High-risk security reports

P

Paris&Co

parisdelinnovation.fr

38

Le Paris de l'Innovation is an annual innovation event organized by Paris&Co and the City of Paris, held at the Hôtel de Ville. It serves as a major networking and business development platform for startups, investors, public institutions, and large companies focused on ecological, environmental, and social transition. The event offers startup meetups, demo spaces, conferences, workshops, and incubator networking opportunities. The website is professionally designed using WordPress with modern technologies and SEO best practices, providing good user experience and mobile optimization. Security posture is solid with HTTPS and no exposed sensitive data, though improvements are recommended in security headers and cookie consent mechanisms. WHOIS data is unavailable, which slightly reduces domain trust, but the official partnerships and event details support legitimacy. Overall, the website is a credible and well-maintained platform for innovation stakeholders in Paris.

L

Léčivé divadlo

lecivedivadlo.cz

43

Léčivé divadlo is a small Czech theatre project led by Gabriela Filippi, focusing on emotionally healing and inspiring theatrical performances. The website presents a well-structured platform showcasing upcoming events, testimonials, and multimedia content, targeting a general audience interested in cultural and family-themed theatre. The business operates primarily through ticket sales and donations, positioning itself as a niche cultural entity with a loyal following. Technically, the site is built on Joomla CMS with common JavaScript libraries, offering moderate performance and good mobile responsiveness. However, there are gaps in privacy compliance and security best practices, including the absence of privacy and cookie policies and missing security headers. WHOIS data is not publicly available, indicating privacy protection, which is typical for small cultural projects. Overall, the website is functional and trustworthy but would benefit from enhanced security and compliance measures.

A

Asta Communications Pvt Ltd.

astacommunications.com

48

Asta Communications Pvt Ltd. is a Bangalore-based advertising agency specializing in brand development, advertising, graphic design, photography, printing, and website design and development. Established in 2010, the company positions itself as a creative partner for corporate clients and SMEs seeking comprehensive branding and marketing solutions. Their market presence is supported by an active social media footprint and a portfolio showcasing diverse creative works. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and third-party widgets for social media integration and WhatsApp contact, hosted on HostGator servers. Security posture is moderate with domain transfer protection but lacks DNSSEC and security headers, and no privacy or cookie policies are present, indicating compliance gaps. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy compliance measures.

P

PLATFORM 2020 PRAGUE - NEW TCIM WIKI

platform2020prague.com

47

The PLATFORM 2020 PRAGUE website serves as an informational platform dedicated to Traditional, Complementary and Integrative Medicine (TCIM), aligning with resolutions from WHO, WHA, European Parliament, and Council of Europe. It targets a general audience interested in TCIM disciplines and provides public access, registration, and member login functionalities. The platform is small-scale, founded in 2020, and hosted by a Czech registrar consistent with its geographic focus. Technically, the website is built with standard HTML5 and CSS3, uses Google Fonts for typography, and includes a background video for visual appeal. The site is moderately optimized for mobile and SEO but lacks advanced frameworks or CMS detection. Hosting is provided by WEDOS Internet, a.s., a Czech hosting provider. Performance is moderate with basic accessibility features. From a security perspective, the site lacks critical security headers and does not enable DNSSEC, which could improve domain security. There is no privacy or cookie policy, no contact information, and no incident response or vulnerability disclosure mechanisms, which are gaps in compliance and security posture. No analytics or tracking scripts were detected, indicating minimal user tracking. Overall, the website is safe with no adult or explicit content. The domain registration data is consistent and appropriate for the business. The site would benefit from adding privacy and cookie policies, security headers, and contact information to improve trust and compliance. The AI overall score is moderate at 66, reflecting good content and business credibility but weak security and privacy compliance.

Activa Congresos is a specialized professional congress organizer based in Spain, focusing on the organization of congresses, conventions, incentives, and events primarily in Barcelona and nationwide. The company offers tailored event management services including online events and sustainable event planning. The website reflects a small-sized, regionally focused business with a professional online presence and a clear service offering. Technically, the site is built on WordPress with common plugins and scripts, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, though the website content and client testimonials support business credibility. Overall, the site is professional and trustworthy but would benefit from enhanced security and compliance measures.

H

H2 Europe

h2europe.company

47

H2 Europe is a small Czech Republic-based company specializing in innovative health and wellness products, specifically revolutionary capsules that generate molecular hydrogen. The company targets health-conscious consumers primarily in the European market. Their business model is e-commerce focused, leveraging a WordPress WooCommerce platform with modern design and multilingual support. The website is professionally designed, mobile optimized, and includes standard privacy and cookie policies compliant with GDPR. Technically, the site uses a modern tech stack including Elementor, WooCommerce Blocks, and Amazon Cloudfront CDN, ensuring moderate performance and good SEO. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities, though there is room for improvement in published security policies and incident response information. Overall, the domain WHOIS data is privacy protected, which is typical for small businesses, and no suspicious patterns were detected. The site uses standard marketing and tracking tools such as Facebook Pixel and Ecomail. The website content is safe for general audiences with no adult or explicit content. The overall AI score reflects a good quality, secure, and compliant e-commerce website with moderate business credibility.

