Security Directory

W

Wolters Kluwer ČR, a. s.

rodicevitani.cz

55

The website www.rodicevitani.cz serves as the official platform for the 'Rodiče vítáni' certification, a recognized mark for schools in the Czech Republic that foster positive communication and trust with parents. The project is managed under Wolters Kluwer ČR, a reputable company, and targets educational institutions and parents seeking quality assurance in school-family relations. The site provides information on certification criteria, renewal processes, and contact support, positioning itself as a trusted resource in the Czech education sector. From a technical perspective, the website employs modern frontend technologies including Bootstrap 5 and integrates Google Tag Manager for analytics and consentmanager.net for cookie consent management. The site is mobile optimized with a clear navigation structure and professional design, although some accessibility and SEO enhancements could be made. The absence of detected CMS or hosting details limits deeper infrastructure insights. Security-wise, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and explicit incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, likely due to privacy protection, which is common for corporate domains but limits domain age verification. Overall, the site demonstrates a moderate security posture with room for improvement in headers and transparency. The overall risk assessment is low, with the site appearing legitimate, professionally maintained, and compliant with GDPR requirements. Strategic recommendations include enhancing security headers, improving accessibility, and publishing vulnerability disclosure or incident response policies to strengthen trust and security culture.

D

Databox s.r.o.

proskoly.cz

62

Proskoly.cz is an established Czech educational portal operated by Databox s.r.o., providing a comprehensive range of cognitive ability tests, questionnaires, and practice exercises for students from preschool through secondary school. The platform targets students, teachers, and parents, offering tools to support learning in subjects such as languages, mathematics, and informatics. With over 19 years of market presence, the site enjoys a stable position supported by collaborations with schools and adherence to national educational standards. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, and Google Tag Manager, ensuring responsive design and good user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and vulnerability disclosure channels are not publicly documented. Overall, the site demonstrates high legitimacy and trustworthiness, supported by consistent WHOIS data and transparent contact information.

A

Altisima software SE

e-jidelnicek.cz

41

e-Jídelníček is a Czech Republic based SaaS platform specializing in intelligent food ordering and canteen management services. The platform enables users to order and cancel meals, monitor account balances, and verify attendance, targeting educational institutions and their users. The website is operated by Altisima software SE, an established software company with a domain age dating back to 2001, indicating a mature market presence. The business model revolves around providing digital meal management solutions accessible via web and mobile apps on Android and iOS platforms. The company maintains a consistent brand presence and partners with related software solutions, enhancing its ecosystem.

S

Schools United s.r.o.

kraloveskoly.cz

58

Schools United s.r.o. operates a professional e-commerce platform specializing in custom clothing and supplies for schools, sports teams, and interest groups primarily in the Czech Republic. The company offers tailored apparel collections and school equipment through a user-friendly online shop, supported by strong customer testimonials and a clear brand identity. The website is well-structured, mobile-optimized, and provides comprehensive privacy and cookie policies, reflecting a mature digital presence. Technically, the site leverages the Shoptet e-commerce platform with integrations for analytics and marketing tools such as Google Analytics, Facebook SDK, and Poptin. Security posture is solid with HTTPS enforcement and CSRF protections, though explicit security headers could be improved. The absence of WHOIS data indicates privacy protection, common for such businesses, but reduces transparency. Overall, the site demonstrates a trustworthy and professional business with good compliance and technical standards.

InGenius Webdesign is a Czech Republic-based small web development company specializing in custom internet presentations, web applications, e-commerce, and related digital services. With over 200 completed projects, they serve businesses seeking tailored online solutions. Their website demonstrates a professional design with clear navigation and good mobile optimization, leveraging technologies such as jQuery, LESS.js, Kooboo CMS, and integrating marketing tools like Google Analytics and Facebook Pixel. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. However, the absence of WHOIS data and security headers indicates areas for improvement in trust and security posture. Overall, the company presents a credible and professional digital presence with moderate technical maturity and a good security baseline.

The domain e-svatek.cz is newly registered in March 2024 and currently serves as a parked domain with no active business content or services. The website primarily displays a domain-for-sale message and embeds an iframe from an external source, likely for monetization purposes. There is no privacy policy, cookie policy, terms of service, or contact information available, which significantly limits the site's credibility and user trust. The technical infrastructure is minimal, with basic HTML, CSS, and JavaScript, and no detected CMS or advanced frameworks. Security posture is weak due to lack of HTTPS enforcement and absence of security headers. Advertising scripts and tracking pixels from third-party ad networks are present, indicating monetization attempts but with poor transparency.

K

Kuhn Ladetechnik

kuhn-mt.cz

61

Kuhn Ladetechnik operates as a specialist provider of cranes and lifting technology, targeting businesses and professionals in the transportation and industrial sectors. The website presents a professional and well-structured digital presence, emphasizing their product range and services. The technical infrastructure leverages modern frameworks such as Bootstrap and integrates Cookiebot for cookie consent management, alongside Google Tag Manager for analytics. The site is served over HTTPS with a service worker registered, indicating a commitment to modern web standards and security. However, the absence of explicit privacy policies, terms of service, and contact information limits full compliance and trust signals. Security posture is generally good with HTTPS and cookie consent, but lacks advanced security headers and incident response disclosures. Overall, the website is legitimate and functional but would benefit from enhanced transparency and security documentation.

