Security Directory

J

JIP Východočeská a.s.

jip-potraviny.cz

54

JIP Východočeská a.s. operates a comprehensive food supply business serving both gastronomy professionals and the general public across the Czech Republic. The company maintains a strong nationwide presence with wholesale and retail outlets, supported by its own distribution network. Their website reflects a professional and well-branded digital presence, offering clear navigation and relevant content tailored to their target audiences including B2B partners and retail customers. The business model focuses on wholesale supply, retail sales, and customer loyalty programs, positioning JIP as a key player in the Czech food retail and hospitality sectors. Technically, the website is built on WordPress with modern SEO practices via the Yoast plugin. It demonstrates good mobile optimization and accessibility, though performance is moderate. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks some advanced security headers and explicit incident response information. The absence of WHOIS data limits full trust verification, but the site’s content and business information appear legitimate and consistent. Security-wise, the site shows good baseline practices but could improve by adding security headers and publishing a vulnerability disclosure policy. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR. Overall, the site is trustworthy and professional, though domain registration transparency should be verified to enhance legitimacy. Strategically, JIP should focus on enhancing security transparency and verifying domain registration details to strengthen trust. Continued investment in digital maturity and compliance will support their market position and customer confidence.

A

Alpiro s.r.o.

alpiro.cz

57

Alpiro s.r.o. is a Czech-based company specializing in the sale and issuance of SSL certificates for web servers, offering a broad portfolio including standard, EV, multidomain, wildcard, code-signing, document-signing, and S/MIME certificates. The company targets web administrators and businesses seeking reliable encryption solutions, positioning itself as a trusted local provider with competitive pricing and a strong emphasis on customer satisfaction, including a 30-day money-back guarantee. The website is professionally designed, content-rich, and primarily in Czech, reflecting a focused regional market approach. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, and jQuery 1.8.0, with Google Analytics integrated for visitor tracking. While the site is accessible and moderately optimized for performance and mobile use, some technical improvements are recommended such as updating JavaScript libraries and implementing security headers to enhance security posture. The absence of a cookie consent mechanism suggests partial GDPR compliance. From a security perspective, the site uses HTTPS and secure forms but lacks visible security headers and up-to-date libraries, which could be improved. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable or privacy protected, but the website provides clear company registration details, physical address, and contact information, supporting legitimacy. No WAF or blocking mechanisms were detected, allowing full content access. Overall, Alpiro.cz presents a trustworthy and professional online presence for SSL certificate services with room for technical and privacy compliance enhancements. Strategic recommendations include implementing cookie consent, upgrading libraries, adding security headers, and publishing security policies to strengthen trust and compliance.

Apartmány Šumava is a small hospitality business offering family apartments for rent in the Šumava region of the Czech Republic, specifically in the village of Borová Lada. The website provides detailed information about accommodation options, local attractions, and contact details, targeting tourists and families seeking a quiet and nature-oriented stay. The business appears to be operated by Freetime Europe s.r.o. and FT Sun s.r.o., with a local focus and modest market presence. Technically, the website is built with basic HTML, CSS, and JavaScript, without modern CMS or frameworks. It uses Google Analytics for visitor tracking but lacks privacy and cookie policies, which raises compliance concerns. The site is moderately optimized for performance and mobile use but lacks advanced accessibility and SEO features. A suspicious external script from an untrusted GitHub source is embedded, posing a security risk. Security posture is moderate but incomplete. There is no evidence of security headers or advanced protections, and the SSL configuration is unknown. The absence of WHOIS data for the domain is unusual and reduces trustworthiness, although the website content and contact information appear legitimate. No forms or sensitive data collection mechanisms are present, reducing attack surface but also limiting user engagement. Overall, the website is functional and serves its business purpose but requires improvements in security, privacy compliance, and technical modernization to enhance trust and protect visitors. Strategic recommendations include removing suspicious scripts, adding privacy and cookie policies, implementing security headers, and verifying domain registration details to improve legitimacy and compliance.

P

podmravencistezkou

podmravencistezkou.cz

57

The website podmravencistezkou.cz represents a small hospitality business offering cozy apartment accommodation in the Šumava National Park region of the Czech Republic. It targets tourists and visitors interested in nature, hiking, cycling, and winter sports. The business operates a single apartment located in the mountain village of Srní, providing a quiet and scenic lodging option. The website content is well-focused on describing the accommodation and local attractions, catering to a general audience seeking travel and leisure services. Technically, the website is built on the Webnode CMS platform and leverages Amazon Cloudfront CDN for content delivery. It uses modern web technologies including JavaScript and CSS, and includes a cookie consent mechanism compliant with basic GDPR requirements. Google Tag Manager is integrated for analytics and tracking purposes. The site is mobile-optimized with a good user experience and clear navigation, although accessibility features are basic. From a security perspective, the site uses HTTPS ensuring encrypted communication. However, it lacks important security headers such as Content-Security-Policy and X-Frame-Options, which could improve protection against common web attacks. There is no visible privacy policy or terms of service, and no contact emails or phone numbers are provided, which limits transparency and trust. The WHOIS data is not publicly available, indicating privacy protection for the domain registration, which is common for small businesses but reduces trust slightly. Overall, the website is functional and safe for general users, with a moderate security posture and basic privacy compliance. Strategic improvements include adding comprehensive privacy and terms policies, enhancing security headers, and providing verified contact information to improve business credibility and user trust.

