High-risk security reports

The website gemeinwohlprojekte.at operates as a crowdfunding platform dedicated to financing projects that promote the common good, including sustainable development, social initiatives, and ecological projects primarily in Austria. It offers services such as project submission, support, and verification, targeting individuals and organizations interested in social impact investments. The platform is built on TYPO3 CMS and integrates Piwik/Matomo analytics with privacy-conscious settings. The site features secure login and registration forms with password encryption and provides clear privacy and cookie policies compliant with GDPR. Social media presence is established on Facebook, YouTube, and Twitter, enhancing community engagement. However, the absence of WHOIS data for the domain raises some concerns about domain registration transparency.

A

Association Mieux Vivre

foirebiogorcy.eu

43

The website foirebiogorcy.eu represents the Foire Bio de Gorcy, an annual organic fair held in Gorcy, France, organized by the independent association Mieux Vivre since 1996. The event targets visitors and exhibitors interested in organic products from France and neighboring countries, offering free entry and promoting local producers. The site is built on WordPress using Astra theme and Elementor, with standard plugins for forms, cookie consent, and Google reCAPTCHA. While the site is functional and well-structured, it lacks a formal privacy policy and terms of service pages, and the Google Analytics plugin is present but not configured. Security posture is adequate with HTTPS and reCAPTCHA but could be improved with additional headers and policies. Overall, the site is trustworthy and serves its purpose effectively with room for compliance and security enhancements.

S

salons ZEN & BIO

salon-zenetbio.com

46

The website salons ZEN & BIO operates as an event organizer specializing in ecological, organic, wellness, and healthy habitat salons primarily in France, with events in Nantes, Lyon, and Angers. The business model focuses on organizing and promoting these niche events, targeting environmentally conscious consumers and exhibitors. The site is supported by SPAS Organisation, indicating a structured parent company backing. The website content is well-structured, professionally designed, and optimized for SEO, with clear event information and calls to action for exhibitors. Social media presence and partner logos enhance credibility. Technically, the site is built on WordPress using Elementor and several plugins for SEO, event management, advertising, and social media integration. It employs modern web technologies and includes consent management for GDPR compliance. Performance is moderate with good mobile optimization. Security posture is adequate with HTTPS and consent mechanisms but lacks explicit security headers and detailed security policies. Security-wise, no critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS data and domain registration details raises concerns about domain legitimacy and ownership transparency. The site lacks direct contact emails and phone numbers, which could impact trust. Privacy and cookie policies are present and integrated with a consent platform, supporting GDPR compliance. Overall, the website presents a professional and trustworthy front for its business niche but would benefit from improved transparency in domain registration, enhanced security headers, and clearer contact information to strengthen trust and compliance.

The website salons-bienetre.com represents Agence Plan B, an organizer of wellness fairs in France, targeting individuals interested in health, relaxation, and natural products. The site promotes events in multiple cities with dates and venues, providing a contact form and social media links for engagement. Technically, the site is built on WordPress using the Divi theme, leveraging standard web technologies such as jQuery and Google Fonts. The site is served over HTTPS, ensuring encrypted communication, and includes a captcha-protected contact form to mitigate spam. However, the absence of WHOIS data for the domain raises concerns about transparency and domain legitimacy. No privacy or cookie consent mechanisms were detected, which may impact compliance with privacy regulations. Security headers are not present, indicating room for improvement in security posture. Overall, the website is functional, professionally designed, and provides relevant content for its audience, but lacks some critical compliance and security features.

M

ME-METAL

me-metal.cz

47

ME-METAL is a Czech manufacturing company specializing in precision milling and turning of parts primarily from aluminum alloys, steel, and plastics. Founded in 1994 and operating from a large facility near Chomutov, the company focuses on small batch and custom production, serving both domestic and international clients. Their business model includes full production services with in-house transport for delivery. The website reflects a stable and established market position with over 30 years of experience and a consistent brand presence. Technically, the website is built using Nicepage site builder with standard web technologies including HTML5, CSS3, JavaScript, and jQuery. Hosting is likely provided by WEDOS, consistent with the registrar and nameservers. The site is mobile optimized and SEO friendly, though accessibility features are basic. No advanced analytics or advertising tools are detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS (inferred though not explicitly confirmed), includes GDPR and cookie consent mechanisms, but lacks explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the website presents a professional and trustworthy image with good content quality and privacy compliance. Security posture is moderate with room for improvement in security headers and incident response transparency. The risk level is low, but strategic enhancements in security documentation and technical hardening are recommended.