A

AUREA INVEST, a.s.

betonserver.cz

40

BetonServer.cz is a well-established Czech industry portal specializing in concrete and related construction materials and services. Operating since 1999 under the company AUREA INVEST, a.s., it offers a comprehensive directory of companies, categorized listings, industry news, and advertising opportunities tailored to construction professionals and suppliers in the Czech Republic. The portal serves as a key resource for locating concrete producers, prefabricate manufacturers, material suppliers, and recycling centers, positioning itself as a leading niche platform in its market. Technically, the website employs a modern JavaScript stack including jQuery, Select2, Fancybox, and MapLibre GL JS for interactive maps, alongside Google Analytics for user tracking. The site is mobile-optimized with responsive design and uses HTTPS for secure content delivery. However, no explicit CMS or security frameworks are identified, and some standard security headers appear to be missing. From a security perspective, the site shows good baseline practices such as HTTPS usage and no exposed sensitive data. Yet, it lacks visible privacy and cookie policies, security incident response contacts, and vulnerability disclosure mechanisms, which are important for compliance and trust. The domain WHOIS data is consistent with the business claims, showing a long-standing registration since 1999, reinforcing legitimacy. Overall, BetonServer.cz is a credible and professionally maintained portal with solid business credibility and technical implementation. To enhance its security posture and privacy compliance, it should implement explicit privacy and cookie policies, add security headers, and provide incident response information. These improvements will strengthen user trust and regulatory adherence.

E

Ed. Züblin AG

zueblin.de

65

Ed. Züblin AG is a leading German construction and engineering company specializing in high and civil engineering projects. The website reflects a mature enterprise with a comprehensive service portfolio including sustainable building, tunnel construction, and specialized engineering sectors. The company positions itself as the market leader in Germany with a strong focus on quality and innovation. Technically, the website leverages a legacy IBM Domino CMS backend with modern frontend technologies such as Bootstrap and jQuery, supported by privacy-conscious analytics tools like Matomo and a robust cookie consent mechanism via OneTrust. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and explicit security policies are recommended. Overall, the site demonstrates good digital maturity and compliance with GDPR, supporting a trustworthy online presence.

N

Netzgesellschaft Ahlen mbH

erdgasumstellung-ahlen.de

40

Netzgesellschaft Ahlen mbH operates as a regional energy utility focused on the transition of natural gas supply from L-gas to H-gas in the Ahlen region of Germany. The website serves as an information hub providing detailed guidance on the conversion process, timelines, cost reimbursement, and technical information for installers and chimney sweeps. The company positions itself as a trusted local energy network operator with clear communication channels and customer support. Technically, the website is built on WordPress with standard plugins and libraries such as jQuery and Slick Carousel, hosted on generic servers with a secure HTTPS configuration. The site demonstrates good mobile optimization, accessibility, and SEO practices but lacks advanced security headers and cookie consent mechanisms. Security posture is solid with no visible vulnerabilities or exposed sensitive data, though formal security policies and incident response contacts are absent. Overall, the website is professional, trustworthy, and compliant with GDPR in terms of privacy policy presence but could improve in cookie consent and security transparency. The domain WHOIS data is minimal but consistent with a small regional utility, with no privacy protection or suspicious patterns detected.

Sportovec roku is a well-established Czech sports award platform operated by BPA sport marketing a.s., with a domain age dating back to 2004. The website serves as a media and event promotion platform targeting sports journalists and fans within the Czech Republic. It offers news, event information, and partner links related to Czech sports awards. Technically, the site is built on WordPress with Bootstrap and jQuery, featuring a responsive design and basic SEO and accessibility features. Security posture is adequate with HTTPS and GDPR-compliant cookie consent, though lacking advanced security headers and explicit security policies. No critical vulnerabilities or suspicious patterns were detected. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

K

Klub sportovních novinářů České republiky

ksn.cz

44

Klub sportovních novinářů České republiky is a professional association dedicated to sports journalists, including reporters, photographers, and filmmakers focused on sports topics. The organization provides news, organizes awards such as Sportovec roku and Zlatý míč, and offers member-exclusive events and databases. The website serves as a communication platform for members and the public, showcasing news, events, and contests related to sports journalism in the Czech Republic. Technically, the site is built on WordPress with Elementor and uses modern JavaScript libraries like Vue.js and Axios, supported by Google Analytics and Tag Manager for visitor tracking. The site is mobile-optimized and presents a professional design with clear navigation. Security posture is adequate with HTTPS and cookie consent mechanisms, though it lacks advanced security headers and explicit incident response information. WHOIS data is unavailable, likely due to privacy protection, but the website content and contact details support legitimacy. Overall, the site is a credible and professional platform for its niche audience.

S

SATOYA s.r.o.

satoya.cz

43

SATOYA s.r.o. is a Czech Republic-based IT service provider specializing in computer sales and servicing, IT outsourcing, web design, hosting services including webhosting, email, cloud, virtual and dedicated servers, and server housing. The company also develops custom software and hardware solutions, targeting businesses and individuals requiring reliable IT infrastructure and support. The website demonstrates a professional digital presence with detailed service descriptions, client references, and a regularly updated blog, indicating active engagement with its audience. Technically, the site is built on WordPress with modern plugins such as Smart Slider 3 and Yoast SEO, ensuring good SEO and mobile responsiveness. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit privacy policies are lacking. The absence of WHOIS data due to privacy protection slightly reduces trust but does not detract from the overall legitimacy. Strategic recommendations include implementing comprehensive privacy and cookie policies, publishing security and incident response information, and enhancing security headers and accessibility features.