The website kolinec.eu serves as a local informational and archival resource dedicated to the town of Kolinec in the Czech Republic. It provides extensive historical documents, chronicles, geographical data, and cultural content aimed primarily at residents, historians, and visitors interested in the town's heritage. The site does not operate as a commercial business but rather as a community or government-related informational portal. Technically, the website is built using basic HTML, CSS, and JavaScript without modern frameworks or CMS platforms. It lacks mobile optimization and accessibility features, which may limit usability on various devices. The site includes a visitor counter script from navrcholu.cz but no other analytics or tracking technologies. Performance is moderate, with no advanced SEO or meta tags detected. From a security perspective, the site shows weaknesses including no detected HTTPS enforcement or security headers, absence of privacy and cookie policies, and no contact or incident response information. There are no forms or inputs to assess for secure handling. These factors indicate a low security posture and limited compliance with modern privacy regulations such as GDPR. Overall, the website is safe for general audiences and provides valuable cultural and historical content but requires significant improvements in security, privacy compliance, and technical modernization to enhance trustworthiness and user experience.

I

Ittjártam.hu Kft.

ittjartam.hu

50

Ittjártam.hu Kft. operates a well-established Hungarian-language platform focused on hospitality reviews, including hotels, restaurants, and attractions. The website offers user-generated content, travel blogs, and recommendations, targeting Hungarian travelers and consumers seeking reliable reviews. The platform maintains a consistent brand presence with active social media channels and a community of engaged reviewers. Technically, the site uses a custom CMS with modern web technologies such as jQuery and WebP images, delivering a good user experience with mobile optimization and clear navigation. Security posture is moderate, with HTTPS implied and cookie consent implemented, but lacks explicit security headers and published security policies. Privacy compliance is good, with a clear privacy policy and GDPR-aligned cookie consent mechanisms. No contact emails or phone numbers are explicitly provided on the homepage, which could be improved for business credibility. Overall, the website is trustworthy, content-rich, and professionally maintained, serving a niche hospitality review market in Hungary.

CEE Digital Coalition operates a professional website promoting the annual CEE Digital Summit, a key regional event focused on digital transformation and policy in Central and Eastern Europe. The site targets policymakers, industry experts, and civil society organizations, providing detailed agenda, speaker information, and registration links. The business is positioned as a regional leader in digital policy dialogue with a small organizational size and a founding date consistent with the domain registration in 2022. Technically, the website uses modern frameworks like Bootstrap and jQuery, hosted on Polish infrastructure, with moderate performance and good mobile optimization. Security posture is adequate but could be improved by enabling DNSSEC and adding security headers. Privacy and cookie policies are missing, representing a compliance gap. Overall, the site is safe, professional, and trustworthy but would benefit from enhanced privacy and security measures.

M

MITSUBISHI ELECTRIC AUTOMOTIVE CZECH s.r.o.

mitsubishielectric.cz

55

MITSUBISHI ELECTRIC AUTOMOTIVE CZECH s.r.o. is a Czech subsidiary of the global Mitsubishi Electric Corporation, specializing in manufacturing advanced automotive electrical components such as integrated starter generators. The company emphasizes innovation and quality, employing approximately 900 professionals and operating modern production facilities. The website targets industry professionals, potential employees, and business partners, providing corporate information, news, career opportunities, and compliance details. Technically, the website is built with modern web technologies including JavaScript frameworks and Google Tag Manager for analytics. It is mobile-optimized, accessible, and SEO-friendly, with a clear navigation structure. The site uses HTTPS and implements cookie consent mechanisms, reflecting a good level of digital maturity. From a security perspective, the site enforces HTTPS and cookie consent but lacks explicit security headers and publicly available incident response or vulnerability disclosure information. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data reduces domain trustworthiness, though the website content and branding are consistent with a legitimate corporate entity. Overall, the website presents a professional and trustworthy front for the company, with recommendations to enhance security headers, publish incident response contacts, and improve domain registration transparency to strengthen trust and compliance.

The website hostcreators.eu represents a small architectural firm named Études, focusing on innovative and sustainable architectural solutions. The business targets homeowners, commercial developers, and architects by offering renovation, consulting, project management, and digital resources such as an app and newsletter. The site is built on WordPress using a modern theme, providing a professional and visually appealing user experience with good mobile optimization and accessibility. However, the site lacks explicit contact information and comprehensive privacy and security policies, which limits trust and compliance. The domain registration is consistent and transparent, registered under WebCreators, s.r.o., indicating legitimacy. Security posture is moderate with HTTPS enabled but missing security headers and incident response details.

K

KRIZOVÁ POMOC

krizova-pomoc.cz

54

The website krizova-pomoc.cz serves as an informational platform providing updated contacts for crisis assistance centers, primarily focusing on remote crisis help services known as 'trust lines'. The site is built on the Wix platform, leveraging Wix's hosting and standard web technologies such as JavaScript, CSS, and HTML5. The technical infrastructure is moderate in performance and mobile optimization, with basic SEO and accessibility features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and policies. The absence of WHOIS data and registrant information reduces the overall trustworthiness and raises concerns about domain legitimacy. Privacy and cookie policies are missing, which impacts compliance with GDPR and related regulations. Overall, the site appears to be a small-scale non-profit informational resource with moderate professionalism but requires improvements in security and compliance documentation.

FLEXiThrone s.r.o. is a Czech-based company specializing in lightweight folding electric wheelchairs and related mobility aids, targeting physically disabled individuals and their caregivers. The company holds exclusive representation rights for several specialized products in the Czech market and emphasizes product customization and quality. The website is well-structured, professionally designed, and provides clear contact information and customer testimonials, enhancing trustworthiness. Technically, the site uses standard web technologies including jQuery and Swiper.js, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS in use, but lacks visible security headers and cookie consent mechanisms. The domain registration is consistent with the business profile, indicating legitimacy. Overall, the website presents a credible and professional business presence with room for improvement in privacy and security compliance.

