established in 1992, the company offers a suite of software modules including accounting, invoicing, payroll, asset management, and inventory control, complemented by services such as installation, training, and customer support. The company maintains a strong market presence with over 1000 satisfied clients and notable references including KPMG and BDO. Technically, the website employs a modern JavaScript stack with various libraries and integrates third-party services for analytics and customer engagement. Security posture is moderate with HTTPS usage and cookie consent implemented, but lacks comprehensive security headers and published security policies. The absence of WHOIS data and a privacy policy page presents compliance and trust challenges. Overall, the website is professional, user-friendly, and content-rich, supporting the company's credibility in the accounting software market.

M

Ministerstvo životního prostředí

env.cz

64

The website mzp.gov.cz is the official online presence of the Czech Ministry of the Environment, providing comprehensive information and services related to environmental protection, sustainable development, and public administration. It serves a broad audience including the general public, government officials, media, and stakeholders interested in environmental issues. The site is well-structured with clear navigation, rich content, and multiple communication channels including social media and newsletters. Technically, the site is built on Drupal 10, leveraging modern web technologies such as Bootstrap for responsive design and Piwik PRO for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security is robust with HTTPS enforced and standard security headers present. Cookie consent mechanisms and privacy policies are implemented in compliance with GDPR. The security posture is strong with no visible vulnerabilities or exposed sensitive data. However, the absence of publicly available WHOIS data limits transparency, though this is common for government domains. Overall, the site is trustworthy, professional, and secure, fulfilling its role as a government information portal effectively. Strategic recommendations include publishing explicit security policies and incident response information, adding a security.txt file for vulnerability disclosures, and maintaining regular audits of third-party scripts to ensure ongoing security compliance.

The website mojevizenula.cz represents a Czech non-profit initiative named 'Moje vize nula' focused on reducing road fatalities and serious injuries through an annual student competition. The project is organized by Tým silniční bezpečnosti and Platforma VIZE 0, with co-financing from the Czech Insurance Bureau's damage prevention fund. The site provides information about the competition, project registration, mentoring, and contact details for coordinators. It targets students, educators, and road safety professionals, aiming to foster innovative projects that improve traffic safety. Technically, the site uses modern JavaScript libraries such as jQuery, Foundation, Slick Carousel, and Lightbox2, with Google Analytics and Facebook Pixel integrated for analytics and marketing, controlled by a cookie consent mechanism that defaults to denying tracking until user consent. Security posture is moderate with no visible security headers or published security policies, and no vulnerability disclosure mechanisms are present. The domain registration is consistent and transparent, supporting the legitimacy of the project. Overall, the website is professionally designed, content-rich, and trustworthy, though it lacks some formal privacy and security documentation.

R

RENGL, s.r.o.

rengl.cz

43

RENGL, s.r.o. operates a large network of poster advertising sites across Czech Republic, Slovakia, and Poland, offering poster posting and printing services. The company targets businesses and organizations seeking outdoor advertising solutions, positioning itself as a leading regional provider with a network of 5,000 poster sites in 170 cities. The website is professionally designed, mobile optimized, and provides clear service descriptions and contact information. Technically, the site uses modern JavaScript libraries for UI enhancements but lacks some advanced security headers and cookie consent mechanisms. The WHOIS data is missing, which reduces domain trust, but the website content and contact details appear legitimate and consistent with the business claims. Overall, the site scores well on content quality and business credibility but could improve privacy compliance and security posture.

Tým silniční bezpečnosti (TSB) is a Czech non-profit organization operating under Bezpečně na silnicích o.p.s. since 2010, focused on reducing serious traffic accidents through preventive programs and educational activities. The organization targets a broad audience including children, seniors, and cyclists, delivering road safety education and awareness campaigns. The website reflects a well-established brand with multiple projects and partnerships with reputable entities such as Škoda Auto and the Czech Police. Technically, the site uses modern web technologies including jQuery, Foundation framework, and integrates Google Analytics and Facebook Pixel for analytics and marketing purposes. The site is mobile-optimized and provides a cookie consent mechanism compliant with GDPR principles, although explicit privacy and terms of service documents are not found. Security posture is good with HTTPS enforced and consent revocation scripts, but lacks visible security headers and formal incident response information. Overall, the domain registration aligns with the organization's profile, supporting legitimacy and trustworthiness.

