Security Directory

D

Dev-Com Informatikai kft.

judobcknmbr.com

44

JUDOBCKNMBR.COM is a specialized e-commerce platform launched in 2024 by Dev-Com Informatikai kft., focused on providing official and custom judo backnumbers, sponsor labels, and related products. The website targets judokas and judo enthusiasts seeking personalized and competition-approved identifiers. The business leverages official partnerships with the International Judo Federation (IJF) and the European Judo Union (EJU), enhancing its market credibility within the niche sports apparel sector. The platform offers a user-friendly interface with clear navigation and product categorization, supporting a seamless ordering experience.

F

FC Zlín

fctrinityzlin.cz

44

FC Zlín is a Czech football club with an official website providing comprehensive information about the club, including news, match schedules, team rosters, ticket sales, fan merchandise, and partner details. The website targets football fans and the local community, offering engagement through social media and online services. The business model revolves around sports club promotion, fan engagement, and merchandising. Technically, the website employs a modern frontend stack including Bootstrap, jQuery, OwlCarousel, Font Awesome, and Google Fonts. It integrates Google Analytics and Facebook SDK for tracking and marketing purposes. Hosting appears to be regional with Czech-based registrar and name servers. The site is mobile-optimized with good navigation and content structure, though SEO and accessibility could be improved. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit security policies or vulnerability disclosures. No cookie consent mechanism was detected, indicating partial GDPR compliance. No contact phone numbers or detailed business registration data were found, limiting direct contact options. The WHOIS data is consistent and transparent, supporting legitimacy. Overall, the website is functional and professional with moderate security and privacy compliance. Strategic improvements in security headers, privacy notices, and contact transparency would enhance trust and compliance.

S

Sector s.r.o.

rozpravky.sk

38

Rozpravky.sk is a Slovak media website operated by Sector s.r.o., offering a large collection of free animated fairy tales and cartoons primarily targeting children and families in Slovak and Czech languages. The platform is positioned as a regional niche media provider with a business model based on free content streaming supported by advertising. Technically, the site uses a mix of legacy and modern web technologies including jQuery 1.8.3, Google Fonts, FontAwesome, and Google Analytics. While the site is accessible and well-structured with good navigation and mobile optimization, it lacks explicit privacy and terms of service pages, and uses an outdated jQuery version which poses security risks. Security posture is moderate with HTTPS enforced and cookie consent implemented, but missing advanced security headers and vulnerability disclosures. WHOIS data confirms the legitimacy of the domain ownership by Sector s.r.o., consistent with the website's branding and market focus. Overall, the site is functional and trustworthy but would benefit from improved security practices and compliance documentation.

A

ALSA, z.s.

alspruvodce.cz

52

ALSA, z.s. operates a community portal dedicated to supporting individuals affected by Amyotrophic Lateral Sclerosis (ALS) in the Czech Republic. The organization provides educational resources, patient counseling, equipment rental, rehabilitation programs, and community networking. Positioned uniquely in the Czech and Slovak regions, ALSA serves a niche healthcare non-profit market focused on ALS patient support. The website is professionally designed using modern React and Next.js technologies, offering a good user experience with mobile optimization and clear navigation. However, it lacks visible privacy and cookie policies, which are important for GDPR compliance. Security posture is moderate with no detected security headers or explicit SSL information in the provided data. Social media presence is strong, enhancing community engagement and trust. Overall, ALSA presents as a credible and focused non-profit organization with room for improvement in privacy and security compliance.

Kolín.cz is a well-established local news and information portal serving the Kolín region in the Czech Republic. Operated by Clever Soft s.r.o., the website provides timely news articles, event calendars, business directories, accommodation listings, classifieds, and local media services such as TV and cinema information. The site targets residents and visitors of the Kolín area, offering a comprehensive community resource supported primarily through advertising revenue. The domain has been active since 1997, indicating a long-standing presence in the local media landscape. Technically, the website employs a custom CMS and integrates modern web technologies including Google Tag Manager, Google Publisher Tags for advertising, AMP components for performance, and Google Fonts for typography. Hosting is provided by Active24, a reputable Czech hosting provider. The site is mobile-optimized with good SEO practices and basic accessibility features. GDPR compliance is evident through a comprehensive privacy policy and an active consent management platform. From a security perspective, the site uses HTTPS with a good SSL configuration and implements a consent mechanism for cookies and personal data processing. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No critical vulnerabilities or exposed sensitive data were found in the analysis. Overall, Kolín.cz presents a professional and trustworthy online presence for local news and services. It maintains good privacy and security practices appropriate for its business model and audience. Strategic recommendations include enhancing security headers, auditing third-party scripts regularly, and adding clearer contact phone information to improve user trust and support.

K

Klub Pathfinder

pathfinder.sk

48

Klub Pathfinder is a Slovak non-profit organization dedicated to youth development through outdoor activities, Christian education, and community events. The website serves as a hub for event announcements, training programs, and resources for youth and their leaders. It maintains an active presence with regular content updates and social media engagement, primarily on Facebook. Technically, the site is built on WordPress with common plugins for galleries, forms, and cookie management, providing a moderate performance and good mobile experience. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and formal security policies. Privacy compliance is partial due to the absence of a privacy policy and terms of service pages. Overall, the site is trustworthy and professional, serving its target audience effectively.