The analyzed URL leads to a security captcha challenge page served by AWS WAF, indicating that the website content is currently blocked due to detection of unusual traffic from the user's network. As a result, no meaningful business, contact, or policy information is accessible from this page. The page is minimal, containing only scripts and styles related to the captcha mechanism, with no visible forms, metadata, or business content. The technical infrastructure includes AWS WAF and Akamai CDN for content delivery and security. Due to the blocking, the security posture cannot be fully assessed, but the presence of a WAF challenge indicates some level of security enforcement. However, the lack of accessible policies and contact information limits compliance and trust evaluation. Overall, the site is inaccessible for detailed analysis, and the AI score is low due to content blocking.

W

WEDOS

let.cz

43

The analyzed URL is a captcha verification page provided by WEDOS Global Protection, a cybersecurity service provider established in 1997. The page serves as a security checkpoint to protect the website from automated abuse and does not contain typical business content such as privacy policies, contact information, or marketing materials. The domain is well-established and consistent with the registrar and hosting provider, indicating legitimacy. However, the content is minimal and primarily focused on security verification, limiting the ability to perform a full business or compliance analysis. The technical infrastructure appears basic with HTML and CSS usage, and no advanced frameworks or analytics are detected. Security best practices such as CSRF tokens and captcha usage are present, but no security headers or privacy compliance indicators are visible. Overall, the site demonstrates a moderate security posture but lacks transparency and user-facing compliance documentation.

M

Marktplatz Mittelstand GmbH & Co. KG

agentur.de

42

Agentur.de is a German online platform operated by Marktplatz Mittelstand GmbH & Co. KG that connects businesses, freelancers, and private individuals with qualified agencies across various sectors such as online marketing, graphic design, SEO, branding, software development, and more. The platform offers a comprehensive directory with over 70,000 listed agencies and facilitates free, non-binding inquiries for clients, positioning itself as a significant player in the German agency marketplace. The website features professional design, clear navigation, and a user-friendly interface optimized for mobile devices, reflecting a mature digital presence. Technically, the site employs modern web technologies including JavaScript, CSS, Bootstrap, and integrates third-party services like eTracker for analytics and OneTrust for cookie consent management. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks explicit security headers and a published security policy or incident response contacts. Overall, the domain registration data aligns well with the business identity, supporting the site's legitimacy and trustworthiness.

C

Community ITsax.de

itsax.de

53

ITsax.de is a specialized job board and social recruiting platform focused on the IT and software industry in Saxony, Germany. It serves as a community hub connecting IT professionals, students, and employers, facilitating job and internship placements. The platform is part of the Empfehlungsbund network, which emphasizes recommendations and referrals among partner companies. The website features a modern, responsive design with a clear focus on user experience and relevant content for its target audience. Technically, it employs contemporary web technologies including Bootstrap, Vue.js, and StimulusJS, hosted on infrastructure associated with GoDaddy. Security practices include HTTPS and CSRF protection, though explicit security headers and privacy policies are absent, indicating room for improvement in compliance and security transparency. Overall, the site is professional and trustworthy, with a strong market position in its niche.

L

Lauder Javne Zsidó Közösségi Óvoda, Általános Iskola, Gimnázium és Zenei Alapfokú Művészeti Iskola

lauder.hu

52

Lauder Javne Iskola is a well-established Jewish community educational institution in Hungary, offering comprehensive education from kindergarten through high school, including a music school and e-learning programs. The institution emphasizes Jewish cultural and religious education alongside modern pedagogical approaches, supported by a dedicated foundation and partnerships. The website reflects a mature digital presence with detailed program descriptions, admissions information, and contact details, targeting families and educators interested in Jewish education. Technically, the site uses standard web technologies with jQuery and Google Tag Manager for analytics, showing moderate performance and good mobile optimization. However, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security practices are basic, with no visible security headers or incident response contacts. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

K

Könyvtárellátó Nonprofit Kft.

pedig.hu

54

The website pedig.hu serves as the official platform for the Pedagógus Igazolvány, a service operated by Könyvtárellátó Nonprofit Kft. It provides Hungarian educators with a digital means to register, manage, and utilize their teacher identification cards to access discounts and cultural benefits. The platform includes a web portal and mobile applications for iOS and Android, enhancing accessibility and user convenience. The site is well-branded, consistent, and targets educators in Hungary with a nonprofit service model. Technically, the website is built using modern web technologies including Next.js and React, ensuring a responsive and performant user experience. The site is mobile-optimized and includes essential SEO and accessibility features, although some accessibility enhancements could be made. The hosting provider is not explicitly identified, but the site uses HTTPS with excellent SSL configuration. From a security perspective, the site enforces HTTPS and secure user registration/login flows. However, it lacks explicit security headers and a public vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Contact information is available via a dedicated contact page, though no direct emails or phone numbers are visible on the homepage. Overall, pedig.hu presents a trustworthy, professional, and secure platform for its target audience. Strategic recommendations include implementing security headers, publishing a vulnerability disclosure policy, enhancing accessibility, and maintaining regular security audits to sustain and improve the security posture.

B

BWmedien GmbH

bwmedien.biz

52

BWmedien GmbH is a German-based full-service IT and media provider established in 2001, specializing in web development, digital marketing, hosting, and proprietary software solutions including CMS, CRM, and ERP systems. The company positions itself as a regional pioneer with a strong focus on delivering tailored digital solutions to businesses and organizations. Their website reflects a professional and comprehensive service offering with clear navigation, modern design, and mobile optimization. Technically, the site uses a proprietary CMS (BWcms), modern JavaScript libraries like Swiper.js, and HTML5 video, hosted on infrastructure with DNS servers under net-build.net and domain registration via RegistryGate GmbH. Security posture is good with HTTPS enabled and domain transfer protection, though DNSSEC is not enabled and some security headers are not explicitly detected. Privacy compliance is strong with visible GDPR-aligned privacy and cookie policies and consent mechanisms. Contact information is clearly provided including phone and social media channels. Overall, BWmedien GmbH demonstrates a mature digital presence with high trustworthiness and professional credibility.

