Security Directory

N

Národní pedagogický institut České republiky

rvp.cz

0

The website rvp.cz is a professionally maintained educational portal operated by the Národní pedagogický institut České republiky, serving educators primarily in the Czech Republic. It offers a wide range of teaching materials, expert articles, webinars, and community resources aimed at improving teaching quality and supporting educators. The portal is well-established, with a domain age dating back to 2004, reflecting its longstanding presence in the educational sector. The business model is non-profit and government-affiliated, focusing on educational content and community engagement rather than commercial activities. Technically, the site employs a modern technology stack including Bootstrap 5, jQuery, Google Analytics, Google Tag Manager, and reCAPTCHA v3 for security. It uses a custom CMS hosted by REG-WEBGLOBE, with good mobile optimization and moderate performance. The site implements cookie consent mechanisms compliant with GDPR and provides clear privacy and terms of service documentation. Security best practices such as HTTPS enforcement and secure login forms with OAuth social login options are in place, though explicit security headers like Content-Security-Policy could be more visible. From a security perspective, the portal demonstrates a mature posture with no detected vulnerabilities or exposed sensitive data. The use of reCAPTCHA and cookie consent indicates attention to user privacy and bot mitigation. However, the absence of a public security policy or incident response page and lack of a security.txt file suggest areas for improvement in transparency and vulnerability disclosure. Overall, rvp.cz is a trustworthy, high-quality educational resource with strong compliance and security foundations. It effectively serves its target audience of educators with relevant content and community tools. Strategic recommendations include enhancing security header visibility, publishing formal security policies, and expanding accessibility features to further improve compliance and user experience.

Č

Česká školní inspekce ČR

kvalitniskola.cz

0

The website kvalitniskola.cz serves as a methodological portal developed by the Czech School Inspectorate (Česká školní inspekce ČR) to support schools and educational institutions in the Czech Republic. It provides tools, guidelines, and resources aimed at school directors and teachers to facilitate continuous quality improvement and self-evaluation processes. The portal is positioned as a national educational support platform with government affiliation, enhancing its credibility and trustworthiness. Technically, the site is built on ASP.NET WebForms with Kentico CMS, utilizing Bootstrap and jQuery for responsive design and interactivity. Google Analytics is integrated for visitor tracking, and cookie consent mechanisms are implemented to comply with privacy regulations. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. From a security perspective, the site enforces HTTPS and includes CSRF tokens in forms, indicating attention to secure data handling. However, it lacks advanced security headers and published security policies or incident response information. No vulnerabilities or suspicious elements were detected. The absence of WHOIS data is consistent with CZ NIC's privacy policies and does not detract from the site's legitimacy. Overall, the portal is a professionally maintained government resource with a solid security posture and compliance with privacy norms. Strategic improvements could include enhanced security headers, published security policies, and improved accessibility compliance to further strengthen trust and resilience.

N

Národní pedagogický institut České republiky

projektsypo.cz

0

The website projektsypo.cz serves as a professional development support system for teachers and school directors in the Czech Republic. It is affiliated with the Národní pedagogický institut České republiky, a national pedagogical institute, indicating a government or non-profit educational focus. The platform offers resources such as webinars, methodical cabinets, ICT support, and podcasts, targeting educators and schools with beginning teachers. The project SYPO was officially ended in June 2023, but the site continues to provide valuable archived and ongoing educational content. Technically, the site is built on Joomla CMS with a modern front-end stack including Bootstrap, jQuery, and various UI libraries. It integrates Google Analytics and Google Tag Manager for tracking, along with other third-party scripts. The site is mobile-optimized and has good navigation and content structure, though accessibility features are basic. No explicit security headers were detected, and privacy and cookie policies are not clearly presented, which is a compliance gap. Security posture is moderate with HTTPS usage implied but lacking explicit security headers and incident response contacts. The absence of WHOIS data reduces domain trustworthiness, but the website content and branding strongly suggest legitimacy as an educational government-affiliated project. No adult or unsafe content is present, and the site is safe for general audiences. Overall, the site is a well-structured educational resource with moderate technical maturity and some privacy compliance shortcomings. Strategic improvements in privacy disclosures, security headers, and WHOIS transparency would enhance trust and compliance.

N

Národní pedagogický institut České republiky

infoabsolvent.cz

0

Infoabsolvent.cz is an authoritative Czech educational information portal operated by the Národní pedagogický institut České republiky. It provides comprehensive guidance on secondary and higher vocational education, career choices, and labor market integration for graduates. The portal serves students, parents, educators, and career advisors with a variety of resources including school and field selection tools, labor market statistics, and aptitude testing. Technically, the site uses a modern ASP.NET MVC framework with common JavaScript libraries and Google Tag Manager for analytics, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though improvements could be made by adding security headers and publishing explicit security policies. Overall, the website is professional, trustworthy, and well-aligned with its public service mission.

VICTORIA Vysokoškolské sportovní centrum MŠMT is a Czech government-affiliated organization focused on elite sports training and support for university-level athletes and coaches. The website serves as an informational portal showcasing sports disciplines, athlete profiles, news, and social media integration. The organization operates under the Ministry of Education, Youth and Sports of the Czech Republic, positioning itself as a national center for sports excellence and education. Technically, the website uses modern web standards including HTML5, CSS3, and JavaScript with Google Fonts and embedded Vimeo videos. The site is mobile-optimized with good navigation and content structure, though some SEO and accessibility features could be enhanced. No CMS or hosting provider details are evident from the source. Security posture is moderate with HTTPS usage implied but no explicit security headers detected. No forms or sensitive data collection points are visible on the homepage, reducing immediate risk. Privacy compliance is basic with a privacy policy linked but no cookie consent mechanism present. WHOIS data is unavailable, typical for government domains in the Czech Republic, but this limits domain trust verification. Overall, the website is professional and trustworthy for its intended audience, but improvements in security headers, privacy compliance, and WHOIS transparency would strengthen its posture and user trust.