S

Statutární město Mladá Boleslav

mb-net.cz

51

The website https://mb-net.cz/ is the official online presence of the statutory city of Mladá Boleslav, Czech Republic. It serves as a comprehensive portal for residents and visitors, offering city information, municipal services, news updates, event calendars, and contact details. The site is well-positioned as a government entity's digital platform, providing essential public services and information in Czech language. The business model is focused on public service delivery and citizen engagement, with no commercial intent. The domain's long history since 1997 supports its credibility and established presence. Technically, the website employs a custom CMS (vismo®), modern web standards including HTML5, CSS3, and JavaScript, and integrates Google services such as reCAPTCHA for form security and Google Analytics for traffic analysis. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Cookie consent and GDPR compliance mechanisms are implemented effectively. From a security perspective, the site uses HTTPS with excellent SSL configuration, employs reCAPTCHA to protect forms, and manages cookie consent responsibly. However, it lacks explicit published security policies, incident response contacts, and security headers that could enhance its security posture. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is a trustworthy, professional municipal portal with good content quality and technical implementation. Strategic improvements include publishing security and incident response policies, enhancing security headers, and possibly adding terms of service to improve transparency and compliance.

K

Klub Pathfinder z.s.

pathfinder.cz

63

Klub Pathfinder z.s. is a Czech non-profit organization dedicated to youth development through scouting and outdoor activities. The organization offers a variety of programs including weekend meetings, camps, and educational opportunities for youth leaders. The website reflects a well-structured and content-rich platform targeting children, youth, and their guardians, emphasizing values such as responsibility, nature protection, and faith. Technically, the site is built on Drupal CMS with modern web technologies and includes integrations for analytics and user tracking. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and explicit security policies. The absence of WHOIS data is a concern for domain trust but does not detract from the legitimacy of the organization as evidenced by comprehensive contact information and partnerships. Overall, the site is professional, trustworthy, and well-positioned within its sector.

S

Sector s.r.o.

sector.sk

33

Sector.sk is a Slovak media portal specializing in gaming news, reviews, videos, and hardware content targeting the gaming community. The website offers daily updates and community engagement features such as forums and contests, positioning itself as a regional leader in gaming media. The company behind the site is Sector s.r.o., a small media entity based in Slovakia. Technically, the site employs a modern but custom technology stack including jQuery, FontAwesome, Google Tag Manager, and various ad networks. While the site is functional and content-rich, it lacks formal privacy and cookie policies, which impacts compliance and user trust. Security posture is moderate with HTTPS enabled and some tracking technologies in use, but missing advanced security headers and incident response disclosures. Overall, the site is accessible without WAF blocking and shows consistent WHOIS data supporting legitimacy.

P

Petit Press, a.s.

sme.sk

60

SME.sk is a leading Slovak news portal operated by Petit Press, a.s., providing comprehensive news coverage across various sectors including politics, economy, culture, and sports. The website targets the general Slovak public and holds a strong market position as one of the most read news sources in Slovakia. The business model is primarily based on online media publishing with revenue streams from advertising and subscriptions. The site demonstrates a high level of content quality and consistent branding, reflecting its established reputation since its founding in 1993. Technically, SME.sk employs a modern web technology stack including JavaScript frameworks, Google Fonts, and multiple advertising and analytics platforms such as Google DoubleClick, PubMatic, and Gemius. The site uses a custom CMS and shows good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with room for improvement in speed and accessibility. From a security perspective, the website enforces HTTPS with excellent SSL configuration and includes standard security headers. Privacy compliance is strong, with comprehensive privacy and cookie policies and GDPR adherence. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for enhancement. Overall, SME.sk presents a secure, professional, and trustworthy online presence with minor gaps in explicit security governance documentation. Strategic recommendations include publishing a dedicated security policy, establishing a vulnerability disclosure program, and enhancing accessibility to improve user experience and compliance.

V

Vyklízení nemovitostí Pardubice, bourací práce

vyklizeni-pardubice-hutla.cz

54

Vyklízení nemovitostí Pardubice, bourací práce is a small local business specializing in property clearance, waste removal, and demolition services primarily serving the Pardubice region in the Czech Republic. The company offers a wide range of clearance services including residential, commercial, and specialized spaces such as schools and warehouses. Their market position is that of a trusted local service provider with a focus on professional and ecological waste disposal. The website is well-structured, with clear contact information and a customer review, supporting trust and credibility. Technically, the website uses standard web technologies including jQuery, Facebook SDK, and Google Fonts. It implements GDPR-compliant cookie consent mechanisms and structured data markup for SEO. The site is mobile-optimized and provides a good user experience, though some security headers appear to be missing. The WHOIS data is unavailable, which limits domain legitimacy verification, but the website content and contact details suggest a legitimate small business. From a security perspective, the site uses HTTPS and has basic form validation and cookie consent. However, there is no explicit security or incident response policy published, and no advanced security headers detected. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the security posture is moderate but could be improved with additional headers and policies. The overall risk assessment is low to moderate. The main concern is the lack of WHOIS data which reduces domain trustworthiness. Strategic recommendations include enhancing security headers, publishing a security/privacy policy, and maintaining regular audits of third-party scripts. The business appears credible and the website professional, making it a reliable service provider in its niche.