S

Sladký Méďa s.r.o.

sladkymeda.cz

46

Sladký Méďa s.r.o. operates a confectionery and café business located in Olomouc, Czech Republic, with a strong local presence and over a decade of experience. The company offers a variety of freshly made pastries, macarons, savory snacks, and specialty coffee, complemented by family-friendly amenities such as a children's play area and outdoor seating. They also provide custom cake orders for special occasions, positioning themselves as a trusted local hospitality provider. Technically, the website is built on a modern stack including jQuery, Bootstrap, and Google services, managed via the Eliška CMS platform. The site is mobile-optimized and includes essential SEO and accessibility features. Security-wise, the site enforces HTTPS, uses Google reCAPTCHA v3 for form protection, and implements a cookie consent mechanism compliant with GDPR. However, the absence of WHOIS registration data and missing security headers slightly reduce trustworthiness. Overall, the website is professional, secure, and user-friendly, serving its target audience effectively.

M

Martin Šlajs

financeprostejov.cz

51

The website www.financeprostejov.cz represents a small regional financial advisory and real estate business operated by Martin Šlajs, focusing on personalized financial services including loans, insurance, investments, and real estate transactions primarily in the Czech Republic and Spain. The site is professionally designed with clear navigation and comprehensive content tailored to its target audience of individuals and businesses seeking financial guidance in the Prostějov and Olomouc regions. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and Google services including Analytics and reCAPTCHA, ensuring a functional and user-friendly experience with good mobile optimization. Security posture is solid with HTTPS enforced and anti-bot measures on forms, though some security headers could be improved. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which should be verified to ensure trustworthiness. Overall, the site is a credible and professional digital presence for a small financial services business.

L

LIXUS TECHNIK s.r.o.

sekacky-morava.cz

50

LIXUS TECHNIK s.r.o. operates a professional website focused on the sale and servicing of advanced robotic lawn mowers, including brands like Segway Navimow and Mammotion. The company positions itself as the largest seller of robotic mowers without boundary wires in Northern Moravia, targeting consumers and businesses seeking smart lawn care solutions. Their business model includes retail sales, rentals, demonstrations, and installation services, supported by a physical showroom in Ostrava. Technically, the website employs modern web technologies such as Bootstrap, jQuery, Google reCAPTCHA, and Google Analytics, indicating a mature digital infrastructure. Security measures include HTTPS enforcement and spam protection on forms, though additional HTTP security headers and a dedicated security policy page would enhance their posture. The absence of WHOIS registration data is a notable gap, reducing domain trustworthiness despite the professional presentation and clear contact information. Overall, the website is well-designed, user-friendly, and compliant with GDPR cookie consent requirements, reflecting a credible and customer-focused business presence.

I

ISOTRA a.s.

isotra.cz

49

ISOTRA a.s. is a well-established Czech manufacturer specializing in interior and exterior shading solutions including blinds, roller shutters, pergolas, and related products. With over 30 years in the market and exports to 46 countries, ISOTRA holds a strong position as a technological leader in its industry. The company emphasizes quality, innovation, and environmental sustainability, supported by its own tooling and component manufacturing facilities. The website reflects a professional and comprehensive digital presence, targeting both B2B and end consumers with multilingual support and configurator tools. Technically, the site uses modern JavaScript libraries and tracking tools, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear GDPR policies and cookie consent mechanisms. Overall, ISOTRA demonstrates a mature digital infrastructure aligned with its business stature.

