Security Directory

S

Sächsische Aufbaubank

sn-cz2027.eu

64

The website www.sn-cz2027.eu represents the official Interreg Sachsen - Tschechien 2021-2027 program, a European Union funded initiative supporting cross-border cooperation projects between Saxony (Germany) and the Czech Republic. The site is managed by the Sächsische Aufbaubank and provides comprehensive information, project details, event calendars, and application guidance for stakeholders. The platform targets project applicants, beneficiaries, and interested parties in regional development and cooperation. Technically, the website is built on modern web standards with HTML5, CSS3, JavaScript, and uses Matomo analytics for privacy-conscious visitor tracking. It is mobile optimized and features a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and client-side form validation, though HTTP security headers and incident response information are not visibly published. WHOIS data is unavailable due to EURid privacy policies for .eu domains, which is typical and justified for official entities. Overall, the site is professional, trustworthy, and well-aligned with its governmental and non-profit mission.

A

ASData group s.r.o.

asdata.sk

63

ASData group s.r.o. is a Slovak-based technology service provider specializing in custom web development, e-commerce solutions, mobile applications, and digital marketing services including SEO and PPC. Positioned as a local player in Nitra, Slovakia, the company targets businesses and individuals seeking comprehensive IT and marketing solutions. Their website reflects a professional and consistent brand image with a focus on user experience and clear service offerings. Technically, the site is built on WordPress with the Avada theme, integrating modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag, alongside GDPR-compliant cookie consent mechanisms. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security and incident response policies are not publicly disclosed. Overall, the website demonstrates a mature digital presence suitable for a small technology services firm.

D

Dyn - Handball, Basketball, Tischtennis, Volleyball live streamen und auf Abruf

dyn.sport

64

Dyn Sport is a specialized streaming service offering live broadcasts and highlight coverage of various German and European sports leagues including handball, basketball, volleyball, table tennis, and hockey. The platform targets sports fans interested in these niche markets, providing subscription-based access to live and on-demand content. The website is professionally designed with a consistent brand presence and good content relevance, optimized for mobile devices and featuring modern web technologies such as React and SVG graphics. However, the site lacks visible privacy and cookie policies, as well as explicit contact information, which are important for compliance and user trust. Security headers and detailed security policies are also not evident, indicating room for improvement in security posture. Overall, the domain is privacy protected in WHOIS, which is typical for commercial streaming services, and the website appears legitimate and safe for general audiences.

Mailocator is a Czech-based premium display marketing platform focused on increasing conversions and collecting valuable marketing data through smart widgets and campaigns. Founded in 2016 and operated by Mailnatives s.r.o., it serves e-commerce businesses, content websites, marketing agencies, and developers with a SaaS model offering over 55 integrations with popular email marketing and CRM tools. The website is professionally designed, mobile-optimized, and rich in content, providing clear navigation and comprehensive business information including contact details and case studies. Technically, the site uses modern JavaScript, Google Tag Manager, and asynchronous script loading, hosted by Active24, but lacks some advanced security headers and explicit privacy documentation. Security posture is moderate with HTTPS implied and cookie consent implemented, but no visible security policy or incident response information. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

M

MailPoet

mailpoet.com

68

MailPoet is a well-established email marketing plugin designed specifically for WordPress-powered websites, trusted by over 600,000 sites globally. It offers comprehensive email marketing services including newsletters, post notifications, and WooCommerce marketing automation. The company operates under the parent company Automattic, which adds significant credibility and market presence. The website demonstrates a high level of professionalism with excellent content quality, user experience, and SEO optimization. Technically, it leverages WordPress CMS with modern JavaScript libraries and integrates Google services for analytics and marketing. Security posture is solid with HTTPS and reCAPTCHA usage, though there is room for improvement in security headers and incident response transparency. Privacy compliance is strong, with clear GDPR-aligned policies and cookie consent mechanisms. Overall, MailPoet presents a trustworthy and mature digital presence suitable for its target audience of WordPress site owners and marketers.

R

Red Stag Casino

go2redstag.com

49

Red Stag Casino operates as an online gambling platform offering over 200 casino games, exclusive bonuses, and VIP-level customer support. The website targets adult users interested in online casino gaming and positions itself as a niche operator with a focus on user engagement and loyalty programs. The business model revolves around online gaming revenue through player deposits and bonuses. The site branding is consistent and professional, with clear navigation and a focus on gaming content.

M

Mluvím Anglicky s.r.o.

mluvim-anglicky.cz

51

Mluvím Anglicky s.r.o. is a Czech language school specializing in English language education, offering tailored individual and corporate lessons both onsite across the Czech Republic and online. The company positions itself as a modern, high-quality language school with a team of experienced Czech-speaking and native English-speaking instructors. The website reflects a professional and trustworthy business with strong client testimonials and membership in the Czech Association of Language Schools. Technically, the website is well-built using modern web technologies, hosted on Netlify, and optimized for mobile and SEO. Security posture is good with HTTPS and secure form handling, though it lacks some security headers and explicit GDPR compliance mechanisms such as cookie consent. The domain registration data is consistent with the business profile, indicating legitimacy. Overall, the website presents a credible, professional educational service with room for improvement in privacy and security policy transparency.