P

PKS servis spol. s r. o.

pks-hydraulika.cz

48

PKS servis spol. s r. o. is a Czech Republic-based company specializing in the development, manufacturing, sales, and servicing of hydraulic machines, central lubrication systems, and pneumatics. The company operates multiple divisions and partner sites, indicating a diversified business model focused on industrial B2B clients. Their website reflects a professional and consistent brand presence with clear service offerings and certifications such as ISO 9001, positioning them as a reputable regional player in manufacturing and hydraulic services. Technically, the website employs modern frontend technologies including Bootstrap 5, jQuery, and cookie consent management tools, ensuring a responsive and user-friendly experience. The site is well-optimized for SEO and mobile devices, though some accessibility features could be improved. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks visible security headers and explicit security policies on the site. The absence of WHOIS data for the domain is a notable concern, reducing trustworthiness from a domain registration perspective. However, the website content, contact information, and business certifications support the legitimacy of the company. No signs of WAF or content blocking were detected, allowing full content analysis. Overall, the site demonstrates a solid business and technical foundation with room for improvement in security best practices and domain transparency. Strategic recommendations include enhancing security headers, publishing security policies, and verifying domain registration details to strengthen trust and compliance.

Kristy z Ostravy is a small freelance marketing specialist business based in Ostrava, Czech Republic, founded in 2024. The website presents professional marketing services including strategy, online marketing, and event support targeted at local firms and entrepreneurs. The business positions itself as a local expert with a passion for Ostrava and marketing. Technically, the website is built on WordPress using the Astra theme, integrating modern marketing and analytics tools such as Google Tag Manager and Hotjar. Cookie consent is implemented, indicating awareness of privacy compliance, though no explicit privacy policy or terms of service pages were found. Security posture is good with HTTPS enabled and no exposed sensitive data, but could be improved by adding explicit security headers and incident response information. Overall, the website is professional, well-branded, and trustworthy with moderate SEO and mobile optimization.

H

Holka z Ostravy

holkazostravy.cz

47

Holka z Ostravy is a small Czech-based personal brand and business operated by Miluše Koštialiková, focusing on content creation, video marketing, social media training, event management, and custom painting services. The website presents a professional image with good content quality and consistent branding, targeting small businesses and marketers seeking marketing and video production services. Technically, the site is built on WordPress using the Nicepage plugin, with integration of Google Analytics and Tag Manager for tracking. The site is mobile optimized and has moderate performance. Security posture is adequate with HTTPS enabled and IP anonymization in analytics, but lacks security headers and formal privacy or cookie policies. No contact emails or phone numbers are explicitly provided, which may impact user trust and compliance. Overall, the domain registration data aligns well with the website content, supporting legitimacy.

Grill & Golf events z.s. is a small non-profit organization based in the Czech Republic focused on organizing recreational events related to grilling and golf, including operating the Minigolf Poruba facility. The website is minimalistic, providing basic company identification and social media links but lacks detailed business or compliance information. Technically, the site uses Google Analytics for visitor tracking but does not implement advanced security headers or privacy policies, indicating a low level of digital maturity. The absence of WHOIS registration data for the domain is a significant concern, reducing trustworthiness and raising questions about domain legitimacy. Overall, the security posture is weak with no evident incident response or data protection measures. Strategic improvements in security, privacy compliance, and transparency are recommended to enhance trust and operational resilience.

R

RFM

rfm.fr

44

RFM is a well-established French radio station with a strong digital presence offering live streaming, music news, podcasts, contests, and video content. The website targets French-speaking audiences interested in music and entertainment. Technically, the site uses modern web technologies including JavaScript frameworks and CDNs under the lanmedia.fr domain, indicating corporate hosting and infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and uses privacy and cookie consent mechanisms, but lacks explicit security headers and detailed security policies. WHOIS data is unavailable, which reduces transparency but the site’s professional appearance and active content suggest legitimacy. Overall, the site scores well on content quality, technical implementation, privacy compliance, and business credibility, with room for improvement in security posture and transparency.

L

Le Blog Bio LifeStyle

leblogbio.fr

47

Le Blog Bio LifeStyle operates as an independent French lifestyle media platform focusing on healthy, eco-friendly living, zero waste, and Made in France products. Founded in 2017, it targets French-speaking audiences interested in sustainable lifestyle choices. The website offers articles, product reviews, affiliate marketing partnerships, and a newsletter subscription service. It maintains a consistent brand image and leverages social media channels for audience engagement. Technically, the site is built on WordPress using Elementor and Astra theme, with performance optimizations via WP Rocket and SEO enhancements through Yoast. The hosting and domain registration are consistent with the French market, enhancing trustworthiness. Security posture is good with HTTPS and some security headers, but could be improved with stricter CSP and additional headers. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, aligning with GDPR requirements. Overall, the site presents a professional, trustworthy, and user-friendly experience with moderate tracking and advertising typical for media sites.

A

Alterrenat Presse

alterrenat.com

41

Alterrenat Presse operates as a niche French e-commerce platform specializing in the sale of alternative and organic lifestyle books and magazines. The website presents a professional and consistent brand image, targeting French-speaking consumers interested in organic agriculture, well-being, and alternative education. The business model centers on online retail and subscriptions, with additional services including event participation and advertising. Technically, the site is built on PrestaShop CMS, leveraging common JavaScript libraries and responsive design for good user experience. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacking advanced security headers and vulnerability disclosure mechanisms. The absence of WHOIS registration data is a notable concern, potentially indicating privacy protection or registration issues, which slightly reduces trustworthiness. Overall, the site is functional, compliant with GDPR, and safe for general audiences.