C

Charentes Tourisme

charentestourisme.com

47

Charentes Tourisme is a regional tourism organization based in France, focused on supporting and boosting tourism activities in the Charentes region. The website offers a range of services including professional support, certifications like Tourisme & Handicap and Accueil Vélo, and digital tools such as online booking and data intelligence platforms. The organization targets tourism professionals, local authorities, and project leaders, positioning itself as a key regional player with a medium-sized operation founded in 2017. Technically, the website is built on WordPress with WooCommerce and uses modern tools like Google Analytics, Matomo, and Google Tag Manager, hosted by OVH sas. The site is well designed, mobile-optimized, and SEO-friendly, providing a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and some security plugins but lacks DNSSEC and explicit security headers, and does not publish a security policy or incident response information. Overall, the domain registration is consistent and transparent, supporting the legitimacy of the business. The site is safe for general audiences with no adult or questionable content.

N

Novaxia Investissement

novaxia-investissement.fr

47

Novaxia Investissement is a French real estate investment company specializing in sustainable and responsible investment funds, including SCPI and development funds classified under ISR and SFDR standards. The company targets investors seeking to invest in real estate with an impact focus, offering diversified portfolios and solutions such as insurance life and retirement plans. The website demonstrates a mature digital presence built on WordPress with modern technologies and good SEO practices. Security posture is adequate with HTTPS and reCAPTCHA integration, though some security headers are missing. Privacy compliance is strong with clear GDPR-aligned policies and cookie consent mechanisms. The absence of WHOIS data limits domain trust verification, but the professional presentation and content quality support business credibility. Overall, the site is well-structured, informative, and trustworthy for its target audience.

T

Tipiak

tipiak.fr

45

Tipiak is a French food brand specializing in products such as taboulé, quinoa, couscous, and boulgour, supported by a rich recipe platform with over 300 recipes. The website serves as both a product showcase and a culinary inspiration hub targeting general consumers interested in cooking. Technically, the site is built on Drupal CMS, uses Google Tag Manager for analytics, and implements EU cookie compliance mechanisms, indicating a moderate level of digital maturity. The site is mobile-optimized and accessible with good SEO practices. Security posture is adequate with cookie consent and privacy policies in place, but lacks explicit security headers and published incident response information. The absence of WHOIS data for the domain reduces trustworthiness, though the website content and external links suggest a legitimate business. Overall, the site is professional and trustworthy but would benefit from enhanced security transparency and domain registration verification.

F

Festival des Pains

festivaldespains.com

49

Festival des Pains is a French artisan bakery brand that offers a wide range of bakery products including breads, baguettes, and specialty items. The company supports professional bakers through training programs, commercial opportunities, and partnerships with regional mills. The website is professionally designed, mobile-optimized, and provides rich content including multimedia and testimonials, targeting both professional bakers and general consumers interested in artisan bread. The business operates primarily in the retail and manufacturing sectors within France, positioning itself as a regional leader with a network of 26 mills.

The website 'La viande plaisir D'ANVIAL' appears to be a French meat retail or food service business currently undergoing website maintenance. The site content is minimal, consisting solely of a maintenance placeholder page with no active business information, contact details, or policies. The domain WHOIS data indicates the domain is not registered or has expired, which raises significant concerns about the website's legitimacy and operational status. Technically, the site uses basic front-end libraries such as Bootstrap and Font Awesome but lacks modern security and privacy implementations. There is no HTTPS detected, no security headers, and no privacy or cookie policies, which collectively indicate a low security posture and poor compliance with data protection standards. Overall, the website is not currently functional for business purposes and presents a high risk from a security and trust perspective.

D

Dobrá kartářka s.r.o.

dobrakartarka.cz

45

Dobrá kartářka s.r.o. operates a Czech-language website offering esoteric services including tarot and runic card readings, primarily through online content and phone consultations. The company targets a general audience interested in fortune telling and spiritual guidance, positioning itself as a trusted and established provider in the Czech market. The website features a magazine, catalog of card readers, and online tools for free card readings, supported by professional phone services with clear pricing. Technically, the site is built on WordPress with common plugins for SEO, forms, and social sharing, and it demonstrates good mobile optimization and moderate performance. Security posture is adequate with HTTPS enforced and cookie consent implemented, though some security headers are missing and no explicit privacy policy or terms of service pages were found. WHOIS data is privacy protected, which is typical for this business type. Overall, the site is professional and trustworthy but could improve compliance and security transparency.