VAPC is a small, established language school and translation agency based in Rokycany, Czech Republic, operating since 1999. The company offers a broad range of language courses including English, German, Italian, French, Russian, and Czech for foreigners, alongside translation and interpreting services in over 80 languages. It also serves as an authorized testing center and provides corporate and individual language training. The website reflects a professional and consistent brand with good content quality and clear navigation, targeting individuals and businesses in the local region. Technically, the site uses older JavaScript libraries and lacks modern security headers, which presents some security risks. Privacy and cookie policies are absent, indicating compliance gaps with GDPR and related regulations. The site integrates Google Analytics and Facebook SDK for tracking and marketing purposes. Overall, the domain registration data is consistent with the business claims, supporting legitimacy and trustworthiness.

G

Glossa, s.r.o.

glossa.cz

45

Glossa, s.r.o. operates as a language school based in Prague, Czech Republic, offering a variety of language courses and corporate training services. The website presents a professional and consistent brand image, targeting individuals and businesses seeking language education. The business model focuses on educational services with a local market presence. Technically, the website is built on WordPress with performance optimizations via WP Rocket, and it employs modern web technologies and tracking tools such as Google Tag Manager and Facebook Pixel. Security posture is solid with HTTPS and security headers implemented, though there is room for improvement in publishing explicit security policies and incident response information. Privacy compliance is well addressed with GDPR-aligned privacy and cookie policies and a visible data protection officer contact. Overall, the website is safe, accessible, and trustworthy, though the absence of WHOIS data slightly impacts domain trustworthiness.

J

Junák – český skaut, Tiskové a distribuční centrum, z. s.

skautskaenergie.cz

52

Skautská energie is a Czech non-profit energy collective operated by Junák – český skaut, providing advantageous electricity and gas prices through collective auctions. The website is professionally designed, mobile-optimized, and rich in relevant content including news, testimonials, and partner information. The technical infrastructure leverages modern CMS (Solidpixels), Google Tag Manager, and customer engagement tools like Mluvii chat. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. WHOIS data is unavailable, which slightly impacts trust but the business legitimacy is supported by transparent information and active community engagement. Overall, the site presents a trustworthy and well-maintained digital presence for its energy collective services.

B

Beyond Pixels

beyondpixels.at

50

Beyond Pixels is a small Austrian media website focused on entertainment content including games, movies, TV, hardware, manga, and related news. The site provides daily updates, reviews, tests, and giveaways targeting a general audience interested in various entertainment forms. Technically, the website is built on WordPress, using standard web technologies such as PHP, JavaScript, and CSS. The site is moderately optimized for performance and mobile devices, with good SEO practices evident from meta tags and canonical links. Security posture is basic with HTTPS enabled but lacks advanced security headers and explicit incident response or vulnerability disclosure information. Privacy compliance is partial with a cookie consent mechanism present but no visible privacy policy or terms of service pages. WHOIS data is unavailable due to NIC.AT restrictions, limiting domain registration transparency. Overall, the website is functional and professional but could improve in security and compliance areas to enhance trust and protection.

H

Hermes LabSystems, s. r. o.

hermeslab.sk

57

Hermes LabSystems, s. r. o. is a Slovak-based supplier specializing in advanced laboratory solutions across analytical chemistry, molecular biology, diagnostics, and related fields. The company partners with leading global manufacturers to provide instruments, consumables, and services including metrology and accredited calibration. Their website reflects a professional B2B model targeting laboratories and research institutions, with a clear focus on quality and comprehensive product offerings. Technically, the website uses standard web technologies such as HTML5, CSS3, and jQuery, with moderate performance and good mobile optimization. However, there is a lack of privacy and cookie policies, and no visible security headers, indicating room for improvement in compliance and security posture. The site is fully accessible without WAF or blocking mechanisms, and contact information is clearly presented. Overall, the website demonstrates a solid business presence with trustworthy certifications but would benefit from enhanced security and privacy practices.

N

Natures

natures.sk

56

Natures.sk is a Slovak-based e-commerce website specializing in the sale of beta-glucan health supplements and related cosmetic products. The company targets consumers interested in natural health products for adults, children, and animals. The website is built on the Shoptet e-commerce platform and integrates multiple marketing and analytics tools such as Google Analytics, Facebook SDK, and Smartlook. It demonstrates a good level of digital maturity with responsive design, clear navigation, and professional branding. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved and no explicit security policy or incident response contacts are published. Overall, the site is trustworthy and compliant with GDPR, offering clear privacy and terms of service documentation.

Chemistry Europe, hosted on the Wiley Online Library platform, is a reputable scholarly publishing association representing 16 chemical societies across 15 European countries. It offers a broad portfolio of high-quality chemistry journals, including open access options, targeting researchers and academics globally. The website demonstrates a mature digital infrastructure with modern technologies, strong privacy and cookie consent mechanisms, and professional content presentation. Security posture is robust with HTTPS enforcement and consent management, though explicit security headers could be further confirmed. The absence of WHOIS data for the subdomain is mitigated by the strong brand association with Wiley, a globally recognized publisher. Overall, the platform is trustworthy, well-maintained, and compliant with privacy regulations.

