Security Directory

Otok Krk energija d.o.o. is a Croatian limited liability company focused on producing and supplying renewable energy, primarily solar, to achieve energy independence for the island of Krk. The company is relatively new, founded in 2019, and is owned by the local municipality of Baška with plans to include other local government units as co-owners. Their business model centers on local investment and sustainable energy production, positioning themselves as a key player in the regional green energy market. The website reflects this mission with content in Croatian and some English, targeting local residents, investors, and governmental bodies interested in renewable energy projects. Technically, the website uses common web technologies such as Bootstrap, jQuery, and popular carousel libraries, with integration of Google Analytics and Facebook SDK for tracking and marketing purposes. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security posture is moderate; HTTPS is used but no explicit security headers or incident response policies are published. Privacy and cookie policies exist but lack active consent mechanisms. Overall, the website is professional and trustworthy but could improve in security and privacy compliance. Recommendations include implementing security headers, adding cookie consent, publishing incident response information, and enhancing contact transparency.

Z

ZONER, s.r.o.

zonercloud.com

73

ZonerCloud, operated by ZONER, s.r.o., is a Slovakia-based cloud services provider specializing in high-performance virtual private servers (VPS), managed hosting, email hosting, cloud storage, and AI/GPU server rentals. The company positions itself as a market leader in VPS performance within its region, leveraging partnerships with VMware and Microsoft to deliver reliable and scalable cloud infrastructure solutions. Their offerings target businesses and developers seeking affordable, powerful, and flexible cloud computing resources with rapid deployment times and strong uptime guarantees. Technically, the website demonstrates a mature digital infrastructure using modern web technologies such as Bootstrap, jQuery, and various UI/UX libraries. It integrates analytics and marketing tools including Google Analytics, Google Tag Manager, and Facebook Pixel, alongside a live chat support system. The site is well-optimized for mobile devices, features comprehensive cookie consent mechanisms, and employs HTTPS with a DigiCert SSL certificate, indicating a strong commitment to security and privacy. From a security perspective, while the site enforces HTTPS and uses secure forms with CSRF tokens, it lacks publicly available formal security policies or incident response disclosures. No critical vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS registrant data slightly reduces trust but is mitigated by the professional presentation and trust signals such as certifications and partner logos. Overall, ZonerCloud presents a trustworthy and professional cloud service platform with strong business credibility and technical maturity. Strategic improvements in transparency around security policies and incident response, as well as WHOIS data availability, would further enhance trust and compliance posture.

Energetska zadruga "Otok Krk" is a small Croatian energy cooperative focused on promoting renewable energy and energy independence on the island of Krk. The cooperative provides consulting, project support, collective purchasing, and education services to local residents and businesses. Their website reflects a community-oriented business model with clear contact information and active social media presence. Technically, the site uses common web technologies such as jQuery, Bootstrap, and Owl Carousel, providing a moderate performance and good mobile optimization. Security posture is moderate with HTTPS usage but lacks explicit security headers and incident response policies. Privacy compliance is basic with privacy and cookie policies present but no consent mechanism. Overall, the website is professional and trustworthy, with a legitimacy score supported by consistent WHOIS data and domain age.

E

EPICUR Alliance

epicur.education

56

EPICUR Alliance is a consortium of nine European higher education institutions collaborating to provide innovative educational programs, research initiatives, and regional ecosystem engagement. The website serves as a multilingual portal offering information on educational offers, research projects, events, and partner universities. The technical infrastructure is based on WordPress with modern web technologies including Bootstrap, jQuery, and Matomo analytics, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although additional security headers could enhance protection. Privacy compliance is well addressed with GDPR-aligned policies and consent banners. Overall, the website reflects a professional and trustworthy educational alliance with a strong digital presence.

D

demch.co

demch.co

51

demch.co is a Ukrainian-based web development company specializing in creating websites and digital services for non-profit organizations and social change initiatives. With over 12 years of experience and more than 300 projects completed, the company positions itself as a trusted partner for NGOs, government agencies, and international organizations. Their key services include full-cycle website development, consulting, technical support, branding, design, and animation. The website is professionally designed, mobile-optimized, and provides clear contact information, enhancing user trust and engagement. Technically, the site employs modern web technologies such as HTML5, CSS3, JavaScript, and popular libraries like jQuery, TweenMax, and AOS for animations. Google Analytics and Google Tag Manager are used for tracking, indicating a moderate level of user data collection. Hosting appears to be managed via NameCheap with custom DNS servers. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site uses HTTPS and has domain transfer protections in place. However, it lacks DNSSEC and visible security headers, which are recommended to enhance security posture. No privacy, cookie, or terms of service policies are present, representing compliance gaps especially under GDPR. No incident response or vulnerability disclosure information is provided. Overall, the website is safe, professional, and trustworthy with a strong focus on serving the non-profit sector. Strategic improvements in privacy compliance and security hardening would further strengthen its position and reduce risk.

C

CZECHIA (Zoner)

czechia.cz

72

CZECHIA.COM is a professional Czech-based online service provider specializing in domain registration, webhosting, email solutions, virtual servers, and SSL/TLS certificates. The company positions itself as a market leader in the Czech Republic with over 30 years of experience and a large customer base. Their offerings include advanced WordPress hosting, AI-assisted domain name suggestions, and 24/7 live customer support. The website is well-designed, mobile-optimized, and rich in content, targeting individuals and businesses seeking reliable internet services. Technically, the site uses modern frameworks and analytics tools, ensuring good performance and user experience. Security practices include HTTPS enforcement and email security standards, though explicit security headers and policies are not published. The WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy despite the professional appearance and association with the parent company Zoner. Overall, the site demonstrates strong business credibility but would benefit from improved transparency in privacy and security policies.