N

Národní akreditační úřad pro terciární vzdělávání

nauvs.cz

0

Národní akreditační úřad pro terciární vzdělávání is the official Czech governmental accreditation authority for tertiary education, established in 2016 and transforming from the previous National Accreditation Office for Higher Education. The website serves as an informational portal providing official documents, accreditation decisions, and contact information. The organization operates under Czech law and is led by a statutory chairman. The website is primarily targeted at higher education institutions, government bodies, and the public interested in education accreditation in the Czech Republic. Technically, the website is built on Joomla CMS with Bootstrap and jQuery libraries, hosted likely by a Czech provider (Websupport). The site is moderately optimized for performance and mobile devices, with a consistent and professional design. However, it lacks advanced SEO and accessibility features. No analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site uses HTTPS and includes CSRF tokens in forms, but lacks visible security headers such as CSP or HSTS. There is no privacy policy or cookie consent mechanism, which may pose compliance risks under GDPR. No vulnerability disclosure or security contact information is provided. Overall, the security posture is moderate but could be improved with standard best practices. The website content is safe for general audiences, with no adult or questionable content. The domain registration data aligns well with the business profile, showing consistency and legitimacy. Strategic recommendations include implementing privacy and cookie policies, adding security headers, improving accessibility, and establishing a vulnerability disclosure process.

The domain csicr.cz is registered since 2000 with Czech-based registrar REG-INTERNET-CZ and uses Czech name servers, indicating a legitimate Czech entity. However, the website currently serves only a 404 error page with no accessible content, metadata, or business information. There are no privacy, cookie, or terms of service policies present, and no contact information or social media links are available. The technical infrastructure appears minimal with no detected CMS, frameworks, or analytics tools. Security posture is weak due to lack of HTTPS and security headers information. Overall, the site is non-functional and lacks essential compliance and security features, resulting in a low trust and credibility score.

O

OP JAK

opjak.cz

0

OP JAK is the official web portal for the Jan Amos Komenský Operational Program, a government-funded initiative focused on research, development, and education in the Czech Republic. The website serves as a comprehensive information hub for grant calls, projects, seminars, and news related to the program. It targets research organizations, educational institutions, and applicants seeking funding opportunities. The site maintains a strong market position as an authoritative source for this EU co-financed program. Technically, the website is built on WordPress with modern frameworks such as Bootstrap 5 and utilizes several plugins for event management, SEO, and cookie compliance. The infrastructure is hosted by Active24, with SSL properly configured ensuring secure communications. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS and implements GDPR-compliant cookie consent mechanisms. However, minor backend PHP warnings and the absence of explicit security headers suggest areas for improvement. No critical vulnerabilities or malicious content were detected. Privacy policies and cookie policies are comprehensive and accessible. Overall, OP JAK presents a trustworthy and professional online presence with moderate technical sophistication and good compliance posture. Strategic improvements in backend code hygiene and security headers would enhance its security posture further.

C

Centrum pro zjišťování výsledků vzdělávání

cermat.cz

0

Centrum pro zjišťování výsledků vzdělávání (CZVV) is a Czech governmental organization responsible for conducting and managing nationwide educational assessments, including maturita exams, unified entrance exams, and final exams. The website serves as an official portal providing information and resources for students, schools, and educational authorities. It maintains a strong market position as an authoritative entity in the Czech education sector, offering key services related to educational testing and data analysis. Technically, the website is built on Joomla CMS with common web technologies such as jQuery, Bootstrap, and FontAwesome. It integrates Google Custom Search Engine for site search functionality. The site is mobile-optimized with a moderate performance profile and basic accessibility features. The presence of cookie consent and privacy policy indicates attention to privacy compliance. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms but lacks visible advanced security headers. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, which is typical for government domains, but the domain's .gov.cz TLD and consistent content strongly support legitimacy. Overall, the website is professional, trustworthy, and well-suited for its governmental educational purpose. Strategic improvements in security headers and explicit security policies could enhance its security posture further.

Q

QCM

qcm.cz

0

QCM is a Czech Republic-based IT company specializing in digital solutions for public procurement management and electronic communication. Established in 2001, it has developed a suite of software products and services used by major public institutions and private entities involved in public procurement. The company offers products such as E-ZAK, PVU, Qlex, and Portál dodavatele, alongside training, administration, and legal advisory services. Their market position is strong within the Czech public sector, supported by a medium-sized team and a large client base exceeding 15,700 users. Technically, the website is built on modern web technologies including JavaScript frameworks, Google Fonts, Google Tag Manager, Microsoft Clarity, and Facebook Pixel for analytics and marketing. The site is mobile-optimized, fast-loading, and uses HTTPS with reCAPTCHA for form security. The CMS appears to be Puxdesign, indicating a custom or specialized platform. SEO and accessibility are well implemented, contributing to a professional digital presence. From a security perspective, the site enforces HTTPS and uses standard security measures such as CAPTCHA and cookie consent banners. However, it lacks explicit security headers and does not publish a security policy or incident response contacts, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a clear GDPR policy and cookie management. Overall, QCM presents a trustworthy and professional online presence with a mature business model focused on government digitalization. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