S

SEDOS transport s.r.o.

sedostransport.cz

50

SEDOS transport s.r.o. is a Czech Republic based company specializing in domestic and international transportation of heavy and oversized cargo, including machinery and specialized freight. The company emphasizes professional service with over 20 years of experience, a modern fleet, and comprehensive logistics solutions. Their website presents detailed service offerings and contact information, targeting businesses requiring specialized transport solutions. Technically, the website uses modern JavaScript libraries, Google Analytics, and a cookie consent mechanism, indicating moderate digital maturity. Security posture is good with HTTPS and reCAPTCHA implemented, but lacks explicit security policies and incident response contacts. The absence of WHOIS data reduces domain trustworthiness, though the website content and business information appear legitimate. Overall, the site is professional and functional with room for improvement in transparency and security disclosures.

A

ALVI, spol. s r. o.

restaurace-alvi.cz

52

Restaurace ALVI is a small hospitality business located in Ostrava, Czech Republic, specializing in traditional Czech cuisine, tank beer, and accommodation services. The website presents a professional and content-rich platform targeting local residents and tourists seeking authentic Czech dining experiences and lodging near the city center. The business emphasizes event hosting capabilities and offers multiple banquet rooms and accommodation options. Technically, the website uses modern JavaScript libraries, Bootstrap, and Google Analytics, and is built on the Eliška CMS platform. It is mobile-optimized with good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks some security headers and formal security policies. WHOIS data is unavailable, which slightly reduces trust but does not detract significantly from the business credibility given the clear contact information and consistent content. Overall, the site is well-maintained and trustworthy for its business domain.

A

ABA Apartments s.r.o.

abaapartments.cz

50

ABA Apartments s.r.o. operates a hospitality business offering 59 modern self-service apartments in Olomouc, Czech Republic. The company provides comfortable short and long-term accommodation with amenities such as kitchens, WiFi, smart TVs, and free parking. Complementary services include a partner restaurant Café Kitchen, event hosting facilities for weddings and conferences, and wellness services like massages. The website is professionally designed, mobile-optimized, and provides clear contact information and social media presence, supporting a positive market position in local hospitality. Technically, the website uses a modern technology stack including jQuery, Bootstrap, Slick Carousel, and Google Analytics 4. It is built on the Eliška CMS platform and employs HTTPS with cookie consent mechanisms, indicating a mature digital infrastructure. Performance and SEO are moderate to good, with room for improvement in accessibility and security headers. Security posture is solid with HTTPS and no visible vulnerabilities, but lacks published security policies or incident response contacts. Privacy compliance is good with GDPR-aligned cookie policies and consent banners. The absence of WHOIS data limits domain trust assessment, but website content and contact details appear legitimate. Overall, ABA Apartments presents a trustworthy and professional online presence with strong business credibility and technical implementation. Strategic improvements in security transparency and WHOIS data visibility would enhance trust and compliance further.

H

Hotel Avanti Brno

hotelavanti.cz

66

Hotel AVANTI Brno is a mid-sized hospitality business located near the center of Brno, Czech Republic. The hotel offers modern accommodation, wellness facilities including a rooftop wellness center and bowling bar, and extensive conference services with multiple meeting rooms. The website targets business travelers, conference organizers, and leisure guests, providing multilingual support and direct booking capabilities. Technically, the website is built on WordPress with a modern tech stack including Google Analytics, Facebook Pixel, and a professional booking engine. Security posture is good with HTTPS and reCAPTCHA implemented, though some security headers are not explicitly detected. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, WHOIS data is unavailable, which reduces domain trust verification. Overall, the website is professional, user-friendly, and trustworthy with room for minor security improvements.