R

Rieker Shoe Canada

rieker.ca

72

Rieker.ca is the official Canadian e-commerce website for Rieker footwear, offering a range of boots, shoes, and sandals for men and women. The site targets Canadian consumers with a professional retail experience, leveraging Shopify as its platform. The business is well established, with a domain age dating back to 2002, and operates with a medium-sized footprint in the retail sector. The website integrates multiple third-party services for marketing, analytics, customer reviews, and form management, indicating a mature digital infrastructure.

F

Flatchr

flatchr.io

69

Flatchr is a French-based software company specializing in recruitment and candidate management solutions. Positioned as a leading ATS (Applicant Tracking System) in France, it offers a comprehensive SaaS platform that enables HR professionals and recruiters to streamline job posting, candidate sourcing, evaluation, and collaboration. The website is professionally designed, content-rich, and targets recruiters seeking efficient hiring tools. Technically, the site leverages HubSpot CMS, modern JavaScript libraries, and integrates marketing and analytics tools such as Google Tag Manager and HubSpot Analytics. Security posture is strong with HTTPS enforced and privacy policies in place, though some security headers could be improved. The WHOIS data is not publicly available, which slightly reduces trust but is mitigated by the professional web presence and compliance with GDPR. Overall, Flatchr demonstrates a mature digital infrastructure and a solid market position in the HR technology sector.

I

Intergovernmental Panel on Climate Change

ipcc.ch

63

The Intergovernmental Panel on Climate Change (IPCC) is a globally recognized United Nations body established in 1988 to provide policymakers with scientific assessments on climate change, its impacts, and mitigation strategies. The organization operates with 195 member countries and produces comprehensive reports that are key inputs for international climate negotiations. The website reflects a mature digital presence with extensive content, including reports, working group information, and activities, targeting policymakers, researchers, and the public interested in climate science. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, and various UI libraries. It is well-optimized for mobile and accessibility, though performance is moderate. Security posture is strong with HTTPS enforced and no exposed sensitive data, but could be improved by adding explicit security headers and a cookie consent mechanism to enhance GDPR compliance. Overall, the IPCC website demonstrates high professionalism, trustworthiness, and content quality. However, it lacks explicit contact emails or phone numbers on the homepage and does not display a cookie consent banner, which are areas for improvement. No WAF or blocking mechanisms were detected, allowing full content access for analysis.

A

American Podiatric Medical Association

apma.org

70

The American Podiatric Medical Association (APMA) operates a comprehensive and professionally designed website serving as a central resource for podiatrists, students, residents, young physicians, and patients. The organization, founded in 1912, provides education, advocacy, practice management resources, and membership benefits, positioning itself as a leading professional association in podiatric medicine in the United States. The website content is rich, well-structured, and targets multiple audiences effectively. Technically, the site is built on Mura CMS 7.0 with Bootstrap 3 and uses modern web technologies including jQuery, Font Awesome, Google reCAPTCHA, and Slick Carousel. The site is mobile optimized with good SEO and accessibility basics. Performance is moderate, with room for improvement in accessibility and security headers. Security posture is strong with HTTPS enforced and use of reCAPTCHA on forms, but lacks explicit security headers and a visible cookie consent mechanism. WHOIS data is unavailable due to a malformed response, which limits domain registration trust analysis, but the site’s professionalism and consistency with a legitimate association mitigate concerns. Overall, the site is trustworthy, well-maintained, and serves its professional audience well. Strategic improvements in security headers, privacy compliance, and WHOIS transparency would enhance trust and compliance further.

P

Private by Design, LLC

titcheck.org

61

Titcheck.org is a small US-based nonprofit organization focused on educating young adults about breast self-awareness and breast cancer risk reduction. The website promotes the #TitCheck concept, encouraging regular breast checks while getting dressed to empower early detection and advocacy. The site is professionally designed with modern frontend technologies including Bootstrap, jQuery, and animation libraries, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and domain locking, but lacks DNSSEC and comprehensive security headers. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanisms. The domain registration is consistent with the nonprofit mission and transparent. Overall, the website serves its educational purpose well but should improve privacy compliance and security disclosures to enhance trust and regulatory adherence.

H

HC Benátky nad Jizerou

hokejbenatky.cz

46

HC Benátky nad Jizerou is a Czech ice hockey club with a well-established online presence since at least 2002. The website serves as an information hub for the club's activities, including team rosters, match schedules, news updates, and youth hockey programs. It targets local fans, players, and the community, providing comprehensive sports-related content and partner promotions. The site is hosted likely by REG-ZONER, a Czech hosting provider, and uses a technology stack including Bootstrap, jQuery, and Slick Carousel. While the site is functional and mobile-optimized, it uses some outdated JavaScript libraries and analytics scripts, which pose potential security risks. The security posture is moderate, with cookie consent implemented but lacking visible security headers and modern analytics. No explicit privacy policy or terms of service pages were found, which may impact compliance. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the site. Strategic improvements in security and privacy compliance are recommended to enhance trust and protect user data.