A

ALSA.z.s

zsalsa.cz

47

The website www.zsalsa.cz represents ALSA.z.s, a Czech non-profit organization dedicated to supporting patients diagnosed with ALS and their families. The organization provides counseling, therapy consultations, specialized equipment lending, rehabilitation stays, and specialist home visits. It is positioned as the sole organization in the Czech and Slovak Republics focusing on ALS patient support. The website is well-designed, mobile-optimized, and rich in relevant content including news, events, and media coverage links. Social media presence is active on Facebook, YouTube, and Instagram. Technically, the site is built on Drupal 10 with Bootstrap 5.2 and uses modern web technologies including Vue.js and Google Tag Manager for analytics. The site is accessible and SEO-optimized, though performance is moderate. Security posture is adequate with HTTPS implied but lacks visible security headers and explicit privacy or cookie policies, which are compliance gaps. No WHOIS data is available, which reduces domain trustworthiness and should be investigated further. Overall, the site is a credible and professional resource for ALS patients and their families, but improvements in privacy compliance and security hardening are recommended to enhance trust and regulatory adherence.

Speciální stavby Most spol. s r.o. is a Czech company specializing in large-scale demolition, construction of industrial complexes, and steel structure assembly, with a market presence dating back to 1991. The company serves industrial and energy sectors, offering services such as demolition of reinforced concrete and steel structures, bridge constructions, and dismantling of power plant boilers. It operates continuous shift work and holds ISO certifications for quality, environmental, and occupational health and safety management, indicating a mature operational framework. Technically, the website is built on WordPress with common plugins for sliders, lightbox, and GDPR compliance. The site is moderately performant, mobile-optimized, and includes a cookie consent mechanism, reflecting a reasonable level of digital maturity. However, no advanced security headers were detected, and WHOIS data is unavailable, which slightly impacts trustworthiness. From a security perspective, the site enforces HTTPS and GDPR compliance, but lacks visible incident response contacts and security.txt files. No vulnerabilities or exposed sensitive data were found in the HTML content. The absence of WHOIS data and security headers suggests areas for improvement in domain transparency and security hardening. Overall, the website presents a professional and trustworthy business front with good compliance and content quality. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure policies, and improving domain registration transparency to strengthen trust and security posture.

D

DINEVA - cestovní agentura

dineva.cz

58

DINEVA is a Czech travel agency specializing in vacation packages to Bulgaria, Turkey, and Greece. The company collaborates with Czech and German travel agencies to provide a broad selection of trips, including custom travel arrangements and charter flight tickets. The website presents a professional and consistent brand image, targeting travelers seeking tailored holiday experiences in Eastern Mediterranean destinations. Technically, the site is built on Joomla CMS with modern frontend technologies such as Bootstrap and jQuery, and it integrates Google Analytics and Facebook Pixel for marketing and analytics purposes. Security posture is moderate with HTTPS enabled but lacks important security headers and visible privacy or cookie policies, indicating compliance gaps. The absence of WHOIS data for the domain raises concerns about domain legitimacy, although the website content and contact information appear credible. Overall, the site is functional and professional but would benefit from enhanced security and privacy compliance measures.

U

UnionOcel s.r.o.

unionocel.cz

51

UnionOcel s.r.o. is a Czech-based medium-sized manufacturing and wholesale company specializing in steel sheets, cuttings, and CNC machining services. Established in 2001, it has developed a strong market position as a leader in its sector, offering a broad portfolio of metalworking services supported by modern facilities and technologies. The website reflects a professional and consistent brand image, targeting industrial clients and manufacturers. Technically, the site employs modern web technologies including Bootstrap, jQuery, and integrates advanced analytics and marketing tools such as Google Tag Manager and Microsoft Clarity. Security measures include HTTPS, reCAPTCHA on forms, and cookie consent mechanisms, although some security headers are missing and no explicit security policy is published. Overall, the site is well-structured, GDPR compliant, and trustworthy, with no signs of malicious activity or content safety concerns.

Fastav Development is a Czech Republic based real estate developer specializing in retail parks and commercial centers with over 80 completed projects and 20 years of market presence. The company positions itself as a leading developer in the Czech and Slovak retail real estate market, targeting business clients and retail tenants. Their business model focuses on comprehensive development and management of retail properties. The website content is professionally presented, consistent, and relevant to their industry, though it lacks some compliance documentation such as privacy and cookie policies. Technically, the website uses a traditional tech stack including jQuery, Google Analytics, Google Tag Manager, and Highslide JS for image slideshows. It is built on the WebRedakce CMS platform by NETservis s.r.o. The site is mobile optimized with good navigation and design quality but lacks advanced accessibility features and SEO optimization. Security posture is basic with no detected security headers or HTTPS verification in the provided data, and no incident response or vulnerability disclosure information is published. The WHOIS data is unavailable publicly, likely due to privacy protection or registry policies, which slightly reduces trustworthiness. However, the business information on the site is consistent and credible. Overall, the website is functional and professional but would benefit from improved security practices, privacy compliance, and transparency to enhance trust and compliance.

F

FK Dukla Praha

fkdukla.cz

49

FK Dukla Praha is a well-established Czech football club with a strong online presence, offering comprehensive information about its teams, matches, fan activities, and merchandise. The website serves as a central hub for fans and stakeholders, providing timely news, match reports, and engagement opportunities. Technically, the site employs modern web technologies including Bootstrap and jQuery, integrates multiple analytics and marketing tools, and maintains GDPR compliance with a clear privacy and cookie policy. Security posture is generally good with HTTPS enforced and cookie consent implemented, though improvements in security headers and script hygiene are recommended. Overall, the site is professional, trustworthy, and well-aligned with the club's brand and business objectives.

