High-risk security reports

DataCentrum systems & consulting, a.s. is a Czech Republic based company specializing in outsourcing payroll and HR services, supported by proprietary software solutions for payroll, personnel information systems, and attendance management. The company targets business clients requiring comprehensive HR and payroll management solutions, positioning itself as a specialized service provider in the Czech market. The website reflects a professional and consistent brand image with clear contact information and recent updates, indicating active business operations. Technically, the website is built on WordPress with common plugins such as LayerSlider and Revolution Slider, using jQuery and Google Fonts. The site is moderately optimized for performance and mobile devices, with basic SEO and accessibility features. Security-wise, HTTPS is enabled, but there is a lack of security headers and privacy/cookie policies, which are areas for improvement. The absence of WHOIS data raises concerns about domain registration legitimacy, though the website content and contact details appear credible. Overall, the security posture is moderate with room for enhancements in compliance and security best practices. The site does not exhibit any adult or questionable content and is safe for general audiences. Strategic recommendations include adding privacy and cookie policies, implementing security headers, verifying domain registration status, and maintaining up-to-date software to mitigate vulnerabilities.

M

město Šenov

mesto-senov.cz

49

město Šenov operates an official municipal website providing residents and visitors with up-to-date news, official notices, and practical information about city life, community events, and services. The website is positioned as a trusted source of local government information and serves a primarily Czech-speaking audience. The business model is public service with a focus on transparency and citizen engagement. The site is small in scale but professionally maintained with consistent branding and trust signals such as official domain and social media presence. Technically, the site is built on WordPress using Oxygen Builder and Yoast SEO, with modern JavaScript libraries like Alpine.js enhancing interactivity. Hosting is provided by a Czech hosting provider, ensuring regional consistency. Security posture is adequate with HTTPS and cookie consent mechanisms, though security headers and explicit security policies are absent. No critical vulnerabilities or privacy issues were detected. Overall, the site is reliable, secure, and compliant with GDPR cookie consent requirements.

U

Univention GmbH

software-univention.de

38

Univention GmbH operates a software update repository website for its Univention Corporate Server (UCS) product line, providing downloads of software versions, network installation files, and virtual machine images. The website is primarily targeted at IT professionals and organizations using Univention's enterprise Linux solutions. The business is positioned as an established player in the technology sector, focusing on software development, distribution, and support services. The website content is technical and functional, serving as a resource for software updates rather than marketing or customer engagement. Technically, the website uses basic HTML, CSS, and JavaScript, with Piwik analytics for user tracking. The site lacks advanced frameworks or CMS platforms and shows moderate performance and basic mobile optimization. The presence of PGP signatures for archive keys demonstrates a commitment to software integrity and security. However, the site does not implement advanced security headers or explicit privacy and cookie policies, indicating room for improvement in compliance and security best practices. From a security perspective, the website benefits from HTTPS and cryptographic signatures but lacks visible security headers and formal incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the company's identity and domain usage, supporting the legitimacy of the site. Overall, the security posture is moderate but could be enhanced by adopting additional security controls and compliance documentation. The overall risk assessment is low, with the main recommendations focusing on improving privacy compliance, security headers, and user transparency regarding data collection. Enhancing mobile optimization and accessibility would also improve user experience and SEO. The website serves its purpose as a software update portal effectively but would benefit from modernization and stronger security and privacy practices.

D

Dobříšské listy Online

dlonline.cz

46

Dobříšské listy Online is a regional news media portal serving Dobříš and its surrounding areas in the Czech Republic. Established in 2017, it provides local news, cultural updates, sports, and community information primarily targeting residents of the region. The website is built on WordPress and leverages popular plugins such as Yoast SEO, Contact Form 7, and Cookie Law Info to enhance SEO, user interaction, and privacy compliance. The site maintains a consistent brand presence with a clear logo and social media integration, notably on Facebook. From a technical perspective, the website uses a modern CMS platform with standard plugins and scripts, including Google Analytics for traffic monitoring. The site is mobile optimized and demonstrates good SEO practices with structured data and meta tags. Performance is moderate, with room for improvement in accessibility and security headers. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place. However, there is no explicit security policy or incident response information publicly available, and security headers are not detected, which could be improved to enhance protection against common web threats. No vulnerabilities or exposed sensitive data were identified in the analysis. Overall, the website presents a trustworthy and professional regional news service with good content quality and compliance with privacy regulations. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility features to strengthen the site's security and user trust.

L

Linop

linop.fr

41

Linop is a professional graphic and digital design service operated by Pauline Le Gal, offering art direction, web design, and training services primarily targeting entrepreneurs, associations, and artists in France. The website presents a well-structured portfolio with clear contact options and integrates GDPR-compliant cookie consent mechanisms. Technically, the site is built on WordPress with modern plugins and hosted by Infomaniak Network SA, ensuring reliable infrastructure. Security posture is good with HTTPS enabled and no evident vulnerabilities, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

J

Rozvoz jídel v Praze

jidlo.eu

44

The website jidlo.eu serves as a simple landing page for a food delivery service based in Prague, Czech Republic. It offers home-cooked meals prepared with fresh ingredients using the SOUS VIDE method. However, the site redirects users to the partner restaurant The PUB Praha 6 for placing orders, indicating a business model reliant on partnership rather than direct sales. The site content is minimal but relevant to the hospitality industry, targeting general consumers seeking food delivery services. The business appears small and localized with no explicit corporate information disclosed on the site. Technically, the website uses a moderate technology stack including jQuery, Foundation framework, Font Awesome, and Google Analytics for tracking. The site is mobile optimized and uses HTTPS, but lacks advanced SEO and accessibility features. Security posture is basic with no visible security headers and no forms collecting user data on the landing page, reducing attack surface but also limiting user engagement. Privacy and cookie policies are absent, which is a compliance gap. WHOIS data is unavailable due to EURid privacy restrictions, but the domain appears legitimate with no suspicious indicators. Overall, the site is functional but basic, with room for improvement in transparency, security, and compliance.

