High-risk security reports

G

Gymnázium Bruntál

gymbru.cz

43

Gymnázium Bruntál is a well-established secondary educational institution in the Czech Republic, founded in 2001. The school focuses on preparing students primarily for university studies, offering quality education in humanities and natural sciences. The website reflects a professional and modern digital presence, leveraging WordPress with Elementor and SEO plugins to provide a user-friendly experience for students, parents, and applicants. The site includes essential contact information, social media links, and a cookie consent mechanism, demonstrating basic GDPR compliance. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though some security headers could be improved. Overall, the website is trustworthy and serves its educational mission effectively.

A

ART ECON

artecon.cz

38

ART ECON is a Czech-based educational organization with a website focused on promoting educational services or institutions, as indicated by the slogan 'Školy plné talentu'. The site uses WordPress CMS with the Divi theme and includes common tracking technologies such as Facebook Pixel, Microsoft Clarity, and Google Tag Manager. The technical infrastructure is moderate with basic mobile optimization and SEO practices. However, the site lacks critical privacy and security policies, contact information, and security headers, which lowers its overall security posture and privacy compliance. No WAF or blocking mechanisms were detected, and the content is safe for general audiences.

W

Websupreme

websupreme.cz

42

Websupreme.cz is a Czech Republic based small business specializing in web development, e-shop creation, and advertising services. The company emphasizes 12 years of experience, competitive pricing, and reliable delivery times. The website is built on WordPress using the Elementor page builder, indicating a modern and flexible technical infrastructure. Hosting is provided by REG-WEDOS, a Czech hosting provider, consistent with the business location. The site is well designed with good user experience and mobile optimization, though accessibility and SEO optimizations are basic. Security posture is moderate with HTTPS enabled but lacking security headers and formal security policies. Privacy compliance is limited with no cookie consent mechanism and only basic privacy and terms links in the footer. Overall, the site is professional and trustworthy for its market segment but could improve in security and privacy compliance.

F

Fruit servis, s.r.o.

fruitservis.cz

43

Fruit servis, s.r.o. is a well-established Czech company specializing in the supply of fresh fruit, vegetables, and dairy products primarily targeting schools and wholesale customers. The company supports national programs promoting healthy eating among children and offers additional educational and gastro services. The website is built on a modern WordPress platform using Elementor, providing a good user experience with clear contact information and trust signals such as testimonials and partner logos. However, the site lacks visible privacy and cookie policies, which is a compliance gap. Security posture is generally good with HTTPS enabled and secure forms, but missing security headers and vulnerability disclosure mechanisms are noted. Overall, the website is professional, trustworthy, and serves its business purpose effectively.

Klastr sociálních inovací a podniků – SINEC z.s. is a non-profit cluster organization based in the Moravskoslezský region of the Czech Republic. It focuses on supporting social enterprises and social innovation, aiming to foster growth in the social economy and increase employment opportunities for socially and health-disadvantaged groups. The website serves as a hub for information about the cluster, its members, projects, and annual reports, targeting social economy actors primarily within the region but also across the Czech Republic. Technically, the website is built on WordPress using the Blocksy theme and Elementor page builder with JetEngine plugin. It employs modern web technologies such as jQuery and Slick Carousel for UI components. The site is mobile optimized and has moderate performance, but lacks advanced SEO and accessibility features. No analytics or tracking services are detected, indicating a privacy-conscious approach or minimal user tracking. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers and published security policies. There are no visible vulnerabilities or exposed sensitive data, but the absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. Incident response and vulnerability disclosure mechanisms are not present. Overall, the website is professional and trustworthy for its intended audience but would benefit from enhanced privacy compliance, security hardening, and transparency measures to improve its security posture and regulatory adherence.

Z

Zařízení školního stravování Matiční dům

maticni.cz

41

Zařízení školního stravování Matiční dům is a contributory organization affiliated with the Moravian-Silesian Region, providing school catering services primarily for students and staff of the associated educational institution. The website serves as an information portal for meal menus, ordering, and contact details, targeting the local school community. The site is built on WordPress with standard plugins and offers a functional, well-structured user experience with clear navigation and mobile optimization. Technically, the site uses modern WordPress 6.6.4 with jQuery and several plugins for content display and gallery management. HTTPS is enforced, ensuring secure communication. However, the site lacks advanced security headers and a published privacy policy, which are important for compliance and trust. No analytics or advertising scripts were detected, indicating minimal user tracking. Security posture is moderate with good SSL configuration and cookie consent mechanisms but missing security.txt and incident response information. The absence of WHOIS data limits domain trust assessment, though the website content and regional government affiliation support legitimacy. Overall, the site is safe, professional, and suitable for its educational audience. Recommendations include publishing a privacy policy and terms of service, implementing security headers, adding a security.txt file, and verifying domain registration details to enhance trust and compliance.

M

MK Fruit s.r.o.

mkfruit.cz

44

MK Fruit s.r.o. is a well-established Czech wholesale company specializing in fresh fruit, vegetables, and dairy beverages. The company maintains strong partnerships with domestic and EU growers and serves a diverse clientele including hospitals, schools, and retail chains. Their business model emphasizes high-quality fresh produce combined with comprehensive logistics and customer service. The website reflects a professional digital presence built on WordPress with WooCommerce and Elementor, indicating a moderate level of digital maturity. Security measures include HTTPS, reCAPTCHA on forms, and GDPR-compliant cookie management, though some security headers could be improved. Overall, the site is trustworthy and compliant with privacy regulations, supporting the company's credibility in the retail sector.