Y

YOOtheme

yootheme.com

58

YOOtheme is a well-established company specializing in premium WordPress themes, Joomla templates, and a powerful page builder called YOOtheme Pro. With over 150,000 customers, it holds a strong market position in the web development tools sector, offering a suite of products including plugins and extensions to enhance website functionality. The company targets web developers, designers, and businesses seeking professional and responsive website solutions. Technically, the website leverages modern frameworks such as Vue.js and UIkit, hosted on Bunny.net CDN infrastructure, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is mostly addressed with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-structured, with room for improvement in security headers and explicit incident response disclosures.

W

WEDOS Internet, a.s.

wedos.com

58

WEDOS Internet, a.s. operates wedos.com, a technology-focused website offering global anycast DNS services designed to provide worldwide DNS infrastructure for enhanced protection, speed, and cost efficiency. The company is established since 2003 and targets businesses and organizations requiring reliable DNS and security services. The website is built on WordPress with multilingual support via Weglot, indicating a mature digital presence. The site demonstrates good content quality, professional design, and clear navigation, optimized for mobile devices. Security posture is adequate with HTTPS enabled and cookie consent implemented; however, DNSSEC is not enabled and security headers are absent, representing areas for improvement. Privacy compliance is partial due to the absence of a visible privacy policy and terms of service. Business credibility is high given the consistent WHOIS data and long domain age. Overall, the website is trustworthy and professional but could enhance security and compliance transparency.

K

KF

kf.no

66

KF is a Norwegian organization focused on providing solutions, courses, and professional literature to the municipal sector, aiming to simplify daily operations within municipalities. The website presents a professional and consistent brand image, targeting municipal employees and public sector stakeholders in Norway. Their offerings include software solutions, educational courses, and specialized publications tailored for municipal needs. Technically, the website is built on Drupal 10, leveraging modern web technologies and integrating analytics tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks some advanced security headers and a public security policy or incident response contact. Overall, the domain registration data aligns well with the website content, indicating a trustworthy and legitimate entity. The site does not contain any adult or questionable content and maintains a high level of professionalism and trustworthiness.

SUTOR GLOBAL s.r.o. is a small Czech Republic-based company specializing in installation, repair, and inspection services for reserved lifting, pressure, gas, and electrical equipment. The company targets industrial clients requiring specialized maintenance and compliance services in the energy sector. The website is minimalistic, primarily image-driven, and uses Bootstrap for responsive design, indicating a basic but functional digital presence. Technical infrastructure is modest with no advanced CMS or analytics detected, hosted likely via Forpsi based on DNS information. Security posture is limited with no evident security headers or privacy policies, and no HTTPS status was explicitly confirmed. The domain registration is consistent and stable, supporting the legitimacy of the business. Overall, the website serves as a basic informational portal without advanced digital marketing or security features.

U

UDG

udg.de

9

UDG is a German-based digital brand consultancy focused on enabling authentic, real-time, and networked interactions between consumers and brands. The company positions itself as a partner for smart brands navigating the digital world, offering services in brand management and integrated communication across channels. The website reflects a modern digital presence built on the Astro framework and Storyblok CMS, with analytics and consent management implemented via Google Tag Manager and Usercentrics respectively. Security posture is adequate with HTTPS enabled, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service. Overall, the website is professional and well-structured, targeting business clients in the technology and marketing sectors.

B

BASF

basf.com

74

BASF is a globally recognized chemical company with a strong presence in Finland, providing chemical products and industrial solutions primarily targeting business customers in the energy and chemical sectors. The website reflects a professional corporate image with consistent branding and good content quality, aimed at industry professionals and partners. The technical infrastructure is modern, leveraging Angular framework and JavaScript technologies, with moderate performance and good mobile optimization. Security posture is moderate with HTTPS likely enabled but lacks visible security headers and explicit security policies, indicating room for improvement in security best practices. Privacy compliance is weak due to absence of visible privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from enhanced transparency and security measures.

N

NEXTUP s.r.o.

nextup.cz

45

NEXTUP s.r.o. is a Czech-based technology company specializing in custom software development and IT solutions with over 20 years of market presence. The company serves business clients with tailored e-commerce platforms, mobile applications for Android and iOS, and system integration services. Their portfolio includes notable clients such as Activa, Bank of Georgia, and Blue Sky Media, reflecting a strong market position in the technology sector. The website presents a professional image with clear project showcases and comprehensive contact information, supporting their credibility and business maturity. Technically, the website employs modern web standards and Google Analytics for user tracking, with good mobile optimization and SEO practices. However, it lacks published privacy and cookie policies, which are critical for GDPR compliance. Security-wise, HTTPS is enforced, but the absence of security headers and incident response contacts indicates room for improvement. Overall, the site is trustworthy and well-structured but should enhance privacy and security transparency to align with best practices.