C

Conviu

biddingtools.cz

0

Conviu is a Czech-based company specializing in comprehensive e-commerce solutions, focusing on automated bidding, feed management, and marketing automation for online shops. The company holds a strong market position with over 3,000 e-shop clients and partnerships with major platforms like Heureka, Zboží.cz, and Shoptet. Their services include automated bidding strategies, feed editing, supplier integration, AI-powered copywriting, and marketplace connectivity, targeting e-commerce businesses seeking efficiency and automation. Technically, the website employs modern JavaScript libraries, Google Tag Manager, Facebook Pixel, and reCAPTCHA v3, ensuring a robust digital infrastructure with good performance and mobile optimization. Security posture is solid with HTTPS and consent-based tracking, though some security headers could be improved. The absence of WHOIS data limits domain transparency but does not detract from the evident legitimacy and professionalism of the business. Overall, Conviu presents a trustworthy and technologically mature platform for e-commerce automation.

S

SROVNAME, s.r.o.

srovname.cz

0

Srovnáme.cz is a Czech Republic based e-commerce price comparison platform operated by SROVNAME, s.r.o. It connects consumers with tens of thousands of e-shops, offering price comparison, product availability monitoring, and quality reviews. The website positions itself as the third largest price comparison site in the Czech market, targeting general consumers looking for smart shopping solutions. Technically, the site employs a modern tech stack including jQuery, Bootstrap, and Nette framework, with extensive use of third-party analytics and marketing tools such as Google Analytics, Microsoft Clarity, Facebook Pixel, and Admitad affiliate programs. The site is mobile optimized and SEO friendly, providing a good user experience with clear navigation and rich content. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and incident response information. WHOIS data is unavailable, which slightly reduces domain trustworthiness, but the business presence and content quality support legitimacy. Overall, the site demonstrates a mature digital infrastructure with room for security enhancements and improved transparency in domain registration.

Luigi's Box is a Czech Republic-based logistics and storage service provider specializing in e-commerce fulfillment and retail storage solutions. The company targets e-commerce businesses and retail customers, offering integrated digital platforms for efficient logistics management. The website reflects a medium-sized business with a consistent brand presence and professional content tailored to its market segment. Technically, the site employs modern JavaScript lazy loading techniques and Google Tag Manager for analytics, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are absent. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site is trustworthy and professional, though WHOIS data is unavailable, limiting domain registration trust analysis.

B

BaseLinker Sp. z o.o.

baselinker.com

0

Base.com, operated by BaseLinker Sp. z o.o., is a mature and established e-commerce integration platform founded in 1994, offering extensive marketplace and sales management solutions. The company targets e-commerce sellers and businesses seeking automated order processing and bulk listing capabilities across major marketplaces such as Amazon, eBay, Etsy, Shopify, and Magento. The website reflects a professional and consistent brand presence with good content quality and clear business focus. Technically, the site employs modern tracking and marketing technologies including Google Tag Manager, Hotjar, and Cookiebot, with Cloudflare DNS providing reliable hosting infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit security policies are absent. Overall, the site is trustworthy, compliant with GDPR, and demonstrates good digital maturity.

Alza.cz is a leading e-commerce retailer primarily serving the Czech Republic and neighboring countries, specializing in consumer electronics and related products. The company has a long-standing market presence since 2004 and operates a large-scale online retail platform. The website is currently protected by Cloudflare's security mechanisms, including a Turnstile CAPTCHA challenge, which restricts direct content access and limits full analysis. The technical infrastructure leverages Cloudflare for security and performance, indicating a mature approach to protecting the site from bots and attacks. However, the visible content is minimal due to the security challenge, and no explicit privacy or cookie policies are presented on the challenge page. Security posture is strong in terms of HTTPS and WAF usage, but lacks visible security headers and incident response information. Overall, the site demonstrates a solid business foundation but requires improved transparency and accessibility for compliance and user trust.

N

NetDirect

fastcentrik.cz

0

FastCentrik is a Czech-based e-commerce platform offering rental e-shop solutions tailored for entrepreneurs and small to medium businesses. The platform emphasizes ease of use, affordability, and comprehensive customer support, positioning itself as a reliable partner for online business startups. The website demonstrates a mature digital infrastructure with integrations for marketing, analytics, and customer engagement tools, reflecting a modern and professional online presence. Security measures such as HTTPS, reCAPTCHA, and cookie consent mechanisms are implemented, though some security headers could be enhanced. Overall, the platform shows strong business credibility and technical competence, suitable for its target market.

The website allegro.cz currently serves as a regional domain likely related to the Allegro e-commerce platform targeting Czech users. However, the provided HTML content is fully blocked by a security challenge page from captcha-delivery.com, indicating the presence of a Web Application Firewall or bot mitigation service preventing access to the actual site content. Due to this blocking, no meaningful metadata, business information, or user-facing content is accessible for analysis. The domain WHOIS data is consistent with a legitimate registration by REG-IPMIRROR and uses name servers from allegro.pl, supporting the legitimacy of the domain as part of the Allegro brand's regional presence. From a technical perspective, the site employs advanced bot mitigation technology, but this also limits the ability to assess the site's technical infrastructure, security headers, or compliance policies. No privacy, cookie, or terms of service policies are detectable in the blocked content. No contact information or social media links are visible. The security posture cannot be fully evaluated, but the presence of a WAF indicates a proactive security approach. Overall, the site appears legitimate and part of a known e-commerce brand, but the blocking prevents a comprehensive security, compliance, and business analysis. The risk is low given the brand association, but the lack of accessible content limits trust and transparency assessment.