S

Střední odborná škola a Základní škola, Město Albrechtice, příspěvková organizace

souzma.cz

48

The website represents a public educational institution in Město Albrechtice, Czech Republic, offering secondary vocational and basic education. It is affiliated with the regional government (Moravskoslezský kraj) and provides a variety of educational programs including special education and vocational training. The site targets prospective students and the local community, providing detailed information about courses, admissions, and school activities. Technically, the website employs a modern technology stack including jQuery, Flatpickr, Tippy.js, and Google Tag Manager, built on the Nette PHP framework. It features responsive design, accessibility considerations, and integrates Google reCAPTCHA for form security. Cookie consent and GDPR compliance mechanisms are implemented, reflecting a mature digital presence. From a security perspective, the site uses HTTPS and includes anti-bot measures. However, explicit security headers are not evident in the HTML content, and no published security or incident response policies were found. The WHOIS data is missing, which slightly impacts trust but is mitigated by the official nature of the institution and clear contact information. Overall, the website is professional, secure, and compliant with privacy regulations, serving its educational mission effectively. Strategic improvements include enhancing security headers, publishing security policies, and improving WHOIS transparency to bolster trust.

Základní škola Sušice, Lerchova ulice, is a primary educational institution serving the local community in the Czech Republic. The website provides information about school activities, projects, events, and educational resources primarily targeting students, parents, and school staff. The school holds a recognized certification from Scio, indicating a commitment to educational quality. The website content is well-structured with regular updates and photographic documentation of school events, reflecting active community engagement. Technically, the website employs a basic but functional technology stack including HTML, CSS, JavaScript, and a third-party cookie consent library. Hosting is provided by Active24, a known Czech hosting provider. The site lacks advanced CMS or modern frameworks and shows basic mobile optimization and accessibility features. SEO is minimal but sufficient for the target audience. From a security perspective, the site implements a cookie consent banner but lacks visible HTTPS enforcement confirmation, security headers, or published security policies. No forms or sensitive data collection mechanisms are present, reducing immediate risk exposure. However, the absence of explicit privacy and security policies and lack of incident response contacts indicate room for improvement in compliance and security posture. Overall, the website is a functional, community-focused educational portal with moderate technical maturity and basic security measures. Strategic improvements in HTTPS enforcement, security headers, privacy policy clarity, and accessibility would enhance trust and compliance.

O

Obchodní akademie a Vyšší odborná škola sociálně právní, Ostrava

oa-vos.cz

48

Obchodní akademie a Vyšší odborná škola sociálně právní, Ostrava is a well-established educational institution in the Czech Republic offering secondary and higher vocational education in business, economics, social work, and social pedagogy. The website reflects a medium-sized public institution with a strong regional presence and a broad range of educational programs and extracurricular activities. The institution is funded by the Moravskoslezský kraj regional government, which adds to its credibility and trustworthiness. Technically, the website uses a modern tech stack including jQuery, Nette Framework, and various JavaScript libraries for UI enhancements and user experience. It is hosted on reputable Czech infrastructure with HTTPS enforced and basic security best practices in place. The security posture is solid but could be improved by adding explicit security headers and publishing a security policy or incident response contacts. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, both in Czech. Overall, the website is professional, trustworthy, and suitable for its educational audience.

S

Střední škola André Citroëna Boskovice, příspěvková organizace

skolaac.cz

49

Střední škola André Citroëna Boskovice is a Czech secondary educational institution offering both maturita (high school leaving exam) and vocational apprenticeship programs. The school targets prospective students and the general public, providing a range of study programs, accommodation, catering, and sports facilities. It maintains partnerships with numerous reputable local and international companies, enhancing practical training opportunities for students. The website is professionally designed, well-structured, and provides comprehensive information about the school, its programs, and services.

Š

Škola Parentes

parentes.cz

47

Škola Parentes is a small educational institution based in the Czech Republic offering primary, kindergarten, and gymnasium level education. The website presents a well-structured and professionally designed platform that highlights their educational philosophy, tutoring services, character formation programs, and extracurricular activities. The institution targets parents and prospective students seeking quality education in Prague. Technically, the website is built on WordPress using the Avada theme and Fusion Builder, incorporating modern web technologies and third-party integrations such as Google Analytics and Facebook Pixel with a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and consent management in place, though security headers are not explicitly detected. The absence of WHOIS data limits domain trust assessment, but the website content and social media presence support legitimacy. Privacy policy and terms of service pages are not explicitly found, indicating room for compliance improvement.

V

VOŠ, SŠ, JŠ, ZŠ a MŠ MILLS, s.r.o.

mills.cz

45

The website mills.cz represents a private educational institution in the Czech Republic offering a broad spectrum of educational services including kindergarten, primary, secondary, higher vocational, language education, and lifelong learning programs. The institution appears well-established with a domain age dating back to 2007 and clear physical address information. The website is professionally designed with good navigation and mobile optimization, targeting students and lifelong learners primarily within the Czech Republic. From a technical perspective, the site uses standard HTML5 and CSS3 technologies with Adobe Typekit fonts for typography. Hosting and domain registration are consistent with the Czech-based registrar WEDOS. The website performance is moderate with good SEO practices but lacks advanced frameworks or CMS indications. Accessibility is basic but functional. Security posture is limited based on the provided data. No security headers or HTTPS enforcement details were found, and no privacy or cookie policies are published, which impacts compliance and trust. No contact emails or phone numbers are provided, limiting direct communication channels. No forms or data collection mechanisms are present on the main page, reducing immediate data protection concerns but also limiting user engagement. Overall, the website is safe and suitable for general audiences with no adult or questionable content. The domain registration data supports legitimacy and trustworthiness. Strategic improvements in security headers, privacy compliance, and contact information publication would enhance the site's security and user trust.