I

Informační centrum Litomyšl

ticlitomysl.cz

41

Informační centrum Litomyšl operates as a local government-affiliated tourism and cultural information center serving visitors to Litomyšl, Czech Republic. The website provides comprehensive information on city tours, accommodation, dining, cultural events, and ticket sales, supported by an e-shop for related products. The site is built on Joomla CMS with modern UI libraries, offering a good user experience and mobile responsiveness. However, the absence of privacy and cookie policies indicates a gap in GDPR compliance. Security posture is moderate with HTTPS usage but lacks advanced security headers and vulnerability disclosure mechanisms. The WHOIS data is unavailable, limiting domain trust verification, but the website content and external partnerships suggest legitimacy. Strategic improvements in privacy compliance and security practices are recommended to enhance trust and regulatory adherence.

G

Galerie Bijoux Nemesis

bijoux-nemesis.cz

48

Galerie Bijoux Nemesis is a small Czech artisan jewelry business specializing in handmade and original jewelry pieces, including tin jewelry, Swarovski elements, and polymer clay creations. The company also offers jewelry making courses and gift vouchers. Their physical store in Prague is permanently closed, with an emphasis on online sales through their e-shop and social media channels. The website is built on a WebCzech e-shop platform using common JavaScript libraries and Bootstrap for responsive design. While the site is content-rich and user-friendly, it lacks advanced security headers and comprehensive privacy policies. The absence of WHOIS data for the domain raises concerns about domain legitimacy, though the business presence and contact information suggest a legitimate small enterprise.

The website suenee.cz is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to any substantive content. The domain is registered since 2009 and uses Cloudflare for DNS and security services. Due to the block, no business information, contact details, or policies are available for analysis. The technical infrastructure relies on Cloudflare's security and CDN services, but no CMS or other technologies are detectable from the blocked page. The security posture cannot be fully assessed, but the presence of a WAF indicates some level of protection. However, the lack of accessible content and policies results in a low overall trust and compliance score. Strategic recommendations include resolving the WAF block to allow content access, publishing privacy and cookie policies, and providing clear contact and security information.

T

Technické služby Tábor s.r.o.

tstabor.cz

44

Technické služby Tábor s.r.o. is a municipal service company based in Tábor, Czech Republic, providing essential public services such as parking management, green area maintenance, public lighting, cemetery management, and animal shelter operations. Established in 1995, the company holds multiple ISO certifications indicating a commitment to quality and environmental standards. The website serves as an informational and contact portal for residents and stakeholders, featuring news updates, service links, and a contact form. The website is built on WordPress with a moderate technical infrastructure including common plugins and scripts such as Contact Form 7 and Google Maps API. The site is mobile-optimized with good navigation and content relevance. Security posture is adequate with HTTPS enforced and CAPTCHA on forms, but lacks advanced security headers and cookie consent mechanisms. No WHOIS data is available, which limits domain registration trust analysis. Overall, the security posture is stable but could be improved by implementing security headers, cookie consent, and publishing incident response contacts. The business credibility is strong based on certifications and clear company information. The website content is safe and appropriate for a general audience with no adult or questionable content detected. Strategic recommendations include enhancing security headers, adding cookie consent for GDPR compliance, publishing vulnerability disclosure and incident response information, and improving WHOIS transparency to increase trustworthiness.

P

Parkování ČB › Parkování ČB

parkovanicb.cz

49

The website www.parkovanicb.cz appears to be related to parking services, as indicated by its title 'Parkování ČB'. However, the site lacks substantive business description, contact information, and privacy or cookie policies. The technical infrastructure is based on an older CMS (InizioCMS) and Bootstrap 3.3.7a framework, with analytics tools such as Google Tag Manager and Hotjar implemented. Security posture is weak due to the absence of HTTPS, security headers, and no visible incident response or security policies. The domain WHOIS data is unavailable, which raises concerns about domain legitimacy and trustworthiness. Overall, the site is accessible but minimal in content and security features, indicating a need for significant improvements in compliance, security, and business transparency.

E

ENVF - Écoles Nationales Vétérinaires de France

envf.fr

37

ENVF (Écoles Nationales Vétérinaires de France) is a French governmental network of four national veterinary schools, established in 2020 under the Ministry of Agriculture and Food Sovereignty. The website serves as an official portal to present the network's mission, values, and member schools, targeting veterinary students, professionals, and academic communities. The business model is educational and governmental, focusing on veterinary training, research, and coordinated activities such as internships and competitions. The site maintains a consistent and professional brand image aligned with its authoritative position in veterinary education in France. Technically, the website is built on WordPress using the Kadence theme and related plugins, hosted by OVH. It employs modern web technologies including Google Fonts and supports mobile responsiveness with good design quality. Performance is moderate, and accessibility is basic but functional. SEO optimization is basic with proper meta tags but lacks advanced features. From a security perspective, the site uses HTTPS with an excellent SSL configuration but lacks visible security headers and explicit incident response or vulnerability disclosure policies. No cookie consent mechanism or comprehensive privacy compliance indicators are present, which may pose compliance risks under GDPR. No contact emails or phone numbers are clearly provided on the homepage, limiting direct communication channels. Overall, the website is trustworthy and professional but could improve privacy compliance and security posture by implementing cookie consent, security headers, and publishing incident response information. The domain registration is consistent with the business history and supports legitimacy. Strategic improvements in privacy and security would enhance user trust and regulatory compliance.