The website vykup-aut.cz operates as a service provider specializing in the purchase of used cars for cash across the Czech Republic. It positions itself as an experienced player with over 10 years in the market, targeting individuals and businesses seeking to sell their vehicles quickly and professionally. The business model is straightforward, focusing on offering competitive prices and a professional approach to car buying. The website content is primarily in Czech and tailored to the local market. Technically, the site is built on WordPress, utilizing common plugins such as Contact Form 7, Cookie Notice, and Slider Revolution. The site is served over HTTPS with a good SSL configuration, but lacks some advanced security headers. Performance is moderate, with good mobile optimization and basic accessibility features. SEO is supported by the All in One SEO plugin, and cookie consent mechanisms are in place, indicating some level of privacy compliance. From a security perspective, the site benefits from HTTPS and cookie consent but lacks visible security headers and detailed privacy policies. No direct contact information or incident response contacts are found, which could impact user trust and compliance. The WHOIS data is unavailable, suggesting privacy protection or lack of public registration details, which reduces transparency and trustworthiness. Overall, the website presents a professional and functional platform for used car buying in the Czech Republic but would benefit from enhanced transparency, security policies, and contact information to improve trust and compliance.

P

Panský dvůr Dolní Počernice

pddp.cz

42

Panský dvůr Dolní Počernice is a small hospitality business based in the Czech Republic offering a range of services including a restaurant, pizzeria, brewery, spa, pension, and event hosting. The website presents a professional and consistent brand image targeting local and regional visitors interested in leisure and dining experiences. The business model focuses on integrated hospitality services under one brand, positioning itself as a local provider with multiple offerings. Technically, the website is built on WordPress using the Foundation framework, jQuery, and Font Awesome, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and a cookie consent mechanism in place, but lacks advanced security headers and a visible privacy policy, which are areas for improvement. The absence of WHOIS data reduces domain trustworthiness, though the website content and social media presence support legitimacy. Overall, the site is safe for general audiences and provides a good user experience with clear navigation and relevant content.

Sběratelské zbraně s.r.o. is a Czech Republic-based small retail business specializing in the sale of collectible firearms, primarily from the World War I and II eras. The company operates a niche market model focusing on individual customer consultations and custom orders, emphasizing personalized service rather than a traditional storefront. Their website reflects this business model with detailed product listings, contact information, and legal disclaimers. Technically, the site is built on WordPress using modern frameworks such as Foundation CSS and integrates Google Analytics and reCAPTCHA for analytics and security. While the site is well-structured and SEO-optimized, it lacks some advanced security headers and cookie consent mechanisms, which could be improved for better compliance and security posture. The absence of WHOIS data for the domain is a notable concern, reducing domain trustworthiness despite the professional appearance and clear business information on the site.

C

Coffee Planet

coffee-planet.cz

47

Coffee Planet is an established online retailer specializing in coffee products such as whole bean coffee, ground coffee, coffee capsules, and coffee machines. The website targets coffee consumers primarily in the Czech Republic and offers a broad selection of brands and product categories. The site is built on the PrestaShop e-commerce platform and integrates modern marketing and analytics tools including Google Analytics, Google Tag Manager, and Facebook Pixel. The technical infrastructure is solid with HTTPS enabled and standard security practices in place, although some security headers could be improved. The absence of WHOIS data for the domain is a notable transparency gap, which slightly reduces trustworthiness. Privacy and cookie policies are not clearly presented, indicating room for compliance improvements. Overall, the website provides a professional user experience with good content quality and navigation, making it a reliable platform for coffee product sales.

SV Online, operated by RAK CZ a.s., provides a specialized online voting platform (Signum24.cz) designed for homeowners associations in the Czech Republic. The platform addresses challenges of low attendance at meetings by enabling legally binding remote voting with enhanced security features such as two-factor authentication. The website is built on WordPress with modern front-end frameworks and integrates Google Analytics and reCAPTCHA for user interaction and security. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy. The site lacks published privacy and cookie policies, which impacts compliance with GDPR and related regulations. Overall, the business appears niche-focused with a clear value proposition but should improve transparency and compliance documentation.

N

NIOBLU

jafracosmetics.cz

45

NIOBLU.cz is a Czech Republic based e-commerce website specializing in cosmetics inspired by Ayurveda and rich in natural ingredients. The site offers a wide range of skincare, makeup, body, hair care, and fragrance products, targeting general consumers interested in natural and Ayurvedic cosmetics. The website features club offers, customer testimonials, and detailed product categorization, indicating a well-structured retail business with a focus on customer engagement and loyalty. Technically, the site uses modern web technologies including jQuery, Google Fonts, Google Tag Manager, and integrates marketing and analytics tools such as MailerLite and Smartsupp Live Chat. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and uses consent mechanisms for analytics and advertising, but lacks visible security headers and explicit incident response information. The absence of WHOIS data is a notable concern for domain legitimacy, though the website content and trust signals suggest a legitimate business. Overall, the site scores well on content quality and privacy compliance but should improve domain transparency and security headers to enhance trust and security posture.