The website opvai.sk represents the official Slovak government operational program for Research and Innovation (OPII). It serves as a platform to provide information, updates, and support related to funding from European structural and investment funds. The site is managed jointly by the Ministry of Education, Science, Research and Sport of the Slovak Republic and the Ministry of Economy of the Slovak Republic, targeting research institutions, businesses, and stakeholders in innovation. The content is well-structured, regularly updated, and includes calls for proposals, news, and program documentation. Technically, the website uses a traditional web stack including HTML5, CSS, JavaScript with jQuery, and Bootstrap for responsive design. It integrates Google Fonts and Google Analytics for tracking. The site is mobile-optimized with good navigation clarity and professional design. However, some technologies like jQuery 1.11.3 are outdated, and there is no explicit CMS detected, suggesting a custom or proprietary solution. From a security perspective, the site uses HTTPS and implements a cookie consent banner, indicating basic privacy compliance. However, it lacks visible security headers, a published security policy, or vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected, but improvements in security best practices are recommended. Overall, the website is a credible and trustworthy government resource with a moderate to good security posture and solid business credibility. It effectively serves its audience with relevant content and clear contact information, though enhancements in privacy and security transparency would strengthen its compliance and trustworthiness.

S

Superbude

superbude.com

72

Superbude operates as a boutique hotel and hostel chain with locations in Hamburg and Vienna, targeting travelers seeking affordable and design-oriented accommodations. The website presents a professional and user-friendly interface with clear branding and multilingual support. The business model focuses on hospitality services with online booking capabilities. Technically, the site employs modern JavaScript libraries, cookie consent management via Cookiebot, and Google Tag Manager for analytics and marketing. Performance and mobile optimization are good, though accessibility could be improved. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place; however, security headers and explicit security policies are lacking. The absence of WHOIS data reduces transparency and trust slightly, but the overall presentation and compliance with GDPR through privacy and cookie policies are positive indicators. Contact information is not explicitly provided, which may affect user trust and business credibility. Strategic improvements include enhancing security headers, publishing incident response information, and providing clearer contact details.

T

The Code Agency

thecodeagency.de

51

The Code Agency operates premium live escape rooms and outdoor escape games primarily in Düsseldorf with an additional location in Hamburg. Their offerings include immersive adventure missions, interactive crime games for home, and a café/bar facility, targeting a broad audience including families, friends, corporate teams, and students. The company enjoys a strong market position supported by multiple awards and excellent customer reviews on platforms like Google, ProvenExpert, and TripAdvisor. Technically, the website is built on TYPO3 CMS with modern JavaScript integrations and asynchronous tracking scripts, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and secure form handling, though improvements are recommended in security headers and incident response transparency. Privacy compliance is adequate with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and well-structured, supporting the company's business credibility effectively.

S

Sparkasse Osterode am Harz

sparkasse-osterode.de

70

Sparkasse Osterode am Harz operates as a regional savings bank in Germany, providing a broad range of financial services including retail banking, corporate banking, investment products, insurance, and real estate financing. The website targets both private and corporate customers, offering secure online banking and comprehensive product information. The bank maintains a strong regional presence with consistent branding and a professional digital interface. Technically, the website is built on Adobe Experience Manager CMS, featuring modern web technologies, good mobile optimization, and accessibility compliance. Security posture is solid with HTTPS enforcement, session management, and cookie consent mechanisms, although explicit security policies and incident response contacts are not published. The domain registration data aligns well with the business, indicating legitimacy and trustworthiness. Overall, the website demonstrates a mature digital presence suitable for a financial institution.

O

OREDO s.r.o.

oredo.cz

54

OREDO s.r.o. is a regional public transport integrator owned by the Hradec Králové and Pardubice regions in the Czech Republic. The company manages the integrated tariff system IREDO, which allows passengers to travel across buses and trains in these regions using a single ticket. The website provides basic information about the company, contact details, and links to the IREDO tariff system. The business model focuses on public transport organization and tariff integration within a defined geographic area, targeting local residents and travelers. Technically, the website uses older JavaScript libraries such as jQuery 1.8.16 and jQuery UI, indicating some technical debt and potential modernization needs. The site lacks modern SEO and accessibility features and does not show evidence of a CMS or advanced frameworks. Performance appears moderate, with basic mobile optimization and limited interactive elements. No analytics or tracking scripts were detected, suggesting minimal user tracking. From a security perspective, the website lacks visible HTTPS enforcement and security headers, which are critical for protecting user data and ensuring secure communications. No privacy or cookie policies are present, which is a compliance gap given GDPR requirements in the EU. The absence of WHOIS data reduces domain trustworthiness, although the website content and contact information align with a legitimate regional public transport entity. No forms or incident response contacts were found, limiting the ability to report security issues. Overall, the website is functional but basic, with significant room for improvement in security posture, privacy compliance, and technical modernization. Strategic recommendations include implementing HTTPS with HSTS, adding security headers, publishing privacy and cookie policies, updating technical libraries, and verifying domain registration details to enhance trust and compliance.