T

Tiskárna Posekaný

posekany.cz

40

Tiskárna Posekaný is a professional online printing company based in České Budějovice, Czech Republic, with a domain age dating back to 2002. The company offers a wide range of printing services including business cards, flyers, brochures, stickers, and gift items, supported by an in-house graphic studio. Their business model focuses on online ordering with fast turnaround times and free delivery, targeting both businesses and individual customers. The website demonstrates a consistent brand presence and good content quality, reflecting a well-established local market position. Technically, the website is built on WordPress with WooCommerce for e-commerce functionality, enhanced by popular plugins such as Yoast SEO and Kadence theme. It uses modern web technologies including jQuery, Google Analytics, Facebook Pixel, and Google reCAPTCHA for security and analytics. Hosting is provided by WEDOS, a reputable Czech hosting provider, ensuring good performance and mobile optimization. SEO and accessibility are adequately addressed, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs reCAPTCHA to protect forms. Cookie consent mechanisms comply with GDPR requirements, and privacy policies are clearly published. However, some security headers are not explicitly detected, and no formal security policy or incident response contact is provided. No vulnerabilities or suspicious activities were identified in the content or WHOIS data, which is consistent and supports the legitimacy of the business. Overall, the website presents a trustworthy and professional online printing service with solid technical infrastructure and good privacy compliance. Strategic improvements could include enhancing security headers, publishing a security policy, and adding incident response information to further strengthen security posture and customer trust.

M

Město Borovany

borovany-cb.cz

49

Město Borovany operates an official municipal website serving the residents and visitors of Borovany, Czech Republic. The site provides comprehensive local government information including news, official notices, contact details, event calendars, and public services. The target audience is primarily local citizens and stakeholders interested in municipal affairs. The business model is a government service portal with no commercial intent. The website maintains a consistent brand identity and good content quality, supporting its role as a trusted local government resource. Technically, the website uses a modern technology stack including jQuery, Bootstrap, Swiper.js, and Leaflet.js for mapping. It is built on the Ocelot CMS platform and demonstrates good mobile optimization and accessibility compliance, including an accessibility certification. Performance is moderate, with no major technical issues detected. However, some security best practices such as security headers are missing. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism, but lacks a published privacy policy and incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data reduces domain trustworthiness, but the official nature of the content and contact information supports legitimacy. Overall, the website is a well-maintained municipal portal with good usability and security posture, though improvements in privacy compliance and domain transparency are recommended to enhance trust and regulatory adherence.

I

Informační portál Kaplice a Kaplicko

ikaplice.cz

44

The website ikaplice.cz serves as an information portal dedicated to the town of Kaplice and its surrounding region in the Czech Republic. It provides comprehensive local cultural, tourist, and community event information, targeting residents and visitors interested in the area. The portal features event calendars, news articles, and service directories, positioning itself as a key regional resource for cultural engagement and tourism promotion. The site is supported by partnerships with local government and tourism organizations, enhancing its credibility and reach. Technically, the website employs a custom CMS with a technology stack including jQuery 1.11.2, jQuery UI, Fancybox, Google Fonts, Google Analytics, and Mapy.cz API for mapping services. While the site is functional and well-structured with good navigation and content relevance, it uses outdated JavaScript libraries that may pose security risks. Mobile optimization and accessibility are basic, and SEO practices are moderate. The site uses HTTPS and implements a cookie consent mechanism, but lacks visible security headers and explicit privacy or terms of service policies. From a security perspective, the portal demonstrates moderate maturity. The use of outdated libraries and absence of security headers are notable vulnerabilities. No direct contact emails or phone numbers are provided, limiting transparency. The cookie consent banner indicates some GDPR awareness, but the lack of a privacy policy and security incident response information suggests compliance gaps. No WAF or blocking mechanisms are detected, and the domain registration data aligns well with the website's regional focus, supporting legitimacy. Overall, ikaplice.cz is a valuable regional information resource with good content quality and business credibility but requires improvements in technical security, privacy compliance, and modernization of its technology stack to enhance trust and resilience against threats.

P

ProDarce.cz

prodarce.cz

42

ProDarce.cz is a Czech Republic-based online platform dedicated to providing benefits, discounts, and rewards for voluntary blood and bone marrow donors. It positions itself as the largest database of such benefits in the country, targeting donors and related communities. The website offers regularly updated content about partner offers, insurance contributions, and events supporting blood donation. Technically, the site is built on WordPress with common plugins such as Yoast SEO and integrates Google Analytics and Tag Manager for tracking. The site is mobile-optimized and provides a user-friendly experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and explicit privacy policies. WHOIS data is unavailable, which limits full trust verification of the domain registration. Overall, the site is safe, professional, and serves a niche non-profit community effectively.