Biocontact.fr is the online presence of Biocontact, a French independent monthly magazine focused on organic products, health, and wellness since 1991. The website serves as a content hub offering articles, event calendars for organic salons, product information, and subscription services. It targets French-speaking consumers interested in organic lifestyle and wellness. The business model relies on free distribution in organic stores supported by advertising and event promotions. Technically, the site uses modern JavaScript libraries and the Foundation CSS framework, hosted by OVH, a reputable provider. The site is mobile-optimized and SEO-friendly but could improve accessibility and security headers. Security posture is good with HTTPS and secure forms, though no explicit security or incident response policies are published. Privacy and cookie policies are present and GDPR compliant. WHOIS data confirms domain legitimacy with consistent registration details and long domain age. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

S

Socialter

socialter.fr

44

Socialter is a French bimestrial magazine focusing on radical social critique and ecological alternatives. It operates primarily through print magazine sales, subscriptions, and donations, targeting a general audience interested in social justice and ecological issues. The website is professionally designed with excellent content quality and clear navigation, supporting a strong brand presence in the French media niche. Technically, the site uses modern web technologies including Google Tag Manager, Facebook Pixel, and Bootstrap, ensuring good mobile optimization and SEO. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. WHOIS data is unavailable, which slightly impacts trust but the active and updated website with social media presence supports legitimacy. Overall, the site is safe, compliant with GDPR, and trustworthy for its audience.

The website at communspaysans.org currently serves as a simple directory listing with no substantive business content or branding. The domain is very recently registered (April 2024) via OVH sas without privacy protection, but the lack of detailed registrant information and minimal website content raises questions about the site's maturity and legitimacy. Technically, the site lacks HTTPS, security headers, and exposes sensitive files through directory listing, indicating poor security posture. No privacy, cookie, or terms of service policies are present, and no contact information is provided, which further diminishes trust and compliance standing. Overall, the site appears to be in an early or placeholder state with significant improvements needed to meet basic security, privacy, and business credibility standards.

T

Terre et Humanisme

terre-humanisme.org

49

Terre et Humanisme is a well-established French non-profit association dedicated to promoting agroecology and permaculture through education, solidarity projects, and expertise. With over 30 years of activity, it serves both individuals and professionals, leveraging a strong network of partners and animators. The website is professionally designed, content-rich, and provides multiple engagement channels including training, immersion stays, and an online store. Technically, the site is built on WordPress with modern plugins and integrations such as Google reCAPTCHA and Sendinblue for newsletters, hosted by Nuxit. Security posture is good with HTTPS and consent mechanisms, though improvements like DNSSEC and CSP headers are recommended. Overall, the site is trustworthy, compliant with GDPR, and provides a positive user experience.

K

Kolektor

kolektorgradbenistvo.si

46

Kolektor Gradbeništvo is a construction-focused branch of the Kolektor group, operating primarily in Slovenia with a strong emphasis on infrastructure, high-rise buildings, and reinforced concrete structures. The company leverages its subsidiaries Kolektor Koling and Kolektor CPG to deliver comprehensive construction engineering services. The website reflects a mature business with a clear market position in the regional construction sector, targeting industry clients and potential employees. Technically, the site uses modern JavaScript libraries and tracking tools, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though it lacks explicit security headers and documented security policies. Overall, the site is professional, trustworthy, and safe for general audiences.

K

Kolektor Etra d.o.o.

kolektor-etra.si

48

Kolektor Etra d.o.o. is a well-established Slovenian company specializing in the production of power and generator transformers with capacities up to 500 MVA and voltages up to 420 kV. With over 90 years of tradition and a presence in more than 40 countries, the company holds a strong market position within the energy manufacturing sector. It operates as part of the KOLEKTOR group, offering specialized transformer solutions including off-shore applications. The website reflects a professional corporate presence with clear business information and relevant content tailored to industrial clients and energy sector stakeholders. Technically, the site is built on WordPress with modern plugins and frameworks, providing good mobile optimization and moderate performance. Security posture is solid with HTTPS and basic best practices, though there is room for improvement in security headers and explicit policies. Privacy compliance is basic with privacy and cookie policies present but lacking advanced consent mechanisms. Overall, the website is trustworthy and professionally maintained, supporting the company's credibility and business objectives.

The website at yfdnzfa.com presents minimal accessible content, primarily consisting of an invisible tracking pixel and an embedded iframe sourced from unrelated external domains. There is no visible business information, contact details, or user-facing content. The domain WHOIS data is suspicious, showing a creation date in the future (July 2025) and listing the registrar as PDR Ltd., a domain registrar service, without any registrant organization details. This raises concerns about the legitimacy and purpose of the domain. Technically, the site uses basic HTML and JavaScript but lacks modern security headers, DNSSEC, and privacy compliance mechanisms. The embedded third-party content suggests potential user tracking and profiling. Overall, the site appears to be a placeholder or a tracking intermediary rather than a legitimate business website.