Půjčovna RK, operated by Autocentrum RK cb s.r.o., is a small vehicle rental business based in České Budějovice, Czech Republic. The company specializes in renting personal cars and motorhomes for both business and recreational purposes. Their offerings include short-term and long-term rentals with additional customer benefits such as free parking during rental periods. The website is professionally designed, providing clear vehicle listings and contact information, targeting local customers seeking reliable vehicle rental services. Technically, the website is built on WordPress CMS using common plugins such as Contact Form 7 and Responsive Lightbox, styled with the Foundation CSS framework. It employs Google Analytics and Google Tag Manager for visitor tracking. The site is mobile-optimized and loads with moderate performance. However, it lacks advanced SEO and accessibility features and does not implement security headers, which could be improved. From a security perspective, the site uses HTTPS with a valid SSL certificate and includes CAPTCHA protection on its contact form, indicating basic security awareness. However, the absence of security headers and privacy/cookie policies indicates gaps in compliance and security best practices. The WHOIS data for the domain is unavailable, which raises concerns about domain legitimacy and trustworthiness. Overall, the website presents a trustworthy and professional front for a local vehicle rental business but would benefit from enhanced security measures, privacy compliance, and domain registration transparency to improve its risk profile and customer trust.

AUTO Kralovice s.r.o. operates a professional used vehicle dealership in the Czech Republic, offering a broad range of automotive services including sales of cars, motorcycles, utility vehicles, trailers, financing options, insurance, servicing, and ecological vehicle disposal. The company targets consumers seeking quality used vehicles and related services, positioning itself as a reliable local provider with a comprehensive service portfolio. The website is built on WordPress with modern technologies and SEO optimizations, providing a good user experience and mobile responsiveness. Security measures include HTTPS and Google reCAPTCHA on forms, but lack of security headers and privacy policies indicate room for improvement. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact information appear legitimate and professional. Overall, the site demonstrates moderate digital maturity with opportunities to enhance compliance and security posture.

R

RAK CZ a.s.

rak.cz

45

RAK CZ a.s. is a well-established Czech real estate company operating since 1990, specializing in property sales, rentals, management, auctions, consulting, and development. The company positions itself as a professional and comprehensive real estate partner offering unique and individualized client services. Their market presence is supported by quality management audits and membership in recognized real estate associations. Technically, the website is built on WordPress with modern plugins and frameworks, including Yoast SEO, Google Analytics, and GDPR-compliant cookie management, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement and reCAPTCHA integration, though some security headers could be improved. The absence of WHOIS data limits domain trust verification, but the website content and business information are consistent and professional. Overall, the site demonstrates good content quality, technical implementation, privacy compliance, and business credibility, making it a trustworthy platform for real estate services in the Czech Republic.

P

Pojišťovací kancelář Plzeň

allianzplzen.cz

43

The website www.allianzplzen.cz represents a local insurance agency operating in Plzeň, Czech Republic, affiliated with the Allianz brand. It offers insurance brokerage services and provides contact points for local customers seeking insurance solutions. The site is designed to serve a regional audience with clear navigation to contact representatives and office locations. Technically, the website is built on WordPress using common plugins such as Contact Form 7 and Toolset Maps, with Google Analytics and Tag Manager integrated for visitor tracking. The site is mobile-optimized and uses HTTPS with a valid SSL certificate, ensuring secure communication. However, the absence of WHOIS data and lack of explicit privacy and terms of service pages indicate areas for improvement in transparency and compliance. Security headers are missing, which could be enhanced to improve security posture. Overall, the website is professional and trustworthy in appearance but would benefit from improved compliance documentation and security hardening.

B

BPT Centrum, centrum diagnostiky, prevence a léčby bolesti zad

bptcentrum.cz

45

BPT Centrum is a specialized healthcare provider based in Plzeň, Czech Republic, focusing on the diagnosis, prevention, and treatment of back pain and spine-related conditions. The website presents a professional image with detailed information about medical staff, services, and contact details, targeting patients suffering from back pain. The business operates as a small healthcare center with a clear regional focus. Technically, the website is built on WordPress, uses modern web fonts, and integrates Google Tag Manager for analytics. The site is mobile-optimized and SEO-friendly, though it lacks visible privacy and cookie policies. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but security headers are missing and no incident response or security policy information is published. WHOIS data is unavailable, which reduces domain trustworthiness and should be further investigated. Overall, the website is safe, professional, and trustworthy for its intended audience.

H

HP Fyzioclinic s.r.o.

hpfyzioclinic.cz

43

HP Fyzioclinic s.r.o. operates a specialized physiotherapy and rehabilitation center primarily serving athletes and patients requiring musculoskeletal therapy in the Czech Republic. The website presents a professional image with detailed team profiles and service descriptions, positioning itself as a local healthcare provider. The business model focuses on delivering specialized health services with a small-scale operation. Technically, the website is built on WordPress with a modern tech stack including jQuery, Slick Carousel, and Foundation framework. It uses HTTPS and integrates Google Analytics and Tag Manager for visitor tracking. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. From a security perspective, the site enforces HTTPS and uses nonce tokens in AJAX calls, but it lacks important security headers such as Content-Security-Policy and HSTS. There is no visible privacy or cookie policy, which raises compliance concerns especially under GDPR. The absence of WHOIS data for the domain reduces trust and raises questions about domain legitimacy. Overall, the website is functional and professional but would benefit from improved privacy compliance, enhanced security headers, and transparent domain registration information to strengthen trust and security posture.

C

Cyber Création

cybercreation.fr

40

Cyber Création is a small, established French web and print communication agency based in Ormes near Reims, operating since 1998. The company specializes in graphic design, website creation including intranet and e-commerce solutions, and print production services. Their website reflects a professional and consistent brand image, targeting local businesses and organizations seeking digital and print communication solutions. The site is well-structured, mobile-optimized, and compliant with GDPR regulations, featuring a comprehensive cookie consent mechanism and privacy policy.