I

inlab medical s.r.o.

inlab.cz

46

inlab medical s.r.o. is a Czech-based company specializing in the supply of medical and veterinary diagnostic equipment and consumables. With over 20 years of experience, the company serves both veterinary and human medical sectors, offering products such as hematology analyzers, biochemistry devices, and infectious disease detection tools. Their business model includes an e-commerce platform targeting medical professionals and practices. The website demonstrates a solid market position within its niche, supported by active content updates and customer engagement features.

O

oikos International

oikos-international.org

58

oikos International is a well-established non-profit organization focused on transforming management and economics education towards sustainability. With a global student community presence since 1987, it offers leadership programs, events, and advocacy for sustainable education. The website is built on a modern WordPress infrastructure using Elementor and Bootstrap, supported by Cloudflare DNS and Google analytics tools. Security posture is solid with HTTPS and domain transfer protection, though DNSSEC and security headers are absent. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the site is professional, trustworthy, and safe for general audiences.

W

Werbebaugesellschaft mbH

werbebau.com

49

Werbebaugesellschaft mbH is a German company specializing in exhibition stand construction and brand presentation services with over 50 years of industry experience. The company offers comprehensive services including consulting, design, construction, production, assembly, transport, and storage of exhibition materials. Their market position is that of an established medium-sized business serving clients worldwide, with a focus on delivering turnkey solutions from concept to execution. Technically, the website employs modern JavaScript libraries such as jQuery, Flexslider, and fullpage.js, combined with CSS3 and HTML5 standards. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. However, some accessibility features could be improved, and no CMS or hosting provider information is evident. From a security perspective, the site uses SSL encryption and implements cookie consent mechanisms, indicating awareness of privacy compliance. However, the absence of explicit security headers and the lack of publicly available security or incident response policies suggest room for improvement. The missing WHOIS data for the domain raises some concerns about domain legitimacy, although the website content and business information appear professional and trustworthy. Overall, the website is well-structured and informative, supporting the company's business credibility. Strategic recommendations include enhancing security headers, publishing security policies, updating libraries regularly, and improving accessibility to strengthen the security posture and compliance standing.

W

Wirtschaftsförderungsgesellschaft der Elektrohandwerke mbH (WFE)

wfe-shop.de

43

The WFE-Shop is a specialized B2B e-commerce platform serving the electrical trade sector in Germany. It provides essential work materials such as digital and print protocols, calculation aids, technical and business literature, and promotional items tailored for electrical craftsmen and Innungsmitglieder (guild members). The platform is positioned as a niche leader supporting the electrical trade community with targeted products and services. Technically, the website is built on the Magento platform, leveraging common JavaScript libraries and integrating Google reCAPTCHA and Usercentrics for security and privacy compliance. While the site demonstrates good content quality, navigation, and GDPR compliance, there are areas for security enhancement, notably updating outdated libraries and implementing security headers. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

T

Trustwave Security Colony

securitycolony.com

74

Security Colony is a cybersecurity resource platform operated under the Trustwave brand, offering a comprehensive suite of consulting-derived resources, assessments, and monitoring tools. The website targets CISOs and security professionals seeking cost-effective access to compliance toolkits (ISO27001, HIPAA), vendor risk assessments, maturity and ransomware readiness evaluations, breach monitoring, and expert forums. The business model is subscription-based with transparent tiered pricing, positioning Security Colony as a trusted partner leveraging years of consulting experience. Technically, the website is built with modern frameworks including Bootstrap and Hugo CMS, uses CDN-hosted libraries, and integrates Google Tag Manager for analytics. The site is mobile-optimized with good navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers and explicit incident response contacts could be improved. WHOIS data is unavailable, which slightly reduces trust but the strong association with Trustwave and professional presentation support legitimacy. Overall, the website is a credible, well-structured cybersecurity resource platform with room for enhanced security transparency and incident response information.

U

Unifyr

ziftone.com

67

Unifyr is a technology company specializing in partner ecosystem management through an all-in-one, AI-enabled Partner Relationship Management (PRM) and channel growth platform. The company targets businesses seeking to activate and scale partner programs efficiently, offering solutions that include channel sales, marketing, enablement, and learning management. With a strong market presence evidenced by client logos such as Canon, AT&T, and Panasonic, and recognition on platforms like G2, Unifyr positions itself as a trusted partner in the channel management space. Technically, the website leverages modern frameworks such as SvelteKit and employs advanced client-side script management with Partytown, alongside Google reCAPTCHA Enterprise for bot protection. The site demonstrates excellent performance, mobile optimization, and accessibility, reflecting a mature digital infrastructure. SEO and content strategies are well executed, supporting strong user engagement and discoverability. From a security perspective, the site enforces HTTPS, implements key security headers, and integrates consent management for privacy compliance. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, representing areas for improvement. The lack of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy, though the overall business credibility remains high based on website content and trust signals. Overall, Unifyr presents a professional, secure, and privacy-conscious web presence suitable for its B2B audience. Strategic enhancements in transparency around security policies and domain registration details would further strengthen trust and compliance posture.