T

Technical Design Jakub Zima

technical-design.cz

46

Technical Design, operated by Jakub Zima, is a small Czech web development business specializing in creating websites and web systems with nearly 20 years of experience. The website serves as a portfolio and contact point for potential clients, showcasing various completed projects. The technical infrastructure includes modern JavaScript libraries and frameworks such as jQuery, Bootstrap, and Slick Carousel, with Google reCAPTCHA implemented for form security. The site is served over HTTPS, ensuring encrypted communication. Security posture is solid but could be improved by adding security headers and formal policies. Privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the website is professional, trustworthy, and well-structured, suitable for its target audience of businesses and individuals seeking custom web development services.

East Bohemia Convention Bureau is a regional office established under the Destination Company of Eastern Bohemia, focused on promoting congress, corporate, and incentive tourism in the East Bohemia region of the Czech Republic. The website serves as an information hub for businesses and organizations seeking conference venues, event planning support, and regional tourism activities. It positions itself as a key regional promoter with partnerships including CzechTourism and local government entities. Technically, the website employs a modern JavaScript stack including jQuery, Foundation framework, and various UI libraries, hosted by a Czech registrar and hosting provider (WEDOS). The site is mobile optimized with good SEO practices and uses Google Analytics and Tag Manager for user tracking. However, it lacks some advanced security headers and explicit cookie consent mechanisms. From a security perspective, the site enforces HTTPS and uses secure forms with CSRF tokens, but does not publish security policies or incident response contacts. No vulnerabilities or suspicious content were detected. Privacy compliance is basic with a privacy/accessibility statement but no dedicated cookie or terms of service pages. Overall, the website is professional, trustworthy, and well-suited for its business purpose, with recommendations to enhance security headers, privacy compliance, and incident response transparency to further strengthen its posture.

R

RádiaCZ 2025

hitradiofmplus.cz

54

Hitrádio FM Plus is a Czech media company operating an internet radio station with multiple streaming channels, podcasts, and interactive content such as contests. The website targets Czech-speaking audiences interested in music and entertainment, providing a professional and content-rich platform. The technical infrastructure leverages modern web technologies including Google Tag Manager, Facebook Pixel, and Foundation CSS framework, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforcement, security headers, and CSRF protection, though explicit security policies and incident response contacts are absent. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced privacy and compliance disclosures.

G

Geosa spol. s r.o.

geosa.cz

47

Geosa spol. s r.o. is a Czech Republic-based construction company established in 1994, specializing in roofing, steel constructions, ventilation, and sandwich panel cladding. The company targets construction industry clients and businesses requiring specialized roofing and steel structure services. It maintains a solid market position with longstanding partnerships and ISO 9001:2000 certification, reflecting a commitment to quality. The website presents clear business information, contact details, and partner affiliations, supporting its credibility. Technically, the website uses common web technologies such as jQuery, Slick Carousel, Bootstrap, and Google Analytics. It is moderately performant with good mobile optimization and basic accessibility. SEO practices are adequate with proper meta tags and structured navigation. However, no CMS or hosting provider details are evident, and security headers are missing, indicating room for technical security improvements. Security posture is generally good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The presence of a cookie consent banner and privacy policy indicates basic GDPR compliance. However, the absence of security headers and incident response information suggests potential gaps in security maturity. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is justified for this business type. Overall, the website is professional, trustworthy, and business-focused with no adult or questionable content. Strategic recommendations include implementing security headers, publishing a security policy or incident response contact, and auditing third-party scripts to enhance security and compliance.

L

Ler digital studio s.r.o.

lerstudio.cz

41

Ler digital studio s.r.o. is a well-established Czech digital and branding agency founded in 2013, specializing in web development, graphic design, and online marketing services. The company targets both Czech and international clients, offering tailored digital solutions including website creation, e-commerce, branding, and marketing consultancy. Their market position is reinforced by multiple partnerships with recognized entities such as Google, Wix, Meta, and industry associations, reflecting a strong reputation and trustworthiness in the digital services sector. Technically, the website employs a modern technology stack including Laravel backend, jQuery, Bootstrap, and various front-end libraries for animations and user experience enhancements. The site is hosted by Wedos, a Czech hosting provider, and demonstrates good mobile optimization and SEO practices. Analytics and tracking tools are extensively used, including Google Analytics, Microsoft Clarity, Facebook Pixel, and retargeting services, indicating a mature digital marketing infrastructure. From a security perspective, the site enforces HTTPS and includes CSRF tokens for form security. However, it lacks explicit security headers and a formal security or incident response policy. Cookie usage is disclosed but lacks an explicit consent mechanism, which may be a compliance gap. No vulnerabilities or suspicious content were detected, and the domain registration data aligns well with the business claims, supporting legitimacy. Overall, Ler studio presents a professional, trustworthy, and technically competent digital agency with room for improvement in security best practices and privacy compliance mechanisms. Strategic enhancements in security headers, incident response transparency, and cookie consent would further strengthen their security posture and regulatory compliance.

A

Advisio marketing s.r.o.

advisio.hu

52

Advisio marketing s.r.o. is a well-established digital marketing agency founded in 2006, serving local companies and well-known brands primarily in the Czech Republic and neighboring Central European markets. Their core services include tailored marketing strategy planning, online campaign creation, and performance analysis. The company holds multiple industry certifications such as Premier Google Partner and Meta Business Partner, underscoring their expertise and market credibility. The website is professionally designed, mobile-optimized, and provides comprehensive contact options including phone, email, and physical addresses in Ostrava and Prague. Technically, the site is built on WordPress with modern marketing and analytics tools integrated, including Google Tag Manager, Facebook Pixel, and Google reCAPTCHA v3. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Overall, the site reflects a mature digital presence with strong business credibility and compliance with GDPR.