The website www.educanet.cz is currently inaccessible in terms of meaningful content, displaying only PHP error messages related to improper translation loading and header modification issues. The absence of WHOIS registration data further complicates trust and legitimacy assessments. The site lacks any visible privacy, cookie, or terms of service policies, and no contact or business information is available. Technically, the site suffers from poor implementation and security hygiene, exposing PHP warnings publicly and lacking security headers or HTTPS enforcement indications. Overall, the digital maturity of the site is low, with significant risks related to security and compliance. Strategic remediation is urgently needed to improve the site's stability, security posture, and user trust.

Z

Základní škola a praktická škola Brno, Vídeňská, příspěvková organizace

videnska.cz

46

The website www.videnska.cz represents a public educational institution named Základní škola a praktická škola Brno, Vídeňská, located in Brno, Czech Republic. It offers basic and practical schooling services including preparatory classes and secondary practical education. The site targets students, parents, and educators within the local region and functions as a contributory organization under public funding. The content is well-structured, informative, and tailored to its audience, with clear navigation and relevant educational resources. Technically, the website employs a modern JavaScript stack including jQuery, Flatpickr, and Nette Framework components, alongside Google Tag Manager and reCAPTCHA v3 for analytics and security. The site is mobile-optimized and uses cookie consent mechanisms compliant with GDPR. However, there is room for improvement in security headers and explicit security policy documentation. From a security perspective, the site enforces HTTPS, integrates reCAPTCHA for form protection, and provides cookie consent banners. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's claims, confirming legitimacy and trustworthiness. Overall, the site maintains a good security posture but could enhance its security headers and incident response transparency. The overall risk is low, with no signs of malicious activity or content safety concerns. Strategic recommendations include implementing security headers, publishing security policies, and maintaining up-to-date third-party libraries to further strengthen security and compliance.

O

Obchodní akademie s. r. o.

obaka.cz

40

Obchodní akademie s. r. o. is a small private educational institution in the Czech Republic specializing in business academy studies combined with sports activities. It operates multiple campuses in Ostrava and Karviná, targeting students interested in both academic and athletic development. The website presents clear contact information and social media presence, supporting its regional educational role. Technically, the site uses a modern JavaScript stack including jQuery, Nette Framework AJAX, and Google reCAPTCHA for security on login forms. The site is mobile optimized with moderate performance and basic SEO and accessibility features. Security posture is good with HTTPS and CAPTCHA but lacks advanced security headers and formal privacy or cookie policies, which are compliance gaps. WHOIS data is missing, limiting domain trust assessment, but no suspicious content or vulnerabilities were detected. Overall, the site is professional and functional but could improve privacy compliance and security hardening.

S

Střední odborná škola ochrany osob a majetku s.r.o.

sosoom.cz

40

Střední odborná škola ochrany osob a majetku s.r.o. is a Czech educational institution specializing in secondary vocational education with a focus on security and legal protection. The website presents multiple regional branches with clear contact details and physical addresses, targeting students seeking specialized secondary education. The business operates primarily in the education sector within the Czech Republic and appears to be a small-sized entity. Technically, the website uses modern frontend libraries such as jQuery, Nette Framework, Flatpickr, and Slick carousel, providing a good user experience with mobile optimization and clear navigation. Security posture is moderate with HTTPS enforced and Google reCAPTCHA v3 implemented for form protection, but lacks security headers and explicit privacy or cookie policies, indicating room for improvement in compliance and security best practices. The absence of WHOIS data limits domain legitimacy verification, but the website content and contact information suggest a legitimate educational organization. Overall, the site is safe, professional, and functional but would benefit from enhanced privacy compliance and security hardening.

S

Střední škola technická a řemeslná, Nový Bydžov

sstrnb.cz

49

Střední škola technická a řemeslná, Nový Bydžov is a Czech secondary technical and vocational school offering education in technical fields, food industry, and driving training. The institution targets students and prospective students seeking practical and theoretical education in these sectors. The website reflects a well-established regional educational institution with partnerships with notable companies such as Škoda, Volvo, and Bosch. Technically, the website uses modern JavaScript libraries and frameworks, including jQuery, Flatpickr, and Google Tag Manager, indicating a moderate level of digital maturity. Security posture is good with HTTPS enforced and reCAPTCHA integration, though some security headers could be improved. Privacy compliance is strong with a clear GDPR-compliant privacy policy and cookie consent mechanism. Overall, the website is professional, trustworthy, and well-structured, supporting the institution's educational mission.

S

Střední škola právní - Právní akademie, s.r.o.

prak.cz

48

Střední škola právní - Právní akademie, s.r.o. is a private secondary school based in the Czech Republic specializing in legal education. The institution has a longstanding tradition dating back to 1993 and offers practical, quality education with individual student support. The website targets prospective students, current students, and parents, providing comprehensive information about programs, admissions, and school activities. The business model focuses on specialized education services with a strong emphasis on practical skills and international cooperation. Technically, the website employs a modern technology stack including jQuery, Flatpickr, Slick Slider, and Google Tag Manager, integrated within a Nette PHP framework environment. The site is mobile-optimized with good SEO and accessibility features, although some accessibility aspects could be improved. Performance is moderate, with external dependencies on trusted CDNs and services. From a security perspective, the site uses HTTPS and integrates Google reCAPTCHA Enterprise for form protection, alongside a cookie consent mechanism compliant with GDPR. However, explicit security headers are not evident, and there is no published security policy or incident response contact information. No vulnerabilities or suspicious content were detected. Overall, the website presents a professional and trustworthy digital presence for the educational institution, with strong privacy compliance and good business credibility. Strategic improvements in security headers and transparency policies could further enhance trust and security posture.