I

Innovasjon Norge

innovationnorway.no

60

Innovasjon Norge is a Norwegian government agency dedicated to fostering sustainable growth and export opportunities for Norwegian businesses. The organization provides comprehensive support services including advisory, capital funding, and networking to entrepreneurs and companies at various stages such as starting, scaling, internationalizing, and renewing their business models. The website reflects a strong market position as a key national innovation facilitator with a clear focus on sustainability and international growth. Technically, the website is built on modern frameworks such as Next.js and React, ensuring a responsive and accessible user experience. The site employs best practices in SEO, accessibility, and performance optimization, with a well-structured layout and clear navigation. The presence of a cookie consent mechanism and privacy policy indicates a mature approach to privacy compliance. From a security perspective, the site enforces HTTPS, implements security headers, and avoids exposing sensitive data. However, explicit security policies and incident response information are not publicly available, and no vulnerability disclosure program is evident. Overall, the security posture is strong but could benefit from enhanced transparency and formalized disclosure mechanisms. The domain WHOIS data is not publicly available due to Norwegian registry privacy policies, but the domain and website content strongly indicate legitimacy as the official site of Innovasjon Norge. No WAF or blocking mechanisms were detected, and the site content is fully accessible and safe for general audiences.

H

HARFASPORT

harfasport.cz

63

HARFASPORT is a specialized retail business focused on cycling and skiing equipment, serving primarily Czech-speaking customers. The website presents a modern and mobile-optimized interface with clear navigation and professional design, targeting customers interested in sports gear. However, the absence of WHOIS data and lack of visible privacy and cookie policies indicate gaps in transparency and compliance. Technically, the site uses modern JavaScript modules and CSS frameworks, likely built with Vue.js and Radix UI components, but lacks visible security headers and analytics integrations. The security posture is moderate but could be improved with better header configurations and explicit privacy measures. Overall, the site appears legitimate and functional but would benefit from enhanced compliance and security practices to increase trust and reduce risk.

T

Homepage - Travel FREE – Europe's No. 1 Bordershop

travel-free.cz

58

Travel FREE is a retail business operating Europe's No. 1 Bordershop, targeting general consumers interested in cross-border shopping. The website presents a professional appearance with a clear business focus on retail and travel-related shopping services. The company promotes a mobile app available on both Apple App Store and Google Play, indicating a digital engagement strategy. The technical infrastructure includes modern web technologies such as Google Tag Manager and Usercentrics for consent management, ensuring compliance with cookie regulations. The website is accessible without any blocking or WAF challenges, and it uses HTTPS to secure communications. However, the absence of publicly available WHOIS data and lack of explicit privacy policy or contact information reduces transparency and trustworthiness to some extent. Security posture is moderate with room for improvement in security headers and published policies. Overall, the website is functional and professional but would benefit from enhanced transparency and security documentation.

D

Dot Creative

dotcreative.hu

57

Dot Creative is a Hungarian creative agency established in 2018, specializing in digital design, branding, and marketing services. The company targets businesses and professionals seeking innovative digital presence solutions. The website reflects a modern, professional design with clear navigation and strong branding consistency. The technical infrastructure is based on Next.js and React, indicating a modern and performant digital platform. Security posture is strong with HTTPS enforced and multiple security headers present, though explicit security policies and incident response contacts are not found. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Overall, the website presents a trustworthy and professional business presence with minimal risk exposure.

M

MVM Oroszlányi Távhőtermelő és Szolgáltató Zrt.

mvmtavho.hu

61

MVM Oroszlányi Távhőtermelő és Szolgáltató Zrt. is a regional energy company specializing in district heating services for the Oroszlány and Szolnok areas in Hungary. The website acts as a portal directing users to localized district heating service sites, reflecting a focused business model in the energy utility sector. The company appears to be a medium-sized entity founded in 2020, likely part of the larger MVM group, a major Hungarian energy provider. Technically, the website employs modern web technologies including Google Tag Manager and Google Analytics for tracking, and uses responsive design techniques to ensure usability across devices. However, the site lacks advanced SEO and accessibility features and does not appear to use a CMS or complex frameworks. Performance is moderate with no critical errors detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data or forms on the landing page, which is positive. However, it lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure information is available, indicating room for improvement in security transparency. Overall, the website is functional and consistent with its business purpose but requires enhancements in privacy compliance, security best practices, and user contact information to improve trust and regulatory adherence.

PPP-T S.A. operates as a modern business and innovation development space primarily serving the Płock subregion in Poland. The company offers approximately 60 hectares of connected investment areas equipped with technical infrastructure, office spaces, conference rooms, and acceleration programs to support entrepreneurship. The website reflects a professional and regionally focused business entity linked to the ORLEN group, a major energy sector player. Technically, the website is built on Adobe Experience Manager, employs HTTPS, and integrates a comprehensive cookie consent mechanism via Cookiebot, indicating a mature digital infrastructure. Security posture is generally good with HTTPS and consent management, but lacks some advanced security headers and explicit incident response or security policy disclosures. WHOIS data for the domain pppt.orlen.pl is unavailable from the Polish registry, which slightly reduces trustworthiness, but the website content and branding strongly indicate legitimacy. Overall, the site is well-structured, accessible, and compliant with GDPR requirements, targeting business clients and entrepreneurs in the region.

ORLEN Ochrona is a Polish security service provider affiliated with the PKN ORLEN group, focusing on comprehensive physical and digital protection services for strategic national units, individual clients, and institutions. The website presents a professional image with a clear business focus on security solutions including physical protection, transport of valuables, security systems, and specialist training. The company leverages Adobe Experience Manager for content management and employs Cookiebot for GDPR-compliant cookie consent management. The site is well-structured, mobile-optimized, and provides clear navigation to various service offerings and corporate information. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers are not visible in the HTML source. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data for the subdomain is unavailable, which is typical for subdomains under the .pl registry, but the domain's affiliation with the reputable PKN ORLEN group supports its legitimacy. Overall, the website demonstrates good technical maturity, privacy compliance, and business credibility.