A

Advisio marketing s.r.o.

advisio.pl

52

Advisio marketing s.r.o. is a well-established digital marketing agency operating since 2006, specializing in creating and managing online marketing strategies primarily for e-commerce clients across Poland, Czech Republic, Slovakia, and Hungary. The company positions itself as a top-tier agency with a strong regional presence, offering comprehensive services from strategy design to campaign execution and performance analysis. Their website reflects a professional and consistent brand image, supported by multiple industry certifications such as Premier Google Partner and Meta Business Partner. Technically, the website is built on WordPress and leverages modern marketing and analytics technologies including Google Tag Manager, Facebook Pixel, and Google reCAPTCHA v3. The site is mobile-optimized, well-structured, and includes a comprehensive cookie consent mechanism, indicating a mature digital infrastructure and compliance with privacy regulations like GDPR. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks explicit security headers and published security policies or incident response contacts. No critical vulnerabilities were detected in the content or scripts. The absence of WHOIS data due to registry privacy protection slightly reduces transparency but is common for businesses of this type. Overall, Advisio presents a low-risk profile with strong business credibility and good security hygiene. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining up-to-date software to further strengthen their security posture.

A

Advisio marketing s.r.o.

advisio.sk

50

Advisio marketing s.r.o. is a well-established digital marketing agency founded in 2006, specializing in comprehensive online marketing strategies, PPC campaigns, and e-commerce marketing across multiple Central European markets including Czech Republic, Slovakia, Poland, and Hungary. The company holds multiple industry certifications such as Premier Google Partner and Meta Business Partner, underscoring its expertise and market credibility. Their website reflects a professional and content-rich platform targeting local firms and established brands, with a focus on data-driven and creative marketing solutions. Technically, the site is built on WordPress with modern analytics and tracking tools integrated, including Google Analytics, Facebook Pixel, and Google Tag Manager. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, though some security headers could be improved. Privacy compliance is strong with a clear cookie consent mechanism and a comprehensive privacy policy. Overall, Advisio presents a trustworthy and professional digital presence with good technical and security standards.

A

Advisio marketing s.r.o.

advisio.agency

50

Advisio marketing s.r.o. is a medium-sized digital marketing agency founded in 2006, specializing in comprehensive online marketing strategies and campaign management primarily for e-commerce clients across Central European markets including Czech Republic, Slovakia, Poland, and Hungary. The company holds multiple industry certifications such as Google Partner and Meta Business Partner, underscoring its professional credibility and expertise. The website is well-designed, mobile-optimized, and provides clear navigation and comprehensive content about services, client references, and contact information. Technically, the site is built on WordPress and leverages modern web technologies including jQuery, Google Tag Manager, and Facebook Pixel for analytics and marketing. Security measures include HTTPS enforcement and Google reCAPTCHA integration on forms, alongside a robust cookie consent mechanism compliant with GDPR. However, the absence of visible security headers suggests room for improvement in hardening the security posture. The WHOIS data is unavailable due to privacy or query failure, limiting domain registration verification. Despite this, the website's professional presentation, certifications, and detailed contact information indicate a legitimate and trustworthy business. No WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, Advisio demonstrates a strong digital maturity and security posture appropriate for its business sector, with recommendations to enhance security headers and incident response transparency to further strengthen trust and compliance.

E

ELTON hodinářská, a.s.

elton.cz

41

ELTON hodinářská, a.s. is a Czech-based manufacturer and retailer specializing in watches and clocks, including the well-known PRIM brand. The company operates a professional e-commerce platform targeting general consumers interested in quality timepieces and related accessories. Their market position is that of an established medium-sized manufacturer with a strong local presence and a parent company affiliation with Czechoslovak Group. The website offers a comprehensive product catalog, including watches, clocks, accessories, and custom production services. Technically, the site is built on a custom ASP.NET WebForms platform, utilizing modern JavaScript libraries such as jQuery and Bootstrap, with integrated analytics and marketing tools like Google Tag Manager and Mailkit for newsletters. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security policies or incident response contacts. No critical vulnerabilities or suspicious content were detected, and WHOIS data confirms the legitimacy and consistency of the domain registration with the business identity. Overall, the website is trustworthy, compliant with GDPR, and professionally maintained.

R

RONAL GROUP

ronal-wheels.com

59

RONAL GROUP operates an international website focused on manufacturing and supplying high-quality automotive wheels. The company offers a variety of wheel products including forged and winter wheels, targeting automotive dealers and vehicle owners globally. The website is professionally designed using Drupal 10 CMS, incorporating modern web technologies such as Vue.js and jQuery, and includes multimedia content and configurator tools to enhance user engagement. Privacy and cookie compliance are well implemented with a comprehensive privacy policy and an interactive cookie consent mechanism. However, the absence of WHOIS registration data for the domain www.ronal-wheels.com raises concerns about domain legitimacy, despite the professional appearance and active social media presence. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities, but the lack of explicit security policies and incident response contacts suggests room for improvement. Overall, the website presents a credible business front but should address domain registration transparency to enhance trust.