S

Střední škola obchodní a služeb SČMSD, Polička, s.r.o.

ssospolicka.cz

48

Střední škola obchodní a služeb SČMSD, Polička, s.r.o. is a private secondary vocational school located in Polička, Czech Republic, with a long-standing tradition dating back to 1929. The school offers a variety of study programs including business, marketing, public administration, cosmetology, hairdressing, and sports massage, targeting students and their parents. The website reflects a professional and well-structured digital presence with comprehensive content, clear navigation, and modern web technologies. Security measures such as HTTPS, Google reCAPTCHA Enterprise, and Google Tag Manager are implemented, although some security headers could be improved. Privacy and cookie policies are present and GDPR compliant. However, WHOIS data for the domain is unavailable, which slightly impacts trustworthiness from a domain registration perspective. Overall, the site is trustworthy, content-rich, and serves its educational audience effectively.

FOKUS – Opava, z.s. is a Czech non-profit organization established in 2007, dedicated to providing social services primarily for persons with mental illness and disabilities in the Moravian-Silesian region. The organization operates multiple service centers offering social rehabilitation, protected workshops, clinical psychology outpatient services, and community-based support. It is funded through regional and municipal grants, as well as partnerships with local government and social institutions. The website reflects a stable regional presence with detailed project updates and transparent funding acknowledgments. Technically, the website is built on legacy JavaScript libraries such as Prototype.js and Scriptaculous, with a custom HTML structure and no detected CMS. The site is moderately optimized for performance and accessibility but lacks modern features such as cookie consent mechanisms and advanced SEO optimizations. No analytics or tracking scripts are present, indicating a privacy-conscious approach. From a security perspective, the site lacks visible security headers and cookie policies, and there is no evidence of HTTPS enforcement or advanced security frameworks. However, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms a long-standing domain registration consistent with the organization's history, supporting legitimacy. Overall, the website is trustworthy and professionally maintained for its non-profit purpose but would benefit from modern security enhancements, privacy compliance improvements, and technical modernization to improve user experience and security posture.

S

Střední zdravotnická škola Opava

szsopava.cz

44

Střední zdravotnická škola Opava is a regional secondary healthcare educational institution operated as a contributory organization by the Moravian-Silesian Region in the Czech Republic. The website provides comprehensive information about study programs, student services, courses, and school projects including Erasmus+ mobility. The site targets students, prospective students, and educational stakeholders interested in healthcare education. Technically, the website is built on WordPress with modern plugins and accessibility features, offering a good user experience and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking some security headers and incident response disclosures. The absence of WHOIS data limits domain legitimacy verification but the website content and contact details support its authenticity. Strategic recommendations include adding security headers, publishing incident response contacts, and verifying domain registration details to enhance trust and compliance.

E

Elim Opava, o.p.s.

elimopava.cz

40

Elim Opava, o.p.s. is a well-established non-profit organization based in the Czech Republic, focused on providing social and community services such as low-threshold youth services, family assistance, volunteer coordination, foster family support, and community work. The organization has a strong local presence with a history dating back to 1998 and a dedicated facility since 2002. Their website reflects a professional and consistent brand image with clear navigation and relevant content targeted at children, youth, families, and local community members. Technically, the website is built on WordPress with common plugins and jQuery, offering good mobile responsiveness and moderate performance. While HTTPS is properly implemented, the site lacks some security headers and formal privacy and cookie policies, which are important for compliance and user trust. No forms are present on the homepage, and contact is provided via email and phone, supplemented by social media presence on Facebook. From a security perspective, the site shows a good baseline with no visible vulnerabilities or exposed sensitive data. However, improvements are recommended in implementing security headers, publishing privacy and cookie policies, and establishing incident response and vulnerability disclosure mechanisms. The domain WHOIS data is consistent with the organization's claims, showing a long-standing registration that supports legitimacy. Overall, Elim Opava's website is a trustworthy and professional platform for their non-profit activities, with room for enhancement in privacy compliance and security best practices to further strengthen user trust and regulatory adherence.

G

Google Analytics Alternative

abralytics.com

44

Abralytics is a privacy-focused web analytics platform positioned as an alternative to Google Analytics (GA4), targeting web development agencies and businesses concerned with data privacy. The company offers cookie-free analytics, EU-based data storage, and white label branding, emphasizing user privacy and compliance. The website is built on WordPress with Elementor and integrates marketing and analytics tools such as HubSpot, Microsoft Clarity, and Google Tag Manager. While the site is professionally designed and mobile-optimized, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is generally good with HTTPS and domain protections, but DNSSEC and security headers are missing. Overall, the domain registration is consistent with the business profile, indicating legitimacy.

L

LMC France

lmc-web.fr

34

LMC France is a French web development agency specializing in delivering customized digital solutions. The company targets businesses and organizations seeking professional web development services. The website demonstrates a professional design with consistent branding and good content quality, indicating a small-sized agency operating in the technology sector within France. Technically, the site is built on WordPress using Elementor and integrates SEO tools like Yoast and analytics via Matomo, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS usage and no exposed sensitive data, but lacks advanced security headers and explicit privacy or cookie policies. The absence of WHOIS data raises concerns about domain legitimacy and registration transparency. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and clearer contact information to improve trust and security.