E

eealibrary.org

eealibrary.org

60

The website eealibrary.org currently presents no accessible content beyond a loading spinner, indicating that the site is either under development or protected by a web application firewall or security mechanism that blocks content delivery. The domain is registered since 2014 with easyDNS Technologies Inc., showing a stable registration history but no publicly available registrant details. There is no metadata, privacy, cookie, or terms of service information available, and no contact or social media links are present. Technically, the site uses Angular framework components and standard web technologies but lacks performance and SEO optimizations. Security posture is weak with no HTTPS enforcement or security headers detected, and DNSSEC is not enabled. Overall, the site is not currently providing meaningful business or user information and lacks compliance and trust indicators.

P

Page Builder s.r.o.

pobo.hu

49

Pobo Page Builder, operated by Page Builder s.r.o., is a technology company specializing in providing a page building tool primarily targeting e-commerce businesses in Hungary and the Czech Republic. The website showcases their services including AI-powered content generation and design tools, supported by customer service and marketing teams. The company positions itself as a niche SaaS provider with a focus on enhancing online shops' page design and functionality. Technically, the website employs modern tracking and chat technologies such as Google Tag Manager, Google Optimize, Freshchat, and Abgar widgets, hosted on VasHosting.cz. The site is mobile-optimized with moderate performance and basic SEO and accessibility features. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, though security headers and explicit policies are lacking. Privacy compliance is partial, with privacy and terms documents available as PDFs but no cookie consent mechanism or security incident contact information. Overall, the website is professional but shows some content placeholders indicating incomplete localization or content delivery. The WHOIS data aligns well with the website's business claims, supporting legitimacy. Strategic improvements in security policies, privacy compliance, and content completeness would enhance trust and compliance.

U

Ultimate Store Kit

storekit.pro

28

Ultimate Store Kit is a specialized WooCommerce Elementor addon provider offering a plugin with over 69 widgets designed to enhance WooCommerce websites. The business targets web designers and WooCommerce users seeking to build custom product pages and dynamic checkout experiences. The website is built on WordPress with WooCommerce and Elementor frameworks, reflecting a modern and professional digital infrastructure. SEO optimization is evident with Rank Math integration and structured data usage. Security posture is moderate with HTTPS enabled but lacks advanced security headers and privacy compliance features. The absence of contact information and privacy policies suggests room for improvement in transparency and compliance. Overall, the domain appears legitimate though WHOIS data is unavailable due to TLD restrictions and privacy protection, which is common for small plugin businesses.

W

Waldhart Software

onlineshop.ws

45

Waldhart Software operates the onlineshop.ws domain, providing specialized e-commerce solutions primarily for ski schools, snow sports schools, and related outdoor sports businesses. The website serves as a reference portal showcasing over 300 live client online shops, indicating a focused B2B business model targeting the winter and summer sports education sector. The company appears to be a small-sized entity founded in 2018, with a consistent brand presence and a clear market niche in Austria and neighboring countries. Technically, the website leverages modern web technologies including the Quasar Framework and Google Maps API, delivering a responsive and user-friendly experience. Hosting is likely provided by profiwebspace.at, with domain registration managed by InterNetX GmbH. The site uses HTTPS, but lacks DNSSEC and security headers, which are areas for improvement. No analytics or advertising scripts were detected, suggesting a privacy-conscious or minimalistic approach. From a security perspective, the site has a moderate posture with HTTPS enabled but missing important security headers and DNSSEC. There are no visible vulnerabilities or exposed sensitive data in the provided content. However, the absence of privacy and cookie policies, as well as terms of service, indicates compliance gaps with GDPR and general privacy best practices. Overall, the website is professional and trustworthy within its niche but would benefit from enhanced privacy compliance and improved security configurations to strengthen user trust and regulatory adherence.

P

Perfectweb

perfectweb.at

48

Perfectweb is a small regional web design and advertising agency based in Austria, specializing in web design, CMS, graphic design, marketing, and online shop solutions primarily serving Vienna and the Weinviertel region. The website presents a basic but professional digital presence with clear navigation and references to client projects. Technical infrastructure is modest, relying on standard HTML, CSS, and JavaScript with a cookie consent plugin for GDPR compliance. Security posture is limited with no visible HTTPS confirmation or security headers, and WHOIS data is unavailable, which raises concerns about domain transparency. Overall, the site is functional but would benefit from enhanced security and technical modernization.

M

MAFRA, a.s.

mfdnes.cz

59

MF DNES is a major Czech media company offering subscription-based access to daily newspapers and thematic magazines in both digital and print formats. The website provides clear subscription options, loyalty programs, and regional news coverage, targeting a broad audience interested in news and lifestyle content. The business is positioned as one of the largest media outlets in the Czech Republic with a professional editorial team and consistent branding. Technically, the website employs modern tracking and analytics technologies including Google Tag Manager, Google Analytics, Gemius, and a consent management platform (Didomi) to ensure GDPR compliance. The site is well-structured with good mobile optimization and SEO practices, although some security headers are not explicitly detected. The SSL configuration is excellent, and secure login forms with client-side validation are implemented. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and consent management but lacks publicly available security policies or incident response contacts. The absence of WHOIS data is a notable anomaly that reduces domain registration trustworthiness, although the website content and business information strongly indicate legitimacy. No vulnerabilities or adult content were detected, and the site is fully accessible without WAF blocking. Overall, the website is professional, secure, and compliant with privacy regulations, but improvements in domain transparency and security policy publication are recommended to enhance trust and security posture.