The website www.gsbz-buchholz.de represents the Gesundheitsfachschule und Bildungszentrum Buchholz, affiliated with the Krankenhäuser Buchholz und Winsen gemeinnützige GmbH. It serves as a portal for healthcare education, training, and employment opportunities in the Buchholz and Winsen region of Germany. The site targets prospective students and job seekers interested in healthcare professions, providing detailed information about training programs, career paths, and affiliated hospitals. The business operates as a non-profit healthcare and educational institution, positioning itself as the largest employer in the region with a strong community focus. Technically, the website is built on TYPO3 CMS, utilizing modern frontend libraries such as jQuery and Owl Carousel. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. Performance is moderate, and the site is served over HTTPS with no visible security vulnerabilities or exposed sensitive data. However, there is no cookie consent mechanism or explicit security and incident response policies published, which are areas for improvement. From a security perspective, the site maintains a good posture with HTTPS and no detected vulnerabilities. The absence of security headers and incident response information slightly reduces the security maturity. Privacy compliance is adequate with a clear privacy policy and terms of service, but the lack of cookie consent and data protection officer contact details indicates partial GDPR compliance. Overall, the website is professional, trustworthy, and well-aligned with its business goals. Strategic recommendations include implementing cookie consent, publishing security policies, enhancing accessibility, and adding security headers to improve compliance and security posture further.

E

Ed. Züblin AG

strabag-teamconcept.com

61

Ed. Züblin AG operates the TEAMCONCEPT® platform, a pioneering construction partnering model in Germany with over 25 years of experience. The company focuses on holistic project planning, digital innovation, transparency, trust, and sustainability to deliver efficient construction projects. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting construction industry stakeholders. Technically, the site uses modern JavaScript libraries, privacy-conscious analytics (Matomo), and a robust cookie consent mechanism (OneTrust), hosted on AWS infrastructure. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the domain and website content are consistent with the business claims, indicating a trustworthy and professional online presence.

X

XPEDE s.r.o.

xpede.cz

42

XPEDE s.r.o. is a newly established Czech construction company specializing in earthworks, site preparation, landscaping, demolition, and infrastructure excavation services. The company targets private and commercial investors as well as municipalities, aiming to provide solid foundational work for various construction projects. The website presents a professional image with clear service descriptions and a contact form, supported by a phone contact and Instagram presence. Technically, the site is built on WordPress using Elementor and OceanWP theme, with modern web technologies and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks explicit security headers and privacy policies. Analytics tools are present but not fully configured, indicating room for improvement in data collection and privacy compliance. Overall, the site is functional and trustworthy for a small local business but would benefit from enhanced security and compliance documentation.

P

PŠV stavby s.r.o.

psvstavby.cz

52

PŠV stavby s.r.o. is a small Czech construction company founded in 2018, providing comprehensive construction services including project management, engineering, and construction realization primarily in the South Bohemian region. The website presents a clear business description and branding consistent with the company's profile. Technically, the site uses standard open source libraries such as Bootstrap, jQuery, and FontAwesome, with moderate performance and good mobile optimization. However, the site lacks advanced security headers and does not implement HTTPS verification in the provided data, which limits its security posture. Privacy and cookie policies are absent, indicating gaps in compliance with GDPR requirements. Overall, the website is functional and professional but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

S

SILBA-Elstav s.r.o.

silba.cz

49

SILBA-Elstav s.r.o. is a well-established Czech construction company with over 25 years of experience, specializing in residential, commercial, industrial, and historical building projects primarily in the Plzeňský kraj and surrounding regions. The company offers comprehensive construction and reconstruction services, supported by ISO 9001, ISO 14001, and ISO 45001 certifications, reflecting a strong commitment to quality, environmental management, and occupational health and safety. Their website demonstrates a professional digital presence built on WordPress with modern frameworks and includes clear contact channels and compliance with GDPR and cookie regulations. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response details could be improved. Overall, the company presents a trustworthy and credible profile with a moderate to high technical maturity level.

OSK Praha s.r.o. is a Czech construction company specializing in earthworks, demolition, waste disposal, material transport, and land reclamation. The company has been operating since 2007 and collaborates with large construction and development firms, positioning itself as a reliable local service provider. The website reflects this business focus with clear service descriptions and references to industry-related external resources. Technically, the website is built on Joomla CMS using Bootstrap and SP Page Builder, providing a responsive and professional design. However, the site lacks advanced SEO and accessibility features and does not include privacy or cookie policies, which are critical for compliance. Security posture is basic with HTTPS and CSRF protection but lacks important HTTP security headers and incident response contact information. Overall, the website is functional and professional but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

LS stavby s.r.o. is a medium-sized Czech construction company specializing in ground and engineering construction projects, including residential buildings, industrial halls, and infrastructure such as roads and bridges. The company employs approximately 100 workers and operates its own concrete plant and vehicle fleet, indicating a vertically integrated business model. The website reflects a well-established regional player with multiple awards and ongoing projects, reinforcing its market credibility. Technically, the website uses a traditional tech stack with jQuery 1.8.2, bxSlider, and Fancybox for UI elements, hosted by a Czech registrar REG-ZONER. While the site is accessible and functional with basic mobile optimization and SEO, it lacks modern CMS features and advanced accessibility. The absence of structured data and outdated libraries suggest opportunities for modernization. From a security perspective, the site uses HTTPS and has no visible exposed sensitive data, but lacks security headers and uses an outdated jQuery version, which could pose risks. There is no published privacy policy or terms of service, which are compliance gaps under GDPR. Cookie consent is implemented via an external service, indicating some privacy awareness. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, updated security practices, and technical modernization to reduce risks and improve user trust.