The analyzed webpage is a minimal media player page hosted on the domain player.bcast.fm, serving a podcast episode. The page contains mostly scripts related to advertising and tracking, with no visible business or contact information, privacy or cookie policies, or security disclosures. The technical infrastructure includes usage of Amazon Cloudfront CDN and JavaScript XMLHttpRequest for dynamic content loading. The site lacks SEO metadata, structured data, and accessibility features, indicating a low level of digital maturity. Security posture is weak due to absence of visible security headers and no confirmation of HTTPS usage in the provided content. Overall, the site presents a low trust profile with minimal content and poor compliance with privacy and security best practices.

H

Heureka Group

heureka.group

0

Heureka Group is a technology and e-commerce service provider focused on supporting e-shops and partners with solutions to enhance online sales and customer experience. The website presents a professional image with clear navigation and business-oriented content targeting B2B clients in the Czech Republic and surrounding regions. The technical infrastructure includes modern analytics and A/B testing tools such as Google Analytics, Google Tag Manager, and Visual Website Optimizer, indicating a mature digital marketing approach. The website is accessible without any WAF or security blocking, uses HTTPS, and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers and incident response policies are not publicly visible, suggesting room for improvement in security transparency. Overall, the site demonstrates a solid security posture with no apparent vulnerabilities or suspicious content, supporting a trustworthy business presence.

B

Bushman

bushman.cz

0

Bushman.cz is a well-established Czech e-commerce retailer specializing in outdoor and casual clothing and accessories for men, women, and children. Founded in 1999, the company has expanded its presence across multiple European countries with localized domains. The website offers a comprehensive product catalog, including clothing, footwear, and camping accessories, supported by customer service and newsletter subscription features. Technically, the site leverages modern analytics, marketing tools, and a secure HTTPS infrastructure with Cloudflare DNS and CDN services. Security posture is solid with secure login forms and cookie consent management, though some security headers could be improved. Privacy compliance is strong with clear policies and GDPR adherence. Overall, the site presents a professional, trustworthy, and user-friendly experience with extensive tracking and marketing integration.

P

PENTA CZ

penta.cz

0

PENTA CZ operates as a Czech Republic-based e-commerce retailer specializing in a broad range of products including household goods, garden supplies, tools, and electronics. The website offers a loyalty program and expert advice, targeting both consumers and businesses. The platform is well-structured with extensive product categories, indicating a mature retail operation with a medium-sized market presence. Technically, the website employs modern JavaScript libraries such as jQuery and integrates Google Tag Manager, Google Analytics, and reCAPTCHA for analytics and security. Cookie consent mechanisms are implemented, reflecting awareness of privacy regulations. However, the absence of a visible privacy policy and security headers suggests areas for improvement in compliance and security hardening. Security posture is moderate with HTTPS enabled and use of reCAPTCHA, but lacks visible security headers and vulnerability disclosure mechanisms. The WHOIS data is unavailable, likely due to privacy protection, which limits domain trust assessment. Overall, the site appears legitimate and professionally maintained but would benefit from enhanced transparency and security practices. Strategic recommendations include publishing comprehensive privacy and security policies, implementing security headers, and establishing a vulnerability disclosure process to strengthen trust and compliance.

V

VUCH s.r.o.

vuch.cz

0

VUCH s.r.o. operates a Czech-based e-commerce platform specializing in colorful and original fashion accessories including handbags, backpacks, wallets, and other fashion items. The company targets primarily women seeking unique and playful designs, positioning itself as a well-known brand in the Czech retail market with a decade of experience. The website is professionally designed with good navigation and mobile optimization, supporting a positive user experience. Technically, the site employs modern JavaScript libraries and tracking technologies, including Google Tag Manager, Facebook Pixel, TikTok Pixel, and Microsoft Clarity, indicating a mature digital marketing strategy. Security posture is solid with HTTPS enforced and appropriate security headers, though the absence of a public security policy and incident response contacts suggests room for improvement. The lack of WHOIS data is a concern for domain legitimacy but does not currently undermine the evident business operations. Overall, the site is trustworthy, GDPR compliant, and safe for general audiences.

G

GREJT s.r.o.

grejt.sk

0

GREJT s.r.o. operates an established e-commerce platform in Slovakia, specializing in consumer electronics, household appliances, smart home devices, and related products. The website presents a professional and user-friendly interface with clear navigation and comprehensive product categories. The company targets general consumers in Slovakia, offering fast delivery and customer support services. Technically, the site uses modern web technologies including Bootstrap, jQuery, Google Tag Manager, and integrates marketing and analytics tools such as Facebook Pixel and Google Analytics. Hosting and DNS are managed via Cloudflare, ensuring reliable performance and security. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy policies and terms of service are comprehensive and GDPR compliant. Overall, the website demonstrates a mature digital presence with good business credibility and trust indicators.

H

HORNBACH Baumarkt AG

hornbach.cz

0

HORNBACH Baumarkt AG operates a leading DIY and home improvement e-commerce platform in the Czech Republic, targeting both hobbyists and professional builders. The website offers a broad range of products from flooring to garden supplies and tools, supported by physical stores and project planning resources. The company maintains a strong market position with consistent branding and active social media presence. Technically, the site uses modern web technologies including StencilJS, Usercentrics for consent management, and Dynatrace for performance monitoring, indicating a mature digital infrastructure. Security posture is robust with HTTPS enforced and consent-based loading of third-party services, though explicit security headers and detailed privacy policies could be improved. Overall, the site is professional, user-friendly, and trustworthy, though the absence of WHOIS data slightly reduces domain trustworthiness.