T

Travelbakers

travelevo.cz

45

The website www.travelevo.cz represents TravelEVOlution, a niche event focused on sustainable and authentic travel experiences held in Brno, Czech Republic. The event is organized by Travelbakers and targets professionals and enthusiasts in the travel and tourism sector. The site provides detailed program information, workshops, and partner collaborations, reflecting a well-structured and professional business model in the hospitality industry. Technically, the site is built on Drupal 10, uses modern web technologies, and integrates Google Tag Manager for analytics. The site is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS enabled, but lacks some security headers and visible privacy or cookie policies, which are recommended for compliance and trust. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is common for small businesses. Overall, the site is professional, content-rich, and trustworthy with room for improvement in privacy compliance and security transparency.

C

CITY-TOOLS, s.r.o.

citytools.cz

45

CITY-TOOLS, s.r.o. operates a professional outdoor advertising platform in the Czech Republic, offering Citylight, billboard, and adhesive foil advertising solutions. The company targets businesses and individuals seeking effective outdoor marketing channels. The website is well-structured, visually consistent, and provides clear contact information, supporting a positive market presence in the local advertising sector. Technical infrastructure leverages common web technologies such as jQuery, Bootstrap, and Google reCAPTCHA, indicating a moderate level of digital maturity. The site is mobile-optimized and includes cookie consent mechanisms, reflecting awareness of privacy compliance requirements. Security posture is generally good with HTTPS enforced and reCAPTCHA integration; however, the absence of security headers and incident response information suggests room for improvement. The lack of WHOIS data limits domain legitimacy verification, which could impact trust from a security perspective. Overall, the website is professional and functional, with moderate risk due to incomplete domain registration transparency.

R

RAUL, s. r. o.

ski-tour.cz

47

ČEZ SkiTour is a prominent organizer of cross-country skiing events in the Czech Republic, targeting amateur skiers and winter sports enthusiasts. The website serves as a hub for race information, news updates, multimedia content, and race results. It holds a strong market position as the largest series of such events in the country, with a clear focus on community engagement and event promotion. Technically, the site employs modern web technologies including jQuery, Slick Carousel, and Google Tag Manager, ensuring a responsive and user-friendly experience. However, some technical aspects such as security headers and explicit privacy policies could be improved. The security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and published security policies. Overall, the site is professional and trustworthy, though the absence of WHOIS data introduces some uncertainty regarding domain legitimacy. Strategic recommendations include enhancing privacy disclosures, implementing security headers, and publishing incident response information to bolster trust and compliance.

S

Ski Classics

skiclassics.com

53

Ski Classics is an established international series of long-distance cross-country ski races in classic style, operating since 2011 with a domain registered since 2003. The website serves as an information hub for the events, targeting skiing enthusiasts and athletes. The business is positioned as a niche sports event organizer with a medium-sized operational scale, primarily focused on transportation and sports sectors. Technically, the website is built on WordPress with WooCommerce, leveraging modern web technologies including Google Analytics, Tag Manager, and reCAPTCHA for bot protection. The site demonstrates good SEO and mobile optimization, though accessibility is basic. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and DNSSEC. No incident response or security policy is published, representing an area for improvement. Overall, the website is professional, trustworthy, and compliant with GDPR, with room to enhance security and transparency.

E

EKO-KOM, a.s.

zodpovednafirma.cz

48

Zodpovědná firma is a Czech educational initiative focused on promoting responsible waste sorting and corporate social responsibility among companies. Organized by EKO-KOM, a.s., an authorized packaging company, it offers free educational materials, employee training, and certification to participating firms. The project has a solid market presence with over 259 companies involved, supported by recognized partners and a clear mission to improve environmental practices in workplaces. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses popular JavaScript libraries for enhanced user experience. It is mobile optimized and integrates multimedia content such as Vimeo videos and e-learning links. The site employs HTTPS and cookie consent mechanisms, reflecting a good level of digital maturity. From a security perspective, the site benefits from HTTPS and does not expose sensitive data. However, it lacks explicit security headers and published security policies or incident response plans, which could be improved. Privacy compliance is well addressed with GDPR-aligned privacy and cookie policies. No critical vulnerabilities or suspicious content were detected. Overall, the website represents a trustworthy, professional non-profit project with a clear environmental and educational focus. Strategic improvements in security policy transparency and technical security headers would enhance its posture further.