Základní škola, Praha 10, Křimická 314 is a Czech primary school focused on extended language education, offering English from first grade and German from sixth grade. The school provides various facilities including computer labs, a library, sports facilities, and a modern training kitchen. It actively participates in language and sports competitions and maintains partnerships with institutions abroad. The website serves as a communication platform for students, parents, and staff, featuring blogs, event calendars, and document archives. Technically, the site uses a modern tech stack with popular JavaScript libraries and CSS frameworks, built on the Vitalex CMS platform. Security posture is moderate with HTTPS and cookie consent implemented, but lacks advanced security headers and explicit security policies. The absence of WHOIS data reduces domain trust but the website content and contact details indicate a legitimate educational institution. Overall, the site is well-designed, mobile-optimized, and provides relevant content for its audience.

K

KDS Sedlčany

kds.cz

47

KDS Sedlčany is a Czech manufacturing company specializing in the production of knives, scissors, and various cutting tools. With a long tradition and expertise in cutlery manufacturing, the company offers high-quality products and services including sharpening, repairs, custom production, and manufacturing cooperation. The website reflects a medium-sized enterprise with a clear business focus on manufacturing and retail, targeting both B2B and B2C customers. Technically, the site is built on ASP.NET Web Forms with legacy jQuery and integrates modern analytics and marketing tools with GDPR-compliant cookie consent mechanisms. Security posture is moderate with HTTPS usage and cookie consent but lacks explicit security headers and incident response contacts. The absence of WHOIS data reduces domain trustworthiness, but the website content and business information appear professional and legitimate. Overall, the site is well-structured, user-friendly, and compliant with privacy regulations.

C

Cortusa Group s.r.o.

cortusa.cz

53

Cortusa Group s.r.o. is a small regional real estate developer based in the Czech Republic, specializing in residential housing projects near Plzeň. The company emphasizes affordable, modern, and energy-efficient homes with a focus on customer satisfaction and proximity to nature. Their website reflects a professional approach with clear contact information, project showcases, and financing options. Technically, the site uses modern JavaScript libraries and tracking tools such as Google Analytics and CookieScript for consent management, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS implied, but lacks visible advanced security headers and explicit security policies. The absence of WHOIS data due to privacy protection slightly reduces trust but is common for small businesses. Overall, the website is safe, compliant with GDPR, and presents a trustworthy business front.

S

Sprachliche Bildung im Kontext von Migration und Mehrsprachigkeit (BIMM)

bimm.at

58

BIMM (Sprachliche Bildung im Kontext von Migration und Mehrsprachigkeit) is a specialized educational network in Austria focused on promoting quality development and professionalization of educators teaching German as a second language and language education in migration contexts. It operates as a collaborative network of Austrian pedagogical universities, offering seminars, webinars, publications, and advisory services. The website reflects a well-maintained digital presence with a focus on educational content and community engagement. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Bootstrap for responsive design. It uses external libraries like jQuery and CanvasJS for interactive elements. The site is mobile-optimized and includes accessibility considerations, though some improvements could be made. Performance is moderate with no critical technical issues detected. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR. However, explicit security headers are not detected, and no formal security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data aligns well with the website's Austrian educational identity, supporting legitimacy. Overall, BIMM's website is a trustworthy, professional platform serving educators and institutions in Austria. Strategic recommendations include enhancing security headers, publishing a formal security policy, and maintaining regular updates to plugins and themes to ensure ongoing security and compliance.

F

Forschungszentrum Inklusive Bildung (FZIB)

fzib.at

10

The Forschungszentrum Inklusive Bildung (FZIB) is a collaborative research center affiliated with Universität Graz, Pädagogische Hochschule Steiermark, and Private Pädagogische Hochschule Augustinum. It focuses on research in inclusive education and digitalization, supporting scientific youth and practical applications through its Digital Lab for Inclusion. The website reflects a well-established academic entity with a clear mission and target audience in education and research sectors. Technically, the site is built on TYPO3 CMS with Angular components, uses modern web standards, and integrates analytics tools like Matomo and Google Analytics with privacy considerations such as IP anonymization and cookie consent. Security posture is strong with HTTPS and no visible vulnerabilities, though formal security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, serving its academic and public audience effectively.

H

Heimstaden UK

heimstaden.com

58

Heimstaden UK operates as a leading residential and commercial landlord offering long-term rental apartments and commercial properties across Europe. The company positions itself as a market leader with a strong focus on simplifying and enhancing tenants' lives through its Friendly Homes vision. The website reflects a mature business with a large portfolio, supported by a consistent brand presence and comprehensive content targeting renters and commercial clients in the UK and Europe. Technically, the site is built on WordPress with modern SEO and analytics tools, hosted on Azure infrastructure, and implements cookie consent mechanisms aligned with GDPR requirements. Security posture is solid with HTTPS and cookie management, though some security headers and policies could be improved. The domain WHOIS data confirms a long-established and legitimate business presence. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though it lacks explicit contact and security policy details.