ArtMoment is a newly launched business in Slovakia focused on offering creative workshops. The website serves primarily as a landing page to announce the upcoming launch and collect newsletter subscriptions, incentivizing sign-ups with a promotional 1+1 voucher. The business appears to be a small-scale operation targeting general consumers interested in creative activities. Technically, the website uses standard modern web technologies including Google Tag Manager and Facebook Pixel for marketing and analytics. Hosting is inferred to be with Wedos based on nameservers. Security posture is basic with no advanced headers or policies detected, and no privacy or cookie policies published, indicating room for compliance improvements. The domain registration is recent but consistent with the business launch timeline, supporting legitimacy. Overall, the site is safe, professional at a basic level, and suitable for general audiences.

G

Chat Button for Your Website: WhatsApp, ChatGPT, Messenger | GetButton

getbutton.io

49

GetButton.io is a technology company providing an all-in-one chat button solution that integrates popular messaging platforms such as WhatsApp, Messenger, Instagram, and AI-powered chatbots including Custom ChatGPT. The service targets website owners and businesses aiming to enhance visitor engagement through seamless chat interactions. With over 736,000 websites trusting their solution, GetButton.io holds a strong market position in the customer engagement SaaS sector. The company was founded in 2019 and operates with a medium-sized business profile based in Malta. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript with Knockout.js for UI bindings, and leverages Cloudflare for DNS and CDN services. The site is mobile-optimized, SEO-friendly, and integrates third-party services such as CookieYes for GDPR-compliant cookie consent and FastSpring for payment processing. Analytics are conducted via Yandex Metrica, with extensive user tracking managed through cookies and device scanning. From a security perspective, the website enforces HTTPS, employs clientTransferProhibited domain status, and provides a granular cookie consent mechanism. However, DNSSEC is not enabled, and explicit security policies or incident response contacts are not published. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, GetButton.io presents a professional and trustworthy digital presence with good privacy compliance and security posture. The absence of explicit privacy policy and terms of service documents on the main page is a notable gap. Strategic recommendations include enabling DNSSEC, publishing comprehensive privacy and security policies, and adding vulnerability disclosure information to enhance transparency and trust.

P

Pricemania s.r.o.

pricemania.sk

42

Pricemania s.r.o. operates a well-established Slovak price comparison website that aggregates offers from over 8,000 e-shops and more than one million products. The platform targets general consumers seeking to compare prices and find the best deals across a wide range of product categories. The website demonstrates a mature digital infrastructure with modern analytics, advertising, and cookie consent mechanisms integrated. Hosting is provided by a Slovak hosting provider, ensuring regional performance optimization. Security posture is strong with HTTPS enforced and standard security headers implemented, though explicit security policies and incident response contacts are not published. Overall, Pricemania presents a professional and trustworthy e-commerce service with good content quality and user experience.

E

Eugloh

eugloh.eu

40

EUGLOH is a European University Alliance focused on global health, uniting nine research-intensive universities to provide innovative education, research, and international collaboration opportunities. The website is professionally designed using TYPO3 CMS and integrates Matomo analytics with privacy-conscious settings. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though improvements are recommended in security headers and cookie consent mechanisms. The domain is privacy protected under EURid, which is typical for EU domains, and the website content strongly supports legitimacy and trustworthiness. Overall, the site serves as a comprehensive platform for students, academics, and partners engaged in global health education and research.

R

Rekonstrukce Morava

rekonstrukce-morava.cz

43

Rekonstrukce Morava is a small, regionally focused company specializing in interior and exterior reconstruction services, primarily in the Moravia region of the Czech Republic. Established since 1995, the company offers services including apartment and bathroom renovations, drywall installation, and masonry work. Their website presents a professional image with detailed service descriptions, customer testimonials, and clear contact information, targeting residential and commercial property owners seeking renovation services. Technically, the website is built on WordPress with modern plugins and is mobile optimized, though performance is moderate. Security posture is adequate with HTTPS enabled but lacks advanced security headers and visible privacy compliance documentation. The absence of WHOIS data for the domain raises concerns about domain legitimacy verification, though the business content appears genuine. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security practices.

R

RekoMal

rekonstrukce-rekomal.cz

43

RekoMal is a small, regionally focused company specializing in professional reconstruction services for apartments, bathrooms, and apartment cores primarily in Ostrava and the Moravskoslezský region of the Czech Republic. The company offers a comprehensive range of services including drywall installation, painting, custom furniture manufacturing, and family house construction. Their website demonstrates a good level of professionalism with clear contact information, customer testimonials, and certifications, positioning them as a trusted local service provider. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Tatsu page builder, and integrates Google Analytics and Facebook SDK for marketing and analytics. The site is mobile optimized and SEO friendly, though performance is moderate. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit privacy and cookie policies, indicating room for improvement in compliance and security best practices. The absence of WHOIS data reduces domain trust slightly, but the website content and business information appear legitimate and consistent with a small professional service provider. No security incidents or vulnerabilities are evident from the site content. Overall, the site presents a low-risk profile with recommendations to enhance privacy compliance and security headers. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, publishing a security.txt file for vulnerability disclosure, and improving incident response readiness to strengthen trust and compliance.

