Security Directory

Saint-Gobain Glass is a major player in the manufacturing sector specializing in glass products, operating as part of the global Saint-Gobain group. The company targets industrial clients and construction sectors with a B2B business model. The website is currently inaccessible due to a Cloudflare security challenge, limiting direct content analysis. The domain registration data supports the legitimacy and long-standing presence of the company in the market. The technical infrastructure includes modern analytics tools like Google Tag Manager and Google Analytics 4, hosted behind Cloudflare for security and performance. However, the lack of visible privacy policies, contact information, and security headers on the landing page indicates areas for improvement in transparency and compliance. Overall, the website's security posture is difficult to assess fully due to access restrictions, but domain data and hosting choices suggest a mature enterprise environment.

Saint-Gobain Glass is a major industrial manufacturer specializing in glass products, operating under the global Saint-Gobain group. The website is currently inaccessible due to a Cloudflare security challenge page, which prevents direct content access and limits visibility into detailed business and security information. The technical infrastructure includes modern analytics and cookie consent tools, but lacks visible security headers and explicit privacy or contact information on the landing page. The absence of WHOIS data reduces transparency, although the domain is associated with a reputable multinational company. Overall, the site’s security posture is difficult to assess fully due to access restrictions, but improvements in transparency and direct content availability are recommended.

The website www.plaka.com.mx is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page that requires browser verification before granting access. This security measure blocks automated access and obscures the actual website content, preventing a full analysis of the business, services, and compliance posture. The domain WHOIS data is unavailable or invalid, which raises concerns about the transparency and legitimacy of the domain registration. The site uses Google Tag Manager for analytics and Cloudflare Turnstile captcha for bot mitigation, indicating some level of security awareness. However, the lack of visible privacy policies, contact information, and business details on the landing page limits trust and credibility assessment. Overall, the site appears to be protected by strong security controls but lacks accessible content for evaluation.

R

Rigips GmbH

rigips.de

62

Rigips GmbH is a leading German manufacturer specializing in sustainable drywall and building materials for walls, ceilings, floors, and facades. As part of the Saint-Gobain group, it holds a strong market position with a comprehensive product portfolio and a focus on environmentally friendly construction solutions. The website targets construction professionals, architects, and distributors, providing product information, technical downloads, and a dealer locator. Technically, the site is built on Drupal 10, employs modern tracking and consent tools, and is hosted on reliable infrastructure. Security posture is strong with HTTPS, security headers, and no exposed vulnerabilities detected. Privacy compliance is well addressed with detailed policies and consent mechanisms. Overall, the site demonstrates good digital maturity, professional design, and trustworthy business representation.

Weber Vietnam is a subsidiary of the global Saint-Gobain group, specializing in manufacturing and distributing tile adhesives, grouts, waterproofing products, and silicone sealants. The company holds a leading market position in Vietnam and globally, serving construction professionals and consumers with a comprehensive product range and technical support. The website is professionally designed, content-rich, and well-branded, reflecting the company's strong market presence and parent company association. Technically, the website is built on Drupal CMS with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools including Google Tag Manager, Facebook Pixel, TikTok Pixel, and Microsoft Clarity. The site is mobile-optimized and accessible, with good SEO practices. However, some security headers are missing, and there is no explicit cookie consent mechanism despite cookie policy presence. Security posture is good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The WHOIS data is unavailable, likely due to privacy protection, but the website's legitimacy is supported by consistent branding and structured data linking to Saint-Gobain. No signs of phishing or malware were detected. Overall, the website presents a low risk profile with strong business credibility and technical maturity. Strategic improvements could focus on enhancing security headers, implementing explicit cookie consent, and publishing a dedicated security policy or incident response page.

The website www.isover-technical-insulation.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) security challenge page that requires browser verification via Turnstile captcha. This prevents direct access to any substantive website content, including business information, contact details, or policies. The WHOIS lookup for the domain returned no registration data, indicating the domain may be unregistered, expired, or protected by privacy services, which raises concerns about the legitimacy and operational status of the website. The presence of modern analytics and cookie consent scripts suggests some level of digital maturity, but without accessible content, a full assessment is not possible. Security posture benefits from Cloudflare protection but lacks visible security headers or policies. Overall, the site scores low on content quality, business credibility, and privacy compliance due to lack of accessible information.

The website www.it.weber is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page that requires browser verification via Turnstile CAPTCHA. This prevents access to any substantive content, including business descriptions, contact information, or policy documents. The site employs Google Tag Manager and Google Analytics 4 for tracking, alongside OneTrust for cookie consent management, indicating some level of privacy compliance infrastructure. However, the lack of accessible content and WHOIS data severely limits the ability to assess the company's market position, services, or legitimacy. The domain's WHOIS information is unavailable or malformed, which raises concerns about transparency and trustworthiness. Overall, the site appears to be part of a larger network of related domains using shared analytics configurations, but no direct business or contact details are visible.

The website www.carriere-de-gypse-sogyma.fr is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page that requires browser verification via Turnstile captcha. This prevents direct access to the site's content, limiting the ability to analyze business details or user-facing information. The domain's WHOIS data is unavailable, indicating privacy protection or lack of public registration data, which further reduces transparency and trust. The site uses Google Tag Manager and Google Analytics 4 for tracking, and OneTrust for cookie consent management, showing some level of compliance with privacy regulations. However, no privacy policy, terms of service, or contact information is visible on the challenge page. The hosting appears to be behind Cloudflare, providing security and performance benefits but also obscuring direct server details. Overall, the website's digital maturity is low due to content inaccessibility and lack of visible business information.