Z

ZAPA beton

zapa.cz

54

ZAPA beton is a Czech Republic-based large manufacturing company specializing in the production, delivery, and placement of concrete products. The company operates multiple branches and emphasizes sustainability and innovation in concrete technology, such as their ZAPA QCC and ZAPA NEXT products. The website is professionally designed using Drupal 10, with good mobile optimization and accessibility features. It provides clear navigation and relevant content for construction professionals and students. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

U

Univerzita Hradec Králové

mojeuhk.cz

44

Univerzita Hradec Králové operates a well-structured and professionally designed website targeting prospective and current students interested in higher education in the Czech Republic. The site presents multiple faculties and study programs, enriched with student testimonials and social media integration, reflecting a strong engagement with its audience. The business model is that of a public university providing educational services with a medium-sized presence in the regional education sector. Technically, the website leverages modern web technologies including Bootstrap, jQuery, and Laravel framework, with good mobile optimization and SEO practices. Security posture is solid with HTTPS, CSRF protection, and reCAPTCHA integration, though it lacks some advanced security headers and explicit incident response policies. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the site is trustworthy, safe, and professionally maintained.

R

Rytíři Kladno, eSports.cz s.r.o.

rytirikladno.cz

46

Rytíři Kladno is an established Czech ice hockey club with a strong online presence through its official website. The site provides comprehensive information about the club's activities, including news, match schedules, ticket sales, youth programs, and fan engagement initiatives. The business model focuses on sports entertainment, community engagement, and merchandising, supported by partnerships with notable sponsors. Technically, the website employs modern front-end technologies such as Bootstrap, jQuery, and Slick Carousel, with a custom CMS backend likely based on PHP. The site is mobile responsive and optimized for user experience, though performance is moderate. Security posture shows awareness with cookie consent and GDPR compliance, but lacks explicit security headers and documented incident response policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and stability.

H

HOCKEY CLUB DYNAMO PARDUBICE a.s.

hcdynamo.cz

44

HC Dynamo Pardubice is a Czech hockey club with an official website primarily serving fans and followers of the team. The site provides basic information about the club and includes links to ticket sales and partner sites. The business is positioned as a regional sports entity with a medium-sized presence and is supported by a parent company, eSports.cz s.r.o. The website uses modern web technologies such as Bootstrap and FontAwesome, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing purposes. However, the site content is minimal on the cover page, and lacks visible contact information and formal privacy or terms of service documents. Security posture is adequate with HTTPS and consent management but could be improved with additional security headers and published policies. Overall, the site is safe, professional, and trustworthy but basic in content and compliance.

H

Hotel Studánka

hotelstudanka.cz

44

Hotel Studánka is a well-established hospitality business located in the Czech Republic, offering a comprehensive range of services including accommodation, wellness treatments, restaurant dining, conference facilities, and event hosting such as weddings and cultural performances. The website reflects a strong regional market position with a focus on quality and customer experience. Technically, the site is built on WordPress with modern plugins and technologies, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and GDPR compliance evident through cookie consent mechanisms and privacy policies, although some security headers could be improved. Overall, the site presents a professional and trustworthy digital presence with clear contact information and active social media engagement.

G

GAPA cz a.s.

gapa-servis.cz

56

GAPA cz a.s. is a Czech-based manufacturing company specializing in concrete batching plants, industrial scales, and metal fabrication. Founded in 1990, it has established itself as a leading provider in its sector with a comprehensive service offering including 24/7 support and project realization. The company targets business customers in construction, industrial weighing, and metal fabrication industries, operating primarily in the Czech Republic. The website reflects a professional business presence with clear service descriptions and contact information. Technically, the site uses a moderate technology stack including jQuery, Google Tag Manager, and EasyWeb CMS, with basic mobile optimization and SEO practices. Security posture is moderate with cookie consent implemented but lacks visible security headers and explicit security policies. WHOIS data is missing, which reduces domain trustworthiness, but the website content and business information appear legitimate. Overall, the site scores well on content quality and business credibility but could improve in security and privacy compliance.

D

Dahasl s.r.o.

dahasl.cz

49

Dahasl s.r.o. is a Czech-based company specializing in the supply and installation of low-voltage technologies and security systems. The company positions itself as a traditional and reliable provider with extensive experience, offering comprehensive services from project design to maintenance and servicing of electrotechnical systems. Their target audience primarily includes businesses and organizations requiring advanced security and technology solutions. The website reflects a medium-sized enterprise with a professional online presence, including client references and statistical indicators of business activity. Technically, the website employs a standard modern technology stack including Bootstrap, jQuery, and various UI libraries, with a cookie consent mechanism and Google Analytics integrated with consent controls. The site is mobile-optimized and well-structured, though no CMS or hosting provider details are evident. Performance is moderate, and SEO practices appear adequate. From a security perspective, the site uses HTTPS (assumed though not explicitly confirmed), includes a cookie consent banner, and loads analytics scripts conditionally based on user consent. However, no explicit security headers or published security policies were detected, and no incident response or vulnerability disclosure information is available. The WHOIS data is unavailable, likely due to privacy protection, which limits transparency but does not inherently indicate risk. Overall, the website is professional and trustworthy with good privacy compliance and business credibility. The lack of WHOIS data and explicit security policies suggests areas for improvement in transparency and security posture. The risk level is moderate with no critical vulnerabilities detected in the analysis.