Č

České priority

pank.cz

46

PANK is a specialized research and advisory project operated by the Czech non-profit organization České priority, focusing on enhancing knowledge work and informed decision-making within Czech public administration. The website serves as a resource hub offering guides, case studies, and recommendations tailored for teams in government organizations. The project is supported by the Technological Agency of the Czech Republic, indicating credible backing and alignment with national research priorities. Technically, the website is built using modern frameworks such as Quarto and Bootstrap, with privacy-conscious analytics via Matomo configured to respect DoNotTrack and disable cookies. The site is well-structured, mobile-optimized, and provides a professional user experience with clear navigation and relevant content. Security posture is good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data, though explicit security headers and formal policies like privacy and cookie policies are missing, representing areas for improvement. Overall, the domain registration data is consistent with the website's purpose and origin, supporting legitimacy and trustworthiness.

I

Informované vládnutí | České priority

informovanevladnuti.cz

53

The website 'Informované vládnutí | České priority' presents a government-related initiative focused on evidence-based policymaking to address 21st-century challenges such as automation, demographic changes, and environmental protection. The site is built on the Wix platform, leveraging modern JavaScript technologies and polyfills to ensure compatibility and performance. The technical infrastructure is moderate in performance with good mobile optimization but basic accessibility and SEO features. Security posture is solid with HTTPS enforcement and JavaScript hardening, though explicit security headers are missing. Privacy and cookie policies are not found, and no contact or business registration information is visible, which impacts trust and compliance assessments. The absence of WHOIS data limits domain legitimacy verification. Overall, the site appears professional and safe but would benefit from enhanced transparency and compliance documentation.

T

tectraxx

tectraxx.com

43

tectraxx is a technology-focused service provider specializing in combining technical expertise with project management experience. The website is built on TYPO3 CMS and targets professionals in technical and project management fields. The digital infrastructure includes modern consent management via Usercentrics and analytics through Piwik PRO, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS implied and cookie consent implemented, but lacks visible security headers and published security policies. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and design are professional. Overall, the site presents a moderate risk profile with recommendations to improve transparency and security compliance.

G

Gebrüder Weiss

euroexpress.at

59

EuroExpress, operated under the parent company Gebrüder Weiss, is a well-established European logistics cooperative founded in 1982. The company specializes in express delivery, special transport services, and distribution logistics across Europe, supported by a network of over 600 depots. Their website reflects a professional and consistent brand presence targeting business customers requiring fast and reliable transport solutions. Technically, the site is built on TYPO3 CMS, uses modern consent management via Usercentrics, and analytics through Piwik PRO, indicating a mature digital infrastructure. Security posture is solid with HTTPS and privacy compliance mechanisms, though formal security policies and incident response contacts are not publicly disclosed. Overall, the site is trustworthy, well-maintained, and aligned with GDPR requirements.

X

Xvise

xvise.com

8

Xvise is a logistics consulting company specializing in independent automation planning and implementation support. The website presents a professional image with clear business focus on logistics and technology integration, targeting businesses seeking to optimize their logistics processes. The technical infrastructure is based on WordPress CMS with modern plugins for SEO, analytics, and consent management, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks some advanced security headers and explicit privacy/security policies. The absence of WHOIS domain registration data raises concerns about domain legitimacy, impacting overall trust. Strategic recommendations include improving transparency with privacy and terms policies, securing domain registration details, and enhancing security headers to strengthen trust and compliance.

D

Dicall

dicall.com

57

Dicall is an established Austrian call center and telecommunication service provider founded in 2002. The company specializes in outbound and inbound call center operations, telemarketing, market research, and customer acquisition services. Positioned as a reliable and professional player in the Austrian market, Dicall targets businesses seeking communication and call center solutions. The website reflects a professional business model with consistent branding and a clear focus on quality and customer orientation. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Cookiebot for GDPR compliance. It uses Bootstrap for responsive design and integrates Google reCAPTCHA for form security. Analytics and marketing tools include Google Analytics, Piwik Pro, LeadFeeder, and LinkedIn tracking, all managed with user consent via Cookiebot. Security posture is good with HTTPS enforced and reCAPTCHA usage, but lacks some advanced security headers and explicit security policies. Contact information is primarily via a contact form, with no direct emails or phone numbers publicly listed. Overall, the site is trustworthy, GDPR compliant, and professionally maintained, though it could improve by adding terms of service and explicit security policies.

J

Justice for Nature

pralesdetem.cz

50

Justice for Nature is a Czech Republic based non-profit organization dedicated to protecting wild nature and ecosystems through volunteer programs, conservation activities, and education. The organization operates internationally with active projects in Costa Rica, Slovakia, and the Czech Republic, focusing on biodiversity monitoring and environmental sustainability. Their website reflects a well-structured and content-rich platform targeting environmental volunteers and supporters. Technically, the site is built on Webflow with modern web technologies including jQuery and Google Fonts, offering a good user experience and mobile optimization. Security posture is moderate with HTTPS implied but lacking explicit security headers and cookie consent mechanisms. WHOIS data is unavailable due to privacy protection, which is common for non-profits and does not raise immediate concerns. Overall, the website demonstrates legitimacy, good business credibility, and a strong partner ecosystem.

OZ BRÁZDA s.r.o. is a Czech Republic-based company specializing in the supply and distribution of fresh fruits and vegetables. Established in 2010, the company offers a wide range of over 1600 product types and operates distribution services 362 days a year, positioning itself as a reliable supplier in the retail sector. The website reflects a medium-sized business with a clear focus on fresh produce and serves a general audience interested in healthy food options. Technically, the website is built on WordPress using the Avia Framework and integrates Google Analytics and Google Tag Manager for tracking. The site is moderately optimized for performance and mobile devices, with good SEO practices in place. Security-wise, the site uses HTTPS but lacks visible security headers and formal security policies, indicating room for improvement in security posture and compliance. Privacy compliance is limited due to the absence of a privacy policy and terms of service, although a cookie consent mechanism is implemented. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy of the company.