D

Département de la Meuse

meuse.fr

48

The Département de la Meuse website serves as the official digital presence of the regional government authority for the Meuse department in France. It provides comprehensive public service information, news, event listings, and resources for residents and local partners. The site is well-structured, primarily targeting local citizens and stakeholders, and offers services such as social support, cultural activities, tourism, and administrative procedures. The business model is governmental, focusing on public administration and community engagement. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, supplemented by modern JavaScript libraries like jQuery, Parsley.js for form validation, and Tarteaucitron.js for cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. The presence of a cookie consent mechanism and a comprehensive privacy policy indicates a mature approach to GDPR compliance. From a security perspective, the site enforces HTTPS and employs cookie consent controls, but lacks explicit HTTP security headers and a published security.txt file. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The absence of WHOIS registration data slightly reduces trust but is mitigated by the official nature of the domain and consistent branding. Overall, the security posture is solid but could be improved with additional headers and incident response information. The overall risk assessment is low, with the site appearing trustworthy and professionally maintained. Strategic recommendations include enhancing HTTP security headers, publishing a security.txt file, providing incident response contacts, and adding a terms of service page to improve legal clarity and user trust.

B

Bílý kruh bezpečí, z.s.

domacinasili.cz

43

The website www.domacinasili.cz serves as an informational and support platform dedicated to victims of domestic violence in the Czech Republic. It is operated by the non-profit organization Bílý kruh bezpečí, z.s., which provides crisis telephone help, psychological support, legal and social counseling, and public awareness resources. The site is well-branded and targets individuals affected by or concerned about domestic violence, offering practical advice and contact information for assistance. Technically, the website is built on WordPress and uses modern web technologies including jQuery and Google Analytics for tracking. It employs HTTPS for secure communications and includes a cookie consent banner to comply with basic privacy regulations. The site is mobile-optimized and presents a clear navigation structure, although some accessibility features could be improved. From a security perspective, the site benefits from HTTPS but lacks visible security headers and a published privacy policy page, which are important for compliance and user trust. No WHOIS data was retrievable, which limits domain registration trust analysis. No forms collecting personal data were found on the homepage, reducing immediate data protection concerns. Overall, the security posture is moderate but could be enhanced with additional best practices. The overall risk assessment indicates a trustworthy and professional non-profit website with some gaps in privacy compliance and domain transparency. Strategic recommendations include publishing a comprehensive privacy policy, implementing security headers, providing incident response contacts, and verifying domain registration details to improve trust and compliance.

N

Networm Studio

networm.cz

41

Networm Studio is a small Czech-based group of freelancers specializing in custom web development, SEO optimization, e-commerce solutions, and social media marketing. Operating since 2005, they focus on personalized client solutions rather than templated websites, targeting businesses seeking tailored online presence. The website is built on WordPress with common technologies like Bootstrap, jQuery, and Google reCAPTCHA, indicating a moderate level of technical maturity. Security posture is adequate with HTTPS and anti-bot measures but lacks advanced security headers and formal privacy policies. WHOIS data is unavailable, which limits domain trust verification, but the website content and contact information appear professional and consistent with a legitimate business. Overall, the site is safe, well-structured, and serves its business purpose effectively.

Optimus is a Polish technology company specializing in IT hardware manufacturing and distribution, with a focus on business IT solutions and gaming computers. The website presents two main segments: business IT services and gaming computers, targeting both corporate clients and gamers. The company appears established, with a domain dating back to 1996, indicating a mature market presence in Poland. The business model revolves around a network of local partners providing IT services and hardware supply, alongside direct manufacturing of computers, including a gaming series designed for various skill levels. Technically, the website uses basic HTML5 and CSS3 with video elements to showcase its offerings. The site is moderately optimized for mobile devices but lacks advanced SEO and accessibility features. No CMS or advanced frameworks are detected, suggesting a simple custom-built site. Performance is moderate, with no evident use of analytics or tracking technologies. From a security perspective, the site lacks visible security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No contact information or incident response details are available, limiting transparency and trust. The WHOIS data confirms the domain's legitimacy and long-term registration but shows no DNSSEC or advanced security features. Overall, the security posture is basic and requires improvements to meet modern standards. The overall risk is moderate due to the absence of privacy and security policies and lack of contact information. Strategic recommendations include implementing HTTPS with proper SSL, adding privacy and cookie policies, enhancing security headers, and providing clear contact and incident response information to improve trust and compliance.

I

inREAL realitná kancelária, s.r.o.

inreal.sk

45

inREAL realitná kancelária, s.r.o. is a Slovakian real estate agency specializing in property sales and searches across a wide range of locations in Slovakia. The website serves as a platform for clients to browse property listings and contact the agency for real estate services. The company targets individuals and businesses interested in real estate transactions within Slovakia, positioning itself as a local real estate service provider. The website features a professional design with clear navigation and mobile responsiveness, supporting a positive user experience. Technically, the site uses common web technologies such as jQuery, Bootstrap, and Font Awesome, with HTTPS enabled ensuring secure communications. However, there is room for improvement in security headers and privacy policy transparency. The security posture is moderate, with email obfuscation and cookie consent mechanisms implemented, but lacking explicit security policies or incident response contacts. Overall, the domain registration data aligns well with the website's business claims, supporting legitimacy and trustworthiness.