FOMA BOHEMIA spol. s r.o. is a well-established Czech manufacturer specializing in black and white photographic materials, radiodiagnostic films, and non-destructive testing (NDT) systems. Founded in 1921, the company has a long tradition and serves a niche market including photography professionals and industrial customers. Their business model includes manufacturing and direct sales through an e-shop partner site. The website reflects a consistent brand image and provides comprehensive product information and company history. Technically, the site is built on the EasyWeb CMS platform, utilizing modern JavaScript libraries and Google Analytics for user tracking. The site is mobile-optimized with good navigation and content quality. Security-wise, the site implements cookie consent mechanisms but lacks visible HTTP security headers and published security policies. The absence of WHOIS data reduces domain trust, though the website content and contact information appear legitimate. Overall, the site scores well on content and business credibility but could improve privacy compliance and security posture.

The World Lottery Association (WLA) operates a professional website serving as a global industry association for state-authorized lotteries and gaming organizations. The site offers resources including industry standards, knowledge sharing, events, and publications targeted at lottery operators and regulators worldwide. The organization is well-established with a domain registered since 1999 and headquartered in Switzerland. Technically, the website employs a modern tech stack including jQuery, Bootstrap, and Cookiebot for cookie consent management, hosted behind Cloudflare DNS services. The site is mobile-optimized with a moderate performance profile and uses Google Analytics and Tag Manager for tracking and marketing purposes. Privacy compliance is well addressed with clear cookie and privacy policies and a consent mechanism. From a security perspective, the website uses HTTPS and enforces domain transfer restrictions. However, DNSSEC is not enabled, and security headers are not explicitly detected in the provided data. No critical vulnerabilities or exposed sensitive data were found. The site demonstrates good security hygiene but could improve by enabling DNSSEC and implementing additional security headers. Overall, the website is trustworthy, professional, and compliant with GDPR requirements. It lacks explicit contact information and terms of service pages in the scanned content, which could be areas for improvement. The content is safe for general audiences with no adult or questionable material detected.

B

Butlers.cz

butlers.cz

53

Butlers.cz is a Czech Republic-based e-commerce retailer specializing in design furniture and stylish home accessories. The website targets consumers who enjoy enhancing their homes with timeless furniture, decorative items, and unique gift ideas. The company operates both online and through physical stores in multiple Czech cities, indicating a solid market presence. The website is professionally designed with good content quality and clear navigation, supporting a positive user experience. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, and IntersectionObserver API for user interaction tracking. The hosting and CDN services are provided by i00.eu, ensuring moderate performance and good mobile optimization. Security-wise, the site uses HTTPS and some security best practices, although explicit security headers are not fully evident. Privacy and cookie policies are present with consent mechanisms, reflecting GDPR compliance. However, WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is common for commercial sites. Overall, Butlers.cz demonstrates a mature digital presence with a good balance of business credibility, technical implementation, and privacy compliance.

S

Scaserv

leseni-bedneni.cz

47

Scaserv operates a Czech Republic-based business specializing in the rental of construction equipment including scaffolding, formwork, mobile fencing, stairs, walkways, waste chutes, mobile toilets, and containers. The company targets construction professionals and individuals requiring temporary building structures, offering both short- and long-term rental options with online inquiry capabilities and multiple physical branches in major Czech cities. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, enhancing user experience and trust. Technically, the website employs modern JavaScript libraries such as jQuery, integrates Google Tag Manager and Analytics for tracking, and uses Google reCAPTCHA v3 for bot protection. Cookie consent mechanisms are implemented in compliance with GDPR, and the site uses HTTPS with a presumably strong SSL configuration. However, some security headers are missing, and no explicit security or incident response policies are published. From a security perspective, the site demonstrates good practices with encrypted connections and user consent for cookies, but lacks detailed security policies and incident response contacts. The absence of WHOIS data for the domain reduces trust from a domain registration standpoint, though the website content and contact details appear legitimate and professional. Overall, the site presents a solid business presence with good technical implementation and privacy compliance, but would benefit from improved transparency in security policies and domain registration information to enhance trustworthiness and security posture.

K

Královehradecký kraj

kr-kralovehradecky.cz

63

Královehradecký kraj operates an official regional government website providing comprehensive information about the regional administration, public services, news, and community resources. The site targets residents and stakeholders within the Královéhradecký region of the Czech Republic, offering key services such as contact directories, grant information, and cultural portals. The website is built on a modern Drupal 10 CMS platform, utilizing contemporary web technologies including Bootstrap and Google Tag Manager, ensuring a responsive and accessible user experience. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms compliant with GDPR, reflecting a mature privacy posture. However, the absence of security headers and a security.txt file indicates room for improvement in security best practices. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The lack of WHOIS data is unusual but likely due to registry or query limitations rather than malicious intent, given the official nature of the site. Overall, the website demonstrates a solid technical infrastructure and professional presentation consistent with government standards. It maintains good privacy compliance and user trust indicators, including clear contact information and social media engagement. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a vulnerability disclosure policy to further strengthen security posture.

S

SCASERV a.s.

scaserv.cz

48

SCASERV a.s. is a well-established Czech company specializing in the sale and rental of scaffolding, formwork, and construction site equipment. With a history linked to companies active since 1992 and formal establishment in 2012, SCASERV holds a leading position in the Czech and Slovak markets. The company offers a comprehensive range of products and services including transport, assembly, and project support, targeting both business clients and private individuals. The website reflects a professional digital presence with clear navigation, rich content, and multiple contact points. Technically, the site uses modern JavaScript libraries, Google reCAPTCHA for form security, and a cookie consent mechanism ensuring GDPR compliance. However, the absence of WHOIS data and security headers slightly reduces trustworthiness. Overall, the security posture is good with HTTPS enforced and no visible vulnerabilities, but there is room for improvement in publishing explicit security policies and enhancing HTTP security headers.