D

DK Akord Ostrava

dkakord.cz

48

DK Akord Ostrava operates as a cultural and social center located in Ostrava-Zábřeh, Czech Republic, offering a wide range of cultural events including concerts, theater performances, and educational courses. The organization also provides venue rental services and operates a restaurant, positioning itself as a regional hub for cultural and social activities. The website reflects a medium-sized enterprise with a professional digital presence, integrating modern web technologies and multiple analytics and marketing tools to engage its audience effectively. The business model focuses on event hosting, ticket sales, and community engagement through educational and cultural programming. Technically, the site is built on WordPress with Bootstrap and jQuery, supported by reputable third-party services for analytics and marketing, ensuring a good user experience across devices. Security posture is solid with HTTPS enforcement and GDPR-compliant cookie consent mechanisms, although there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, well-maintained, and compliant with relevant privacy regulations, serving its target audience effectively.

R

Restaurace Akord

restauraceakord.cz

41

Restaurace Akord is a hospitality business based in Ostrava, Czech Republic, offering restaurant dining, catering, and event hosting services including corporate events, weddings, and family celebrations. The website presents a professional image with detailed service descriptions, menus, and client logos, positioning the business as a reputable local venue with recognized beer quality. Technically, the site is built on WordPress using modern plugins and themes, optimized for SEO and mobile devices, with moderate performance and basic accessibility features. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but could improve compliance and security transparency.

T

Timac Agro

timacagro.lv

48

Timac Agro Latvia is a well-established agricultural company specializing in agronomic solutions and animal nutrition products, operating as part of the international Groupe Roullier. The company targets Latvian farmers and agricultural businesses, offering sustainable and innovative products and consulting services. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive product information. Technically, the site is built on WordPress with Elementor and WooCommerce, leveraging modern JavaScript libraries and CDN services for performance and scalability. Security posture is strong with HTTPS, Cloudflare DNS, and standard security headers, although some improvements like a Content-Security-Policy header and security.txt file could enhance it further. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy, professional, and aligned with its business objectives.

V

Vykupujeme-online.cz

vykupujeme-online.cz

44

The website vykupujeme-online.cz operates as an online buyback platform primarily focused on purchasing used books and various types of games from customers in the Czech Republic. Founded in 2021, it targets general consumers looking for a convenient and quick way to sell their unwanted items online. The business model revolves around providing an easy-to-use online interface for submitting items and receiving payment, positioning itself as a niche player in the local retail market for second-hand books and games. The website features a professional design with good SEO and mobile optimization, leveraging modern web technologies such as Nuxt.js and Google Tag Manager for analytics and tracking. However, it lacks explicit privacy, cookie, and terms of service policies, which are critical for compliance and user trust.

K

Kolektor Conttek GmbH

conttek.de

45

Kolektor Conttek GmbH is a well-established German manufacturer specializing in precision stamping, bending parts, pressfit, contact parts, metal-plastic composite parts, assemblies, and plastic parts primarily serving the automotive and electronics industries. With a 60-year history and integration into the international Kolektor group, the company holds a strong market position as a reliable B2B partner offering development, tooling, and automation services. The website reflects a professional corporate presence with detailed descriptions of technologies and competencies, targeting industrial clients. Technically, the site is built on TYPO3 CMS with modern frontend frameworks and includes a cookie consent mechanism, indicating a moderate level of digital maturity. Security posture is adequate but could be improved by adding explicit security policies, incident response contacts, and security headers. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact information and social media presence.

W

WebRex s.r.o.

webrex.eu

46

Mare Group CZ, formerly WebRex s.r.o., is a Czech-based technology company specializing in digital transformation, custom software development, automation, and integration services. With over two decades of experience, they serve a diverse client base across 32 industries, focusing on delivering tailored digital solutions that enhance business efficiency and decision-making. Their offerings include a modular platform called Avikana, AI-powered tools, and comprehensive project support from design to ongoing maintenance. Technically, the website employs modern web technologies such as Google Analytics and reCAPTCHA, ensuring secure and user-friendly interactions. However, the absence of WHOIS data and limited explicit privacy and cookie policies indicate areas for improvement in transparency and compliance. Overall, the company presents a professional and trustworthy digital presence with strong business credibility.

P

Plesenská Kafrárna

plesenskakafrarna.cz

42

Plesenská Kafrárna is a small social enterprise café and wine bar based in Ostrava – Plesná, Czech Republic, focused on community support, sustainability, and employing socially disadvantaged individuals. The business offers coffee, homemade cakes, and event spaces, positioning itself as a local community hub with a strong social mission. The website is built on WordPress with common web technologies such as jQuery, Bootstrap, and FontAwesome, providing a generally good user experience with moderate mobile optimization and basic SEO. However, a visible PHP fatal error in the theme code indicates technical issues that could affect site stability and user experience. Security posture is moderate with HTTPS enabled but lacking security headers and vulnerability disclosure mechanisms. Privacy compliance is weak due to the absence of privacy and cookie policies and no consent mechanisms. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional but requires technical and compliance improvements to enhance security and privacy standards.