T

TechnologyMountains

technologymountains.de

43

TechnologyMountains is a German-based technology collaboration network that aims to accelerate business progress by linking companies with technical expertise and bridging the gap between industry and science. The website presents a professional and consistent brand image focused on fostering technological leadership among its members. The technical infrastructure is built on WordPress with common plugins such as WooCommerce and caching mechanisms, providing moderate performance and good mobile optimization. However, the site lacks critical privacy and security policies, contact information, and advanced security headers, which lowers its overall security posture. No WAF or blocking mechanisms were detected, allowing full content accessibility. The WHOIS data is minimal but consistent with hosting providers, with no privacy protection or suspicious patterns identified. Overall, the site is safe for general audiences and serves a business-to-business market segment.

Living MS is a healthcare information website focused on Multiple Sclerosis, providing educational content, support resources, and service information for MS patients and their families. The site is branded and operated by Merck GmbH, a pharmaceutical company, indicating a strong market position in healthcare and patient support. The platform targets German-speaking users in Austria and offers comprehensive information on MS symptoms, diagnosis, therapies, and living with the disease. It also provides a dedicated service line for medication injection device replacement. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, supported by modern analytics tools like Google Tag Manager and Adobe Analytics. The site demonstrates good digital maturity with mobile optimization, accessibility features, and SEO best practices. Cookie consent and privacy compliance are well implemented, reflecting adherence to GDPR requirements. From a security perspective, the site uses HTTPS with good SSL configuration and employs cookie consent mechanisms. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not detected, and no security.txt or incident response contacts are provided. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website presents a professional, trustworthy, and compliant digital presence for a healthcare information service. The lack of WHOIS data limits domain trust verification, but the strong branding and external partnerships support legitimacy. Strategic recommendations include enhancing security headers, adding vulnerability disclosure information, and maintaining regular security audits.

M

Mladí lékaři z.s.

mladilekari.cz

41

Mladí lékaři z.s. is a Czech non-profit association founded in 2010 that unites young doctors concerned with the Czech healthcare system. The website serves as an informational and community platform, reflecting a well-established position in the healthcare sector in the Czech Republic. The organization operates independently and voluntarily, targeting young medical professionals and stakeholders. Technically, the website is built on WordPress using the Divi theme and several common plugins, hosted by Active24. The site demonstrates good SEO practices, mobile optimization, and basic accessibility. Security posture is adequate with HTTPS enabled and GDPR cookie consent implemented, but lacks explicit privacy and terms of service pages and security headers. Overall, the site is professional and trustworthy with clear contact information and social media presence. Recommendations include enhancing security headers, publishing privacy and terms policies, and adding vulnerability disclosure information to improve compliance and trust.

The website interakcieliekov.sk is a Slovak healthcare informational platform dedicated to providing a drug interaction database for patients and pharmacists. It is part of a social responsibility initiative by the Slovak Pharmaceutical Chamber, aiming to enhance patient safety and public knowledge about pharmacotherapy. The platform offers tools to evaluate drug combinations and potential risks, along with educational content and pharmacist consultation options. The site is targeted primarily at Slovak patients and healthcare professionals. Technically, the site is built using modern React and Material-UI frameworks, hosted on Websupport with DNSSEC and HTTPS enabled, ensuring a secure and reliable user experience. However, the site lacks visible privacy and cookie policies, security headers, and explicit contact information for security or data protection matters, which are areas for improvement. Overall, the domain registration data aligns well with the website's purpose and origin, supporting its legitimacy and trustworthiness.

T

TRIMA NEWS, s.r.o.

budejckadrbna.cz

48

Budějcká Drbna is a regional news media portal operated by TRIMA NEWS, s.r.o., focused on delivering authentic news and stories from České Budějovice and the South Bohemia region. It offers a variety of news categories including society, crime, sports, and culture, targeting local residents and interested audiences. The site supports user engagement through registration, article saving, and subscription to daily news summaries. Technically, the website employs a modern JavaScript stack with integrations for analytics, advertising, and consent management, ensuring a good user experience across devices. Security posture is solid with HTTPS and consent mechanisms, though some security headers could be improved. The absence of WHOIS data is a notable transparency gap but does not detract from the professional presentation and operation of the site. Overall, the site is a trustworthy and well-maintained regional news source.

O

OLÚp Predná Hora

olup-prednahora.sk

40

OLÚP, n. o. Predná Hora is a well-established non-profit specialized psychiatric healthcare institution in Slovakia, founded in 2006. The organization offers a range of services including inpatient and outpatient psychiatric care, family therapy, and aftercare treatments. The website reflects a professional and trustworthy presence with comprehensive information targeted at patients and interested parties. It maintains a consistent brand identity and demonstrates compliance with GDPR and cookie regulations, enhancing user trust. The institution also actively engages users through social media channels and a dedicated mobile application.

W

Winning Group a.s.

winninggroup.cz

45

Winning Group a.s. is a Czech investment company focused on advancing its portfolio of firms primarily in manufacturing, construction, real estate, hospitality, and premium food sectors. The company positions itself as a strategic partner ready for long-term growth and acquisitions, targeting investors and industry professionals. The website reflects a mature digital presence with multilingual support and comprehensive corporate content including annual reports and press releases. Technically, the site is built on WordPress with modern JavaScript libraries and includes cookie consent mechanisms aligned with GDPR requirements. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure; however, the absence of security headers and WHOIS transparency are areas for improvement. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

The analyzed URL is a 404 error page hosted on a subdomain of ffm.to, which is associated with feature.fm, a music marketing platform. The page serves as a standard 'Page Not Found' message with minimal content and no business or contact information. The technical infrastructure uses modern JavaScript frameworks such as Vue.js and Nuxt.js, delivered via a Fastly CDN, and includes tracking scripts like Google Tag Manager and AppNexus. However, the page lacks privacy, cookie, and terms of service policies, as well as any security or incident response information, which limits compliance and trustworthiness. The security posture is minimal with no detected security headers or explicit protections. Overall, the page is accessible and not blocked by any WAF or security challenge, but it provides no substantive business or security information.