M

Můj Caravan

mujcaravan.cz

53

Můj Caravan is a Czech Republic-based e-commerce retailer specializing in accessories and equipment for caravans, motorhomes, camping, and outdoor activities. The website offers a wide range of products including awnings, furniture, grills, kitchenware, toilets, and outdoor gear, targeting caravan and camping enthusiasts primarily in the Czech market. The business positions itself as a niche market leader with a comprehensive product catalog and customer trust signals such as the Heuréka certification and active social media presence. Technically, the website is built on a proprietary e-commerce platform (Golemos) and leverages modern web technologies including JavaScript frameworks, Google Tag Manager, Facebook SDK, and Matomo analytics. The site is mobile-optimized with good SEO and accessibility basics, providing a professional user experience. The presence of multiple tracking and marketing tools is managed with user consent, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses secure login forms. While some security headers are not explicitly detected, the overall posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, supporting strong privacy practices. Overall, the website demonstrates a high level of professionalism and trustworthiness, with no signs of content blocking or WAF interference. The lack of public WHOIS data due to privacy protection is common for retail businesses and does not detract from the legitimacy of the site. Strategic recommendations include enhancing security headers and continuing regular audits of third-party scripts to maintain security and compliance.

F

Frank Bold Advokáti

fbadvokati.cz

55

Frank Bold Advokáti is a professional law firm specializing in a broad range of legal services excluding criminal law, with a strong presence in the Czech Republic and offices in multiple cities including Brno, Prague, Ostrava, Krakow, and Brussels. The firm offers comprehensive legal support in areas such as commercial and labor law, energy law, public administration law, real estate transactions, and environmental law. Their website demonstrates a mature digital presence with well-structured content, case studies, an online legal academy, and client engagement through newsletters and social media. Technically, the site uses modern tools including Pimcore CMS, Google Tag Manager, and Matomo analytics, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. The absence of WHOIS data suggests privacy protection, which is typical and justified for legal firms. Overall, the website is professional, trustworthy, and well-positioned in its market niche.

A

Adresář Farmářů

adresarfarmaru.cz

60

Adresář Farmářů operates as an online directory and map-based platform focused on connecting consumers with farmers and related shopping and services primarily in the Czech Republic. The website leverages modern web technologies including Angular and integrates third-party analytics and social media SDKs to enhance user engagement and tracking. The platform appears to serve a niche market, providing localized listings and user contributed content to facilitate discovery of farming-related services. Despite the lack of WHOIS registration data, the website presents a professional and consistent brand image with a clear target audience of consumers seeking local farm products and services. Technical infrastructure is modern but could benefit from enhanced security headers and explicit privacy and terms of service documentation. The security posture is moderate with HTTPS in use but missing some best practice headers and policies. Overall, the site is accessible, safe, and functional, but improvements in compliance and transparency would strengthen trust and credibility.

S

Sedmá generace

sedmagenerace.cz

54

Sedmá generace is a Czech socio-ecological magazine established in 1991, focusing on social and environmental issues such as nature protection, renewable energy, alternative economy, and human and animal rights. The website serves as a digital platform for publishing articles, news, and podcasts, supporting subscriptions and donations. It maintains a consistent brand presence and targets a general audience interested in ecological and societal topics. Technically, the site is built on WordPress with WooCommerce, employing modern web technologies and integrating Google Analytics and Tag Manager for tracking. The site demonstrates good SEO practices and mobile optimization. Security-wise, the site uses HTTPS and cookie consent mechanisms compliant with GDPR, though it lacks explicit security policies or incident response contacts. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and trustworthy online presence.

D

Dogfish

dogfish.cz

42

Dogfish is a Czech digital agency specializing in web design, web applications, graphic design, video production, and e-commerce solutions. The company positions itself as a professional and experienced provider with a strong portfolio and client testimonials, targeting businesses seeking digital transformation and marketing support. The website is built on WordPress and incorporates modern web technologies and analytics tools, reflecting a mature digital infrastructure. Security posture is adequate with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. The absence of WHOIS data is a concern for domain legitimacy verification but does not detract from the professional presentation and trust signals on the site. Overall, Dogfish demonstrates a solid digital presence with good business credibility and technical implementation.

C

CODERS.BAY

codersbay.at

60

CODERS.BAY is a technology-focused company specializing in software development and IT solutions, positioned as an award-winning and recognized player in its industry. The website is built on WordPress using a professional commercial theme and incorporates modern JavaScript libraries to enhance user experience. The technical infrastructure shows moderate digital maturity with good mobile optimization and SEO practices, including structured data and cookie consent mechanisms. Security posture is adequate with HTTPS enforced and cookie consent blocking tracking scripts until user approval; however, the absence of security headers and explicit privacy policies indicates room for improvement. Overall, the website is professional and trustworthy but would benefit from enhanced transparency and security practices to strengthen compliance and user trust.

SLV GmbH operates a professional e-commerce platform specializing in high-quality lighting products for both residential and commercial customers, emphasizing German engineering and product reliability. The website is well-structured, multilingual, and targets a broad European market with a focus on Germany. The technical infrastructure leverages modern technologies including Spryker Commerce OS, Google Tag Manager, and Usercentrics for consent management, indicating a mature digital presence. Security posture is strong with HTTPS enforced and consent mechanisms in place, though explicit security policies and incident response details are absent. The lack of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy, but the overall professional presentation and trust signals mitigate this concern. Strategic recommendations include publishing detailed security and incident response policies, providing direct contact information, and verifying domain registration details to enhance trust.