F

FC Zlín

fcfastavzlin.cz

47

FC Zlín is a Czech football club with an official website providing comprehensive information about the club, including news, match schedules, team rosters, ticket sales, fan merchandise, and partner details. The site targets football fans and the local community, offering engagement through social media and online services. The business model revolves around sports club promotion, fan engagement, and merchandising. Technically, the website uses modern frontend technologies such as Bootstrap, jQuery, OwlCarousel, and integrates Google Analytics and Facebook SDK for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and explicit privacy or security policies. WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency. Overall, the site is trustworthy and professional but could improve privacy compliance and security practices.

C

Calliditas s.r.o.

calliditas.net

10

Calliditas s.r.o. is a Czech technology company specializing in integrating modern technologies such as virtual and augmented reality (XR) and artificial intelligence (AI) into educational materials and business process optimization. The company collaborates with educational institutions, government bodies, and leading Czech brands, positioning itself as a key player in the Czech technology and education sectors. Their market position is supported by multiple ISO certifications and membership in a technology cluster, indicating a commitment to quality and security. The website is built on a modern WordPress platform with WooCommerce and Elementor, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and ISO 27001 certification, though the site lacks explicit privacy and cookie policies, which are recommended for compliance. Overall, the site is professional, well-branded, and trustworthy, targeting businesses and educational organizations in the Czech Republic.

The website www.elita.blog serves as a professional magazine and blog platform focused on technology, business, IT, and related topics primarily for a Czech-speaking audience. It is closely associated with ARICOMA, a technology company, which is evident from branding and linked parent company references. The site offers curated articles, interviews, and insights targeting professionals and enthusiasts interested in digital transformation, public administration, and innovation. Technically, the site employs modern frontend technologies including jQuery, Bootstrap, Google reCAPTCHA, and Google Tag Manager, ensuring a responsive and user-friendly experience. Security posture is adequate with HTTPS enforced and basic security practices like CAPTCHA and cookie consent implemented, though some security headers are missing. Privacy compliance is addressed through cookie consent and links to GDPR information on the parent company site. However, the absence of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy, though the professional presentation and parent company association mitigate this concern. Overall, the site is well-positioned as a niche media outlet within the technology sector in the Czech Republic.

Register.com operates as a domain registration and web services provider integrated under the Network Solutions and Newfold Digital umbrella. The company offers a comprehensive suite of services including domain registration, web hosting, website building, professional email, SSL certificates, and online marketing solutions targeted primarily at small businesses and entrepreneurs. The website reflects a mature digital presence with consistent branding and a professional user experience. Technically, the site leverages Adobe Experience Manager as its CMS, uses modern web technologies, and includes accessibility and privacy compliance tools such as AudioEye and OneTrust. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and a public security policy are absent. WHOIS data for the domain is unavailable or protected, which slightly reduces transparency but does not detract significantly from the site's legitimacy given its association with Network Solutions. Overall, the site is well-structured, secure, and compliant with privacy regulations, making it a trustworthy platform for domain and web services.

D

Mzdový software DUNA MZDY

dunamzdy.cz

48

The website www.dunamzdy.cz represents a Czech payroll software provider targeting small and medium-sized enterprises and contributory organizations. The site offers a modern payroll system named DUNA MZDY with a free trial version, positioning itself as a specialized solution in the Czech market. The business model revolves around software sales and support for payroll management. Technically, the website employs common analytics and marketing tools such as Google Analytics, Google Tag Manager, and Smartsupp Live Chat, indicating a moderate level of digital maturity. The site is accessible without WAF or blocking mechanisms, and it is mobile-optimized with good SEO practices. However, the absence of WHOIS registration data and lack of visible privacy or terms of service pages reduce the overall trust and compliance posture. Security-wise, HTTPS is enabled, but advanced security headers and policies are not evident. The site lacks explicit contact information and security incident response details, which are important for business credibility and compliance. Overall, the website is functional and professional but would benefit from enhanced transparency and security documentation.

T

TILL CONSULT a.s.

dunamedik.cz

10

The website www.dunamedik.cz represents TILL CONSULT a.s., a Czech company specializing in healthcare software solutions tailored for medical offices, including dental and general practitioners. Their flagship product, DUNA MEDIK, supports electronic communication with health insurance companies and other health authorities, facilitating patient record management, appointment scheduling, billing, and vaccination tracking. The company holds a solid market position in the Czech healthcare software sector, targeting medical professionals with specialized software variants. Technically, the website employs modern web technologies such as Google Analytics, Smartsupp Live Chat, Bootstrap framework, and SVG icons, ensuring a responsive and user-friendly experience. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, though it lacks some advanced security headers and explicit incident response information. The absence of WHOIS data reduces domain transparency and trust slightly, but the overall professional presentation and clear contact information mitigate this concern. Strategic recommendations include enhancing security headers, publishing security policies, and improving domain registration transparency.

D

Dojo Academy

dojoacademy.fr

61

Dojo Academy is a specialized educational institution focused on training professionals in the sports sector, particularly judo and related disciplines. Founded in 2021, it offers a range of diploma programs, continuing education, and workshops, including partnerships with prestigious institutions such as Université Paris Dauphine – PSL. The website reflects a well-structured and professional digital presence with clear branding and comprehensive course offerings. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance and mobile responsiveness. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is basic, with no explicit privacy or terms of service pages detected. Overall, the site is trustworthy and well-positioned within its niche market.