B

BAYERN CENTER s.r.o.

bayerncenter.sk

46

BAYERN CENTER s.r.o. is a professional automotive service company based in Bratislava, Slovakia, operating since 2003. It is part of the global Bosch Car Service network, offering a wide range of vehicle maintenance and repair services including inspections, diagnostics, electronics servicing, air conditioning, brake and engine services, and tire services. The company targets individual vehicle owners and fleet operators, emphasizing quality, original parts, and maintaining warranty compliance. The website reflects a well-established local business with consistent branding and clear service offerings. Technically, the website uses standard web technologies with moderate performance and good mobile optimization. However, it lacks advanced security headers and cookie consent mechanisms, which are recommended for compliance and security. The security posture is adequate but could be improved by publishing security policies and incident response contacts. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

D

Doprastav, a.s.

doprastav.sk

56

Doprastav, a.s. is a well-established Slovak construction company with over 70 years of history, specializing in infrastructure projects such as roads, highways, railways, bridges, and water management structures. The company operates primarily in Slovakia and the Czech Republic, with some international activities. Their website reflects a professional corporate presence with clear branding, certifications, and compliance information. Technically, the site uses modern web technologies including Bootstrap and JavaScript libraries, providing a responsive and user-friendly experience. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers and incident response details are missing. Overall, the site is trustworthy and compliant with GDPR, but could improve transparency by adding direct contact information and vulnerability disclosure mechanisms.

D

dm drogerie markt

mojadm.sk

65

dm drogerie markt operates a comprehensive online drugstore platform in Slovakia, offering a wide range of cosmetic, health, and household products with convenient delivery and store pickup options. The website reflects a strong market position as a leading retail chain with a well-established brand and customer loyalty programs. Technically, the site employs modern web technologies, including advanced JavaScript frameworks and a robust consent management platform, ensuring a responsive and accessible user experience across devices. Security measures are well implemented with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts could enhance trust further. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility, suitable for its large-scale retail operations.

E

EcoLED Solutions

ecoledsol.sk

38

EcoLED Solutions is a Slovak company specializing in comprehensive LED lighting solutions for public and industrial sectors, focusing on energy savings and modern LED technologies. The company emphasizes cost reduction in lighting operations and offers financing options for lighting projects. The website reflects a small-sized business with a clear market position as a leader in eco-friendly LED lighting solutions within Slovakia. The site content is primarily in Slovak and targets local municipalities and industrial clients. Technically, the website uses a traditional tech stack including HTML, CSS, JavaScript with older libraries such as jQuery 1.10.2, Prototype.js, and Scriptaculous.js. Google Analytics is integrated for user tracking, but there is no visible cookie consent mechanism. The site is served over HTTPS with DNSSEC enabled, indicating a good baseline security configuration. However, the use of outdated JavaScript libraries and absence of security headers represent potential security risks. From a security perspective, the website shows strengths such as HTTPS and DNSSEC but lacks critical security headers and updated libraries. There is no visible privacy or cookie policy, which impacts GDPR compliance. Contact information is minimal, with only an email found in meta tags, and no incident response or security contact details are provided. Certifications ISO 9001 and ISO 14001 are displayed, enhancing trustworthiness. Overall, the website is functional and moderately professional but requires improvements in privacy compliance, security best practices, and user contact accessibility to enhance trust and security posture. The domain WHOIS data supports legitimacy with consistent registration details and appropriate domain age.

Slovenská pošta, a.s. is the national postal operator of Slovakia, providing reliable and accessible postal, payment, distribution, and state services to citizens, businesses, and e-shops. The company holds a strong market position as a key player in transportation and logistics within Slovakia, offering a broad range of services including express delivery, parcel shipping, letter services, and business solutions tailored for e-commerce. The website reflects a mature digital presence with a modern React-based infrastructure, good mobile optimization, and clear navigation, supporting a positive user experience. Security measures such as HTTPS and security headers are properly implemented, although explicit security policies and incident response information are not publicly detailed. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms in place. Overall, the website demonstrates high professionalism, trustworthiness, and business credibility, supporting the company's established reputation in the Slovak market.

G

Sign in - Matomo

gem-stats.de

59

The website gem-stats.de is a Matomo analytics platform login page, providing a free and open-source web analytics service. It primarily serves website administrators or analytics users who want to access detailed visitor data. The platform is positioned as a privacy-focused alternative to other analytics services, emphasizing data control and compliance. The site content is minimal, focusing on user authentication and analytics configuration rather than public-facing business information. Technically, the site uses the Matomo platform with JavaScript and PHP, hosted on cloudpit infrastructure, and enforces HTTPS for secure communications. Security posture is adequate with no exposed sensitive data or vulnerabilities detected in the provided content, though security headers could be improved. Privacy compliance is limited on this page, with no visible privacy or cookie policies or contact information, which may be available elsewhere on the full site. Overall, the site is functional and secure for its purpose but lacks public business transparency and detailed compliance disclosures on this page.

N

Národní síť Zdravých měst ČR

dobrapraxe.cz

46

Dobrá praxe is a Czech non-profit portal managed by the Národní síť Zdravých měst ČR, focusing on collecting and sharing good practices and inspirations related to quality of life, health, and sustainable development. The website targets municipal representatives and the general public interested in sustainable urban and regional development. It offers a database of good practices, video content, and an annual competition to promote exemplary initiatives. The domain has been registered since 2006, indicating a mature and stable presence in its niche. Technically, the site uses modern web technologies including jQuery, Google Analytics, and Google Tag Manager, hosted by WEDOS, a Czech hosting provider. The site is mobile-optimized and well-structured, providing a good user experience.