C

CRESS AURA

cress-aura.org

49

CRESS AURA is a regional non-profit organization dedicated to representing, promoting, and supporting social and solidarity economy (ESS) structures in the Auvergne-Rhône-Alpes region of France. The organization offers key services including advocacy, training, accompaniment, and networking to ESS actors such as project initiators, enterprises, and local authorities. The website reflects a professional and consistent brand presence with rich content and clear navigation, targeting stakeholders involved in social economy and regional development. Technically, the website is built on WordPress using Elementor and Yoast SEO, hosted by OVH sas. It employs Matomo analytics, indicating a privacy-conscious approach to user tracking. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain status protections, but lacks DNSSEC and explicit security headers, which are recommended for enhancement. No privacy or cookie policies were found, indicating a gap in GDPR compliance. Contact information is available via multiple verified company emails and a contact form. The domain registration is consistent with the organization's profile, showing legitimacy and appropriate domain age. No WAF or blocking mechanisms were detected, and the content is safe for general audiences. Overall, the website demonstrates strong business credibility and content quality but should improve privacy compliance and security hardening to enhance trust and regulatory adherence.

V

Virtual Visit s.r.o.

domovyonline.cz

48

Domovy online is a Czech Republic based service provider specializing in enhancing the online presentation of social service organizations. Their offerings include modern website creation, virtual tours, graphic design, and premium digital tools aimed at improving communication and operational efficiency for social service providers and regional governments. The company positions itself as a trusted partner with multiple regional government clients and a focus on GDPR compliance and accessibility. Technically, the website employs a modern tech stack including jQuery, Nette Framework, Google reCAPTCHA, and Cookiebot for consent management, ensuring a secure and user-friendly experience. Security posture is strong with HTTPS, secure forms, and no visible vulnerabilities, though explicit privacy and security policies are not published. Overall, the website is professional, accessible, and well-structured, supporting the company's credibility and market position.

A

Association de l'aluminium du Canada

veritesurlalu.quebec

47

The website 'La vérité sur l'alu' is operated by the Association de l'aluminium du Canada, an industry association representing Canadian primary aluminium producers. The site focuses on promoting sustainable aluminium production in Quebec and Canada, highlighting the industry's low carbon footprint and economic contributions. It serves as an educational platform with interactive content such as quizzes to dispel myths about the aluminium industry. Technically, the website is built on WordPress using the Salient theme and WPBakery page builder, incorporating modern JavaScript libraries and SEO tools like Yoast. The site is hosted likely via GoDaddy, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled, but lacks some security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

L

Les Bricos du Cœur

bricosducoeur.org

49

Les Bricos du Cœur is a French non-profit association founded in 2013 dedicated to supporting social aid organizations by organizing solidarity renovation projects, managing donations of materials, and operating a solidarity hardware store. The website reflects a well-established organization with a clear mission to improve the living and working environments of social structures such as associations, foundations, hospitals, and EHPADs. Their market position is strengthened by over 1200 completed projects and a network of engaged partners. Technically, the site is built on WordPress with modern libraries and performance optimizations, ensuring good user experience and mobile responsiveness. Security posture is strong with HTTPS, security headers, and anti-bot protections, although explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with visible cookie consent and privacy policy. Overall, the site is professional, trustworthy, and well-aligned with its non-profit mission.

M

meta4

meta4.cz

44

Meta4 is a small graphic design and signmaking business based in the Czech Republic, offering a range of visual branding and advertising services including logo design, corporate identity, web design, 3D graphics, and advertising production. The website content is minimal and indicates the site is closed, but it still presents a portfolio and service descriptions targeting businesses seeking creative visual solutions. Technically, the site uses common frontend technologies such as Bootstrap, FontAwesome, and jQuery plugins, with moderate performance and basic mobile optimization. Security posture is weak due to lack of HTTPS verification, missing security headers, and absence of privacy or cookie policies. The WHOIS data is unavailable, which raises concerns about domain registration transparency and legitimacy. Overall, the site shows basic professionalism but lacks critical compliance and security features.

The website at kr-moravskoslezsky.cz is currently inaccessible, returning a minimal HTML page with a 'Http/1.1 Service Unavailable' message. This indicates a server-side issue or content blocking, preventing any meaningful content or metadata extraction. Due to this, no business information, contact details, or security policies are available for analysis. The lack of accessible content severely limits the ability to assess the company's market position, services, or technical infrastructure. The website's digital maturity appears very low given the absence of accessible content and security features. Security posture cannot be properly evaluated due to lack of data, but the absence of HTTPS and security headers is a critical concern. Overall, the site presents a high risk of poor user trust and compliance issues until accessibility and security are improved.

L

La Solitaire du Figaro Paprec

lasolitaire.com

49

The website www.lasolitaire.com is a small-scale site built on the Wix platform, primarily serving French-speaking users. The site lacks substantive business content, contact information, and legal policies such as privacy or cookie policies. Technically, it uses standard Wix scripts and polyfills, indicating a basic but functional technical infrastructure. Security posture is minimal with no detected security headers or incident response information, and privacy compliance is poor due to missing policies and consent mechanisms. Overall, the site appears to be a basic Wix-hosted site with limited business presence and transparency.