B

Úvod

bonavitabody.cz

45

Bonavita.cz operates as a loyalty program platform primarily targeting consumers in the Czech Republic. The website facilitates the collection of loyalty points through a dedicated mobile application and allows users to redeem these points for rewards. The business model centers on incentivizing customer engagement and repeat purchases through partnerships with various retail brands. The site demonstrates a consistent brand presence and integrates social media channels to enhance user engagement. From a technical perspective, the website employs a modern frontend technology stack including Bootstrap 4.3.1, jQuery, Google reCAPTCHA v3, and various UI enhancement libraries such as Slick Carousel and AOS. The site is mobile-optimized and includes basic SEO and accessibility features. SSL is properly configured, ensuring secure communications. Security posture is moderate with HTTPS enforced and bot protection via reCAPTCHA. However, the absence of advanced security headers and explicit security policies indicates room for improvement. Privacy compliance is addressed through a cookie consent mechanism and a basic cookie policy page, aligning with GDPR requirements. No direct company contact emails or phone numbers are provided, which may impact user trust and support accessibility. Overall, the website presents a legitimate and functional loyalty program platform with a moderate security and privacy posture. The lack of WHOIS data due to privacy protection is common for small businesses and does not raise immediate concerns. Strategic enhancements in security headers, accessibility, and transparent contact information would strengthen the platform's trustworthiness and compliance.

E

eSports.cz, s.r.o.

tenisovysvet.cz

45

Tenisový svět is a Czech-language media portal focused on comprehensive tennis news, rankings, tournaments, and live streams. It serves tennis fans primarily in the Czech Republic but covers international tennis events as well. The site is professionally designed and maintained by eSports.cz, s.r.o., a media company with a solid presence in the Czech sports media market. The business model relies on advertising revenue, supported by Google Adsense and partnerships with companies like OK System. The website offers rich content including daily news, player rankings, tournament schedules, and live match coverage, targeting tennis enthusiasts and sports followers.

P

Poháry Bauer

pohary-bauer.cz

53

Poháry Bauer is a Czech-based company specializing in the manufacture and sale of sports trophies, medals, plaques, and figurines. The company operates both an e-commerce platform and multiple physical stores across the Czech Republic and neighboring countries, targeting sports clubs, event organizers, and individuals seeking sports awards. Their business model includes custom production and printing services starting from a single piece, positioning them as a leading supplier in their niche market. The website is professionally designed with good navigation, mobile optimization, and SEO practices, reflecting a mature digital presence. Technically, the website employs modern JavaScript libraries, Google Tag Manager, and structured data for SEO enhancement. It uses HTTPS with a good SSL configuration and includes accessibility features. The site integrates tracking tools with consent management, indicating a basic level of privacy compliance. However, explicit privacy and security policy pages are limited, and WHOIS data for the domain is unavailable, which slightly impacts trust assessment. From a security perspective, the site enforces HTTPS and uses Google’s analytics and advertising tools with consent restrictions. No critical vulnerabilities or exposed sensitive data were detected. Security headers are assumed but not explicitly visible in the HTML. The absence of a dedicated security policy or vulnerability disclosure page suggests room for improvement in security transparency. Overall, Poháry Bauer presents a trustworthy and professional online presence with a solid business foundation. The lack of WHOIS data and limited explicit privacy/security policies are minor concerns. Strategic recommendations include enhancing security headers, publishing clear security and privacy policies, and establishing a vulnerability disclosure process to further strengthen trust and compliance.

T

Thaya-dev

vinarstvithaya.cz

61

Vinařství THAYA is a Czech winery business established in 2020, offering a unique combination of winery products, hotel accommodation, and restaurant services near Znojmo, close to the Austrian border. The website presents a professional and polished digital presence with multilingual support, integrated e-commerce, and reservation systems. The business targets wine consumers and tourists seeking quality hospitality experiences. Technically, the site is built on WordPress with modern performance optimizations and uses trusted third-party services for analytics and booking. Security posture is solid with HTTPS and consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with clear policies and cookie consent. Overall, the website reflects a trustworthy and mature business with a strong regional market position.

I. Český Lawn Tennis Klub Praha (ČLTK) is a well-established tennis club based in Prague, Czech Republic, with a domain age dating back to 2000. The club offers tennis court rentals, memberships, tennis lessons, and hosts tennis events, targeting tennis enthusiasts and players in the local region. The website is professionally designed with clear navigation and consistent branding, reflecting a focused business model centered on sports and hospitality services. Technically, the site uses MySUITU CMS and includes common JavaScript libraries such as jQuery and Slick Carousel, though some libraries are outdated which may pose security risks. The site is mobile optimized and performs moderately well.