R

Rohan City Penthouses

rohancitypenthouses.cz

51

Rohan City Penthouses is a luxury real estate project focused on selling exclusive penthouses located in the Diamanty Karlín residential buildings on Rohanský Island in Prague. The website presents a high-end real estate offering with a strong emphasis on architectural design, premium living spaces, and spectacular views. The business targets affluent buyers seeking luxury housing in Prague, positioning itself in a niche market segment. The website is built on the Tilda CMS platform, leveraging modern web technologies and tracking tools such as Google Tag Manager and Facebook Pixel for marketing and analytics purposes. The site is mobile-optimized and provides a visually appealing user experience, although it lacks some critical compliance documents such as privacy policy and terms of service. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and explicit security policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Recommendations include enhancing privacy compliance, adding contact information, and improving security headers to strengthen trust and compliance.

B

BEALIO

bealio.cz

55

BEALIO is a Czech Republic-based e-commerce retailer specializing in silver and gold jewelry, offering a wide range of products including rings, earrings, pendants, and bracelets for women, men, and children. The website presents a professional and user-friendly interface with clear navigation and comprehensive product categorization. The business emphasizes quality craftsmanship and personalized customer service, positioning itself as a niche player in the jewelry retail market. Technically, the website leverages modern web technologies including the Shoptet e-commerce platform, Google Analytics, and Microsoft Clarity for analytics, and employs CDN services for content delivery. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. The absence of WHOIS domain registration data reduces transparency but does not detract from the overall legitimacy of the business. Privacy compliance is well addressed with GDPR-aligned policies and consent banners. Overall, the website is a trustworthy and professional online jewelry store serving the Czech market.

B

BlueWinston

bluewinston.sk

65

BlueWinston is a Slovakia-based technology company specializing in automated PPC product advertising campaigns, primarily for Google Ads and Microsoft Ads platforms. Their SaaS solution enables e-commerce businesses to quickly create and optimize product search ads and shopping campaigns using XML feeds and AI-powered tools. The company positions itself as a niche player offering advanced automation and optimization features, including AI bidding and keyword generation, targeting online retailers and advertisers seeking efficiency and performance improvements. Technically, the website is built on WordPress with a modern tech stack including Avada theme, various JavaScript libraries, and integrations with major analytics and marketing platforms. The site demonstrates good SEO and mobile optimization, though some accessibility features could be enhanced. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, but explicit security and privacy policies are lacking. Overall, the business appears legitimate and professional with consistent WHOIS data and a clear market focus. Strategic recommendations include adding comprehensive privacy and terms of service pages, implementing a security.txt file, and enhancing incident response transparency to improve trust and compliance.

E

EcoLED Solutions

ecoledsolutions.sk

40

EcoLED Solutions is a Slovak company specializing in comprehensive LED lighting solutions for public and industrial sectors, focusing on cost savings and modern energy-efficient technologies. The company positions itself as a leader in eco-friendly LED lighting in Slovakia, offering services including LED fixtures, lighting control systems, and project financing. The website content is primarily in Slovak and targets local municipalities and industrial clients. Technically, the website uses traditional web technologies including HTML, CSS, JavaScript with older libraries such as jQuery 1.10.2, Prototype.js, and Scriptaculous. The site is served over HTTPS with DNSSEC enabled, indicating a good baseline security posture. However, the absence of modern security headers and use of outdated JavaScript libraries present potential vulnerabilities. The site lacks visible privacy and cookie policies, which impacts GDPR compliance and user trust. No contact phone numbers or social media links are explicitly provided, limiting direct communication channels. Certifications such as ISO 9001 and ISO 14001 are prominently displayed, enhancing trust and credibility. Overall, the website is functional but basic in design and content quality, with moderate technical implementation and security posture.

S

Sdružení tajemníků městských a obecních úřadů ČR, z. s.

tajemnici.cz

57

Sdružení tajemníků městských a obecních úřadů ČR, z. s. is a professional association representing over 500 secretaries of municipal and city offices in the Czech Republic. The organization focuses on professional development, knowledge exchange, and supporting effective public administration. It offers accredited educational seminars, conferences, and training, and actively participates in advisory bodies of various Czech government ministries. The website is well-structured, professionally designed, and provides comprehensive information about membership, events, and organizational bodies. Technically, the website uses a modern CMS (Vismo6), integrates Google services such as Analytics, Tag Manager, reCAPTCHA v3, and Google Translate. It is served over HTTPS with good security practices, although some security headers are missing. The site is mobile-optimized and accessible, with clear navigation and relevant metadata for SEO. From a security perspective, the site demonstrates a solid baseline with HTTPS and bot protection but lacks explicit security policies and incident response contacts. The absence of WHOIS data reduces trustworthiness assessment, but the professional presentation and external partnerships support legitimacy. Privacy compliance is addressed with cookie consent and a privacy policy. Overall, the site is a credible, professional platform for a government-related non-profit association, with recommendations to enhance security headers and publish security policies to improve trust and compliance.