M

město Dobříš

mestodobris.cz

47

The website mestodobris.cz serves as the official online presence of the town of Dobříš, Czech Republic. It provides comprehensive information about the municipality, including local government activities, public services, events, and community resources. The site targets residents, visitors, and stakeholders interested in municipal affairs and local culture. The business model is that of a government entity providing public information and services digitally, with a well-established market position supported by a domain registered since 2003. Technically, the website employs a modern CMS platform (vismo), integrates Google Analytics and Google Tag Manager for analytics, and uses LimeTalk for live chat support. The site is mobile-optimized, accessible, and includes cookie consent mechanisms aligned with GDPR requirements. Hosting is provided by REG-ZONER, a reputable registrar and hosting provider. From a security perspective, the site enforces HTTPS and uses consent-based analytics tracking. However, explicit security headers are not clearly visible in the HTML source, and no published security policy or incident response contacts were found. No vulnerabilities or suspicious content were detected, and the WHOIS data confirms the domain's legitimacy and consistency with the municipal identity. Overall, the website demonstrates a solid digital presence with good privacy compliance and user engagement features. Strategic improvements could include publishing a formal security policy, enhancing security headers, and providing incident response contact information to strengthen trust and security posture further.

S

Salon LES THERMALIES

thermalies.com

43

Salon LES THERMALIES operates as a leading organizer of wellness and health events focused on water-based therapies and well-being in France, with key events scheduled in Paris and Lyon for 2026. The website presents a professional and consistent brand image, supported by active social media channels and association with SPAS Organisation, a recognized entity in the sector. The business model centers on event organization and visitor engagement through free entry and dedicated exhibition sites. Technically, the website is built on a modern WordPress CMS platform using Elementor and SEO plugins, ensuring good SEO and mobile responsiveness. Analytics are implemented via Google Analytics and Facebook Pixel, indicating moderate user tracking. Security posture is generally good with HTTPS enforced, but lacks visible security headers and formal privacy or cookie policies, which are critical for compliance and user trust. WHOIS data is missing, which raises some legitimacy concerns, though the website's professional presentation and external partnerships mitigate this risk. Overall, the site is functional and credible but would benefit from enhanced transparency and security practices.

S

Salon professionnel medFEL

medfel.com

45

medFEL is a professional trade show and conference organizer specializing in the fruits and vegetables sector, primarily serving the French and international markets. The website promotes the annual event scheduled for April 2025, targeting industry professionals including exhibitors and visitors. The business is well-established, with a domain registered since 2008, indicating maturity and stability in the market. The company provides key services such as event hosting, exhibitor support, and conference programming, positioning itself as a key player in the agricultural trade event space in France.

C

COOPERER POUR ENTREPRENDRE

cooperer.coop

48

Coopérer Pour Entreprendre is a French cooperative group focused on collective entrepreneurship, particularly supporting Cooperatives of Activity and Employment (CAE). With over 20 years of experience and 66 members including 50 CAEs, it provides key services such as the open-source enDI management software, social impact measurement, and programs like Flashcoop. The website is professionally designed using WordPress and integrates privacy-respecting analytics via Matomo. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. The domain registration data aligns well with the business claims, supporting legitimacy.

B

Bílý kruh bezpečí, z.s.

bkb.cz

46

Bílý kruh bezpečí, z.s. is a well-established Czech non-profit organization dedicated to providing professional, free, and confidential support to victims of crime and domestic violence. With over three decades of experience, it operates multiple regional offices across the Czech Republic and offers helpline services, counseling, and prevention projects. The website reflects a mature organization with a clear mission and target audience including victims, social workers, and law enforcement. Technically, the site uses modern web technologies such as jQuery, Foundation framework, and integrates Google Analytics with IP anonymization to respect user privacy. However, the absence of explicit privacy and terms of service pages and missing WHOIS data slightly reduce trustworthiness. Security posture is moderate with HTTPS enforced but lacks visible security headers. Overall, the site is accessible, professionally designed, and provides comprehensive contact information and social media presence, supporting its credibility.

C

Centrum pro dětský sluch Tamtam, o. p. s.

tamtam.cz

47

Centrum pro dětský sluch Tamtam, o. p. s. is a Czech non-profit organization dedicated to supporting families with children who have hearing impairments. The website clearly targets this audience, providing resources, information, and community support. The organization maintains a professional online presence with consistent branding and active social media channels on Facebook and Instagram. The business model is focused on advocacy and support rather than commercial activities, positioning it as a trusted entity within its niche in the Czech Republic. Technically, the website employs modern web technologies including Bootstrap for responsive design, Google Fonts for typography, and Google Maps API for location services. Google Analytics is used for visitor tracking, indicating a moderate level of digital maturity. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, reflecting awareness of privacy regulations such as GDPR. However, explicit security headers are not detected, and no public security policy or incident response information is available. The absence of WHOIS data for the domain is a concern, as it reduces trust in the domain's legitimacy. Despite this, the website content and contact information appear legitimate and professional. Overall, the website scores well in content quality, technical implementation, and privacy compliance, but the lack of WHOIS transparency and some security best practices slightly reduce its security posture. Strategic recommendations include improving security headers, publishing a security policy, and verifying domain registration details to enhance trust and compliance.

C

Centrum sociálních služeb Ostrava, o.p.s.

css-ostrava.cz

49

Centrum sociálních služeb Ostrava, o.p.s. is a well-established non-profit organization founded in 2006, providing a broad range of social services primarily in the Czech Republic. Their services focus on supporting families, children, and individuals in difficult social situations through shelters, crisis centers, family counseling, and social activation programs. The organization maintains a professional web presence with clear navigation and multiple physical locations integrated via Google Maps, enhancing accessibility for their target audience. The website encourages donations and donations with tax deduction benefits, indicating a transparent and community-focused business model. Technically, the website uses modern JavaScript libraries such as Swiper.js and Google Maps API, along with Google Tag Manager for analytics, reflecting a moderate level of digital maturity.