S

StudentPoint.cz

studentpoint.cz

53

StudentPoint.cz is a Czech online media portal primarily targeting students and young adults interested in lifestyle, travel, and product reviews. The site offers a broad range of articles covering student life, pop culture, and adult-oriented content such as erotic products and dating site reviews. Its business model relies heavily on affiliate marketing, especially for adult and dating services. The website is built on a modern WordPress infrastructure using Elementor and Astra theme, with performance optimizations and tracking tools like Google Analytics and Sentry integrated. Security posture is adequate with HTTPS enabled and some monitoring in place, but lacks comprehensive security headers and explicit privacy or cookie policies. The absence of WHOIS registrant data reduces domain trustworthiness, though the professional presentation and consistent branding support legitimacy. Overall, the site serves a niche adult audience with a focus on content and affiliate revenue.

F

Farstad & Co

farstad.co

59

Farstad & Co is a specialty coffee roastery and coffee bar located in Skien, Norway, with a rich history dating back to 1955. The company operates a physical coffee bar, an online store offering specialty single-origin coffees, subscription services, and corporate coffee solutions. Positioned as Skiens eneste kaffebrenneri, Farstad & Co emphasizes quality, origin transparency, and a passion for the coffee experience. The website reflects a modern digital presence built on Next.js and Crystallize, integrating analytics and marketing tools such as Google Analytics and Facebook Pixel. Security posture is strong with HTTPS and security headers, though cookie consent mechanisms are absent. Contact information is clearly presented, enhancing business credibility. The domain registration aligns well with the business claims, supporting legitimacy.

N

Nomono

nomono.co

63

Nomono is a Norway-based technology company specializing in AI-powered spoken audio platforms and wireless recording devices. Their business model combines hardware sales with cloud-based SaaS subscription services, targeting creators such as podcasters and storytellers who require high-quality audio production tools. The website presents a professional and modern digital presence, leveraging advanced web technologies including Next.js, React, and integrations with HubSpot and Segment for marketing and analytics. The site is well-optimized for performance and mobile use, with clear navigation and strong branding consistency. Security posture is solid with HTTPS and security headers implemented, though explicit privacy and security policies are not publicly linked. Overall, Nomono demonstrates a mature technical infrastructure and a credible market position within the audio technology niche.

S

Snowball Digital AS

snowball.digital

67

Snowball Digital AS is a Norwegian-based design and technology agency specializing in digital product strategy, UX/UI design, branding, development, and growth marketing. The company targets growth-focused businesses seeking innovative digital solutions and seamless end-to-end experiences. Their market position is that of a specialized boutique agency with a focus on digital transformation and product innovation. Technically, the website is built on modern frameworks such as React and Next.js, leveraging a headless CMS (Crystallize) and integrating analytics tools like Google Analytics and Hotjar. The site is mobile-optimized and presents a professional, consistent brand image. Security-wise, the website uses HTTPS and asynchronous loading of tracking scripts but lacks some security headers and a cookie consent mechanism, which are recommended for improved compliance and security posture. Overall, the domain WHOIS data is privacy protected, which is typical for small agencies, and the website content and contact information support the legitimacy of the business.

O

Okay

okaythis.com

63

Okay is a Norway-based company founded in 2018 that provides advanced, modular authentication solutions tailored for fintechs, banks, and enterprises. Their platform focuses on balancing security, compliance, and user experience by offering identity verification, strong customer authentication, passwordless access, and compliance management services. The company positions itself as a trusted partner in the financial technology sector, emphasizing rapid deployment and regulatory adherence such as PSD2 and GDPR. Technically, the website is built using modern frameworks like Next.js and React, hosted on Vercel, and integrates analytics and consent management tools to ensure performance and privacy compliance. Security posture is strong with HTTPS enforcement and clientTransferProhibited domain status, though DNSSEC is not enabled and explicit security policies are not published. Overall, the website is professional, well-structured, and trustworthy, with comprehensive content and clear business focus.

N

New Normal Group

newnormalgroup.com

62

New Normal Group is an entrepreneurial software group focused on incubating and building technology companies that redefine industry norms through intelligent API-driven solutions. Their portfolio includes subsidiaries specializing in e-commerce, IoT, cybersecurity, AI, digital services, and financial services, positioning them as a versatile player in the technology sector. The company targets forward-looking enterprises and high-growth ventures, leveraging over 20 years of entrepreneurial experience. Technically, the website is built on modern frameworks such as Next.js and integrates analytics and user behavior tools like Google Analytics and Hotjar, indicating a mature digital infrastructure. However, there are gaps in privacy compliance and explicit security policies. Security posture is generally good with HTTPS and domain transfer protections, but lacks DNSSEC and security headers. Overall, the website is professional, trustworthy, and well-branded, though improvements in privacy and security transparency are recommended.

S

Sucht Schweiz

suchtschweiz.ch

62

Sucht Schweiz is a Swiss non-profit foundation dedicated to preventing problems related to the consumption of psychoactive substances and addictive behaviors. The organization operates with a clear mission focused on research, prevention, information dissemination, and advocacy. The website reflects a mature digital presence with multilingual support, professional design, and modern web technologies including WordPress, Yoast SEO, and Usercentrics for cookie consent. It prominently features donation options and provides extensive content on addiction-related topics, targeting both the general public and professionals in the field. Technically, the site is well-implemented with good SEO, mobile optimization, and accessibility. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks some advanced security headers and explicit security policies. Privacy compliance is partially met with a cookie consent mechanism but no visible privacy or terms of service pages. Contact information is not explicitly provided in the HTML content, which could be improved for transparency. Overall, the website is trustworthy and professional, with a strong alignment between WHOIS data and business claims, indicating legitimacy. The content is safe for a mature audience, focusing on health and addiction prevention without any explicit or NSFW material.