M

Mailnatives s.r.o.

maileon.cz

49

Maileon.cz is a Czech Republic-based email marketing platform operated by Mailnatives s.r.o., founded in 2016. The company offers a professional SaaS solution for managing email campaigns and transactional emails, focusing on intelligent emailing with features such as segmentation, automation, tracking, and API integration. The website presents a professional and consistent brand image targeting businesses and marketing professionals in the Czech and CEE regions. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and jQuery, with embedded YouTube video content. While the site is mobile optimized and accessible, some technical aspects such as the use of an outdated jQuery version and lack of visible security headers suggest room for improvement. Security posture is moderate with no critical vulnerabilities detected but lacking explicit security policies and headers. Privacy compliance is weak due to the absence of privacy and cookie policies despite GDPR badges displayed. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy and security documentation to improve compliance and user trust.

G

G SERVIS

gservis.cz

71

G SERVIS is a Czech Republic based company specializing in architectural project design for family houses and civil buildings. The company positions itself as a market leader in the Czech family house project design sector, offering a wide range of services including project design, professional services for developers, project modifications, consultations, and an online house configurator. The website is professionally designed, mobile optimized, and provides clear navigation and relevant content targeting individuals and developers interested in residential construction projects. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, SVG, and integrates Google Tag Manager, Smartsupp Chat, and CookieHub for analytics, chat support, and cookie consent management respectively. Security posture is good with HTTPS enabled and cookie consent implemented, but lacks visible security headers and explicit security policies. WHOIS data is unavailable, indicating privacy protection which slightly reduces transparency but is common for business domains. Overall, the website is trustworthy, professional, and well-positioned in its market niche.

V

Vzdělávání lékařů

vzdelavanilekaru.cz

75

The website 'Vzdělávání lékařů' serves as an educational platform primarily targeting medical professionals in the Czech Republic. It is associated with the Czech Medical Chamber and offers online courses and continuing professional development resources. The platform uses modern web technologies including Vue.js and Vuetify, and integrates third-party services such as Google reCAPTCHA and Zoom for enhanced functionality. The domain is registered with REG-ZONER since 2020, consistent with the platform's profile as a relatively new educational service. Security measures include HTTPS and a Content-Security-Policy header, though additional security headers could improve the overall posture. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Contact information is minimal, with no explicit emails or phone numbers found in the content. Overall, the site is professionally designed, mobile-optimized, and trustworthy for its intended audience.

EscapeDiem is a specialized live escape room provider based in Hamburg, Germany, offering immersive and professionally designed escape room experiences. The company holds a strong market position locally, supported by multiple awards and a top Tripadvisor ranking. Their target audience includes friends, families, and teams seeking entertainment and team-building activities. Technically, the website is built on a modern stack using UIkit and ProcessWire CMS, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and published security policies. Privacy compliance is basic with visible cookie consent and privacy policy, but no explicit data protection officer or incident response contacts. Overall, the website is professional, trustworthy, and content-rich, supporting the business's credibility and customer engagement.

HarzGames Live Adventures operates as a small hospitality entertainment business specializing in live escape rooms and virtual reality experiences located in Wernigerode, Germany. The company offers multiroom escape adventures and VR games targeting general audiences including families and team-building groups. Their market position is regional with a focus on unique, immersive entertainment in the Harz region. Technically, the website is built on a modern JavaScript stack with integrations for booking (Quinbook), analytics (Google Analytics), and error monitoring (Sentry). The site is hosted by 1&1 IONOS and uses HTTPS with good SSL configuration. Security posture is adequate but could be improved by adding security headers and publishing formal privacy and terms policies. The site includes a cookie consent mechanism compliant with GDPR principles but lacks a dedicated privacy policy page. Contact information is clearly presented and verified via structured data. Overall, the website is professional, user-friendly, and trustworthy with moderate technical maturity and compliance gaps.

S

SATJAM, s.r.o.

satjam.sk

57

SATJAM, s.r.o. is a medium-sized manufacturing company specializing in metal roofing products and accessories, serving primarily the Slovak and Czech markets. The company emphasizes quality Czech manufacturing standards and offers a broad product portfolio including steel and aluminum roof coverings, trapezoidal sheets, and roofing accessories. Their website reflects a professional digital presence with clear navigation, mobile optimization, and integration of marketing and analytics tools. However, the absence of a dedicated privacy policy and terms of service pages indicates room for improvement in compliance and transparency. Security posture is solid with HTTPS and cookie consent mechanisms, but could be enhanced with additional security headers and published security policies. Overall, the website supports the company's market position as a trusted regional player with recognized certifications and active customer engagement.

R

Red Stag Casino

redstagcasino.eu

56

Red Stag Casino operates as an online gambling platform offering over 200 games, exclusive bonuses, and VIP-level support. The website targets adult users interested in online casino gaming and positions itself as a niche player with a focus on customer experience and exclusive offers. The business model revolves around online gambling services with a VIP customer support approach. The site content and branding are consistent and professionally presented, catering to an adult audience with gambling interests. Technically, the website employs modern web technologies including Bootstrap 5 for responsive design and Matomo for analytics and tracking. The site is well-optimized for mobile devices and includes standard SEO and accessibility features, though accessibility could be improved. The infrastructure appears stable with no signs of blocking or WAF interference, and the site uses HTTPS with appropriate security headers, indicating a good security posture. Security-wise, the site implements HTTPS and several security headers, and maintains a security policy page. However, it lacks a public vulnerability disclosure policy and incident response contact details, which are recommended for enhanced transparency and security readiness. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is supported by comprehensive privacy and cookie policies with GDPR considerations. Overall, the site presents a moderate risk profile typical for online gambling platforms. The lack of WHOIS registrant transparency due to privacy protection is common in this industry but slightly reduces trust. Strategic recommendations include adding a vulnerability disclosure policy, improving incident response contact visibility, and enhancing accessibility features to strengthen compliance and user trust.