R

Rostlinky.cz

rostlinky.cz

42

Rostlinky.cz is an established online garden retail business operating since 2001, primarily serving customers in the Czech Republic and Slovakia. The website offers a wide range of gardening products including seeds, bulbs, balcony plants, ornamental and fruit trees, shrubs, perennials, and gardening accessories. The business model is focused on e-commerce retail with an emphasis on fair and expert service. Technically, the website is built on the Magento platform, utilizing common web technologies such as jQuery, Prototype.js, and Bootstrap, and integrates marketing and analytics tools like Google Tag Manager and Facebook SDK. The site is secured with HTTPS and implements GDPR-compliant cookie consent mechanisms. However, the absence of WHOIS registration data and lack of explicit security headers slightly reduce the overall trust and security posture. Contact information is limited to a phone number and online forms, with no public company email addresses found. Overall, the website presents a professional and trustworthy front for its business, but domain registration transparency and enhanced security headers would improve its credibility and security stance.

F

Fathers Coffee Roastery

fathers.cz

47

Fathers Coffee Roastery is a small Czech Republic-based e-commerce business specializing in coffee roasting and sales. The website is built on WordPress using Elementor and WooCommerce, indicating a modern and flexible technical infrastructure. The site demonstrates good design quality, mobile optimization, and SEO practices, though it lacks explicit privacy and terms of service documentation. Security posture is adequate with HTTPS enabled, but could be improved by adding security headers and formal policies. No signs of malicious content or blocking mechanisms were detected, and the domain registration details align well with the business profile, supporting legitimacy. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and clearer contact information.

A

AGENTURA SCHOK, spol. s r.o.

shakespeare.cz

46

The website www.shakespeare.cz represents the Letní shakespearovské slavnosti (Summer Shakespeare Festival) organized by AGENTURA SCHOK, spol. s r.o., a medium-sized cultural event organizer based in the Czech Republic. The festival is well-established, attracting tens of thousands of visitors annually and supported by prominent partners such as the PPF Group. The site provides comprehensive information about the festival's program, ticketing, partners, and historical context, targeting theater enthusiasts and the general public interested in Shakespearean drama. Technically, the website employs modern front-end technologies including Bootstrap for responsive design, Google Custom Search Engine for site search, Facebook SDK for social integration, and FontAwesome for icons. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. Cookie consent mechanisms and a privacy policy are implemented, indicating compliance with GDPR requirements. From a security perspective, HTTPS is used as inferred from resource URLs, and cookie consent is managed with user options. However, no explicit security headers were detected in the HTML content, and no security policy or incident response contacts are published. The absence of WHOIS data reduces domain registration transparency, which slightly impacts trustworthiness. No vulnerabilities or exposed sensitive data were found in the content. Overall, the website is a professionally maintained cultural event platform with good content quality and privacy compliance. The main risk area is the lack of visible domain registration data and security policy disclosures. Strategic improvements in security headers, incident response information, and WHOIS transparency would enhance trust and security posture.

G

Galerie výtvarného umění v Ostravě, p. o.

gvuo.cz

49

Galerie výtvarného umění v Ostravě, p. o. is the oldest regional art gallery in Ostrava, Czech Republic, established in 1952. It operates as a non-profit cultural institution under the Moravskoslezský kraj (Moravian-Silesian Region) and offers art exhibitions, educational programs, virtual tours, and an e-shop. The website reflects a well-established institution with a clear focus on art and culture, targeting the general public and educational sectors. The business model is centered on cultural enrichment and public engagement rather than commercial profit. Technically, the website employs a modern technology stack including HTML5, CSS3, JavaScript libraries such as jQuery, Leaflet.js for maps, and Google Analytics for tracking. It uses the Shopnero CMS platform and is hosted by Active24. The site is mobile-optimized with good SEO practices and structured data enhancing search engine visibility. Performance is moderate with room for optimization. From a security perspective, the site uses HTTPS with a good SSL configuration and implements cookie consent mechanisms. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a clear privacy policy and GDPR adherence. Overall, the website is professional, trustworthy, and well-maintained, with a strong cultural and educational focus. Strategic improvements in security policies and accessibility could further enhance its posture and user trust.

S

STUDIO G

studiog.cz

40

STUDIO G is a small, independent drama theatre based in Ostrava, Czech Republic, founded in 2019. It offers a mix of original and classical theatrical performances, including children's theatre, poetry evenings, and concerts. The theatre collaborates with local professional actors and conservatory students, positioning itself as a cultural hub with growing local recognition. The website is built on Joomla CMS with modern front-end technologies and includes interactive sliders and social media integration. While the site is well-designed and mobile-optimized, it lacks critical privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enabled but missing security headers and incident response information. Overall, the domain registration and business information are consistent and trustworthy, reflecting a legitimate cultural organization.