N

Naughty Harbor s.r.o.

naughtyharbor.cz

58

Naughty Harbor s.r.o. operates a Czech Republic-based adult e-commerce website specializing in the sale of realistic silicone sex dolls and related accessories, alongside a sex doll private rental service in Prague. The website targets an adult audience exclusively, offering a broad catalog of products categorized by appearance, size, and brand. The business positions itself as a niche market leader in the Czech adult toy and service sector, emphasizing quality and customer experience through reviews and detailed product information. Technically, the website is built on the Shoptet e-commerce platform, utilizing a mix of legacy and modern web technologies including jQuery 1.11.3, Google Tag Manager, Google Analytics (GA4), Hotjar, and Mouseflow for analytics and user behavior tracking. The site is HTTPS secured and implements cookie consent mechanisms, though it lacks visible security headers and up-to-date privacy documentation. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, but it does not publish a privacy policy or terms of service in the analyzed content, nor does it provide a security.txt or vulnerability disclosure mechanism. The absence of WHOIS data for the domain reduces trustworthiness and raises questions about domain registration transparency. Overall, the website presents a professional and functional adult e-commerce platform with moderate technical maturity and security posture. Strategic improvements in privacy compliance, security headers, and domain registration transparency are recommended to enhance trust and regulatory adherence.

A

Ateliér ŠUM

kurzyuzuzy.cz

47

Ateliér ŠUM is a small art education business based in Prague 1, offering a wide range of creative courses including drawing, painting, ceramics, jewelry making, and online lessons. The website is professionally designed using WordPress with modern plugins such as Yoast SEO and Google Analytics integration, providing a good user experience and clear navigation. Contact information including phone, email, and physical address is prominently displayed, supporting business credibility. However, the absence of privacy and cookie policies indicates a compliance gap that should be addressed. The WHOIS data is unavailable, which slightly reduces domain trustworthiness but does not detract from the overall legitimacy of the site based on content and contact details. Security posture is good with HTTPS and reCAPTCHA usage, but could be improved by adding security headers and a vulnerability disclosure policy.

Č

Český hokej

ceskyhokej.cz

48

Český hokej is the official national ice hockey federation of the Czech Republic, providing comprehensive information, news, and services related to Czech ice hockey. The website serves a broad audience including fans, players, coaches, referees, and other stakeholders, offering news updates, team details, ticket sales, fan engagement zones, and an official merchandise shop. The domain is well-established since 2001, reflecting a mature and authoritative presence in the sports sector. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript, and integrates analytics tools like Google Tag Manager and Facebook Pixel, ensuring good performance and user experience across devices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit privacy and security policies are not found in the provided content. Overall, the site demonstrates high professionalism, consistent branding, and trustworthy digital presence, with room for improvement in explicit privacy disclosures and contact information visibility.

B

Bohemia

bohemiahokej.cz

42

The website www.bohemiahokej.cz is a Czech-language promotional platform centered around interactive hockey-themed games and contests sponsored by Bohemia Chips. It targets Czech consumers interested in hockey and promotional sweepstakes, offering prizes such as cars and branded merchandise. The site features multiple interactive games, user registration with consent for data processing, and social media integration. Technically, it employs modern JavaScript libraries and tracking tools like Google Tag Manager and Facebook Pixel, with a responsive design optimized for mobile devices. Security posture is generally good with HTTPS enforced and consent mechanisms in place, though minor backend PHP notices indicate some error handling issues. The absence of WHOIS data reduces domain trustworthiness, but the website content and branding appear professional and consistent with a legitimate marketing campaign.

G

Gibbs&Co., s.r.o.

e-news.cz

42

Ekonomický magazín is a Czech economic news portal operated by Gibbs&Co., s.r.o., providing up-to-date news, analyses, and expert opinions primarily in finance, banking, insurance, and investment sectors. The website targets professionals and individuals interested in economic developments and investment insights. It operates on a WordPress CMS with a modern tech stack including Bootstrap, jQuery, and various advertising and analytics integrations, demonstrating a mature digital infrastructure. The site is well-optimized for SEO and mobile devices, offering a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and consent management implemented, though some security headers could be improved. The site uses multiple advertising networks and tracking services with user consent, reflecting a comprehensive marketing approach. Overall, the website is trustworthy, professional, and compliant with GDPR, with clear business and contact information. No critical security or content safety issues were detected.

Jiří Rostecký operates a well-established Czech business media platform focused on podcasts, mentoring, and consulting services for entrepreneurs, freelancers, and small business owners. The website serves as a content hub and service portal, featuring extensive business-related content and live event promotions. The platform holds a strong market position in the Czech Republic's business media niche, supported by a decade-long domain history and consistent branding. Technically, the website is built on WordPress with modern SEO and performance optimizations including WP Rocket and All in One SEO Pro. It integrates multiple third-party services such as Vimeo, YouTube, Mailjet, and Spotify for media and marketing functionalities. The site is mobile-optimized, fast-loading, and accessible, reflecting a mature digital infrastructure. Security posture is robust with HTTPS enforced, comprehensive cookie consent mechanisms, and use of Google reCAPTCHA for bot protection. Security headers are present, and no vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with GDPR-aligned cookie policies and consent banners. Overall, the site presents low risk with high trustworthiness and professionalism. Strategic recommendations include publishing explicit security and incident response policies, adding contact emails or phone numbers for business inquiries, and maintaining regular security audits to ensure ongoing compliance and protection.