exe.cute is a small Swiss-based full-stack development and design service provider, operated by Marina, a passionate developer focused on delivering robust and aesthetically pleasing web applications. The website serves as a professional portfolio showcasing key services such as custom development, design identity, and consulting. The business model is service-oriented with a personal and artisanal approach, targeting individuals and businesses seeking tailored digital solutions. Technically, the site uses modern technologies including Angular and Tailwind CSS, providing a responsive and visually appealing user experience. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal policies, representing areas for improvement. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from enhanced compliance and security practices.

S

Stephen Pelling

stephenpelling.com

49

Stephen Pelling's website serves as a professional portfolio showcasing his work as a creative art director, designer, and musician based in London. The site highlights various projects spanning from 2017 to 2021, targeting a general audience interested in creative arts and design. The business model is personal branding and portfolio presentation, with no e-commerce or direct sales functionality. The website is hosted on Cargo Collective and registered via GoDaddy, reflecting a small-scale, niche creative professional presence. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and jQuery, with templating via Handlebars.js. It is mobile optimized and performs moderately well, though it lacks advanced SEO and accessibility features. Hosting and domain registration are consistent and appropriate for the site's scope. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which are recommended for improved protection. No privacy, cookie, or terms of service policies are present, indicating gaps in compliance with GDPR and other privacy regulations. No incident response or vulnerability disclosure information is provided, limiting transparency in security matters. Overall, the website is professional and functional as a portfolio but would benefit from enhanced security measures, privacy compliance documentation, and clearer contact information to improve trust and regulatory adherence.

Y

YIT Česká republika

yit.cz

75

YIT Česká republika is a large real estate developer specializing in new residential projects primarily in Prague and Kladno. The company is part of the Finnish YIT Corporation with a long-standing tradition in property development. Their website reflects a professional and modern digital presence, featuring comprehensive cookie consent management and integration with multiple advertising and analytics platforms. The site is well-optimized for mobile and SEO, providing a good user experience for prospective home buyers. Security posture is strong with HTTPS and consent mechanisms, though some security headers and explicit policies could be improved. WHOIS data is unavailable due to CZ NIC registry policies, but the domain and website appear legitimate and consistent with the business profile.

The website hk8.sk represents the Združenie hlavných kontrolórov samosprávnych krajov SR (HK8), a Slovak professional association for chief controllers of self-governing regions. The organization focuses on enhancing the expertise and effectiveness of control activities within local government, supporting professional development, legislative advocacy, and cooperation with similar institutions domestically and internationally. The site content is primarily informational, targeting professionals in Slovak regional government oversight. The business model is membership-based, funded by contributions from regular and honorary members, positioning HK8 as a niche professional association within the Slovak government sector. Technically, the website is built using static HTML generated by Artisteer, with CSS and jQuery for styling and interactivity. Hosting appears to be provided by Websupport, inferred from the nameservers. The site demonstrates basic mobile responsiveness and accessibility but lacks advanced SEO and performance optimizations. No analytics or tracking technologies are detected, indicating minimal user tracking. From a security perspective, the domain benefits from DNSSEC, indicating a commitment to DNS integrity. However, the website lacks visible HTTPS confirmation in the provided data, security headers, and privacy or cookie policies, which are critical for GDPR compliance and user trust. No forms or contact mechanisms are present to facilitate incident reporting or user communication. These gaps suggest a moderate security posture with room for significant improvement. Overall, the website is functional and serves its informational purpose but requires enhancements in security, privacy compliance, and user engagement features to improve trustworthiness and regulatory adherence.

Ú

Únia miest Slovenska

uniamiest.sk

53

Únia miest Slovenska is a Slovak non-profit organization advocating for democracy, public administration reform, and European integration with a focus on strengthening cities. The website is built on the Wix platform, leveraging standard Wix technologies and scripts, and presents a professional design with good content relevance. However, it lacks critical privacy and cookie policies, contact information, and security headers, which are important for compliance and trust. The security posture is moderate with HTTPS enabled and some security hardening scripts but could be improved with additional headers and policies. Overall, the website is legitimate and consistent with the organization's mission but requires enhancements in privacy compliance and security transparency.

O

Ordem dos Engenheiros

ordemdosengenheiros.pt

60

Ordem dos Engenheiros is the official professional association for engineers in Portugal, providing a comprehensive range of services including membership management, professional certifications, training, events, and advocacy. The website serves as a central hub for engineering professionals and students, offering access to news, events, job boards, and regulatory information. The organization holds a leading position in the Portuguese engineering sector with a strong focus on professional development and international cooperation. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, Google Tag Manager, and YouTube APIs, delivering a good user experience with responsive design and clear navigation. Security posture is solid with HTTPS enforced and basic security headers present, though there is room for improvement in adding advanced security headers and incident response disclosures. Privacy compliance is limited due to the absence of explicit privacy and cookie policies, which should be addressed to meet GDPR requirements fully. Overall, the site is professional, trustworthy, and well-maintained, serving its target audience effectively.