ZOOT.cz is a well-established Czech e-commerce platform specializing in fashion retail, offering a wide range of clothing, footwear, and accessories for women, men, and children. The website demonstrates a mature digital presence with extensive product categorization and brand partnerships, targeting a broad general audience. Technically, the site employs modern JavaScript libraries and integrates multiple analytics and marketing tools such as Google Tag Manager, Facebook Pixel, Hotjar, and Microsoft Clarity, indicating a strong focus on user behavior analysis and marketing optimization. Security-wise, the site enforces HTTPS and uses asynchronous loading of tracking scripts, but lacks visible security headers and published security policies, which are areas for improvement. The absence of publicly available WHOIS data suggests privacy protection, common for commercial entities, and the website content is accessible without WAF or blocking mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

A

Alensa Medical s.r.o.

alensa.cz

0

Alensa Medical s.r.o. operates www.alensa.cz, a Czech Republic-based e-commerce platform specializing in contact lenses, lens solutions, sunglasses, and prescription glasses. The company targets consumers seeking optical products with a promise of fast delivery and a wide product range. The website is professionally designed with consistent branding and clear navigation, supporting a medium-sized retail business model focused on the Czech market. Technically, the website employs modern analytics and marketing technologies including Google Tag Manager, Google reCAPTCHA, Facebook Pixel, Visual Website Optimizer, and PostHog analytics. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security is robust with HTTPS enforced and use of anti-bot measures, but lacks explicit security headers and documented security policies. The security posture is good, with no detected vulnerabilities or blocking mechanisms. However, the absence of visible privacy and cookie policies reduces compliance confidence. WHOIS data is unavailable due to CZ NIC privacy norms, but the website's business information is consistent and trustworthy. Overall, the site is safe for general audiences and professionally managed. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, improving accessibility, and maintaining transparency in data protection practices to strengthen user trust and regulatory compliance.

C

CPU s.r.o.

sniperdesign.cz

0

SniperDesign.cz, operated by CPU s.r.o., is a specialized development agency focused on custom modifications and enhancements for e-commerce platforms, primarily Upgates and Shoptet. The company positions itself as a gold partner with extensive experience since 2016, offering services ranging from web design and e-shop construction to programming, integrations, and automation. Their unique advantage includes operating their own e-shop, Mega Detail, which provides practical insights into e-commerce challenges. Technically, the website employs modern web technologies including Google Fonts, jQuery, Bootstrap, Swiper.js, and integrates analytics tools such as Google Analytics 4 and Facebook Pixel. The site is well-structured, mobile-optimized, and provides multiple contact channels with robust form validation and anti-spam measures. Security posture is solid with HTTPS enforced and client-side validations, though additional security headers could enhance protection. Privacy compliance is partial, with cookie consent implemented but no explicit privacy policy page found. WHOIS data is unavailable, which slightly impacts trust but the website content and business information appear professional and legitimate.

Assiste is a Brazilian company specializing in fleet maintenance systems and related technical advisory services. Their website presents a professional image with a clear focus on B2B clients needing fleet management and industrial maintenance solutions. The site offers multiple contact channels including a contact form protected by Google reCAPTCHA, email addresses, phone numbers, and a physical address in Piracicaba, Brazil. The company integrates Google Maps for location display and maintains a LinkedIn presence, indicating a moderate digital maturity. Technically, the site uses a mix of modern and legacy technologies including Bootstrap and an older jQuery version, with Google Analytics and Tag Manager for tracking. Security measures include HTTPS and reCAPTCHA, but lack explicit security headers and use of outdated libraries pose some risks. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and professional but could improve in security and privacy transparency.

Xemel, operated by Trayto a.s., is a specialized SaaS platform focused on feed management for e-commerce businesses. It offers a comprehensive suite of tools including online XML/CSV feed editing, custom feed creation, AI-generated product descriptions, supplier feed integration, and bidding management on comparison shopping engines. The company targets e-shops, agencies, and firms seeking to optimize their product data feeds and advertising efforts, with a strong presence in the Czech and Slovak markets. The website demonstrates a professional and consistent brand image, supported by numerous client testimonials and partnerships with major e-commerce platforms and marketplaces. Technically, the website is well-structured with modern HTML5 and CSS3 technologies, optimized for mobile devices and fast performance. While no CMS or hosting provider is explicitly identified, the site shows good SEO and accessibility practices. Security-wise, the site enforces HTTPS and employs feed URL hashing for obscurity, but lacks visible security headers and a cookie consent mechanism, which are recommended for enhanced protection and compliance. The absence of WHOIS data reduces domain registration trust but does not detract from the business legitimacy evidenced by client references and partnerships. Overall, Xemel presents a mature digital presence with strong business credibility and a solid technical foundation. Security posture is good but can be improved by implementing standard security headers and explicit privacy consent mechanisms. The company should also consider publishing incident response contacts and data protection officer details to enhance transparency and compliance.

A

Ad Alliance GmbH

winario.de

0

winario.de is an official online sweepstakes platform affiliated with major German TV channels RTL and VOX, operated by Ad Alliance GmbH. It offers users free participation in TV-related contests and votings, providing chances to win cash prizes, trips, and electronics. The platform targets a general German-speaking audience interested in TV sweepstakes and interactive contests. Technically, the site employs modern JavaScript libraries including jQuery and Swiper.js, integrates Google Tag Manager for analytics, and uses Sourcepoint for GDPR-compliant consent management. Hosting is managed via EuroDNS nameservers, indicating a professional infrastructure. Security posture is solid with HTTPS enforced and consent mechanisms in place, though explicit security headers and incident response information are not clearly presented. Privacy compliance is strong with dedicated privacy and cookie policies accessible. Business credibility is high due to official affiliations and consistent branding. Overall, the website is well-designed, user-friendly, and trustworthy, with no signs of blocking or malicious content.