T

The Moth

themothcontact.org

45

The Moth is a recognized storytelling non-profit organization offering live events, educational workshops, and community engagement programs. Their website focuses on providing a contact form for inquiries related to ticketing, events, donations, and other services. The organization targets a general audience interested in storytelling and cultural events. Technically, the website is built using React.js and integrates Salesforce Web-to-Case for contact management. Hosting is provided via GoDaddy, with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS enabled but lacking DNSSEC and security headers, which are recommended for improvement. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data shows suspicious domain creation date in the future, which reduces trustworthiness but does not necessarily indicate malicious intent. Overall, the website is functional and professional but would benefit from enhanced security and privacy measures.

The analyzed website autostore.com is a parked domain page managed by GoDaddy, LLC, a well-known domain registrar and parking service provider. The page contains no active business content, products, or services, and is primarily designed to offer the domain for sale. The presence of a Trustpilot widget and TrustArc cookie consent banner indicates some level of trust and privacy compliance, but the overall content is minimal and targeted at domain buyers rather than end consumers. Technically, the site uses standard web technologies including JavaScript, CSS, and third-party widgets for consent management and reviews. It is hosted on GoDaddy's infrastructure and shows basic mobile optimization and accessibility features. However, no advanced CMS or frameworks are detected, and SEO optimization is poor due to lack of meaningful content. From a security perspective, the site lacks visible security headers and detailed security or incident response policies. The domain is registered with Tucows Domains Inc. and managed by GoDaddy, with no suspicious WHOIS patterns. DNSSEC is not enabled, which is a minor security gap. Overall, the security posture is basic but acceptable for a parked domain. The overall risk is low given the lack of active content or user interaction, but the site offers limited business credibility or user engagement. Strategic recommendations include improving security headers, enabling DNSSEC, and providing clearer business or contact information if the domain is to be developed into an active site.

G

Global Sign and Design, Inc.

global-sign.com

47

Global Sign and Design, Inc. is a small business specializing in digital signage and LED display solutions primarily serving the Pennsylvania region. The company acts as a premier distributor and installer for top manufacturers in the visual communication industry, offering products such as outdoor and indoor LED displays, scoreboards, and custom signage. Their market position is regional with a focus on retail and manufacturing sectors requiring digital signage solutions. Technically, the website infrastructure is outdated, relying on deprecated Flash technology and lacking modern security features such as HTTPS enforcement and security headers. The site is hosted by Bluehost Inc. and uses basic JavaScript and CSS without modern frameworks or CMS. Performance and mobile optimization are poor, and accessibility features are minimal. From a security perspective, the website shows significant gaps including absence of privacy and cookie policies, no visible security headers, and no DNSSEC enabled on the domain. The use of Flash presents security and compatibility risks. Contact information is provided but limited, and no incident response or security policies are disclosed. Analytics tools like StatCounter and Google Analytics are used without clear privacy compliance disclosures. Overall, the website presents moderate business credibility but requires urgent technical and security improvements to enhance user experience, compliance, and trustworthiness. Strategic recommendations include modernizing the website technology stack, implementing HTTPS and security headers, adding privacy and cookie policies, and removing deprecated Flash content.

M

MYJO, s.r.o. - REZEO

rezeo.cz

44

REZEO is a Czech Republic based SaaS company specializing in an online reservation system tailored for small accommodation providers. The platform aims to simplify online booking processes, enhance guest comfort, and improve rental efficiency. The company operates under MYJO, s.r.o., founded in 2021, positioning itself as a niche player in the hospitality sector. The website reflects a professional and consistent brand image with a clear focus on its target audience. Technically, the site employs modern web technologies including Google Tag Manager, Facebook Pixel, and consent management tools, hosted by Active24. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enforced and cookie consent implemented; however, security headers and formal policies like privacy and terms of service are missing, representing areas for improvement. Overall, the website is trustworthy and functional, with moderate user tracking and marketing integration.

G

Guía de la Industria Química

guiaquimica.mx

48

Guía de la Industria Química is a specialized online platform focused on providing comprehensive information, business directories, and advertising opportunities for the chemical industry and related sectors in Mexico. Established in 2011, it serves industry professionals and companies by offering detailed articles, supplier listings, and sector-specific insights. The website positions itself as an important resource within the Mexican chemical manufacturing sector, supporting business decision-making and networking. Technically, the website employs modern front-end technologies including Bootstrap, FontAwesome, Google Fonts, and interactive libraries such as Swiper and AOS for animations. It integrates Google Analytics, Google Tag Manager, and Mouseflow for user behavior tracking and performance monitoring. The site is mobile-optimized and demonstrates good SEO practices, though accessibility features are basic. Hosting details are limited but the domain registrar is consistent with the business location. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA on forms to mitigate spam. However, it lacks visible security headers such as Content-Security-Policy or X-Frame-Options, which could enhance protection against common web attacks. No privacy or cookie policies are published, indicating compliance gaps with GDPR and other privacy regulations. No incident response or vulnerability disclosure information is provided, which could be improved to strengthen trust. Overall, the website is professional, content-rich, and trustworthy for its target audience but would benefit from enhanced privacy compliance and security hardening. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and providing clear incident response contacts to improve compliance and security posture.