D

Divadlo Petra Bezruče, s.r.o.

bezruci.cz

43

Divadlo Petra Bezruče, s.r.o. is a regional theatre company based in Ostrava, Czech Republic, providing theatrical performances, ticketing services, subscriptions, and cultural event hosting. The website serves as a portal for program schedules, ticket reservations, and company information, targeting local theatre audiences and cultural enthusiasts. The business operates with support from local government and cultural partners, positioning itself as a key cultural institution in the region. Technically, the website employs modern front-end technologies including Bootstrap, JavaScript libraries like WOW.js, and a cookie consent mechanism from TermsFeed. The site is mobile-optimized with responsive design and provides a user-friendly navigation experience. However, there is no evidence of a CMS or advanced analytics tools, and performance is moderate. From a security perspective, the site uses HTTPS but lacks visible security headers and published privacy or terms of service policies. Cookie consent is implemented with express consent, indicating some GDPR awareness. The absence of WHOIS data reduces domain trustworthiness, but the professional presentation and clear contact information mitigate some concerns. Overall, the website is functional and professional but would benefit from enhanced security practices, published privacy documentation, and WHOIS transparency to improve trust and compliance.

D

DOC.DREAM

dokrevue.cz

42

DOK.REVUE is a specialized Czech media outlet focused on documentary films, offering articles, podcasts, and cultural insights primarily to a Czech-speaking audience. Supported by national cultural institutions, it maintains a niche but reputable position in the documentary film community. The website is professionally designed with consistent branding and offers newsletter subscriptions and social media engagement to its audience. Technically, the site uses modern JavaScript libraries and lazy loading techniques to optimize performance and user experience. Security measures include HTTPS enforcement and Google reCAPTCHA integration for form protection, although some security headers are not evident in the provided data. Privacy compliance is addressed with a cookie consent mechanism and a linked privacy policy hosted on a partner domain. The absence of WHOIS data reduces domain trustworthiness, but the website content and external references support its legitimacy. Overall, the site scores well in content quality, technical implementation, and business credibility, with room for improvement in security headers and accessibility.

I

Inspirační fórum

inspiracniforum.cz

43

Inspirační fórum is a Czech non-profit platform associated with the International Documentary Film Festival Ji.hlava, focusing on societal, scientific, artistic, and political discourse. It serves as a hub for discussions, workshops, and projects that engage a diverse audience interested in contemporary global issues. The platform is supported by numerous reputable partners, including European institutions and cultural organizations, enhancing its credibility and reach. Technically, the website employs modern JavaScript libraries and is optimized for mobile devices, providing a smooth user experience. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. However, the absence of WHOIS data and explicit security headers slightly detracts from its overall trustworthiness. No critical security vulnerabilities or adult content were detected, making the site safe for general audiences.

The website themepanthers.com currently serves as a minimal landing page promoting 'Steelthemes', which offers pixel perfect WordPress themes targeted at creative professionals. The business appears to be small and relatively new, founded around 2020, with a focus on theme sales and distribution. The site content is very limited, lacking detailed business information, contact details, or user engagement features. Technically, the site is hosted on servers indicated by the nameservers mysecurecloudhost.com and registered via GoDaddy.com, LLC. There is no evidence of modern web technologies, security headers, or HTTPS enforcement, which indicates a low level of digital maturity and security posture. Security-wise, the absence of HTTPS, security headers, and privacy policies presents significant risks and compliance gaps. No incident response or vulnerability disclosure information is available, and no tracking or analytics tools are detected. Overall, the site is low trust and low professionalism, with critical recommendations to improve security, privacy compliance, and content richness.

techka s.r.o. is a small Czech Republic based company specializing in custom web and e-commerce development services, leveraging popular platforms such as WordPress and Shoptet. The company targets businesses and individuals seeking tailored website and online shop solutions. The website content is minimal but relevant, providing basic company information and links to partner projects. Technically, the site uses standard HTML and CSS with Google Fonts, but lacks advanced frameworks or CMS detection. Security posture is weak due to missing HTTPS confirmation, absence of security headers, and no visible privacy or cookie policies. The WHOIS data is unavailable, which reduces domain trustworthiness, though the website content and company details appear consistent with a legitimate small business. Overall, the site demonstrates basic digital maturity with room for improvement in security, privacy compliance, and technical sophistication.

Eadmin Cloud is a small Czech Republic-based technology company founded in 2021, specializing in delivering modular web components and eCommerce solutions such as product recommendation engines, payment gateways, and process automation tools. Their market position is niche, targeting businesses seeking to enhance or build eCommerce platforms with specialized components. The website content is professional and focused, with clear service offerings and pricing models presented in structured JSON-LD data. Technically, the site uses modern JavaScript ES modules and is hosted with Google Cloud DNS, but lacks visible CMS or frameworks. Performance and mobile optimization are moderate to basic, with room for improvement in accessibility and SEO. Security posture is average; while domain registration practices are sound and domain status flags protect against unauthorized changes, the site lacks DNSSEC, security headers, and published privacy or cookie policies. No forms or analytics scripts are detected, indicating minimal data collection and tracking. Overall, the site is trustworthy but could improve compliance and security transparency.