C

Centrum sociálních služeb Poruba, příspěvková organizace

cssporuba.cz

40

Centrum sociálních služeb Poruba is a Czech public contributory organization established in 2004 by the municipal district of Ostrava-Poruba. It provides a range of social services including care services, day centers, homes for mothers with children, and asylum facilities. The organization targets residents of Ostrava-Poruba and vulnerable populations requiring social support. The website reflects a government-affiliated entity with clear contact information and service descriptions, positioning it as a local social service provider. Technically, the website employs standard and widely used web technologies such as Bootstrap, jQuery, and Flexslider, ensuring a responsive and user-friendly experience. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No CMS or hosting provider information is evident, and no analytics or tracking scripts are detected, indicating minimal user tracking. From a security perspective, the site lacks visible security headers and privacy/cookie policies, which are important for GDPR compliance and user trust. The WHOIS data is missing, which raises concerns about domain registration transparency, although the website content and business information appear legitimate. No forms or input fields are present on the analyzed page, reducing attack surface but also limiting user interaction. Overall, the website is functional and professional but would benefit from improved security practices, privacy compliance, and domain registration transparency to enhance trust and compliance posture.

S

Salesiáni Dona Bosca Ostrava

boscoostrava.cz

48

Salesiáni Dona Bosca Ostrava is a local non-profit organization focused on youth and community engagement in Ostrava, Czech Republic. The website serves as an information portal for their activities including youth clubs, workshops for schools, accommodation, and church services. The organization maintains a consistent brand presence with official contact emails and social media channels, supporting community outreach and engagement. Technically, the website is built on WordPress using modern plugins and frameworks such as Bootstrap and Smart Slider 3, providing a responsive and user-friendly experience. Security measures include HTTPS enforcement and Google reCAPTCHA integration, although some security headers are missing. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a dedicated privacy policy page. The absence of WHOIS data limits domain trust verification, but the overall digital footprint and content quality support the legitimacy of the organization. Strategic recommendations include enhancing security headers, publishing a privacy policy, and improving accessibility features to strengthen compliance and trust.

K

KAFIRA o.p.s.

kafira.cz

41

KAFIRA o.p.s. is a Czech non-profit organization dedicated to assisting people with visual impairments, with a history of over 20 years. The website reflects this mission clearly, targeting individuals with visual disabilities and offering support and community services. The organization appears to be well-established within its niche, focusing on social assistance rather than commercial activities. Technically, the website is built on WordPress, utilizing common web technologies such as jQuery, Google Analytics, and Google Tag Manager. The site is mobile-optimized and has a good design quality, though accessibility features could be enhanced further to better serve its target audience. Security-wise, the site uses HTTPS and has a basic SSL configuration, but lacks important security headers and visible privacy or cookie policies, which are critical for compliance and user trust. The absence of WHOIS data limits transparency but is not uncommon for non-profit entities using privacy protection services. Overall, the website is functional and professional but would benefit from improved privacy compliance and security hardening.

Mikasa.cz is the official Czech Republic representative and retailer of Mikasa sports balls and accessories, specializing in volleyball, beach volleyball, water polo, and basketball equipment. The company, DASSAR s.r.o., has been operating since 2004 and offers products approved by international sports federations including FIVB and WORLD AQUATIC. The website is built on WordPress with WooCommerce, providing an e-commerce platform for direct sales. The technical infrastructure is modern and includes common libraries and frameworks such as jQuery, Bootstrap, and Font Awesome, hosted likely by WEDOS, a Czech hosting provider. Security posture is adequate with HTTPS enforced and no exposed sensitive data, but lacks advanced security headers and published security policies. Privacy compliance is partial, with no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and well-branded, targeting sports professionals and enthusiasts in the Czech market.

R

Renarkon

renarkon.cz

47

Renarkon is a well-established Czech non-profit organization specializing in the prevention and treatment of addiction. Operating since 2003, it serves primarily the Moravian-Silesian region, offering a range of services including addiction treatment, accredited education for professionals, and participation in European projects. The organization maintains a transparent funding model with visible donation options and certifications, positioning itself as a trusted regional leader in healthcare services related to addiction. Technically, the website is built on WordPress with modern plugins such as Spectra Pro and Complianz GDPR for cookie management, ensuring compliance with European privacy laws. The site demonstrates good performance, mobile optimization, and basic accessibility features. Hosting appears to leverage Redis caching for enhanced speed. The technical infrastructure supports a professional online presence with clear navigation and relevant content. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, reflecting a good security posture. However, it lacks explicit security policies, incident response contacts, and advanced security headers, which are recommended for further strengthening. No vulnerabilities or suspicious activities were detected in the content or scripts. Overall, Renarkon’s website reflects a credible, professional, and compliant organization with a strong focus on user privacy and content quality. Strategic improvements in security transparency and incident response readiness would enhance trust and resilience against emerging threats.

C

Coinmate s.r.o

rr-moravskoslezsko.cz

43

Coinmate s.r.o operates a leading European cryptocurrency exchange platform, primarily serving the Czech and Slovak markets with unique EUR and CZK trading pairs. Founded in 2014, the company offers a range of services including quick buy, recurring buy via dollar-cost averaging, a professional trading platform integrated with TradingView, and API access for automated trading. The business positions itself as a secure and trusted exchange with a decade of operational history and a strong focus on compliance and customer support in English and Czech. Technically, the website is built on modern Angular framework with integrations for analytics and marketing tools, and it demonstrates good mobile optimization and SEO practices. Security-wise, Coinmate maintains an excellent posture with HTTPS enforcement, ISO 27001 certification, advanced custody infrastructure, and separation of client funds from operating expenses. However, explicit incident response and vulnerability disclosure policies are not publicly available, which could be improved. Overall, the website and business present a high level of professionalism, trustworthiness, and compliance suitable for a financial services provider in the cryptocurrency sector.