Design by Ewa is a specialized small business focused on providing custom web design and graphic design services tailored to dog and cat breeders, kennels, catteries, and the equestrian industry. The company has a long-standing presence since 2001 and offers a range of services including website packages, logo design, magazine publication, and advert design. Their market position is that of a niche specialist with a professional and artistically driven approach. Technically, the website uses a modern but basic tech stack including Bootstrap and jQuery, with moderate performance and good mobile optimization. However, there is a lack of advanced SEO and accessibility features. Security posture is weak due to missing security headers and unknown SSL configuration, and there are no visible privacy or cookie policies, indicating compliance gaps. Overall, the website is professional and trustworthy but would benefit from enhanced security and compliance measures.

A

a-net group a.s.

cavalletto.cz

49

Cavalletto.cz is an established Czech e-commerce retailer specializing in equestrian products, including horse carts, riding equipment, apparel, stable supplies, and related services. The business targets horse owners, riders, and stable operators primarily within the Czech Republic. The website presents a comprehensive product catalog with clear navigation and a professional design, supporting a good user experience. Technically, the site uses jQuery and video.js libraries and appears to be built on a custom or Nette-based e-commerce platform hosted on Czechland.net servers. Mobile optimization is good, and basic accessibility features are present. Security measures include HTTPS usage, CSRF tokens in forms, and a cookie consent mechanism with opt-in for analytics and advertising cookies. However, explicit security headers and privacy policies are missing, representing areas for improvement. WHOIS data confirms the domain's legitimacy and long-standing presence since 2009. Overall, the site is functional and trustworthy but would benefit from enhanced security and compliance documentation.

J

Jezdecké centrum Královický dvůr

kralovickydvur.cz

46

Jezdecké centrum Královický dvůr is a hospitality and equestrian service provider located near Prague, Czech Republic. The business offers a restaurant, accommodation in a historic building, corporate event hosting, and a comprehensive equestrian center. Their target audience includes horse enthusiasts, tourists, families, and corporate clients seeking unique event venues. The website reflects a well-structured and professionally designed platform with clear navigation and relevant content. Technically, the site uses modern JavaScript libraries, Google Analytics, Facebook Pixel, and Typekit fonts, with a CMS likely based on Nette framework. Security posture is moderate with HTTPS usage but lacks explicit security headers and privacy compliance documentation. Contact information is clearly presented with phone numbers and a contact form, but no privacy or cookie policies were found, indicating compliance gaps. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

E

ESC Olomouc

escolomouc.cz

46

ESC Olomouc operates as a modern equestrian center in the Czech Republic, specializing in hosting show jumping and dressage competitions. The website positions the center as the most exclusive equestrian venue in the country, targeting equestrian sports enthusiasts and competitors. Key services include event hosting, live streaming, and hospitality offerings such as a restaurant. The business is small-sized, founded in 2012, and maintains partnerships with local financial institutions and sports organizations. Technically, the website uses modern frontend technologies like Alpine.js and Swiper.js, with a responsive design and moderate performance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies, indicating room for compliance improvement. No forms or direct contact details are visible, which may impact user engagement and trust. Overall, the site is professional and content-rich but could enhance privacy compliance and security transparency.

JS Equitana Martinice is a small equestrian society based in the Czech Republic focused on organizing horse riding competitions, training camps, and related equestrian activities. The website serves as an information hub for event calendars, online results, galleries, and partner information. The business operates regionally with a clear target audience of equestrian sports enthusiasts and competitors. The parent company is RUBILIS, s.r.o., indicating a formal business structure. Technically, the website uses a mix of older and modern JavaScript libraries, a custom CMS (IPO), and integrates Matomo analytics for user tracking. The site is mobile responsive and provides a cookie consent mechanism, but lacks a dedicated privacy policy or terms of service pages. Security posture is moderate with HTTPS enforced and use of Google reCAPTCHA, but missing security headers and no published security or incident response policies. WHOIS data is unavailable, which slightly reduces trust but the website content and partner ecosystem support legitimacy. Overall, the site is functional, moderately secure, and serves its niche audience effectively.

Chuchle Arena Praha, s.r.o. operates a historic and prominent horse racing and equestrian sports venue located in Prague, Czech Republic. The company offers a multifaceted business model including horse racing events, show jumping competitions, event space rental, accommodation services, and a riding academy. The website reflects a well-established business with a strong market position in the Czech equestrian and sports hospitality sector. The target audience includes horse sports enthusiasts, families, tourists, and event organizers. Technically, the website uses a combination of legacy and modern web technologies including jQuery, Google Tag Manager, Google Analytics, Matomo, and Google reCAPTCHA. The site is built on the IPO CMS platform and demonstrates good mobile optimization and SEO practices. However, some technical debt is noted with the use of older JavaScript libraries and missing security headers. From a security perspective, the site enforces HTTPS and implements user consent mechanisms for cookies and tracking, aligning with GDPR requirements. The absence of WHOIS data reduces domain trustworthiness, and the lack of security headers and outdated libraries present moderate security risks. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, content-rich, and compliant with privacy regulations, but improvements in security headers, updated libraries, and domain registration transparency are recommended to enhance trust and security posture.

E

EQS magazín

eqsmagazin.cz

42

EQS magazín is a Czech-language online media platform dedicated to equestrian topics including horse care, nutrition, health, equipment, and interviews with riders and trainers. The website targets horse enthusiasts and riders primarily in the Czech Republic. It operates on a WordPress CMS infrastructure with common plugins and technologies such as Smart Slider 3, jQuery, Google Fonts, and Font Awesome. The site is well-structured with good content quality and consistent branding. Security posture is adequate with HTTPS enabled but lacks some security headers and formal privacy and cookie policies. WHOIS data is unavailable, limiting domain legitimacy verification. Overall, the site is professional and safe for general audiences, with moderate tracking via Google Analytics.