Centario, s.r.o. is a small Czech Republic-based company specializing in the development of web applications and projects. The website serves as a basic informational portal presenting company contact details, legal identifiers, and a brief description of services. The business appears to target local clients seeking web development services, positioning itself as a small but established player in the technology sector since 2011. The company provides clear contact information and legal registration data, supporting its legitimacy and trustworthiness. Technically, the website employs basic modern web technologies including Google Analytics and Google Tag Manager for tracking, and uses a Google font for styling. Hosting and domain registration are managed by WEDOS, a known Czech hosting provider. The site is simple with minimal content and no interactive forms, which reduces complexity but also limits user engagement. Performance and mobile optimization are basic but functional. SEO and accessibility features are minimal, indicating room for improvement in digital maturity. From a security perspective, the site lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance and user trust. The use of Google Analytics is configured to deny ad and analytics storage by default, showing some privacy consideration. No forms or user input fields reduce attack surface, but the absence of incident response contacts or vulnerability disclosure policies indicates limited security maturity. WHOIS data is consistent and transparent, reinforcing the domain's legitimacy. Overall, the website is safe and professional but basic, with moderate risk due to missing compliance documentation and security best practices. Strategic improvements in privacy compliance, security headers, and digital maturity would enhance trust and reduce potential vulnerabilities.

The website joinjfd.com is currently inaccessible to visitors, returning a 403 Forbidden error page. This indicates that access to the site or page is blocked or restricted, preventing any meaningful content or business information from being displayed. The domain is registered since 2020 with EuroDNS S.A. and uses SiteGround nameservers for hosting. However, the lack of accessible content, absence of privacy or cookie policies, and no contact information severely limit the ability to assess the business or security posture. Technically, the site shows no evidence of modern web technologies, analytics, or security headers, and the user experience is poor due to the access restriction. Overall, the site is not currently suitable for public or customer interaction and requires remediation to restore access and provide essential business and compliance information.

B

Broker Vision

brokervision.cz

30

Broker Vision is a professional insurance brokerage company based in the Czech Republic, specializing in industrial and commercial risk insurance with over 20 years of experience. The website presents a clear business focus on providing advantageous insurance contracts and comprehensive claims handling services. The company targets industrial and commercial clients seeking reliable insurance solutions. Technically, the website uses standard web technologies including jQuery, Owl Carousel, Google Fonts, and Google Analytics, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS usage but lacks advanced security headers and publicly available security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy but could improve transparency and security practices.

R

Renault

renew.ma

46

Renew Maroc operates as an official online platform for certified used Renault vehicles in Morocco, offering a comprehensive range of services including vehicle sales, financing, trade-in, assistance, and insurance. The website is professionally designed with clear navigation and targets Moroccan consumers interested in purchasing certified used Renault cars. Technically, the site leverages modern frameworks such as Vue.js and Nuxt.js, and integrates Google Tag Manager for analytics, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enforced and domain registration transparency, though improvements are recommended in security headers and privacy compliance mechanisms. Overall, the platform presents a trustworthy and professional presence in the Moroccan automotive market.

M

Mobilize Financial Services

mobilize-fs.ma

47

Mobilize Financial Services Maroc is a specialized financial services provider operating since 2005, focusing on automotive financing, insurance, and related services for Renault Group vehicles in Morocco. The company positions itself as a trusted partner offering innovative and comprehensive mobility solutions to both individual and professional customers. The website reflects a mature digital presence with professional branding, clear service offerings, and customer testimonials that reinforce trust. Technically, the website is built on WordPress with Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site is mobile optimized and includes SEO best practices, although performance is moderate. Security posture is good with HTTPS enforced and no obvious vulnerabilities, but could be improved by adding explicit security headers and formal incident response contacts. Overall, the site is accessible without WAF or blocking mechanisms, and privacy compliance is well addressed with clear policies and cookie consent. The lack of WHOIS data reduces domain trust slightly, but the strong brand association and content quality support legitimacy. Strategic recommendations include enhancing security headers, publishing incident response information, and improving transparency on contact details.

R

RUSCONA Česko

ruscona.cz

48

RUSCONA.cz is a professional e-commerce platform specializing in gel nail modeling products and accessories, targeting both professional nail technicians and consumers in the Czech Republic. The website offers a wide range of UV gels, gel polishes, polygels, and related tools, supported by educational courses and a strong brand presence. The site is built on the Shoptet e-commerce platform and integrates modern analytics and marketing technologies such as Google Analytics, TikTok Pixel, Facebook SDK, and Hotjar, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response information are not publicly available. The absence of WHOIS data limits domain trust assessment, but the professional presentation and comprehensive content suggest a legitimate and established business. Overall, the site demonstrates good technical implementation, privacy compliance, and business credibility.