E

Envibus

envibus.fr

55

Envibus operates as the public transportation network for the Communauté d'Agglomération Sophia Antipolis, providing urban and school bus services, transport on demand, and real-time traffic information. The website is well-structured, professionally designed, and targets residents and commuters in the Sophia Antipolis region. It promotes mobile applications and offers multiple ticket purchasing options, including SMS ticketing. Technically, the site is built on TYPO3 CMS with modern web technologies and includes accessibility and cookie consent features, reflecting a moderate to good digital maturity. Security posture is adequate with HTTPS and cookie consent, but lacks explicit security headers and published security policies. The absence of WHOIS data is a concern for domain legitimacy, though the website content and official affiliations suggest a legitimate entity. Overall, the site is trustworthy and functional but would benefit from enhanced transparency in privacy and security disclosures.

P

Purpose-Led Publishing

purposeledpublishing.org

51

Purpose-Led Publishing is a coalition of three reputable not-for-profit publishers in the physical sciences sector, focused on ethical scholarly communications and reinvesting all proceeds back into science. The coalition emphasizes research integrity and open science, targeting researchers and the global scientific community. The website reflects a professional and consistent brand image with clear messaging about their mission and values. Technically, the site is built on Webflow with modern web fonts and standard libraries, offering good mobile optimization and user experience. However, it lacks visible security headers, privacy policies, and cookie consent mechanisms, which are important for compliance and trust. The WHOIS data is unavailable due to privacy protection, which is common for such organizations, but the website content and partner domains strongly support legitimacy. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

D

Dk-design s.r.o.

lacne-skrine.sk

45

Dk-design s.r.o. operates the website lacne-skrine.sk, specializing in the manufacture and sale of custom built-in wardrobes and sliding doors primarily targeting consumers in Slovakia. The business leverages an online configurator to allow customers to design wardrobes tailored to their needs, complemented by direct delivery services. The company positions itself as a specialist offering wholesale pricing and emphasizes quality, customization, and customer service. The website content is well-structured, professional, and includes customer testimonials and social media engagement, enhancing trust and credibility. Technically, the website is built on WordPress with WooCommerce and uses modern plugins such as WPBakery Page Builder and Slider Revolution. It integrates Google Fonts, Google Tag Manager, Facebook Pixel, and Google reCAPTCHA, indicating a mature digital infrastructure. Hosting is provided by Websupport, as inferred from DNS records. The site is mobile-optimized and performs moderately well, with good SEO and accessibility features. From a security perspective, the site enforces HTTPS with DNSSEC enabled, uses reCAPTCHA to protect forms, and implements cookie consent mechanisms compliant with GDPR. However, it lacks explicit security policies or incident response contacts and could improve by adding security headers and a vulnerability disclosure policy. No vulnerabilities or suspicious activities were detected. Overall, lacne-skrine.sk presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility compliance to further strengthen the security posture and user trust.

P

Považský cukor a.s.

sweet-family.sk

57

SweetFamily, operated by Považský cukor a.s., is a well-established Slovak sugar manufacturing company with a history dating back to 1900. The company offers a variety of sugar products and supports its consumer base with recipes and blog content, targeting families and general consumers. The website reflects a professional and consistent brand image, with clear contact information and active social media channels. Technically, the site is built on WordPress with modern plugins and analytics tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and cookie consent mechanisms, although explicit security policies and incident response contacts are not present. Overall, the domain registration and business information are consistent and trustworthy, supporting the company's legitimacy and market position.

K

Cykloobchod, eshop a cykloservis | kubicasport.eu

kubicasport.eu

53

Kubicasport.eu is an established Slovakian e-commerce retailer specializing in cycling and winter sports equipment and services, operating since 1993. The website offers a comprehensive product catalog including bicycles, e-bikes, cycling apparel, accessories, and winter sports gear, supported by a bicycle and e-bike servicing business. The platform is professionally designed with good navigation and mobile optimization, leveraging modern web technologies such as Bootstrap, Google Tag Manager, and Facebook Pixel for marketing and analytics. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though the absence of a privacy policy and terms of service pages represents compliance gaps. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, the website presents a solid digital presence with room for improvement in privacy and security documentation.

R

Ridera Reality a.s.

riderareality.cz

55

Ridera Reality a.s. is a Czech Republic based real estate company operating since 2013 as a subsidiary of Ridera a.s. The company specializes in owning, managing, renting, and selling real estate properties primarily targeting corporate clients and members of the Ridera group. Their services include comprehensive property care, rental and management of both residential and commercial spaces, and development activities. The website presents a professional image with clear business information and references, supporting their market position as a niche real estate service provider. Technically, the website is built on WordPress with common plugins such as Contact Form 7 and Cookie Law Info, and integrates Google Analytics for visitor tracking. The site is mobile optimized with good SEO practices and a cookie consent mechanism compliant with GDPR. Performance is moderate with no major technical issues detected. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent for privacy compliance. However, it lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were found in the content. The WHOIS data is not publicly available, likely due to privacy protection, which is common for small businesses. Overall, the website is professional, secure, and compliant with privacy regulations, presenting a trustworthy business front. Strategic recommendations include enhancing security headers, publishing security policies, and adding a security.txt file to improve transparency and incident response readiness.