M

Město Šlapanice

slapanice.cz

50

Město Šlapanice operates an official municipal website providing comprehensive information and services to residents and visitors of the town located in the Czech Republic. The site offers news updates, event calendars, contact details, and access to various municipal services, positioning itself as a key communication channel for local governance. The website is well-structured, professionally designed, and targets a general audience including citizens and local stakeholders. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and Google Maps API, ensuring responsive design and interactive features. The presence of cookie consent mechanisms and a privacy policy indicates attention to GDPR compliance and user privacy. Security posture is adequate with HTTPS enforced and anonymized analytics, though the absence of certain security headers suggests room for improvement. The lack of WHOIS data limits domain trust verification, but the official nature and content quality support legitimacy. Overall, the website demonstrates a mature digital presence suitable for a municipal government entity.

A

Alpine Rettung Schweiz

alpinerettung.ch

52

Alpine Rettung Schweiz is a well-established Swiss non-profit foundation specializing in alpine rescue operations. Supported by key partners such as Rega and the Swiss Alpine Club (SAC), it operates a network of 84 rescue stations and approximately 3,400 volunteer rescuers. The organization serves as the primary terrestrial alpine rescue entity for most Swiss cantons, providing rapid response and comprehensive training programs. The website reflects a mature digital presence built on TYPO3 CMS, offering clear navigation, multilingual support, and professional content including news, publications, and organizational information. Security posture is solid with HTTPS and secure external linking, though it lacks explicit security policies and cookie consent mechanisms. Overall, the site demonstrates high trustworthiness and professionalism, aligning well with the organization's mission and market position.

P

PAX

pax-bags.de

54

PAX-Bags.com represents a medium-sized manufacturing business specializing in emergency backpacks, insert bags, and accessories with custom sizing and interior fittings. The company targets organizations requiring specialized emergency equipment, positioning itself as a niche manufacturer in this sector. The website is built on TYPO3 CMS with a modern technology stack including Bootstrap and jQuery, and integrates privacy compliance tools such as Usercentrics CMP and Google Tag Manager with consent mode. The site is professionally designed with good navigation and mobile optimization, though SEO is limited by a noindex robots directive. From a security perspective, the website enforces HTTPS and uses consent management for privacy compliance, but lacks explicit security headers and detailed security or incident response policies. No contact emails or phone numbers are clearly presented on the homepage, which may impact user trust and support accessibility. The absence of WHOIS data for the domain is a notable anomaly, reducing domain registration trustworthiness despite the professional website presence. Overall, the site demonstrates a solid technical foundation and privacy compliance but would benefit from enhanced security headers, clearer contact information, and resolution of WHOIS data visibility to improve trust and legitimacy. Strategic improvements in these areas would strengthen the security posture and business credibility.

J

JIZERSKÁ, obecně prospěšná společnost

jnlm.cz

49

The website www.jnlm.cz represents the Bedřichovský Night Light Marathon, a niche winter sports event organizer based in the Jizera Mountains, Czech Republic. The site provides event information, registration links, and live updates targeting winter sports enthusiasts, particularly cross-country skiers interested in night skiing. The business operates as a small regional event organizer with a clear focus on promoting and managing this annual marathon event. Technically, the website employs a modern front-end stack including jQuery, Bootstrap, Slick Carousel, and FancyBox, with Google Fonts and reCAPTCHA integration. The site is mobile optimized with a responsive design and includes cookie consent mechanisms compliant with GDPR. Performance is moderate with basic SEO and accessibility features. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect forms. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected, but improvements in security headers and transparency are recommended. The absence of WHOIS data limits domain trust verification, though the website content and contact information appear legitimate. Overall, the site is professionally presented, trustworthy, and compliant with privacy regulations, but would benefit from enhanced security practices and domain registration transparency to improve its risk profile and trustworthiness.