C

Contabo

contabo.com

65

Contabo GmbH is a Germany-based cloud and dedicated server hosting provider established in 2003, offering affordable VPS and bare metal servers across multiple global regions. The company positions itself as a cost-effective hosting solution with a strong uptime record and award-winning customer support. The website reflects a mature digital presence with good content quality and consistent branding. Technically, the site employs modern JavaScript libraries and tracking tools, including Google Tag Manager, LinkedIn Insight, and Bing Ads, supported by a cookie consent mechanism. Security posture is adequate with HTTPS enabled and domain transfer protection, though DNSSEC is not enabled and security headers are not evident in the provided data. The WHOIS data aligns well with the business claims, indicating legitimacy and stable domain ownership. However, the absence of explicit privacy and terms of service policies in the analyzed content suggests room for improvement in privacy compliance. Overall, the website is professional, trustworthy, and serves its target audience effectively.

Megafyt Pharma s.r.o. is a Czech-based company specializing in the production and sale of high-quality herbal teas, phytopharmaceuticals, and related products primarily distributed through pharmacies. The website targets consumers interested in natural health products, offering a comprehensive catalog including medicinal teas, children's teas, wellbeing products, and limited edition collections. The company maintains a consistent brand presence with clear contact information and active social media channels, positioning itself as a trusted player in the Czech and Slovak herbal healthcare market. Technically, the website employs a custom or proprietary CMS platform with JavaScript and jQuery libraries, integrates Google Analytics for visitor tracking, and uses Google reCAPTCHA for form security. The site is mobile-optimized with good navigation and SEO practices, although some accessibility features are basic. Cookie consent is implemented with a granular mechanism, supporting GDPR compliance to some extent. From a security perspective, the site uses HTTPS and has implemented cookie consent and reCAPTCHA, but lacks visible security headers such as CSP or HSTS. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a privacy policy and terms of service pages, along with missing WHOIS registration data, reduces overall trustworthiness and compliance posture. Overall, the website is professional and trustworthy in content and business presentation but would benefit from enhanced security headers, explicit privacy and legal policies, and resolution of WHOIS data issues to improve domain legitimacy and compliance.

xAI is a technology company specializing in advanced artificial intelligence models and services, including the Grok AI models and API access. The company positions itself as an innovator in AI with a mission to advance scientific discovery and deepen understanding of the universe. Their business model includes subscription tiers such as SuperGrok and API offerings targeting developers and AI enthusiasts. The website reflects a medium-sized enterprise with a professional and consistent brand presence, supported by partnerships with major investors and a clear product roadmap. Technically, the site is built on a modern React and Next.js stack, hosted on Cloudflare, offering moderate performance and good mobile optimization. Security posture is generally good with HTTPS enforced and domain transfer protections, but lacks DNSSEC and some security headers. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Contact information is limited to a contact form, with no direct emails or phone numbers publicly listed. Overall, the website is trustworthy and professional, with room for improvement in security and privacy transparency.

A

ALBIXON a.s.

powderpaintplant.com

50

ALBIXON a.s. operates a specialized powder coating plant in the Czech Republic, offering advanced surface treatment and decorating services primarily for industrial clients. The company emphasizes high-quality coatings certified by GSB International and Qualicoat, leveraging modern automated technology and an experienced workforce. Their market position is that of a significant European player in powder coating with a focus on quality, speed, and eco-friendly operations. Technically, the website is built with modern front-end technologies including Bootstrap and lazy loading libraries, providing a good user experience and mobile optimization. However, the absence of explicit privacy and terms of service pages, lack of contact information, and missing WHOIS data reduce transparency and trust. Security posture is moderate with HTTPS implied but no visible security headers or incident response information. Overall, the website is professional and content-rich but would benefit from enhanced compliance and security disclosures.

Editura AGIR is a Romanian publishing house specializing in engineering and technical literature, offering a range of books, magazines, bulletins, and scientific communications. The website provides detailed information about publications, procurement, collaboration, and terminological resources, targeting engineers, academics, and technical professionals. The business operates with a small-sized model focused on niche educational content. Technically, the website uses basic HTML, CSS, and JavaScript with Facebook SDK integration and Google Analytics for traffic monitoring. The hosting is provided by CYBER_FOLKS S.R.L., a reputable Romanian registrar. Security posture is moderate with no DNSSEC and missing security headers, and privacy compliance is weak due to absence of privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional but could benefit from modernization and improved security and privacy practices.

Fair Go Casino is an Australian-focused online gambling affiliate platform operated by Deckmedia, offering a variety of casino games, promotions, and bonuses targeting Australian players. The website is designed with mobile optimization and provides multiple payment options including Bitcoin, Neosurf, and POLi. Technically, the site uses modern HTML5 and JavaScript technologies with Microsoft Clarity for analytics, hosted behind Cloudflare DNS. Security posture is moderate with HTTPS enabled but lacks DNSSEC and explicit security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Business credibility is supported by Curacao licensing and CDS certification, though direct company contact emails are not published. Overall, the site is functional and trustworthy as an affiliate platform but could improve security and privacy practices.