P

Park Technology

themagicstamp.com

59

Magic Stamp, operated by Park Technology, offers a digital loyalty platform designed for small businesses, focusing on mobile and coffee loyalty solutions. The company provides an easy-to-use app combined with a physical stamp device to enhance customer retention. The website positions Magic Stamp as an affordable and effective loyalty solution with a clear target audience of small businesses seeking simple digital loyalty programs. The domain is well-established since 1999, supporting the business's credibility and longevity. Technically, the website is built on the Squarespace CMS platform, utilizing modern web technologies including JavaScript, jQuery, and integrations with marketing and analytics tools such as Google Analytics, Facebook Pixel, and HubSpot. The site is mobile-optimized and demonstrates good design and user experience, though accessibility features are basic. Performance is moderate, typical for a CMS-based site. From a security perspective, the site enforces HTTPS but lacks DNSSEC and HSTS headers, which are recommended for enhanced security. No explicit security policies or incident response contacts are published, representing an area for improvement. The domain is locked with multiple client prohibitions, indicating protection against unauthorized transfers or deletions. Privacy compliance is partial, with a cookie consent banner present but no visible privacy policy or terms of service pages. Overall, Magic Stamp's website is professional and trustworthy, with moderate security and privacy compliance. Strategic improvements in security headers, privacy documentation, and incident response transparency would enhance the site's security posture and user trust.

V

VR|SPACE

vrspace.cz

48

VR|SPACE is a Czech-based company specializing in virtual reality and augmented reality solutions tailored for industries such as architecture, healthcare, engineering, and education. Established in 2015, the company positions itself as an innovative service provider focused on digitization and immersive technology applications to enhance productivity and safety. The website reflects a professional and consistent brand image, targeting business clients seeking VR/AR services. Technically, the site employs a modern tech stack including Google Analytics, Facebook Pixel, and Google Tag Manager, with a CMS identified as HAPPY admin and hosting by WEDOS. While the site is mobile-optimized and accessible, some outdated libraries like jQuery 1.11.1 are used, and security headers are minimal. Security posture is adequate with HTTPS and reCAPTCHA on forms, but could be improved with additional headers and updated libraries. Privacy compliance is basic with a clear cookie consent mechanism and a privacy policy page, though terms of service and explicit security policies are absent. Overall, the site is trustworthy and professionally maintained, with room for technical and security enhancements.

M

Metrostav Development a.s.

metrostavdevelopment.cz

56

Metrostav Development a.s. is a well-established real estate developer in the Czech Republic, focusing on residential and commercial projects primarily in Prague. The company is part of the larger Metrostav Group and has a domain age consistent with its business history, indicating a stable market presence. Their website provides comprehensive information about ongoing and completed projects, targeting property buyers and investors in the region. Technically, the website employs modern web technologies such as Bootstrap, jQuery UI, and integrates Google Analytics and Cookiebot for analytics and privacy compliance. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and implements CSRF tokens in forms, but lacks explicit security headers and published security policies, which are recommended for improvement. Privacy compliance is strong with a visible cookie consent mechanism and a detailed privacy policy. Overall, the website is trustworthy, professional, and compliant with GDPR requirements, with room for enhancement in security transparency and incident response readiness.

S

SHERWOOD Digital a.s.

majales.cz

9

The website www.majales.cz serves as the central portal for the Majáles 2026 student festivals held across multiple Czech cities including Prague, Brno, Ostrava, and Hradec Králové. Operated by SHERWOOD Digital a.s., the site promotes large-scale student celebrations and provides event information and ticketing details. The business is positioned as a leading festival organizer in the Czech Republic, targeting students and young adults interested in cultural and social events. The site content is primarily in Czech with an option for English, reflecting a regional focus with some international accessibility. Technically, the website employs a modern tech stack including Bootstrap, Owl Carousel, Swiper, and integrates Google Analytics and Facebook Pixel for marketing and analytics purposes. Cookie consent is managed via CookieScript, demonstrating compliance with EU cookie regulations. The site is mobile-optimized with good SEO practices and moderate performance. However, no CMS or hosting provider details were identified, and accessibility features are basic. From a security perspective, the site uses HTTPS and implements cookie consent with opt-in for targeting and performance cookies, which is positive. Security headers are implied but not explicitly confirmed. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of a publicly accessible privacy policy and terms of service pages is a compliance gap. Additionally, WHOIS data for the domain is unavailable, which raises concerns about domain registration transparency and trustworthiness. Overall, the website presents a professional and trustworthy front for a regional event organizer but would benefit from enhanced transparency in privacy and security policies, explicit contact information, and verification of domain registration details to strengthen trust and compliance posture.