T

Tyfloservis o. p. s.

tyfloservis.cz

44

Tyfloservis o. p. s. is a Czech non-profit organization dedicated to supporting individuals with severe visual impairments by providing information, support, and skills training to promote independent living. The website is professionally designed using WordPress with the Divi theme and incorporates SEO best practices via the Yoast SEO plugin. The content is relevant and targeted specifically at visually impaired persons seeking rehabilitation services. Technically, the site is moderately performant and mobile-optimized, with good accessibility features. Security posture is adequate with HTTPS enabled, but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. The absence of WHOIS data limits domain trust verification, but the website's professional presentation and clear mission support its legitimacy. Overall, the site is safe for general audiences and serves an important social function.

A

ANIMA VIVA z.s.

animaviva.cz

44

ANIMA VIVA z.s. is a Czech non-profit organization established in 2002, dedicated to providing social services and support to persons with disabilities, particularly those with mental and intellectual disabilities. The organization operates primarily in the Moravian-Silesian region and offers registered social services including social counseling, social rehabilitation, and employment opportunities through sheltered workplaces. Their mission focuses on social inclusion, improving quality of life, and destigmatizing disabilities. The website reflects this mission with relevant content and a clear target audience of disabled persons and their families. Technically, the website uses a modest technology stack including jQuery, bxSlider, lightbox, Google Analytics, and Google Tag Manager. It implements cookie consent mechanisms aligned with GDPR requirements and uses HTTPS for secure communication. However, the site lacks advanced security headers and accessibility features, and the performance and mobile optimization are basic. The absence of WHOIS data and explicit contact emails or phone numbers on the site slightly detracts from the overall trustworthiness. From a security perspective, the site shows good privacy compliance with GDPR statements and cookie consent but could improve by adding security headers and a vulnerability disclosure policy. No critical vulnerabilities or malware indicators were found. The missing WHOIS data is a concern and should be investigated to confirm domain legitimacy. Overall, ANIMA VIVA z.s. presents as a legitimate, mission-driven non-profit with a functional website that meets basic privacy and security standards. Strategic improvements in security posture, contact transparency, and technical modernization would enhance trust and user experience.

A

Association for Comprehensive NeuroTherapy

latitudes.org

47

The Association for Comprehensive NeuroTherapy operates a well-established website focused on natural and integrative approaches to neurological and behavioral problems. The organization targets parents, teachers, and individuals seeking educational resources, offering memberships, digital products, and community forums. The website is positioned as a niche non-profit with a strong content offering and active social media presence. Technically, the site is built on WordPress with a modern theme and plugins, including Bootstrap and jQuery. It is mobile-optimized and SEO-friendly, employing structured data for enhanced search visibility. The hosting provider is not explicitly identified, but the domain is registered with GoDaddy and has a long history dating back to 1997. From a security perspective, the site uses HTTPS and reCAPTCHA, but lacks DNSSEC and explicit security headers, which are recommended for improved protection. No privacy or cookie policies were found, indicating a gap in compliance with privacy regulations such as GDPR. User tracking is moderate via Google Analytics and social sharing tools. Overall, the website is credible and professional but would benefit from enhanced privacy compliance and security hardening to better protect users and improve trustworthiness.

K

Kabubu

kabubu.fr

48

Kabubu is a French non-profit association dedicated to promoting the social and professional inclusion of exiled individuals through the power of sport. The organization offers weekly sports activities, training programs, and workshops aimed at fostering friendship and integration. Their market position is niche, focusing on social inclusion within France, supported by partnerships with recognized organizations and media outlets. Technically, the website is built using modern frameworks such as React and Ionic, with good mobile optimization and moderate performance. Security posture is solid with enforced HTTPS and absence of trackers, though it lacks some security headers and formal privacy documentation. Overall, the site is professional and trustworthy, but the absence of WHOIS data and privacy policies slightly reduce credibility. Strategic improvements in privacy compliance and security headers would enhance trust and compliance.

E

En Boîte Le Plat

enboiteleplat.fr

46

En Boîte Le Plat is a French initiative dedicated to promoting the use of reusable and returnable glass containers to reduce disposable packaging waste in the take-away food sector. The project targets a diverse audience including restaurant professionals, event organizers, citizens, local communities, and enterprises. It operates as a collective model supported by local teams and a national coordinating body, emphasizing environmental sustainability and waste prevention. The website reflects a niche, environmentally conscious non-profit or collective with a growing presence across multiple French territories. Technically, the website is built using modern frontend technologies such as React and the Ionic framework, incorporating Google Fonts and Material Icons for design consistency. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. Performance is moderate, with no major technical issues detected. However, accessibility features are basic and SEO optimization could be improved. From a security perspective, the site enforces HTTPS and avoids the use of cookies or trackers that require user consent, which is a positive privacy practice. Nonetheless, it lacks important security headers such as Content-Security-Policy and X-Frame-Options, and does not provide a privacy policy or terms of service, which are critical for compliance and user trust. No vulnerabilities or exposed sensitive data were detected, but the absence of these policies and headers suggests room for improvement in security posture. Overall, the website is trustworthy and professional, though the lack of WHOIS data and domain registration details slightly reduce the domain trustworthiness score. The site is safe for general audiences, with no adult or questionable content. Strategic recommendations include adding comprehensive privacy and security policies, implementing security headers, and enhancing accessibility and SEO to strengthen compliance and user confidence.