M

MJM agro, a. s.

mjm.cz

0

MJM agro, a. s. is a Czech agricultural company established in 1997, specializing in precision agriculture systems such as Prefarm, along with a broad portfolio of agricultural products including crop protection agents, fertilizers, seeds, animal feed, and energy products. The company serves agricultural enterprises, farms, and small growers, positioning itself as a reliable partner in the agricultural sector. It is part of the Reticulum Holding group, indicating a stable corporate structure. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its target audience. Technically, the website employs a moderate technology stack including jQuery, Bootstrap, and Cookiebot for cookie consent management. It uses Google Analytics and Seznam.cz retargeting for marketing and analytics purposes. The site is mobile responsive and has good SEO practices, although some accessibility features could be enhanced. Security-wise, HTTPS is enforced and reCAPTCHA is used for bot protection, but the absence of security headers and outdated JavaScript libraries suggest room for improvement. The security posture is solid but not exemplary, with no critical vulnerabilities detected in the visible content. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policy documentation. However, the lack of WHOIS data for the domain reduces trust slightly, although the website content and business information appear legitimate and professional. Overall, MJM agro's website is a well-structured, professional platform that effectively supports its business objectives. Strategic improvements in security headers, updated libraries, and enhanced accessibility would further strengthen its digital maturity and trustworthiness.

HS-RS operates the website www.bnhelp.cz, providing specialized GIS and remote sensing solutions primarily for public administration and companies managing engineering networks in the Czech Republic. Their offerings include software applications for optical network management, metadata cataloging, and various GIS tools tailored to local government and infrastructure needs. The website is built on WordPress and integrates Google Analytics and Tag Manager for tracking. Contact information is clearly provided, including a Czech phone number, email, and physical address, supporting business credibility. However, no privacy or cookie policies are present, and WHOIS data for the domain is unavailable, which limits trust assessment from a domain registration perspective. The website content is professional and relevant to its niche audience.

A

AGRI-PRECISION s.r.o.

agri-plan.cz

0

AGRI-PRECISION s.r.o. operates the AGRI-PLAN website, offering specialized software for planning agricultural land block operations and machinery navigation. The company targets agricultural businesses primarily in the Czech Republic, providing tools to optimize economic and ecological farming practices in compliance with local legislation. The website is professionally designed with clear navigation, multimedia content, and multilingual support (Czech and English). The business model is SaaS-based, focusing on niche agricultural technology solutions. Technically, the site uses modern JavaScript libraries, Google Analytics, Microsoft Clarity, and reCAPTCHA for bot protection. The site is mobile-optimized and SEO-friendly, though accessibility could be improved. Security posture is good with HTTPS and cookie consent mechanisms, but lacks some security headers and explicit security policies. WHOIS data is unavailable, which reduces transparency but the website's professional presentation and contact details support legitimacy.

Studierendenwerk Dortmund AöR is a regional non-profit organization providing essential student services including financial aid (BAföG), housing, food services (Mensa), and counseling for seven universities in and around Dortmund, Germany. The website reflects a well-established institution with a clear focus on supporting students' academic and social needs. The presence of multiple university logos and social media channels reinforces its credibility and community engagement. Technically, the site is built on TYPO3 CMS, employs privacy-conscious Matomo analytics, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS and privacy-respecting tracking, though it lacks explicit security policies and headers. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

The website at assemble.com/lander is currently a minimal placeholder or parking page with very limited content. It primarily serves advertising scripts from Google Adsense and lacks any substantive business information, contact details, or user engagement features. The domain itself is very old, registered since 1996 with GoDaddy.com, LLC, which suggests legitimacy in terms of domain ownership but the website does not reflect an active or mature business presence. Technically, the site uses basic JavaScript and CSS assets but lacks modern SEO, accessibility, and security best practices. There are no privacy or cookie policies, no contact forms, and no visible security headers, which indicates a low security posture and poor compliance with privacy regulations. Overall, the site appears to be a parked domain or under development rather than a fully operational business website.

A

Antica Terra

lillianwinery.com

0

Lillian Winery operates as a premium wine brand associated with Antica Terra, focusing on direct-to-consumer wine sales and exclusive membership experiences. The website serves as a digital storefront and membership portal, targeting wine enthusiasts and hospitality clientele. The brand positions itself in the niche hospitality sector with a focus on quality and customer engagement through wine club memberships and curated experiences. Technically, the website is built on WordPress with integration of Commerce7 for e-commerce, Klaviyo for marketing automation, and Google Analytics for visitor tracking. The site demonstrates moderate performance and good mobile optimization, though accessibility features could be improved. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and formal policies such as privacy and cookie notices. The absence of WHOIS registration data raises concerns about domain legitimacy, though the professional branding and linkage to Antica Terra mitigate some risk. Overall, the website is functional and professional but would benefit from enhanced transparency and security practices.

F

FUNKE Services GmbH

funkemediasales.de

0

FUNKE MediaSales operates as the primary media sales arm of the FUNKE Mediengruppe, offering comprehensive crossmedia advertising solutions across digital, print, and audio channels. The company targets businesses and marketing professionals seeking regional and national advertising reach. The website demonstrates a mature digital infrastructure built on WordPress with modern frameworks and includes advanced cookie consent management and tracking technologies. Security posture is solid with HTTPS and consent-based loading of tracking scripts, though some security headers and policies could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

The website softformance.com is currently inaccessible, returning a 403 Forbidden error page indicating restricted access. Due to the lack of accessible content, no business descriptions, contact information, or policies are available for analysis. The domain is registered since 2013 with GoDaddy.com, LLC and uses Cloudflare DNS, but DNSSEC is not enabled. No security headers or scripts are detected in the HTML content. The site does not provide privacy, cookie, or terms of service policies, nor any contact or incident response information. Overall, the website's digital presence is minimal and blocked, limiting the ability to assess its business operations or security posture comprehensively.