A

AudioMaster, a. s.

music-city.cz

54

Music City, operated by AudioMaster, a. s., is a Czech Republic-based e-commerce retailer specializing in musical instruments, sound and lighting technology, DJ equipment, and home recording gear. The company maintains a strong market presence with multiple physical stores in Prague, Brno, and Uherské Hradiště, complemented by a comprehensive online store. Their business model focuses on providing musicians and music enthusiasts with a wide range of products at competitive prices, supported by free shipping and a three-year warranty, enhancing customer trust and satisfaction. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, Cookiebot for cookie consent management, and analytics tools such as Google Analytics and Hotjar. The site is mobile-optimized and demonstrates good SEO and accessibility practices. However, there is room for improvement in security headers implementation and further hardening of form security. From a security perspective, the site uses HTTPS and has a robust cookie consent mechanism, indicating compliance with GDPR and privacy best practices. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS registration data is a notable concern, potentially impacting domain trustworthiness, but the visible business information and contact details mitigate this risk somewhat. Overall, Music City presents a professional and trustworthy online presence with a solid business foundation. Strategic improvements in domain registration transparency and enhanced security headers would further strengthen their security posture and credibility.

C

Centrum Stromovka

centrumstromovka.cz

57

Centrum Stromovka operates as a retail and commercial center in the Czech Republic, providing shopping and vendor services primarily targeting local consumers and businesses. The website is built on WordPress and integrates common marketing and analytics tools such as Google Analytics, Google Ads, Facebook Pixel, and Cookiebot for cookie consent management. The technical infrastructure is moderately modern with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure, though explicit security headers are not detected and WHOIS data is missing, which impacts domain transparency. Overall, the site presents a professional and functional online presence for the business. Strategic improvements in security headers and privacy policy publication would enhance trust and compliance.

M

Metrostav Development

nadskalou.cz

51

Nadskalou.cz is a professionally developed website representing a new residential real estate project called Nad skálou Barrandov, located in Prague 5. The project is managed by Metrostav Development, a reputable construction and development company. The website effectively communicates the project's value proposition, emphasizing proximity to nature and urban amenities. The technical infrastructure is modern, leveraging ProcessWire CMS, Cookiebot for consent management, and Google Tag Manager for analytics and marketing. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers could be improved. Privacy compliance is well addressed with a comprehensive cookie policy and GDPR-aligned consent. Overall, the website presents a trustworthy and professional image suitable for its target audience of prospective home buyers seeking quality residential options in Prague.

M

Metrostav Development

viladomyumlyna.cz

50

Viladomy U Mlýna is a real estate development project focused on creating a new urban residential quarter in Vysočany, Prague. The website represents a medium-sized real estate developer, Metrostav Development, offering above-standard housing solutions. The site targets potential home buyers and residents interested in modern city living combined with natural surroundings. The business model centers on property development and sales within the Czech Republic real estate market. Technically, the website is built on the ProcessWire CMS and employs modern front-end technologies such as Swiper.js, Tippy.js, and Google Tag Manager, ensuring a good user experience with mobile optimization and SEO best practices. The site uses HTTPS and integrates a comprehensive cookie consent mechanism via Cookiebot, reflecting good privacy compliance and transparency in advertising and tracking practices. However, the WHOIS data shows a suspicious domain creation date in the future, which raises concerns about registration legitimacy. No explicit contact information or terms of service pages were found, which slightly impacts business credibility. Overall, the website is professional, secure, and compliant with GDPR, but improvements in transparency and WHOIS data accuracy are recommended.

S

SIKO KOUPELNY A KUCHYNĚ

siko.cz

62

SIKO KOUPELNY A KUCHYNĚ is a leading Czech retailer specializing in stylish bathroom and kitchen solutions, offering a wide range of quality products, project planning, and turnkey realization services. The company targets general consumers primarily in the Czech Republic and neighboring countries, positioning itself as a market leader in home improvement retail. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site is built on a modern Angular framework integrated with SAP Commerce Cloud, leveraging multiple marketing and analytics tools with user consent mechanisms. Security posture is strong with HTTPS enforcement and security headers, though the absence of a public security policy and incident response information is noted. The lack of WHOIS data reduces domain trust slightly but does not detract significantly from the overall legitimacy. Strategic recommendations include publishing security policies, enhancing incident response transparency, and verifying domain registration details to improve trust. Overall, SIKO demonstrates a mature digital presence with room for security and compliance enhancements.

D

Demo verze stránek

proengineers.cz

56

Proengineers studio is a small architecture and project design office based in the Czech Republic, offering comprehensive services focused on sustainable building design and modern technologies, including investor support during project realization. The website presents a professional image with good content quality and consistent branding, targeting general audiences interested in architectural services. Technically, the site is built on WordPress using Elementor and SEO plugins, with Google Analytics and Tag Manager for tracking. The site is accessible without any WAF or security challenges, indicating good availability. However, the absence of WHOIS data limits domain legitimacy verification. Security posture is moderate with HTTPS enabled but lacks security headers and published security policies. Privacy compliance is basic with cookie consent but no visible privacy or terms policies. Overall, the site is functional and professional but would benefit from enhanced security and compliance documentation.

U

Usermaven

usermaven.com

63

Usermaven is a technology company founded in 2020 that offers an AI-powered marketing attribution and analytics SaaS platform. The platform targets marketing teams, agencies, brands, and product teams by providing multi-touch attribution, product analytics, funnel analysis, and user journey insights. The company positions itself as privacy-conscious, emphasizing GDPR and CCPA compliance and hosting data in the EU. Technically, the website is built on modern frameworks such as Next.js and React, integrates with multiple marketing and analytics tools, and uses Cloudflare for DNS and likely CDN services. The site is fast, mobile-optimized, and professionally designed. Security posture is good with HTTPS enforced and domain transfer protection, but lacks published security policies and vulnerability disclosures. Privacy compliance is partial due to missing explicit privacy and cookie policies. Overall, the website is trustworthy and professional, with room for improvement in transparency and compliance documentation.