C

CRnet, s.r.o.

crnet.cz

44

CRnet, s.r.o. is a Czech Republic based small technology company specializing in custom web development, e-commerce solutions, internet marketing, and graphic design services. Established since 1999, the company has a solid local market presence with a portfolio of satisfied clients and a range of partner sites offering complementary services. Their website is professionally designed, content-rich, and targets businesses and individuals seeking digital marketing and web solutions. Technically, the site uses a custom CMS with a legacy JavaScript stack including jQuery 1.11.2 and integrates Google Analytics and Mapy.cz APIs. Security posture is moderate with HTTPS enabled and cookie consent implemented, but the use of outdated libraries and lack of advanced security headers are areas for improvement. Privacy compliance is basic with clear privacy and cookie policies but no visible terms of service or incident response information. Overall, the website is trustworthy, safe, and well-positioned for its market segment.

K

Kwantic

kwantic.fr

49

Kwantic is a French web development agency founded in 2020, specializing in custom web solutions including ERP, CRM, application development, and e-commerce platforms. The company operates multiple offices across major French cities, indicating a regional presence and a focus on serving businesses seeking digital transformation. The website is professionally designed using WordPress with modern technologies such as jQuery, Bootstrap, and various analytics tools, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent implemented, but lacks published privacy policies and security headers, which are important for compliance and protection. Overall, the website presents a credible business with room for improvement in privacy and security transparency.

The website masteos.com is currently inaccessible due to an SSL handshake failure between Cloudflare and the origin server, resulting in a Cloudflare error 525 page being displayed. This indicates a misconfiguration or incompatibility in the SSL/TLS setup on the origin server side. The domain is registered since 2018 with Gandi SAS and uses Cloudflare nameservers, but no further business or contact information is publicly available on the site. The lack of accessible content, privacy policies, cookie consent mechanisms, or terms of service severely limits the ability to assess the business or compliance posture. Technically, the site relies on Cloudflare for DNS and CDN services but fails to establish a secure connection to the backend server, which is a critical security and availability issue.

Artistes de la Vie is a French non-profit media and campaign platform centered around a motivational film and an online ecosystem to encourage social and environmental action. The website offers film viewing options via VOD and DVD, organizes cine-action events, and promotes a participative platform for community-driven positive impact projects. The target audience is the general public interested in social change and sustainability. Technically, the site is built on WordPress using the Divi theme and Yoast SEO plugin, hosted by Infomaniak Network SA. It employs Google Analytics and Tag Manager for user tracking. The site is mobile optimized and well-structured, though some technical debt exists such as an outdated jQuery version and missing security headers. Security posture is moderate with HTTPS enforced and captcha on forms, but lacks explicit security policies and headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration is consistent and legitimate, supporting the business's credibility.

Č

Česká lékařská akupunkturistická společnost (ČLAS ČLS JEP)

akupunktura.cz

44

The website akupunktura.cz represents the Czech Medical Acupuncture Society (ČLAS ČLS JEP), a professional association focused on acupuncture and related techniques in the Czech Republic. The site provides educational resources, event information, bulletins, and membership details targeted at medical professionals and acupuncture practitioners. The domain has been active since 1999, indicating a well-established presence in its niche healthcare sector. Technically, the site is built on WordPress with the Fusion Builder theme, incorporating modern web technologies such as HTTPS and Google reCAPTCHA for security. The cookie consent mechanism is robust, offering granular user control, though a formal privacy policy and terms of service pages are absent. Security posture is good with HTTPS and anti-bot measures, but could be improved with additional security headers and published policies. Overall, the site is professional, trustworthy, and safe for general audiences.

Televize JS is a small regional media company focused on delivering news and video reports from the Královéhradecký region in the Czech Republic. The website provides local news articles, video content, and advertising services targeting residents and viewers interested in regional events. The business appears to have been operational since at least 2011, with a consistent brand presence and partner ecosystem. Technically, the site uses legacy JavaScript libraries such as jQuery 1.5.2 and integrates Google Analytics for user tracking, but lacks modern security headers and privacy compliance mechanisms. The absence of WHOIS data raises concerns about domain legitimacy, although the website content and contact information suggest a legitimate local media outlet. Security posture is moderate but could be improved by updating libraries, implementing security headers, and enhancing privacy compliance. Overall, the site is functional with good content relevance but requires technical and compliance upgrades to strengthen trust and security.

The website kjh.cz represents the Místní akční skupina Království – Jestřebí hory, a regional non-profit organization focused on community and regional development in the Czech Republic. It provides information on local events, projects, educational initiatives, and regional services, targeting residents and stakeholders of the Jestřebí hory region. The site maintains partnerships with regional organizations and uses a custom CMS platform with a moderate technology stack including jQuery, Google Maps API, and Google Analytics. Technically, the website employs several legacy JavaScript libraries which may pose security risks and lacks explicit security headers. The site is served over HTTPS with a cookie consent mechanism that complies with GDPR principles, although no formal privacy policy or terms of service pages were found. The user experience is generally good with clear navigation and mobile optimization, but accessibility features are basic. From a security perspective, the site benefits from HTTPS and cookie consent but should update outdated libraries and implement security headers to enhance protection. No incident response or vulnerability disclosure information is present. WHOIS data confirms the domain's legitimacy and consistency with the website's regional focus. Overall, the site is a credible regional non-profit platform with good content quality but requires improvements in security practices and privacy documentation to meet higher compliance and security standards.