A

AS Balticom

balticom.lv

55

AS Balticom is a well-established telecommunications provider based in Latvia, offering high-speed internet, digital and analog television, and telephony services primarily in Riga. As the third largest internet and TV provider in the region, Balticom focuses on delivering quality services to both residential and business customers. The website reflects a professional and consistent brand image with clear service offerings and customer engagement channels. Technically, the site employs modern JavaScript libraries and tracking tools, ensuring a responsive and user-friendly experience across devices. Security measures such as HTTPS and reCAPTCHA are implemented, though there is room for improvement in security policy transparency and HTTP security headers. Overall, the site demonstrates a mature digital presence with moderate to high security posture and compliance with privacy regulations.

Zvířetice.cz is a website dedicated to promoting the historic Zvířetice castle ruins and associated tourist information center located in the Czech Republic. The site offers visitors detailed information about the castle's history, 3D reconstruction projects, guided tours, seasonal events, and visitor services such as refreshments and souvenirs. The business is municipally owned by Město Bakov nad Jizerou and supported by regional funding, positioning it as a local cultural heritage and tourism entity focused on education and family-friendly activities. Technically, the website is built on WordPress with common plugins such as Yoast SEO and WPML for multilingual support. It uses modern JavaScript libraries like jQuery and Slick Carousel for interactive elements and includes Google reCAPTCHA for form security. The site is mobile-optimized with good SEO practices but lacks some advanced accessibility features and security headers. Performance is moderate with caching and minification evident. From a security perspective, the site enforces HTTPS and uses reCAPTCHA but does not implement key security headers such as Content-Security-Policy or X-Frame-Options. There is no visible privacy or cookie policy, indicating compliance gaps with GDPR. WHOIS data is missing or unavailable, which reduces domain trustworthiness, although the website content and municipal references support legitimacy. Overall, the site is a well-structured, content-rich platform serving its cultural tourism mission effectively but would benefit from improved privacy compliance, enhanced security headers, and transparency in domain registration to strengthen trust and security posture.

T

Tesco Mobile

tescomobile.cz

57

Tesco Mobile Czech Republic operates as a well-established mobile virtual network operator offering prepaid SIM cards, affordable tariffs, and a mobile app with unique customer benefits. The website targets Czech consumers seeking cost-effective mobile communication services with strong brand recognition linked to Tesco. The digital infrastructure is built on WordPress with WooCommerce, integrating modern analytics and marketing tools, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS enforcement and GDPR compliance via a consent management platform, although some security headers could be improved. Overall, the site reflects a professional and trustworthy telecommunications provider with clear contact channels and comprehensive legal documentation.

C

Citadele Business Center

citadelebusinesscenter.lv

43

Citadele Business Center operates as a premium office space provider located in Riga, Latvia, offering high-quality office rentals and conference center services. The website is professionally designed, targeting business professionals and companies seeking premium office environments. The business model focuses on commercial real estate leasing with a clear market position in the Latvian real estate sector. Technically, the website is built on WordPress CMS and utilizes modern JavaScript libraries such as jQuery, GSAP, and Slick Carousel. It integrates Google Analytics and Google Tag Manager for user tracking and marketing insights. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the website enforces HTTPS and implements a cookie consent mechanism, reflecting basic privacy compliance. However, it lacks explicit security headers and does not provide visible security policies or incident response contacts. No vulnerabilities or suspicious content were detected, indicating a generally secure posture. Overall, the website presents a trustworthy and professional digital presence with moderate technical sophistication and privacy compliance. Strategic improvements in security headers and incident response transparency would enhance its security posture and compliance standing.

E

Elkova

elkova.cz

57

Elkova is a Czech-based small business specializing in electrical installation services including both high and low voltage systems, security systems, video intercoms, fire protection, and photovoltaic solutions. Established in 2002, the company serves residential, commercial, and developer clients primarily in Prague and Central Bohemia. The website presents a professional image with clear service offerings, customer testimonials, and comprehensive contact information. Technically, the site is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for SEO, spam protection, and cookie consent. The site is mobile optimized and uses HTTPS with a valid SSL certificate, ensuring secure communications. Security posture is good but could be improved by adding explicit security headers and incident response information. Privacy compliance is evident with a GDPR-compliant privacy and cookie policy. Overall, the website is trustworthy and well-maintained, reflecting a legitimate and established business.

T

TV Nitrička

tvnitricka.sk

47

TV Nitrička is a regional television broadcaster serving the Nitra region in Slovakia, providing daily news, sports, cultural programming, and advertising services. The website is built on WordPress and integrates common web technologies such as jQuery, Slick Carousel, and Clappr for video streaming. It maintains a moderate technical maturity with HTTPS enabled and active social media integration, primarily on Facebook. However, the site lacks critical privacy and cookie policies, which impacts GDPR compliance and user trust. Security posture is adequate with HTTPS and domain protection statuses but could be improved by implementing security headers and formal incident response policies. Overall, the website is functional and professional but requires enhancements in privacy compliance and security best practices to strengthen its risk posture and regulatory adherence.