A

Alf & Bet

alfabet.coffee

68

Alf & Bet is a small specialty coffee roaster and artisan bakery based in Prague, Czechia, operating an e-commerce platform primarily targeting European customers. The company offers a curated selection of coffee, tea, bread, wine, books, and related accessories, supported by physical espresso bar locations under the EMA brand. The website is built on Shopify, leveraging modern e-commerce technologies and third-party integrations for marketing, analytics, and customer reviews. Privacy and cookie consent mechanisms are implemented, reflecting GDPR compliance. Security posture is strong with HTTPS and standard security headers, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site presents a professional and trustworthy online presence with no signs of malicious activity or content blocking.

A

Alf & Bet, spol. s r.o.

emaespressobar.cz

54

EMA espresso bar operates a chain of specialty coffee bars in Prague, offering high-quality espresso drinks, bakery products, and coffee beans roasted under the Alf & Bet brand. The business targets coffee enthusiasts and local consumers seeking specialty coffee experiences. The website is professionally designed, mobile-optimized, and integrates modern web technologies including Solidpixels CMS and Google Tag Manager for analytics. Security posture is generally good with HTTPS enforced and secure form handling, though the absence of security headers and privacy policy pages are notable gaps. The lack of WHOIS data reduces domain trustworthiness, but the business information and contact details on the site support legitimacy. Strategic improvements in privacy compliance and security disclosures are recommended.

A

Alf & Bet

coffee.toys

68

Alf & Bet is a small specialty coffee roaster and artisan bakery based in Prague, Czechia, operating an e-commerce platform primarily targeting European customers. The company offers a curated selection of coffee, tea, bread, wine, books, and related accessories, supported by physical espresso bar locations under the EMA brand. Their market position is niche, focusing on quality and artisanal products with a loyal customer base. The website is built on the Shopify platform using a modern theme and integrates multiple analytics and marketing tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit policies could be improved. The domain WHOIS data is privacy protected, which is typical for small businesses, and no suspicious patterns were detected. Overall, the website is professional, trustworthy, and compliant with GDPR, making it a reliable online presence for the business.

B

Bookio

bookiopro.com

62

BookioPro is a specialized online reservation and restaurant management system targeting restaurant owners and managers. The platform offers a comprehensive suite of tools including reservation books, online booking, guest management, statistics, and advanced features such as gift vouchers and event management. The business model is SaaS-based with a 30-day free trial to attract new customers. The website is professionally designed with consistent branding and clear navigation, supporting multiple languages and mobile optimization. Technically, the site leverages established front-end libraries like Bootstrap and Font Awesome, integrates Google Analytics and Tag Manager for tracking, and uses Smartsupp for live chat support. Cookie consent is managed via CookieYes with granular user controls, indicating a basic level of privacy compliance. However, no explicit privacy policy page was found, and WHOIS data for the domain is missing, which raises concerns about domain legitimacy. From a security perspective, the site uses HTTPS (assumed from external scripts loaded via HTTPS), but no security headers were detected in the provided data. The use of third-party scripts introduces potential risks that should be regularly audited. No incident response or security policy information is publicly available, which is a gap in transparency and preparedness. Overall, the website presents a solid business offering with good technical implementation but has room for improvement in security posture and privacy transparency. The lack of WHOIS data and explicit privacy policies slightly reduce trustworthiness. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and security policies, and verifying domain registration details to improve credibility.

G

Google

go.dev

63

The website go.dev is the official site for the Go programming language, an open source language developed and supported by Google. It serves as a comprehensive resource hub for developers, offering documentation, learning materials, downloads, and community engagement. The site is well-positioned in the technology sector as a leading programming language platform with strong industry adoption and backing by a major enterprise, Google. The content is highly relevant to software developers and teams focused on building scalable, secure systems. From a technical perspective, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates Google Tag Manager and Analytics for performance and user behavior tracking. The site is hosted on Google infrastructure, ensuring fast performance and excellent mobile optimization. Accessibility and SEO practices are well implemented, contributing to a positive user experience. Security-wise, the site enforces HTTPS and uses best practices such as asynchronous loading of analytics scripts. However, it lacks explicit security policy documentation and incident response contact information, which are recommended for transparency and trust. No vulnerabilities or exposed sensitive data were detected in the content. Privacy and cookie policies are present and link to Google's official policies, indicating good compliance with GDPR and related regulations. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity. The domain registration details align with the business claims, reinforcing legitimacy. Strategic recommendations include publishing dedicated security and incident response policies, enhancing security headers, and maintaining regular audits of third-party scripts to further strengthen security posture.

C

CarSoul

carsoul.cz

49

CarSoul.cz is a Czech-based automotive company specializing in operational leasing and sales of new and certified used vehicles. The company aggregates offers from multiple dealers, providing customers with a wide selection of cars including financing options. The website presents a professional and user-friendly interface with clear navigation, customer testimonials, and certifications such as CEBIA, indicating a trustworthy market presence. The target audience includes both individual customers and companies seeking fleet management solutions. Technically, the site employs modern JavaScript frameworks and libraries including Laravel Livewire, Swiper.js, and Google Tag Manager, supporting a responsive and interactive user experience. Security posture is moderate with HTTPS usage and cookie consent mechanisms in place, but lacks visible security headers and explicit privacy or security policies. WHOIS data for the domain is unavailable, which slightly impacts trustworthiness but does not detract from the overall professional presentation. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and verifying domain registration details to improve legitimacy and compliance.