Svazek obcí Jestřebí hory operates as a regional government association website serving the Jestřebí hory region in the Czech Republic. The site provides localized news, event information, cultural and natural attractions, and community resources targeted at residents and visitors. It maintains a consistent and professional brand presence with partner affiliations to regional organizations. Technically, the website uses a variety of JavaScript libraries including jQuery, Modernizr, and Google Maps API, but some libraries are outdated which may pose security risks. The site is hosted on a domain registered since 2004, indicating a stable presence. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and DNSSEC. Privacy compliance is basic with no explicit privacy policy or terms of service pages found. Overall, the website is functional and trustworthy but would benefit from technical and compliance improvements.

R

RACONTEZ LES MAUGES

racontez-les-mauges.fr

33

Racontez Les Mauges is a French community-driven blog platform dedicated to sharing stories, photos, and ideas related to the Mauges region's cultural and historical heritage. The website encourages public participation and contributions, positioning itself as a local cultural storytelling hub. Technically, the site is built on WordPress with modern frameworks like UIkit and uses Yoast SEO for optimization. It implements cookie consent management via tarteaucitron.io and employs HTTPS for secure connections. However, the absence of WHOIS registration data and lack of explicit privacy and terms of service pages present trust and compliance gaps. Security posture is moderate with room for improvement in headers and policy transparency. Overall, the site is well-designed, mobile-optimized, and provides valuable community content but would benefit from enhanced compliance and security disclosures.

K

Koloběh Říčany, příspěvková organizace

kolobeh-ricany.cz

48

Koloběh Říčany is a small, local non-profit organization affiliated with the city of Říčany, Czech Republic. It operates a charitable shop, intergenerational meeting center, and organizes cultural and volunteer activities primarily targeting seniors and the local community. The website reflects a community-focused mission with clear contact information and social media presence. Technically, the site uses a proprietary CMS (vismo), integrates Google Analytics and reCAPTCHA, and implements cookie consent mechanisms, indicating a moderate level of digital maturity. Security posture is good with HTTPS and form protections, though additional security headers and explicit security policies could enhance it. Overall, the site is trustworthy, well-structured, and compliant with GDPR requirements.

M

Muzeum Říčany

muzeumricany.cz

43

Muzeum Říčany is a small, non-profit cultural and educational institution based in the Czech Republic, focused on providing modern educational experiences for families, children, students, and educators. The website highlights their key services including exhibitions, educational programs, a Geopark, and public events. Their market position is that of a local community museum with a strong emphasis on education and family engagement. Technically, the website is built on WordPress using Elementor and Yoast SEO, with integration of Google Analytics for visitor tracking. The site is well-structured, mobile-optimized, and includes GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is professional, trustworthy, and serves its target audience effectively.

P

Pankix

pankix.cz

33

Pankix.cz is the official website of the Czech indie/pop/rock band Pankix, established since 2002. The site serves as a digital hub for fans, providing information about the band, concert schedules, discography, and options to download or purchase physical CDs. The website is primarily targeted at Czech-speaking audiences interested in indie and pop rock music. The business model revolves around music promotion, fan engagement, and direct sales of music recordings. The site maintains a consistent brand presence with official social media links and a professional logo.

M

Musicus agency s.r.o.

botoxmusic.cz

43

Botoxmusic.cz represents a Czech multi-genre music band named Botox, active since 2018. The website serves as a digital hub for the band’s activities including concert announcements, music streaming links, and merchandise sales via an e-shop. The band targets a general audience interested in music and live performances, maintaining a consistent brand presence across social media platforms and partner collaborations. The business model revolves around live events, digital music distribution, and merchandise sales, positioning the band as a small but active player in the Czech music scene. Technically, the website is built using HTML5, CSS3, JavaScript, and AngularJS framework, with multimedia integration such as YouTube video embeds and a swiper slider for featured content. The site is mobile optimized with good navigation and content relevance, though some modern accessibility features could be improved. No CMS or hosting provider details were detected. Performance is moderate with no critical technical issues observed. From a security perspective, the site uses HTTPS but lacks visible security headers and privacy/cookie policies, indicating room for compliance and security posture enhancement. No WHOIS data was found, which reduces domain trustworthiness, but the website content and contact information appear legitimate and professional. No tracking or analytics scripts were detected, suggesting minimal user tracking. Overall, the website is functional and professional for its purpose but would benefit from improved privacy compliance, security headers, and domain registration transparency to enhance trust and security posture.