A

api.video

api.video

67

api.video is a technology company specializing in providing a comprehensive video API platform that enables businesses and developers to host, manage, encode, and deliver on-demand and live-stream videos efficiently. The company targets developers, digital agencies, and enterprises seeking to integrate high-quality video content into their websites, software, or applications. With a strong market presence evidenced by thousands of users and notable clients, api.video offers a robust set of services including AI-powered transcription and summarization, video analytics, and a global delivery infrastructure. The technical infrastructure is modern and mature, leveraging Next.js for frontend, AWS for hosting assets, and integrating multiple analytics and marketing tools such as HubSpot, Google Tag Manager, and Microsoft Clarity. The website is well-optimized for performance, mobile responsiveness, and SEO, reflecting a high level of digital maturity. Security best practices are observed with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response contacts are not publicly detailed. Overall, the security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR considerations. The domain WHOIS data is limited due to TLD restrictions and privacy protection but does not raise concerns given the professional website content and external trust signals. The risk assessment indicates a low risk profile with recommendations to enhance transparency by publishing dedicated security and incident response information. Strategic improvements in security communication and vulnerability disclosure would further strengthen trust and compliance.

R

Repromeda

repromeda.cz

50

Repromeda is a healthcare provider specializing in assisted reproduction and infertility treatment, serving primarily the Czech Republic and surrounding regions through multiple localized websites. The company has a strong market presence, having helped bring over 6000 children into the world, indicating a well-established position in the fertility treatment sector. Their website is professionally designed using WordPress and Elementor, with multilingual support and SEO optimization, targeting individuals and couples seeking fertility assistance. Technically, the website employs modern web technologies including Google Tag Manager, Google reCAPTCHA for form security, and Leaflet.js for map functionalities. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and security headers. The absence of WHOIS data reduces transparency and trustworthiness, but the website's content and social media presence support its legitimacy. Security posture is generally good with HTTPS enforced and anti-bot measures in place, but the lack of explicit security headers and absence of published security or incident response policies are areas for enhancement. Privacy compliance is basic, with a cookie consent mechanism present but no clear privacy policy or terms of service detected. Overall, Repromeda presents a credible and professional online presence in the healthcare sector, with recommendations to improve transparency, security headers, and privacy documentation to strengthen trust and compliance.

R

Accueil - Régions de France

regions-france.org

9

The website regions-france.org is an informational platform focused on providing details about the regions of France, targeting a general French-speaking audience. The site is built on WordPress using the Elementor page builder, incorporating standard web technologies such as Google Fonts and Font Awesome icons. The hosting is provided by OVH sas, a reputable hosting provider, with the domain registered since 2016, indicating a stable online presence. From a technical perspective, the website demonstrates moderate performance and good mobile optimization, though accessibility and SEO optimizations are basic. Security posture is adequate with HTTPS enabled; however, the absence of DNSSEC and security headers indicates room for improvement. Privacy compliance is weak due to the lack of privacy and cookie policies, and no incident response or vulnerability disclosure mechanisms are evident. Overall, the website is safe and suitable for general audiences, with no adult or questionable content detected. The business credibility is moderate, but the lack of contact information and compliance documentation limits trustworthiness. Strategic improvements in security headers, privacy policies, and contact transparency would enhance the site's security and compliance standing.

B

Blue Kiwi s.r.o.

bluekiwi.sk

61

Blue Kiwi s.r.o. is a Slovak-based creative agency specializing in branding, web development, e-commerce solutions, graphic design, and video production services. Established in 2012, the company targets startups and established businesses seeking to enhance their brand identity and digital presence. Their website showcases a professional portfolio and highlights key services, positioning them as a reliable partner in the creative industry within Slovakia. The company maintains an active social media presence and provides a newsletter subscription to engage with clients and prospects. Technically, the website is built on WordPress using the Enfold theme, supplemented by plugins for SEO (Yoast), GDPR compliance (Complianz), knowledge base management, and content display (The Grid). The site employs modern web technologies including Google Fonts, jQuery, and Google reCAPTCHA for form security. Hosting is likely provided by Websupport, as indicated by the nameservers. The website is mobile-optimized with good SEO practices and moderate performance. From a security perspective, the site enforces HTTPS with DNSSEC enabled, uses Google reCAPTCHA to protect forms, and implements a cookie consent banner compliant with GDPR. However, it lacks explicit security policies, incident response contacts, and advanced security headers, which are recommended for enhanced protection. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, Blue Kiwi's website reflects a professional and trustworthy digital presence with good compliance and security posture for a small creative agency. Strategic improvements in security headers, incident response transparency, and accessibility could further strengthen their security and compliance standing.

D

Dobří Sousedé

dobri-sousede.cz

56

Dobří Sousedé is a Czech non-profit association dedicated to supporting local community projects, youth sports, nature protection, and nationwide social initiatives. The organization is financially backed by SKIAREÁL KLÍNOVEC s.r.o., a regional ski resort operator with a long-standing presence in the Krušné hory region. The website presents a professional and consistent brand image, focusing on community engagement and sustainable development. Technically, the website is built on WordPress using the Divi theme and several plugins for content display and sliders. It employs modern web technologies including HTTPS and jQuery, with moderate performance and good mobile optimization. However, it lacks advanced SEO and accessibility features. From a security perspective, the site uses HTTPS but lacks important security headers and does not disclose privacy or cookie policies, which are critical for GDPR compliance. No contact information or incident response details are provided, limiting transparency and user trust. The absence of WHOIS data reduces domain trustworthiness, though the site content and corporate sponsorship suggest legitimacy. Overall, the website is functional and informative but requires improvements in privacy compliance, security best practices, and transparency to enhance trust and regulatory adherence.