F

Frenkee

frenkee.cz

59

Frenkee.cz is a Czech Republic-based fintech platform offering a comprehensive suite of online financial services including insurance (car, travel, life, property), loans (mortgages), and investment solutions. The platform emphasizes user-friendly online access, transparency, and customer empowerment, supported by AI-driven financial guidance through its Frenk.ai service. The website demonstrates a strong market presence with multiple partnerships with reputable insurance companies and extensive media coverage, enhancing its credibility and trustworthiness. Technically, the website employs modern web technologies such as Google Tag Manager, Swiper.js for carousels, and the Nette PHP framework for backend and form validation. The site is well-optimized for performance, mobile responsiveness, and accessibility, with good SEO practices and structured navigation. Security best practices are observed with HTTPS enforcement, secure form handling, and appropriate security headers, although explicit security policies and incident response information are not published. The security posture is solid with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-compliant privacy policies. However, the absence of WHOIS registration data reduces transparency and trust in domain ownership, which is a notable concern. Overall, the site is professional, trustworthy, and safe for general audiences seeking financial services online.

B

Bonavita, spol. s r.o.

bonavita.cz

46

Bonavita, spol. s r.o. is a leading Czech manufacturer specializing in breakfast cereals, oat flakes, and soy products. The company operates a professional website that supports its retail and e-commerce business models, including a bonus program and an online shop. The website is well-structured, with clear navigation and relevant content targeting general consumers interested in healthy breakfast options. Technically, the site employs modern frontend technologies such as Bootstrap, jQuery, and Owl Carousel, and integrates analytics and marketing tools like Google Analytics and Seznam Retargeting. While the website is mobile-optimized and user-friendly, there is room for improvement in security headers and accessibility compliance. The security posture is moderate, with HTTPS implied but no explicit security headers detected in the provided data. Privacy and cookie policies are present and GDPR compliant, reflecting a good privacy compliance stance. The absence of WHOIS data reduces transparency and slightly impacts trustworthiness, but the overall business credibility remains high due to clear contact information and professional presentation.

H

Hotel u Ledu*** / Wellness

hoteluledu.cz

62

Hotel u Ledu is a hospitality business located in Velké Popovice, Czech Republic, offering comfortable accommodation, wellness services, and gastronomic experiences. The website positions the hotel as an ideal location for both leisure and corporate events, targeting a general audience seeking quality hospitality services. The business appears to be small-sized and has been operating since 2015, with a consistent brand presence and good content quality on its website. Technically, the website is built on WordPress using the Divi theme, leveraging modern web technologies such as Google Tag Manager and Google Analytics for tracking and marketing purposes. The site demonstrates good SEO practices, mobile optimization, and basic accessibility features. Hosting and domain registration are consistent with the business location and sector, indicating a stable digital infrastructure. From a security perspective, the website uses HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers and incident response policies are not evident, suggesting room for improvement in security posture. No vulnerabilities or suspicious activities were detected in the content or technical setup. Overall, the website presents a professional and trustworthy online presence for the hotel business, with moderate tracking and marketing tools in use. Strategic recommendations include enhancing security headers, publishing clear security and incident response policies, and maintaining regular updates to the CMS and plugins to mitigate potential vulnerabilities.

S

STŘÍDA SPORT s. r. o.

stridasport.cz

64

STŘÍDA SPORT s. r. o. operates a specialized retail e-commerce platform focused on hockey equipment, apparel, and accessories primarily serving the Czech and Slovak markets. The company offers a broad product range including skates, goalie gear, sticks, helmets, gloves, protective equipment, bags, and fan apparel. The website supports customer accounts and integrates multiple social media channels to engage its target audience of hockey players and enthusiasts. Technically, the site is built on the PrestaShop CMS platform, utilizing modern web technologies such as jQuery, Google Tag Manager, and Leaflet.js for mapping store locations. The site is mobile-optimized and demonstrates good navigation and content quality. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and policies are missing. The absence of WHOIS registrant data limits full domain trust verification, but the website content and structure indicate a legitimate business. Privacy policy and terms of service are not explicitly found, suggesting room for compliance improvement.

Č

Český svaz ledního hokeje & eSports.cz, s.r.o.

pojdhrathokej.cz

45

The website 'Pojď hrát hokej' is a Czech initiative focused on promoting ice hockey among children and their parents. It organizes events such as 'Týden hokeje' and provides resources to find local hockey clubs and information on equipment. The site is supported by reputable partners including Kaufland and Český hokej, indicating a strong market position within the Czech sports non-profit sector. The business model centers on community engagement and sports promotion rather than commercial sales. Technically, the website employs a modern tech stack including Bootstrap for responsive design, jQuery, Google Tag Manager, Facebook Pixel, and Google Analytics for tracking and marketing. Hosting appears to be managed by REG-ZONER, a Czech registrar and hosting provider. The site is mobile-optimized with good navigation and basic accessibility features, though some SEO and security header enhancements could be made. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policies, incident response contacts, and security.txt files. No critical vulnerabilities or exposed sensitive data were detected. Tracking is moderate, using common analytics and marketing tools. Overall, the website is professional, trustworthy, and safe for general audiences, with a strong focus on sports promotion. Recommendations include improving security headers, publishing security policies, and adding incident response information to enhance trust and compliance.