B

Blogosvět.cz

blogosvet.cz

58

Blogosvět.cz is a Czech media platform providing an open space for bloggers and authors to freely express their opinions. It hosts a variety of articles covering political, social, and cultural topics, targeting a general Czech-speaking audience. The platform partners with established media companies such as SPM MEDIA and Echo24.cz, enhancing its credibility within the local media landscape. Technically, the website is built using modern web technologies including React and Next.js, offering good mobile optimization and user experience. Security posture is adequate with HTTPS enforced and secure forms, but lacks some advanced security headers and explicit privacy compliance mechanisms. The absence of WHOIS data for the domain raises concerns about domain registration transparency, which impacts trustworthiness. Overall, the platform is functional and professional but would benefit from improved privacy and security disclosures.

R

Radio Prostor

radioprostor.cz

56

Radio Prostor is a Czech media outlet providing a platform for information, politics, economy, business, sports, culture, and modern lifestyle content. It operates a live radio streaming service alongside a rich collection of news articles and interviews, targeting a broad audience interested in current affairs and cultural topics. The website demonstrates a professional and consistent brand presence with active social media engagement and accessible contact information. Technically, the site is built on modern web technologies including React and Next.js, offering good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced, though additional security headers and explicit policies could enhance protection. The absence of WHOIS data reduces domain transparency and trust slightly, but the overall content quality and business credibility remain high. Strategic recommendations include improving security headers, publishing incident response information, and monitoring domain registration status to ensure ongoing legitimacy.

The website www.fotojanout.cz is a personal photography portfolio showcasing the work of František Janout, focusing primarily on nature and landscapes of the Šumava region and various international travel destinations. The site targets photography enthusiasts and travelers interested in these regions. It operates as a small-scale personal project without commercial business registration details or contact information. Technically, the site uses basic web technologies including HTML, CSS, JavaScript with jQuery and Facebook SDK integration. It is hosted on the eStránky.cz platform and shows moderate performance and basic mobile optimization. Security posture is weak due to lack of HTTPS confirmation, missing security headers, and absence of privacy or cookie policies. No WHOIS data is available, raising concerns about domain registration legitimacy. Overall, the site is safe for general audiences but lacks professional security and privacy compliance features.

The website www.boubin.cz/boubin/ serves as an informational portal focused on the Boubín mountain and the Šumava region in the Czech Republic. It provides detailed descriptions of natural landmarks, hiking trails, and local accommodation options, targeting tourists and visitors interested in nature and outdoor activities. The business model centers on tourism promotion and accommodation listings, primarily serving a regional audience. The site content is primarily in Czech with some German and English keywords, reflecting the local cultural context. From a technical perspective, the website uses basic HTML and CSS without modern frameworks or CMS platforms. There is no evidence of HTTPS or advanced security headers, and no analytics or tracking technologies are detected. The site appears to have moderate performance but lacks mobile optimization and accessibility features, which could limit user experience on mobile devices. Security posture is weak due to the absence of HTTPS, security headers, and privacy or cookie policies. No contact information or incident response details are provided, limiting transparency and trust. The WHOIS data is unavailable, which raises concerns about domain registration legitimacy and reduces overall trustworthiness. No forms or user data collection mechanisms are present, minimizing data protection risks but also indicating limited interactivity. Overall, the website is a small-scale, regionally focused tourism information site with basic technical implementation and significant security and compliance gaps. Strategic improvements in security, privacy compliance, and technical modernization are recommended to enhance trust and user experience.

A

Alpiro s.r.o.

ssls.cz

57

SSLS.cz is an established Czech online reseller specializing in SSL certificates and digital security products. Operated by Alpiro s.r.o., it holds a strong market position as the largest SSL certificate provider in the Czech Republic, offering a wide range of certificates from multiple trusted certificate authorities. The website provides comprehensive services including SSL certificates by brand and validation type, wildcard and multidomain certificates, digital signatures, code signing, CSR generation, and API integration for automation. The business model focuses on competitive pricing and extensive product selection targeting businesses and individuals seeking web security solutions in the Czech market. Technically, the website employs standard web technologies such as JavaScript and jQuery, with responsive design and good SEO practices. While performance is moderate, mobile optimization is good, and accessibility is basic. The site includes a cookie consent mechanism and secure login options, including certificate-based authentication, indicating a reasonable level of digital maturity. However, the absence of explicit security headers and a formal security policy page suggests room for improvement in security hardening. From a security perspective, the site enforces HTTPS and offers secure user authentication methods. No vulnerabilities or exposed sensitive data were detected in the content. The lack of WHOIS data reduces transparency and slightly impacts trustworthiness, but the overall security posture is solid for an e-commerce platform of this nature. Privacy compliance is supported by a privacy policy and cookie consent, aligning with GDPR requirements. Overall, SSLS.cz presents a professional and trustworthy platform for SSL certificate procurement with a strong local market presence. Strategic enhancements in security headers, incident response transparency, and WHOIS data availability would further strengthen its security and compliance profile.

Č

Česká spořitelna a.s.

tradergo.cz

64

TraderGO is a modern online trading platform operated under the Česká spořitelna brand, offering professional investment services including trading in stocks, commodities, currencies, and other assets. The platform targets retail and professional investors primarily in the Czech Republic, providing a multi-device accessible application and educational resources. The website is well-branded, professionally designed, and integrates secure login and demo account features. Technically, the site uses modern web technologies including JavaScript modules, Google Tag Manager, and ElasticSearch for search functionality, hosted likely on Erste Group infrastructure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers could be further verified. The absence of WHOIS data is a notable gap but does not significantly detract from trust due to the strong brand presence. Overall, the site demonstrates good digital maturity and compliance with privacy regulations.