G

GSG Berlin GmbH

gsg.de

46

GSG Berlin GmbH is a well-established real estate company specializing in leasing office, commercial, and warehouse spaces primarily in Berlin. With over 60 years of experience and a portfolio exceeding 1 million square meters, it serves a diverse clientele including startups, craftsmen, and SMEs. The company emphasizes flexibility in space usage and offers value-added services such as highspeed fiber internet and electric vehicle charging stations. The website reflects a strong market position with multiple locations and a broad tenant network. Technically, the website is built on WordPress using modern plugins and frameworks, optimized for performance and mobile responsiveness. It integrates analytics and marketing tools like Google Tag Manager and HubSpot, and employs a cookie consent mechanism compliant with GDPR. Security best practices are observed with HTTPS, security headers, and no visible vulnerabilities, though a dedicated security policy and incident response information are absent. Overall, the site demonstrates a mature digital presence with good privacy compliance and professional content. The domain registration data is minimal but consistent with the business claims. No WAF or blocking mechanisms were detected, allowing full content access and analysis. Strategic recommendations include publishing a formal security policy, incident response contacts, and vulnerability disclosure information to enhance trust and compliance. Regular security audits of third-party scripts and further accessibility improvements would strengthen the security posture and user experience.

CPI Hungary Kft. is a prominent real estate investor, developer, and operator in Hungary, managing a substantial portfolio exceeding 600,000 square meters with a valuation over €1.3 billion. The company operates primarily in office, hotel, and retail sectors and is a member of the CPI Property Group. The website reflects a mature digital presence with comprehensive investor materials, clear contact information, and active social media engagement. Technically, the site employs modern web technologies, including Google Tag Manager and responsive design, ensuring good performance and user experience. Security posture is solid with HTTPS and no exposed sensitive data, though explicit security headers and cookie consent mechanisms could be improved. Overall, the domain registration and WHOIS data align well with the company's profile, indicating legitimacy and trustworthiness.

M

Přírodní vonné svíčky od Ewy Farne | Mmntshop.cz

mmntshop.cz

40

The website mmntshop.cz is a small e-commerce platform specializing in natural scented candles, notably associated with the celebrity Ewa Farna. It targets general consumers interested in natural home fragrance products within the Czech Republic. The site is built on WordPress using WooCommerce and Elementor, indicating a standard modern e-commerce infrastructure. Hosting appears to be provided by exon.io based on DNS information. The website demonstrates good design quality, mobile optimization, and SEO practices but lacks explicit privacy and terms of service documentation. Security posture is moderate with no advanced security headers detected and no visible vulnerability disclosure or incident response policies. Cookie consent is implemented, indicating some level of privacy compliance. Overall, the domain registration data is consistent and appropriate for the business age and type, supporting legitimacy.

C

CBS spol, s.r.o.

malovanemapy.sk

43

CBS spol, s.r.o. operates the website malovanemapy.sk, specializing in the creation and sale of hand-painted maps tailored for municipalities, microregions, sports centers, hotels, and resorts primarily in Slovakia. Their unique business model combines traditional artistic craftsmanship with modern technology to produce accurate and visually appealing maps that serve both tourists and local residents. The company leverages sponsorship and advertising partnerships to support the costly production process, enhancing community involvement by including local children in the artwork. The website reflects a niche market position with a strong local cultural focus and trust signals such as testimonials and FSC certification.

A

AFM Productions

afmproductions.fr

49

AFM Productions is a specialized audiovisual production company founded in 1997 by the AFM-Téléthon association, focusing on creating documentaries and educational content about rare genetic diseases and medical research. The company targets a general audience interested in health, science, and social issues, leveraging storytelling to raise awareness and inform the public. The website reflects a professional and consistent brand identity aligned with its mission. Technically, the website is built on Drupal 10 with Bootstrap and uses modern libraries such as Swiper.js for UI components. It integrates Google Analytics and a GDPR-compliant cookie consent mechanism via CookieYes, indicating a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and has implemented cookie consent but lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain legitimacy verification, but the website content and contact information suggest a trustworthy entity. Overall, the site presents a low-risk profile with good compliance and technical standards, though improvements in security headers and transparency policies are recommended.

I

Institut des cellules Souches pour le Traitement et l'Étude des maladies Monogéniques

istem.eu

47

I-Stem is a French research institute specializing in stem cell therapy and the study of rare and ultra-rare monogenic diseases. It operates as a medium-sized organization with approximately 80 staff members, including scientists and support personnel. The institute is well-positioned in the European healthcare research sector, collaborating with notable partners such as AFM-Telethon and Genethon. Their key services include fundamental and clinical research, clinical trial sponsorship, and providing advanced technological platforms to support their scientific endeavors. Technically, the website is built on WordPress with modern plugins for SEO, search, and form management. It employs Google reCAPTCHA for security and Tarteaucitron for cookie consent management, reflecting a mature digital infrastructure. The site is optimized for mobile and accessibility, with good SEO practices and moderate performance. From a security perspective, the site uses HTTPS with strong SSL configuration and includes security headers. It integrates anti-bot measures and cookie consent mechanisms, but lacks a dedicated security policy or incident response contact details. No vulnerabilities or exposed sensitive data were detected, indicating a solid security posture. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. The absence of direct contact emails or phone numbers suggests a preference for controlled communication via contact forms. Strategic recommendations include publishing explicit security and incident response policies and considering a vulnerability disclosure program to enhance transparency and trust.