J

Juizi

juizi.com

0

Juizi is a small technology service provider specializing in website building, hosting, and maintenance, primarily targeting businesses and non-profits. Established in 1999, the company leverages the Plone CMS platform combined with a React frontend to deliver secure and maintainable websites. Their market position is strengthened by long-term client relationships and a reputation for professionalism and technical expertise. The website content is well-structured, professional, and includes client testimonials that enhance trust. Technically, the site uses modern frameworks and is moderately optimized for performance and mobile devices, though accessibility could be improved. Security posture is good with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and explicit security policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, Juizi presents a credible and trustworthy business with room for improvement in security and privacy transparency.

cloud19 web solutions & services is a small Austrian company specializing in professional, customized websites for small and medium-sized enterprises, startups, and sole proprietors. With over 20 years of experience, the company offers fixed-price business websites, CMS development primarily using Plone CMS, and hosting services. Their market position is strengthened by personalized customer service, award-winning expertise, and a focus on transparency and no binding contracts. Technically, the website is built on a modern stack including Python, Plone CMS, PostgreSQL, Docker, and Bootstrap, with privacy-conscious analytics via Matomo. The site is mobile-optimized, accessible, and performs moderately well. Hosting appears to be managed within their own infrastructure, ensuring control and reliability. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, security headers are not explicitly detected and could be improved. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanism in place, aligning with GDPR requirements. Overall, the website and business present a trustworthy, professional image with clear contact information and transparent service offerings. The lack of WHOIS data due to privacy protection limits domain trust analysis but is justified for this business type. Strategic recommendations include enhancing security headers and continuous monitoring of third-party components.

Rohberg is a small Swiss technology company specializing in web solutions using Plone CMS, Python, React, and Svelte. The company offers comprehensive services including website creation, backend and frontend development, app integration, and customized search functionalities. The business targets creative professionals and organizations primarily in Zurich, emphasizing collaborative and modern web development approaches. The website reflects a professional and consistent brand image with active community involvement in the Plone ecosystem. Technically, the website is built on a modern stack with Plone as the CMS, leveraging Python and popular frontend frameworks. It uses privacy-conscious analytics (Matomo) alongside Google Tag Manager. The site is mobile-optimized and well-structured, though some accessibility features could be improved. Performance is moderate, with good SEO and meta tag usage. From a security perspective, the site uses HTTPS with no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security headers and published security policies. Privacy compliance is limited due to missing privacy and cookie policies and no consent mechanisms. Contact information is available via a contact page but lacks direct email or phone contacts on the main site. Overall, Rohberg's website demonstrates a solid technical foundation and credible business presence with room for improvement in privacy compliance and security best practices. The risk level is low, with no critical issues detected.

Q

Quaive

quaivecloud.com

0

Quaive is a specialized technology company offering a secure social collaboration platform designed to integrate document sharing and communication into a unified digital workplace. The company targets businesses and organizations seeking modern intranet and collaboration solutions, positioning itself as a niche provider with a focus on EU-hosted services and compliance. Quaive's offerings include social intranet, digital workplace, knowledge management, and community platform solutions, supported by a tiered SaaS subscription model. The website reflects a mature business established in 2015, with professional branding and clear market positioning. Technically, the website is built on WordPress with multilingual support via WPML and performance optimizations through NitroPack. It employs modern web technologies and demonstrates excellent mobile optimization, accessibility, and SEO practices. Hosting and domain registration are consistent with the company's European focus, using a reputable registrar and EU hosting implied by content. From a security perspective, the site enforces HTTPS and employs domain transfer protection. However, it lacks DNSSEC and some recommended security headers such as Content-Security-Policy and X-Content-Type-Options. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a visible cookie consent mechanism. Contact information is provided primarily via physical addresses and a demo request form, with no explicit security or incident response policies published. Overall, Quaive presents a professional and trustworthy online presence with a solid technical foundation and good security posture. Strategic improvements in cookie consent, security headers, and visible security policies would enhance compliance and trust further.

E

Enfold Systems

enfoldsystems.com

0

Enfold Systems is a specialized technology company focused on providing solutions and services around the Plone open-source content management system. Their offerings include software products, hosting, consulting, and support tailored to organizations seeking robust CMS solutions. The company has a long-standing presence since 2004 and positions itself as a premier Plone expert with a strong emphasis on open-source technologies and client partnerships. Technically, the website is built on the Plone CMS platform and leverages modern web technologies such as jQuery, RequireJS, Bootstrap, and Google Fonts. The site is mobile-optimized and demonstrates good design quality and user experience. Hosting and DNS services involve Cloudflare and Squarespace Domains, providing a reliable infrastructure. Google Analytics is used for visitor tracking, though no explicit cookie consent mechanism is implemented. From a security perspective, the site uses HTTPS with a valid SSL configuration and domain status protections to prevent unauthorized changes. However, it lacks DNSSEC and security headers, which are recommended to enhance security posture. No privacy or cookie policies are present, indicating gaps in privacy compliance. Contact information is limited to a contact form without direct emails or phone numbers, which may affect user trust and accessibility. Overall, the website is professional, trustworthy, and technically sound but would benefit from improved privacy compliance, enhanced security headers, and clearer contact information to strengthen its security and compliance posture.