R

RádiaCZ 2025

hitradio.cz

53

Hitrádio.cz is a Czech media company operating a network of radio stations with live streaming, podcasts, contests, and a listener club. The website targets a general Czech audience interested in music and entertainment. The business is established since 2003 and maintains a consistent brand presence across multiple regional radio stations. Technically, the site uses modern web technologies including Google Tag Manager, Facebook Pixel, and Foundation CSS framework, delivering a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS and CSRF protection but lacks visible security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies despite having a consent mechanism. Overall, the domain is legitimate and consistent with the business profile, with no signs of blocking or WAF interference.

F

Fondazione Fiera Milano

fondazionefieramilano.com

53

Fondazione Fiera Milano is a non-profit foundation dedicated to supporting the economic, social, cultural, and scientific development of Milan and Italy. It manages significant assets including real estate, art collections, and historic archives, and operates educational initiatives such as the Accademia and specialized Master courses. The foundation maintains a strong institutional presence with a clear focus on exhibitions, research, and cultural heritage. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery UI, and Slick Carousel for UI components, alongside Matomo for privacy-conscious analytics. The site is mobile-optimized with good navigation and content structure, though accessibility features could be enhanced. Performance is moderate with asynchronous script loading. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security policies, incident response contacts, and a vulnerability disclosure mechanism, which are recommended for improved security posture and transparency. Privacy compliance is generally good with clear privacy and cookie policies, but the absence of a cookie consent mechanism is a minor gap. Overall, the website is professional, trustworthy, and well-aligned with the foundation's mission. Strategic improvements in security transparency and privacy consent would further enhance its compliance and user trust.

M

Mikulove – Festival nepopulární hudby

miku-love.cz

40

The website www.miku-love.cz represents the Mikulove Festival, a cultural event focused on alternative and unpopular music genres held in Mikulov, Czech Republic. The site provides detailed information about the festival's program, artists, and accompanying cultural activities. It targets music enthusiasts and cultural event attendees, operating primarily as an event organizer with ticket sales as a revenue stream. Technically, the site is built on WordPress 6.8.1 with common libraries such as jQuery and uses Google Tag Manager and Facebook Pixel for analytics and tracking. The site is mobile-optimized and has good content quality and navigation. Security-wise, the site uses HTTPS but lacks important security headers and privacy compliance documentation, which lowers its security posture. WHOIS data is unavailable, limiting domain trust assessment. Overall, the site is professional and safe but would benefit from enhanced security and privacy practices.

A

AEV

aev.org.uk

65

AEV is a UK-based trade association representing event venues of various sizes and types, providing a unified voice and platform for networking, advocacy, and sharing best practices. The website is professionally designed, mobile-optimized, and uses modern web technologies including jQuery, Slick Carousel, and a CMS platform by ASP.events. It employs HTTPS and a comprehensive cookie consent mechanism, reflecting a good security posture. However, no explicit privacy policy or terms of service pages were found in the provided content, and no direct contact emails or phone numbers were identified. WHOIS data is unavailable due to a domain query error, but the website's professionalism and content suggest legitimacy. Overall, the site demonstrates moderate to good digital maturity with room for improvement in transparency and security disclosures.

S

Saucony

mysaucony.cz

60

The website mysaucony.cz serves as the official Czech Republic portal for the Saucony brand, specializing in running and lifestyle footwear. It showcases various product lines, provides a store locator, and offers a newsletter subscription, targeting runners and footwear consumers in the Czech market. The business model is retail-focused, leveraging brand marketing and e-commerce capabilities. The site is moderately sized and professionally maintained, with consistent branding and a clear market position as a regional Saucony presence. Technically, the site is built on WordPress with a modern tech stack including jQuery, Google Maps API, and Mailchimp integration. Hosting is via AWS and DigitalOcean Spaces, indicating a reliable infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses common security plugins, but lacks explicit security headers and published incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Contact information is limited to forms, with no direct emails or phone numbers published. Overall, the site is trustworthy and professionally managed, with no signs of malicious activity or blocking mechanisms. Strategic improvements could focus on enhancing security headers, publishing incident response details, and expanding direct contact options to improve user trust and compliance.

C

Centrum UNEP/GRID-Warszawa

gridw.pl

59

Centrum UNEP/GRID-Warszawa is a Polish non-profit organization affiliated with the United Nations Environment Programme (UNEP), operating since 1991. It focuses on supporting sustainable development and environmental protection through diverse projects, educational initiatives, and partnerships. The website reflects a professional and consistent brand presence with comprehensive content targeting environmental stakeholders in Poland. Technically, the site uses a Joomla CMS with modern JavaScript libraries and Google services for analytics and fonts. Security posture is good with HTTPS and no visible vulnerabilities, though security headers and cookie consent mechanisms could be improved. WHOIS data is unavailable, which slightly reduces domain trust but the organization's transparency and UNEP affiliation provide strong legitimacy.

I

International Confex

international-confex.com

60

International Confex is a well-established event and exhibition platform serving the global events industry. It offers a comprehensive range of services including event exhibitions, conference programming, networking opportunities, and sponsorship packages. The website demonstrates a professional and consistent brand presence with good content quality and user experience. Technically, the site leverages modern JavaScript libraries and analytics tools, hosted on a specialized event platform. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit privacy policies and security contact information are lacking. The absence of WHOIS data raises some concerns about domain legitimacy, but the overall digital footprint and content quality support a credible business presence. Strategic improvements in privacy transparency and security disclosures are recommended.