Skip to main content

Is lekarna.cz a Scam? Security Check Results - Pears Health Cyber, s.r.o. Reviews

lekarna.cz favicon

Is lekarna.cz Safe? Security Analysis for Pears Health Cyber, s.r.o.

https://lekarna.cz

Check if lekarna.cz is a scam or legitimate. Free security scan and reviews.

HealthcareCzech Republiclarge
Alpine.jsGoogle Tag ManagerGoogle AnalyticsMicrosoft ClarityCJ Affiliate+1 more
Analyzed 8/1/2025Completed 6:51:41 AM
68
Security Score
MEDIUM RISK

AI Summary

Lékárna.cz is a leading Czech online pharmacy operated by Pears Health Cyber, s.r.o., offering a wide range of medicines, vitamins, supplements, cosmetics, and health-related products. The website targets the general Czech population and positions itself as the first online pharmacy in the Czech Republic with a comprehensive product offering and health advice. The business model is e-commerce retail focused on healthcare products, supported by a strong digital presence and marketing efforts. Technically, the website employs modern web technologies including Alpine.js for interactivity, Google Tag Manager for analytics and marketing integration, and Microsoft Clarity for user behavior tracking. The site is well optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience with clear navigation and professional design. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms compliant with GDPR, and implements best practices such as async script loading and no visible sensitive data exposure. However, the absence of WHOIS data and lack of explicit security and incident response policies reduce the overall trustworthiness. No critical vulnerabilities were detected in the content or scripts. Overall, Lékárna.cz presents a professional and trustworthy online pharmacy platform with strong business credibility and technical maturity. Strategic improvements in transparency around security policies and domain registration would further enhance trust and compliance.

Detected Technologies

Alpine.jsGoogle Tag ManagerGoogle AnalyticsMicrosoft ClarityCJ AffiliateDNS prefetch and preconnect optimizations

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Lékárna.cz holds a strong market position as the first and one of the largest online pharmacies in the Czech Republic. Its competitive advantage lies in a broad product portfolio covering medicines, supplements, cosmetics, and health foods, combined with expert health advice and a user-friendly e-commerce platform. Revenue streams are primarily from direct online sales, supported by affiliate marketing and advertising partnerships. The target customers include health-conscious individuals, parents, and pet owners. The company leverages partnerships such as mojalekaren.sk for regional expansion. Growth indicators include extensive marketing integrations and a comprehensive cookie consent system indicating mature data practices.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

l*****@lekarna.cz

Phone Numbers (1)

+4204664*****

Physical Addresses (1)

DOCK01, Voctářova 2449/5, Praha, 18000, CZ

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a mature security posture with HTTPS enforcement, cookie consent aligned with GDPR, and use of reputable analytics and marketing tools. Security headers are partially present but could be enhanced with additional headers like HSTS and X-Frame-Options. No exposed sensitive data or vulnerable libraries were identified. The lack of published security policies, incident response plans, and vulnerability disclosure mechanisms represents a compliance gap. The WHOIS data absence is a concern for domain legitimacy verification. Overall, the security maturity is good but can be improved by adding transparency and formal security documentation.

Strategic Recommendations

Priority Actions for Security Improvement

1

Publish a dedicated security policy and incident response page to improve transparency and user trust.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Pears Health Cyber, s.r.o.

Description:

První online lékárna v ČR nabízí léky, vitamíny, doplňky stravy, zdravé potraviny, kosmetiku, zboží pro děti i zvířata, drogerii. Lékárna.cz, rádce pro zdraví.

Key Services:
Online sale of medicinesVitamins and supplementsHealthy foodsCosmeticsProducts for children and petsDrogerie
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
Alpine.jsGoogle Tag ManagerGoogle AnalyticsMicrosoft ClarityCJ AffiliateDNS prefetch and preconnect optimizations
Frameworks:
Alpine.js
Platforms:
Web
Performance:

fast

Mobile:

excellent

Accessibility:

good

SEO:

good

Security Assessment

Security Score:
85/100
Best Practices:
  • HTTPS enforced
  • Cookie consent with opt-in/out
  • No exposed sensitive data in HTML
  • Use of async and defer for scripts

Analytics & Tracking

Services:
Google AnalyticsMicrosoft Clarity
Tracking Level:extensive
Privacy Compliance:good

Advertising & Marketing

Ad Networks:
Google AdsCJ AffiliateSeznam.cz
Tracking Pixels:
Microsoft ClarityCJ Affiliate
Marketing Tools:
Google Ads
Transparency Level:good

Website Quality Assessment

Design Quality:excellent
User Experience:excellent
Content Relevance:excellent
Navigation Clarity:excellent
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is fully accessible with rich content and no blocking detected.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

50/100
Score

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

40/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

EU business without adequate privacy measures

CRITICAL

EU businesses are subject to strict GDPR requirements

Third-party services without privacy policy

HIGH

Detected services: Google Analytics, Facebook, YouTube, Google Ads

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

90/100
Score

DMARC not enforcing

MEDIUM

DMARC policy is set to "none"

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 a:farmacie-lb1.vshosting.cz ip4:82.208.44.152 ip4:82.208.44.153 ip4:185.115.1.143 ip4:185.115.1.144 ip4:185.115.1.151 include:_spf.google.com include:spf1.supportbox.cz ~all
DNS Lookups:3/10
Policy:~all
DKIM Selectors Found
Selector:dkim(1416-bit rsa)
DMARC Details
Policy:none
Aggregate Reports:dmarc-rua@mailkit.com
MTA-STS Details

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

77/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

85/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

DMARC Policy Set to None

LOW

DMARC is configured but not enforcing any policy

Domain Registration Details

Domain Age
27 years(mature)

DNS Records

A Records:185.115.1.145
Name Servers:
ns1.websupport.cz
ns2.websupport.cz
ns3.websupport.eu
MX Records:
1: aspmx.l.google.com
5: alt1.aspmx.l.google.com
5: alt2.aspmx.l.google.com
10: aspmx2.googlemail.com
10: aspmx3.googlemail.com
SOA:Serial: 1748937597, TTL: 2560s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:72ms

SPF Analysis

SPF Record:
v=spf1 a:farmacie-lb1.vshosting.cz ip4:82.208.44.152 ip4:82.208.44.153 ip4:185.115.1.143 ip4:185.115.1.144 ip4:185.115.1.151 include:_spf.google.com include:spf1.supportbox.cz ~all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses a modern and performant technology stack including Alpine.js for frontend interactivity and Google Tag Manager for analytics and marketing integration. The site is optimized for fast loading and mobile responsiveness, with proper use of DNS prefetch and preconnect to improve performance. SEO is well addressed with meta tags, Open Graph data, and structured JSON-LD data. Accessibility is good with semantic HTML and ARIA attributes. No CMS was explicitly detected, suggesting a custom or proprietary platform. Hosting provider details are not disclosed. Technical risks are minimal but monitoring third-party scripts for vulnerabilities is recommended.
Analyze Another Website