Tourmkr.com is a technology-focused website operated by Gothru Media Inc., offering a virtual tour creation platform tailored for Google Trusted Photographers and businesses requiring immersive 360-degree virtual tours. The platform provides a rich set of features including predefined themes, plugins, VR support, and downloadable tours, positioning itself as a niche player in the virtual tour market. The business model is subscription-based with free and paid tiers, targeting professionals in real estate, architecture, and tourism sectors. The company is based in Canada and has been operational since 2015, reflecting a mature presence in its domain. Technically, the website leverages modern web technologies such as Angular 14 and Progressive Web Application standards, ensuring good mobile optimization and user experience. Hosting is managed via Amazon AWS infrastructure, and the site integrates with external services including Oculus VR platforms and Google APIs. While the site performs moderately well, there is room for improvement in SEO and accessibility compliance. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks several security headers and formalized privacy and cookie policies, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure mechanisms are publicly available, indicating potential gaps in security governance. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain and business. Overall, Tourmkr.com presents a professional and trustworthy platform with solid technical foundations but requires enhancements in privacy compliance and security best practices to strengthen its risk posture and regulatory adherence.

MAS Střední Vsetínsko, z. s. is a non-profit association focused on supporting commercial and non-profit activities to improve the quality of life in 12 municipalities within the Střední Vsetínsko region of the Czech Republic. The organization facilitates access to European subsidies for local development and supports various sectors including public, business, and non-profit. The website reflects a regional development facilitator with a clear mission and community focus. Technically, the website is built on WordPress using common libraries such as jQuery, Bootstrap, and Smart Slider 3, hosted by REG-WEDOS. The site is moderately optimized for performance and mobile devices, with basic SEO and accessibility features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and visible privacy or cookie policies, indicating room for compliance improvement. Overall, the domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

Z

Zemědělské družstvo MÍR Ratiboř

zdmirratibor.cz

45

Zemědělské družstvo MÍR Ratiboř is a well-established agricultural cooperative based in Ratiboř, Czech Republic, with a history dating back to 1957. The cooperative focuses on traditional agricultural production including dairy cattle breeding, milk production, crop cultivation for feed, and operates a sawmill for timber processing. The website reflects a mature regional business with clear contact information and EU project involvement, indicating active development and modernization efforts. Technically, the site uses AMP technology for fast mobile performance and is hosted by a reputable Czech provider. Security posture is adequate but could be improved with explicit security headers and privacy policies. No forms or tracking scripts are present, reducing privacy risks but also indicating limited user interaction. Overall, the site is professional, trustworthy, and serves its target audience effectively.

L

LOBSTER BISTRO

lobster-bistro.cz

49

LOBSTER BISTRO is a small hospitality business operating a restaurant in the Czech Republic, offering a harmonious dining experience with creative food and a pleasant atmosphere. The website reflects a local restaurant's digital presence with a focus on user experience and basic analytics integration. The technical infrastructure includes modern analytics tools such as Google Analytics and Matomo, with cookie consent mechanisms implemented to comply with privacy regulations. However, the absence of visible privacy policies, terms of service, and contact information limits the website's compliance and trustworthiness. Security posture is moderate, with no detected security headers and unknown SSL configuration, suggesting room for improvement in hardening the website's defenses. Overall, the website is functional and professionally designed but lacks critical compliance and security documentation, which should be addressed to enhance trust and legal standing.

W

web by iW

webbyiw.cz

43

The website 'web by iW' is a small-scale web design and development service operated by Ing. Iveta Štyndlová, targeting clients seeking new websites or redesigns. The business appears to be locally focused in the Czech Republic, with contact primarily via phone and Facebook. Technically, the site is built on WordPress using the Elementor page builder, indicating a modern but basic digital infrastructure. The site is HTTPS enabled, but lacks advanced security headers and privacy policies, which are important for compliance and trust. No WHOIS data is available, which limits domain legitimacy assessment but the site content and contact details suggest a legitimate small business presence. Overall, the site is functional but could improve in privacy compliance and security posture.

A

American Heart Association

heart-veterans.jobs

71

The American Heart Association website dedicated to veterans careers provides a comprehensive platform for employment opportunities, veteran resources, and organizational information. The site targets military veterans seeking to transition into civilian healthcare and non-profit roles, emphasizing support and inclusion. The organization holds a strong market position as a leading non-profit in cardiovascular health advocacy, supported by multiple certifications and awards. Technically, the site employs modern frameworks such as Nuxt.js, integrates Google Tag Manager for analytics, and uses responsive design to ensure accessibility across devices. Security posture is solid with HTTPS enforcement and user privacy respected through clear policies and cookie consent mechanisms, though explicit security headers and incident response details are absent. Overall, the site is professional, trustworthy, and well-aligned with its mission, offering a safe and informative user experience.

W

WEST MEDIA, s.r.o.

dinopark.cz

65

DinoPark operates a network of dinosaur-themed amusement parks across several European countries, providing family-friendly entertainment and educational experiences. The company is positioned as a regional leader in themed attractions with multiple locations and a strong brand presence. The website is professionally designed, mobile-optimized, and rich in content, supporting the business model effectively. Technically, the site uses modern frameworks like Next.js and React, with good SEO and performance characteristics. Security posture is generally good with HTTPS enforced, but lacks some advanced security headers and public incident response information. The absence of WHOIS data reduces domain trust from a registration perspective, but the business information and online presence indicate legitimacy. Overall, the site is safe, compliant with GDPR, and targets families and educational groups.