W

WPCodeBox

wpcodebin.com

56

WPCodeBin is a niche technology platform offering a free service for sharing WordPress code snippets, targeting WordPress developers and users. The website is built using modern web technologies including React and Next.js, hosted with DNS managed by Cloudflare and domain registered via NameCheap. The platform is relatively new, founded in 2022, and operates under the parent brand WPCodeBox. The site demonstrates good technical infrastructure with responsive design and moderate performance. Security posture is decent with HTTPS enabled and some security headers indicated in code snippets, though DNSSEC is not enabled and no explicit security or privacy policies are published. The absence of privacy and cookie policies represents a compliance gap. No contact information or incident response details are provided, limiting direct communication channels. Overall, the site is professional and trustworthy within its niche but could improve compliance and security transparency.

1url.cz is a Czech-based URL shortening service established in 2010, offering users the ability to shorten, anonymize, and preview URLs with permanent 301 redirects. The service targets general internet users, social media participants, and affiliate marketers seeking reliable and permanent link redirection. The website is implemented with basic but functional technologies including HTML5, CSS, Google Fonts, and Google reCAPTCHA to prevent abuse. Hosting and domain registration are managed by Wedos, a reputable Czech provider, supporting the site's legitimacy and stability. Security posture is moderate with HTTPS enforced and reCAPTCHA integration; however, the absence of security headers and formal privacy or cookie policies indicates room for improvement. No direct contact emails or phone numbers are provided, but a contact form is available. Overall, the site is safe for general audiences and operates without suspicious content or practices.

K

Kreativní Praha, z. ú.

poznejvltavu.cz

52

Poznej Vltavu is a cultural festival organized by Kreativní Praha, a non-profit entity focused on celebrating the Vltava river through family-friendly events, workshops, and entertainment in Prague. The website serves as an information hub for the festival, providing event details, maps, partner information, and updates. The organization has established partnerships with local government and cultural institutions, enhancing its credibility and community reach. The website is well-branded, consistent, and targets a broad audience including families and cultural enthusiasts. Technically, the website uses modern JavaScript libraries such as Leaflet for interactive maps and Swiper for carousels, hosted on WEDOS servers. It employs Google Tag Manager for analytics with a privacy-conscious default denying tracking until consent is given. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Performance is moderate, with room for improvement in security headers and explicit security policies. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. Cookie consent mechanisms and GDPR policy pages indicate good privacy compliance. However, there is no explicit incident response or security policy documentation, which could be enhanced. Overall, the site is trustworthy, safe, and professionally maintained. The risk assessment is low, with recommendations focusing on improving security headers, adding incident response contacts, and enhancing accessibility. The domain is newly registered but consistent with the event timeline, and WHOIS data aligns with the website's claims, supporting legitimacy.

M

Moudrá Sovička z.s.

moudrasovicka.cz

40

Moudrá Sovička z.s. is a small Czech non-profit organization focused on providing assistance with the initial setup of computers, tablets, and phones. The website serves as an informational and service platform targeting individuals who need help with technology setup. The organization maintains a modest but professional online presence, including a Facebook page and clear contact information. The business model revolves around educational and technical support services, positioning itself as a niche local service provider in the Czech Republic. Technically, the website is built on WordPress using the Radiate theme and employs standard web technologies such as PHP, JavaScript, and CSS. It includes a cookie consent mechanism compliant with GDPR, indicating a reasonable level of digital maturity and privacy awareness. Performance and mobile optimization are adequate, with good SEO practices and basic accessibility features. From a security perspective, the site enforces HTTPS and includes common security headers, contributing to a good security posture. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a security.txt file and explicit incident response contacts suggests room for improvement in security transparency and incident readiness. Overall, the website presents a low-risk profile with a solid foundation for a small non-profit. The lack of WHOIS data reduces trust slightly but does not outweigh the positive indicators from the website content and technical setup. Strategic recommendations include enhancing security disclosures, maintaining up-to-date software, and improving transparency around incident response.

N

NET4GAS, s.r.o.

net4gas.cz

67

NET4GAS, s.r.o. operates as the exclusive operator of the natural gas transmission system in the Czech Republic, managing over 4,000 km of pipeline infrastructure. The company provides reliable, safe, and economically efficient gas transportation services year-round, playing a key role in integrating Central European energy markets and supporting the transition to a low-carbon economy. The website reflects a professional and business-focused presence with comprehensive information for customers, investors, and partners. Technically, the site uses established web technologies such as jQuery and Bootstrap, hosted on a CMS platform (WebJET CMS), and is mobile optimized with good navigation and content quality. Security-wise, the site implements cookie consent mechanisms and GDPR compliance but lacks visible advanced security headers or explicit security policies. The absence of WHOIS data limits full domain legitimacy verification, though the website content and contact details support a credible business identity. Overall, the site is well-structured and trustworthy for its intended audience but could improve transparency and security posture.

Svazek obcí mikroregionu Zábřežsko is a local government association focused on supporting the development of municipal self-governance and enhancing the economic, social, and cultural life of the Zábřežsko microregion in the Czech Republic. The website serves as an information portal for residents and local officials, providing access to documents, event announcements, and contact information. The organization positions itself as a community-centric entity facilitating regional cooperation and development. Technically, the website employs basic web technologies including HTML, CSS, JavaScript, and an older version of jQuery (1.3.2). Google Analytics is integrated for visitor tracking. The site shows moderate performance and basic mobile optimization but lacks modern frameworks or CMS indications. Accessibility and SEO optimizations are basic, with room for improvement. From a security perspective, the site uses HTTPS (implied by external scripts loaded over HTTPS), but no security headers were detected in the provided data. The use of an outdated jQuery version presents a potential vulnerability. There is no visible privacy or cookie policy, which raises compliance concerns, especially under GDPR. WHOIS data is missing, which limits domain legitimacy verification and reduces trustworthiness. Overall, the website is functional and serves its purpose for the local government audience but requires improvements in security, privacy compliance, and technical modernization to enhance trust and resilience against threats.