X

Xantipa Agency s.r.o.

xantipa.eu

41

Xantipa Agency s.r.o. is a Czech Republic based marketing and advertising agency specializing in strategic and creative marketing solutions. The company offers services including marketing strategy, creative campaigns, branding, and advertising, targeting businesses seeking effective marketing communications. The website is built on WordPress and integrates common marketing technologies such as Google Tag Manager, Google Analytics, and Facebook Pixel, indicating a moderate level of digital maturity. The site is well designed, mobile optimized, and provides clear contact information and social media presence, supporting business credibility. Security posture is adequate with HTTPS enforced, but lacks some security headers and explicit cookie consent mechanisms. WHOIS data is not publicly available due to EURid privacy policies, but no suspicious indicators were found. Overall, the website presents a professional marketing agency with moderate risk and good operational transparency.

Z

ZOO Dvorec

zoodvorec.cz

46

ZOO Dvorec is a private zoological garden located in the South Bohemian region of the Czech Republic, established in 2007. The website serves as a comprehensive portal for visitors, offering detailed information about visiting hours, ticketing, animal exhibits, educational programs for schools, and special experience activities such as guided tours and animal caretaker programs. The business model focuses on visitor engagement, education, and community involvement, supported by an e-shop and animal adoption initiatives. The zoo maintains an active presence on social media platforms including Facebook, YouTube, and Instagram, enhancing outreach and visitor interaction. Technically, the website employs a custom CMS with a technology stack including jQuery 1.11.2, jQuery UI, Flexslider, Fancybox, and integrates Google Tag Manager and Google Analytics for tracking. The site uses HTTPS with good SSL configuration and includes cookie consent mechanisms compliant with GDPR. However, some outdated JavaScript libraries present potential security risks, and no explicit security headers were detected. The website performance is moderate with basic mobile optimization and accessibility features. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent but lacks published security policies or incident response contacts. The use of older JavaScript libraries and absence of security headers are notable vulnerabilities. No signs of malware, phishing, or exposed sensitive data were found. Privacy compliance is good with accessible privacy and cookie policies. The domain registration is consistent and legitimate, supporting the business's credibility. Overall, ZOO Dvorec's website is well-structured, content-rich, and trustworthy, serving its audience effectively. Strategic improvements in updating technical components and enhancing security headers would strengthen its security posture and resilience against emerging threats.

C

Conséquences

consequences-france.org

36

Conséquences is a French non-profit organization established in 2022, dedicated to raising awareness about the cascading effects of climate change on local communities and daily life in France. The organization collaborates with experts, media, and field actors to document and communicate these impacts. The website is built on WordPress using the Avada theme and includes modern plugins such as Smart Slider 3 and a cookie consent mechanism, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and incident response disclosures. Overall, the website is professional and trustworthy, though it would benefit from publishing privacy and terms of service policies and enhancing security configurations.

Oniris Nantes is an educational institution based in France, likely specializing in veterinary and food sciences. The domain is registered since 2009 through GIP RENATER, a reputable academic network provider, indicating a legitimate and established presence. However, the website content is currently inaccessible, returning a 503 Service Unavailable error, which prevents detailed analysis of the site's content, policies, and technical infrastructure. The lack of accessible content also means no privacy, cookie, or security policies are detectable, and no contact information or forms are available for review. This limits the ability to assess the website's compliance and user engagement capabilities. The domain registration data is consistent with the institution's profile, supporting its legitimacy despite the current unavailability of the website.

U

Univerza Alma Mater Europaea

almamater.si

44

Univerza Alma Mater Europaea is a Slovenian international university established in 2012, offering a wide range of academic programs including undergraduate, graduate, doctoral, specialist, and lifelong learning courses. The institution targets students and academic professionals seeking career-oriented education aligned with future job market demands. The website reflects a mature digital presence with multilingual support and comprehensive academic and institutional information. Technically, the site employs modern web technologies such as Google Tag Manager, Hotjar, Facebook Pixel, and Swiper.js, ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS enforced and privacy-conscious analytics configurations, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the website is professional, trustworthy, and well-aligned with the university's mission and audience.

K

Kulturní zařízení Ostrava-Jih, příspěvková organizace

kulturajih.cz

47

Kulturní zařízení Ostrava-Jih is a public cultural institution based in Ostrava, Czech Republic, focused on organizing cultural events, operating a cinema, and providing educational and creative courses for the local community. The organization targets a broad audience including seniors, families, and schools, positioning itself as a key cultural hub in the Ostrava-Jih region. The website reflects this mission with detailed event listings, partner affiliations, and community engagement features. Technically, the website employs modern web technologies such as Bootstrap, jQuery, Leaflet.js for maps, and integrates Google Analytics and Google Tag Manager for tracking. The site is mobile responsive and well-structured, though some accessibility features could be improved. Security measures include HTTPS enforcement and CAPTCHA protection on forms, but lack of security headers and cookie consent mechanisms indicate areas for enhancement. From a security and compliance perspective, the site shows good practices with encrypted connections and privacy policy availability, but lacks visible incident response contacts, security policies, and cookie consent banners, which are important for GDPR compliance. WHOIS data is unavailable, likely due to privacy protection, which is common for public organizations but limits domain trust verification. Overall, the website is professional, trustworthy, and serves its community well, but should improve privacy compliance and security headers to strengthen its security posture and regulatory adherence.