F

FC Zlín

fczlin.com

47

FC Zlín operates an official football club website serving the Czech Republic's regional sports community. The site provides comprehensive information about the club, including team rosters, match schedules, news updates, ticket sales, and fan merchandise. The business model centers on engaging fans and partners through digital channels, supporting ticketing and merchandising revenue streams. The website demonstrates consistent branding and a professional design tailored to sports enthusiasts and local supporters. Technically, the website employs a modern frontend stack including Bootstrap, jQuery, OwlCarousel, and Font Awesome, ensuring a responsive and user-friendly experience. Hosting and domain registration are managed transparently with Tucows Domains Inc. as registrar and DNS servers located in the Czech Republic. Performance is moderate with good mobile optimization, though SEO and accessibility features are basic. From a security perspective, the site uses HTTPS with domain transfer protections enabled but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. Privacy compliance is partial; while a terms of service and basic privacy policy exist, no cookie consent mechanism or GDPR-specific disclosures are evident. Incident response and security policy information are absent, representing a compliance gap. Overall, the website is functional and trustworthy for its audience but would benefit from improved security hardening and privacy compliance measures. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

F

FK Dukla Praha

fkduklapraha.cz

51

FK Dukla Praha is a well-established Czech football club with a strong digital presence through its official website. The site offers comprehensive information about the club, including team rosters, match reports, fan engagement activities, and an integrated fan shop. The club targets football fans and the local community, leveraging merchandising and ticket sales as key revenue streams. Technically, the website employs modern web technologies such as Bootstrap and jQuery, and integrates multiple analytics and marketing tools including Google Analytics and Facebook Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the website uses HTTPS and implements cookie consent mechanisms, but could improve by adding explicit security headers and a vulnerability disclosure policy. The domain registration data is consistent with the club's history and location, supporting the site's legitimacy. Overall, the website demonstrates a mature digital infrastructure suitable for its business model but has room for security and compliance enhancements.

C

Clarity Creation

claritycreation.com

47

Clarity Creation is a small, established marketing and communications agency based in Liverpool, UK, specializing in web development, corporate branding, graphic design, advertising campaigns, SEO, and email marketing. The company has been operating since 1999 and serves a diverse client base including public and private sector organizations. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information. Technically, the site runs on WordPress with common marketing and analytics tools such as Yoast SEO and Google Analytics. Security posture is moderate with HTTPS enabled but lacks visible security headers and dedicated security policies. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and business information appear credible. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the site presents a trustworthy business front but would benefit from improved security transparency and domain registration clarity.

The website francouzskarestaurace.cz operates as an online magazine primarily in Slovak language, offering a broad range of informational articles covering topics such as investing, home improvement, energy, gastronomy, and lifestyle. It is built on WordPress CMS and uses common web technologies including Google Fonts and FontAwesome icons. The site presents a moderate level of digital maturity with good content quality and user experience but lacks comprehensive privacy and security policies. No WHOIS registration data is available, which raises concerns about domain legitimacy and trustworthiness. The absence of contact information and social media presence further limits business credibility. Security posture is basic with no detected security headers and unknown SSL configuration. Overall, the site is safe for general audiences and provides useful content but requires improvements in privacy compliance, security best practices, and transparency to enhance trust and compliance.

C

Carlton Football Club

carltonians.com.au

54

Carlton Football Club operates a professional and well-branded corporate hospitality website focused on the Carltonians Coterie match-day experience. The site targets business professionals and club supporters offering premium hospitality packages at major stadiums. The digital infrastructure uses modern JavaScript libraries and tracking tools, with a responsive design and good SEO practices. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and cookie consent mechanisms are missing. WHOIS data is unavailable due to privacy policies, but the site’s branding and external links support legitimacy. Overall, the site presents a trustworthy and professional digital presence for the club's hospitality services.

F

Foundry Digital

foundrydigital.com.au

51

Foundry Digital is a small Australian digital agency specializing in web development, design, and digital marketing services. The company targets businesses and organizations seeking digital excellence and positions itself as a partner in crafting digital solutions. The website content is minimal but professional, with a focus on branding and service description. The technical infrastructure includes modern JavaScript modules, Google Fonts, and Google Analytics for tracking, hosted on Panthur servers in Australia. However, the site lacks visible privacy and cookie policies, contact emails, and security headers, which limits its compliance and security posture. The domain registration is consistent with the business claims, registered via a reputable registrar with appropriate domain status protections.

Myriad Media, Inc. is a small, established multimedia communications agency founded in 1997, specializing in the intersection of design, technology, and strategy. They serve a diverse clientele including private sector companies, government agencies, educational institutions, and nonprofits. Their key services include graphic design, custom application development, content management, responsive websites, branding, UX/UI design, and IoT solutions. The company holds relevant certifications such as 8(a) and Virginia SWaM, positioning them well for government contracting opportunities. Technically, the website employs modern web technologies including HTML5, CSS3, Bootstrap, jQuery, and various JavaScript libraries for UI enhancements. The presence of Sitefinity CMS and ASP.NET C# in portfolio descriptions suggests a robust backend infrastructure. The site is mobile optimized and demonstrates good design and navigation, though accessibility and SEO optimizations are basic. Hosting appears to be supported by AWS DNS services. From a security perspective, the domain is well-established with a long registration history and clientTransferProhibited status, indicating domain transfer protection. However, the site lacks DNSSEC, security headers, and explicit privacy or cookie policies, which are areas for improvement. No incident response or vulnerability disclosure information is provided. The contact information is clearly presented, including a company email and phone number, enhancing business credibility. Overall, the website is professional and trustworthy with good business credibility and technical implementation. Privacy compliance and security posture require enhancement to meet modern standards. There are no indications of adult or questionable content, and no WAF or blocking mechanisms interfere with content accessibility.