Delmart is a Czech retail supermarket and bistro chain primarily operating in Prague, offering a wide range of food products including fresh produce, bakery items, dairy, meats, deli, and beverages. The company also supports online shopping and delivery through partners such as Wolt and Kosik.cz, positioning itself as a convenient local food retailer. The website is professionally designed with good content quality and consistent branding, targeting general consumers in the region. Technically, the website employs a moderate technology stack including jQuery, Google Tag Manager, Google Analytics 4, and Facebook Pixel for analytics and marketing. The site is mobile optimized and uses HTTPS, but lacks some advanced security headers and accessibility features. Cookie consent is implemented with detailed user options, though a dedicated privacy policy page is missing. From a security perspective, the site demonstrates basic good practices such as HTTPS enforcement and cookie consent mechanisms. However, the absence of explicit security headers and contact information for incident response or data protection officers indicates room for improvement. The missing WHOIS data reduces trust slightly but does not negate the legitimacy suggested by the website content and external references. Overall, the website presents a moderate risk profile with no critical vulnerabilities detected. Strategic improvements in privacy policy transparency, security headers, and contact information would enhance compliance and trustworthiness.

Linhartova nadace is a well-established Czech non-profit foundation dedicated to supporting arts and culture. The website provides information about its projects, archives, foundation details, fundraising efforts, and contact options primarily through a contact form and newsletter subscription. The foundation has a significant history dating back to 1987, supported by a domain registered since 2001, indicating a stable and credible presence in the cultural sector. Technically, the website is built on WordPress 5.6.16, utilizing common web technologies such as jQuery, Bootstrap 4, FontAwesome, and Google Fonts. It integrates marketing and analytics tools like MailerLite and Google Analytics. The site is moderately optimized for performance and mobile devices, with a good user experience and clear navigation structure. From a security perspective, the site uses HTTPS and employs some anti-bot measures on forms. However, it lacks visible security headers such as Content-Security-Policy or HSTS, and no explicit security or incident response policies are published. Privacy compliance is partially addressed with a privacy policy document available, but no cookie consent mechanism is evident. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website presents a moderate risk profile with room for improvement in security best practices and privacy compliance. The foundation's digital presence is credible and professional, serving its target audience effectively.

P

Pinseria Sicily Café

pinseriasicily.cz

42

Pinseria Sicily Café is a small local Czech café and restaurant specializing in Italian pinsa and related food and beverage offerings. The website provides an online ordering platform primarily targeting local customers interested in Italian cuisine. The business appears to be recently established in 2021 and operates with a straightforward online presence. Technically, the website uses modern JavaScript modules and custom web components, hosted likely by Wedos, a Czech hosting provider. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is basic with no visible security headers or HTTPS confirmation in the provided data, and privacy compliance is minimal with only a basic privacy policy and terms of service linked but no cookie consent mechanism. Overall, the website is functional and professional but would benefit from enhanced security and privacy features to improve trust and compliance.

A

ABX software s.r.o.

abxharsys.cz

53

ABX software s.r.o. operates the website abxharsys.cz, offering a premium point-of-sale (POS) system tailored for restaurants and hospitality businesses primarily in the Czech Republic. Their product emphasizes ease of use and operational efficiency for restaurant management. The company positions itself as a niche provider within the hospitality technology sector, targeting small to medium-sized restaurant operators. The website content is professionally presented, with clear branding and relevant business information, although explicit contact details and legal policies are not prominently available. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, integrating third-party services such as Google Tag Manager, Cookiebot for cookie consent management, and Limetalk for live chat support. The site uses HTTPS with strong SSL configuration and leverages Cloudflare services inferred from cookies and scripts, enhancing security and performance. Mobile optimization and SEO practices are good, contributing to a positive user experience. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and comprehensive cookie consent with granular user controls. However, the absence of explicit security headers and a published security policy or incident response contact reduces the overall security maturity. No vulnerabilities or exposed sensitive data were detected in the analysis. The lack of WHOIS data due to privacy protection is noted but is not uncommon for small software companies and does not significantly detract from legitimacy given the professional web presence. Overall, the website presents a low-risk profile with solid business credibility and technical implementation. Strategic recommendations include publishing privacy and terms of service documents, enhancing security headers, and providing explicit security and incident response information to further strengthen trust and compliance.

A

ABX software s.r.o.

ab-x.cz

48

ABX software s.r.o. is a Czech Republic-based company specializing in the development and provision of reliable point-of-sale (POS) systems and software solutions tailored for hospitality and retail sectors including restaurants, hotels, shops, and rental services. The company positions itself as a stable and leading supplier in the Czech market, offering both sales and rental models for their software and hardware products, complemented by comprehensive technical support and service. Their website reflects a professional and user-friendly digital presence with clear navigation, detailed product offerings, and active customer engagement through support portals and social media. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Slick Carousel, and Google Tag Manager, ensuring a responsive and interactive user experience. The presence of cookie consent mechanisms and privacy policies indicates compliance with GDPR regulations. However, the absence of detected HTTP security headers and unknown SSL configuration suggest areas for security enhancement. The WHOIS data is notably missing, which raises concerns about domain registration transparency but does not directly impact the visible professionalism of the site. From a security perspective, the site demonstrates good practices such as cookie consent and no visible exposure of sensitive data. The use of third-party analytics and marketing tools is managed with user consent. No critical vulnerabilities or security incidents are evident from the content. Overall, the site maintains a moderate to good security posture but would benefit from improved security headers and domain registration transparency. The overall risk assessment is moderate with recommendations to improve domain WHOIS visibility, implement robust HTTP security headers, and verify SSL configurations. These steps will enhance trust and security posture, supporting the company’s market position and customer confidence.