K

kitconcept GmbH

kitconcept.com

0

kitconcept GmbH is a specialized service provider focused on delivering high-quality open source web and intranet solutions, primarily leveraging the Plone CMS platform. Their market position is that of a niche expert and active contributor to the Plone community, serving research institutions, universities, government agencies, and public organizations. The company offers services including website development, intranet solutions, open source contributions, and consulting. Founded in 2014 and based in Germany, kitconcept GmbH maintains a professional and content-rich website that reflects their expertise and client base. Technically, the website is built on modern technologies including Plone 6 and React-based Volto frontend, hosted by Hetzner Online GmbH with DNS managed via Cloudflare. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Security posture is solid with HTTPS enforced and no exposed sensitive data, but could be improved by enabling DNSSEC and adding explicit security headers. Privacy compliance is generally good with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the security posture is mature with no critical vulnerabilities detected. The website shows strong business credibility through client logos, testimonials, and detailed project case studies. Recommendations include enhancing DNS security, implementing security headers, and adding cookie consent to improve GDPR compliance. The site is safe for general audiences with no adult or questionable content detected.

S

Simples Consultoria

simplesconsultoria.com.br

0

Simples Consultoria is a Brazilian technology consulting company specializing in Plone CMS solutions, offering services such as technical consulting, hosting, development, and specialized training. The company targets organizations and professionals seeking expertise in Plone, positioning itself as an experienced and trusted provider with over 20 years in the market. The website reflects a professional digital presence with clear navigation and relevant content for its audience. Technically, the site is built on Plone 6 with React and uses Cloudflare for DNS and CDN services, ensuring good performance and security through HTTPS. However, the site lacks explicit privacy and cookie policies, security headers, and incident response information, which are areas for improvement. Analytics tools like Google Tag Manager and Cloudflare Insights are used for user tracking, with moderate tracking levels and limited privacy compliance indicators. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

atalanda.com is a well-established German e-commerce platform founded in 2012, offering a broad range of over 2 million products across categories such as fashion, beauty, toys, electronics, books, home and garden, pets, sports, food, and baby products. The platform targets general consumers in Germany and positions itself as one of the leading online retailers with over 150,000 satisfied customers and strong ratings on Idealo and Google. The business model aggregates products from multiple retailers, providing a marketplace experience. Technically, the website employs modern technologies including Vue.js, Stripe for payments, Google reCAPTCHA for bot protection, and Amazon Cloudfront CDN for content delivery. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and clientTransferProhibited domain status, although DNSSEC is not enabled and no explicit security.txt or incident response contacts are found. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism. No adult or questionable content is present, making the site safe for general audiences. Overall, the website is professional, trustworthy, and technically mature, with room for minor security enhancements.

M

Max-Planck-Gesellschaft zur Förderung der Wissenschaften

max-planck.de

0

The Max-Planck-Gesellschaft website represents a leading German non-profit research organization focused on fundamental scientific research across 84 institutes. The site targets researchers, academics, students, and the general public interested in science. It offers extensive information on research, career opportunities, publications, and innovation initiatives. Technically, the website employs modern JavaScript frameworks, a modular AMD architecture, and a professional CMS (JustRelate CX Cloud). It is hosted on infrastructure consistent with the organization's domain and uses HTTPS with cookie consent managed by Usercentrics. Security posture is strong with no critical vulnerabilities detected, though some security headers could be improved. Privacy compliance is moderate due to the absence of explicit privacy and terms of service pages in the provided content, but cookie consent mechanisms are in place. Overall, the website is professional, trustworthy, and well-structured, reflecting the organization's high credibility and market position.

M

MONOGRAM PARIS

monogram-paris.com

0

MONOGRAM PARIS appears to be an artistic or portfolio website hosted on the Cargo Collective platform, showcasing visual content likely related to art or design. The website is professionally designed with a modern aesthetic and good mobile optimization, but lacks substantive business information, contact details, and privacy or cookie policies. The technical infrastructure is based on Cargo3 framework with standard HTML, CSS, and JavaScript, hosted by Cargo Collective. Security posture is basic with HTTPS enabled but no advanced security headers or DNSSEC. The WHOIS data is suspicious due to a future domain creation date, which raises concerns about domain legitimacy. Overall, the website is functional and visually appealing but lacks critical compliance and security features.

T

Time and Date AS

timeanddate.no

0

Time and Date AS operates the Norwegian localized website timeanddate.no, providing comprehensive services related to time, date, calendars, weather, and astronomy. The site targets Norwegian-speaking users and offers tools such as world clocks, time zone converters, calendar generation, weather forecasts, and astronomy data. The business model is primarily advertising-supported with optional paid supporter services for an ad-free experience and exclusive content. The company has an established market presence since 1995 and maintains consistent branding and high-quality content. Technically, the website employs modern web technologies including JavaScript, Google Publisher Tags, Prebid.js for header bidding, and GDPR-compliant consent management platforms. The site is mobile-optimized with good SEO and accessibility features, though some advanced security headers could be improved. Performance is moderate, balancing rich content with advertising scripts. From a security perspective, the site enforces HTTPS and uses consent management for GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not present, which could be enhanced to improve trust and readiness. Advertising practices are transparent with reputable ad networks and tracking services. Overall, the website presents a low-risk profile with strong content quality and compliance posture. Strategic recommendations include implementing additional security headers, publishing a dedicated security policy, and maintaining regular audits of third-party scripts to sustain security and privacy standards.