D

DK Poklad Ostrava

dkpoklad.cz

49

DK Poklad Ostrava is a well-established cultural and social center located in Ostrava-Poruba, Czech Republic, founded in 2004. The organization offers a diverse range of services including cultural performances, congresses, seminars, workshops, cinema, venue rentals, and restaurant services. It targets a broad audience interested in cultural and social events, positioning itself as a key regional player in the hospitality and media sectors. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools, demonstrating a mature digital infrastructure. Security posture is good with HTTPS and secure forms, though some security headers could be improved. Privacy compliance is strong, featuring GDPR-compliant policies and cookie consent mechanisms. Overall, the site is trustworthy, well-maintained, and serves its community effectively.

N

Nákupní centrum Géčko

geckoostrava.cz

46

Nákupní centrum Géčko is a regional shopping center located in Ostrava, Czech Republic, established in 2017. It offers a variety of retail shops, services, family-friendly activities, and hosts events to engage the local community. The website reflects a well-maintained digital presence with clear branding and consistent messaging. The business partners with notable entities such as Hypermarket Globus and Retail Park Poruba, enhancing its market position. Technically, the website uses modern JavaScript libraries, CDN hosting, and integrates social media and marketing tools effectively. Privacy and cookie compliance are well implemented with granular user consent mechanisms. Security posture is good with HTTPS and CSRF protections, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration is consistent with the business history and location. Overall, the website demonstrates a mature digital infrastructure supporting a medium-sized retail business with a strong community focus.

I

Institut Agro Alumni

institut-agro-alumni.fr

46

Institut Agro Alumni operates as a dedicated alumni community platform for graduates of Institut Agro schools in France. The website offers a range of services including networking, career support, event organization, and publication of a magazine. It targets alumni and professionals connected to the agricultural and educational sectors, positioning itself as a niche but important community resource. The platform integrates modern web technologies and provides a mobile-friendly experience, including a dedicated mobile app. Security measures such as HTTPS, CSRF tokens, and hCaptcha are implemented, alongside GDPR-compliant cookie consent mechanisms. Contact information and social media presence enhance trust and accessibility.

A

Aptalumni

aptalumni.org

48

Aptalumni is a well-established alumni association serving graduates of AgroParisTech, a prestigious French engineering school. The website provides a comprehensive platform for alumni networking, career services, events, solidarity initiatives, and publications. It targets AgroParisTech alumni and professionals connected to the institution, offering membership benefits and community engagement. The site is professionally designed with consistent branding and clear navigation, supporting a medium-sized organization in the education and non-profit sectors based in France. Technically, the website employs a modern JavaScript stack including jQuery, Bootstrap, SweetAlert, and hCaptcha for security. It uses a specialized CMS likely based on NetAssoc. The site is mobile-optimized and includes accessibility and SEO best practices. Privacy and cookie policies are well implemented with GDPR compliance, including a consent banner managed by tarteaucitron. Analytics and error tracking are handled via Google Analytics and Raygun. Security posture is strong with HTTPS enforced, CSRF protection on forms, and bot mitigation via hCaptcha. However, security headers are not visibly configured, and no explicit security or incident response policies are published. WHOIS data is unavailable due to a malformed response, but the website's professionalism and content quality indicate legitimacy. No suspicious or malicious indicators were found. Overall, the site presents a low-risk profile with good privacy and security hygiene, serving an important educational community. Strategic improvements include adding security headers, publishing a security policy, and enhancing incident response transparency.

E

Eric A. and Kathryn S. Meyer

meyerweb.com

45

meyerweb.com is a well-established personal and professional website belonging to Eric A. Meyer, a recognized expert in CSS and web development, and his wife Kathryn, a doctor of nursing. The site primarily serves as a blog and resource hub for web developers and CSS enthusiasts, featuring detailed technical articles, tools, and personal writings. The business model is centered on content sharing and community engagement, targeting a niche audience of web professionals and learners. The site has a consistent brand identity and a strong reputation within its niche, supported by a domain age of over two decades. Technically, the site uses a combination of hand-authored HTML and WordPress for the blog section, with some static site generation for book content. The technology stack is modern and standards-compliant, with good mobile optimization and accessibility features. However, performance is moderate and could benefit from further optimization. SEO practices are good, with proper meta tags and structured navigation. From a security perspective, the site benefits from a long-standing domain with clientTransferProhibited status, indicating protection against unauthorized transfers. However, there is no evidence of DNSSEC, security headers, or explicit SSL configuration details, which suggests room for improvement. The absence of privacy and cookie policies is a compliance gap, especially for GDPR. No contact or incident response information is provided, limiting transparency in security matters. Overall, meyerweb.com is a trustworthy and authoritative site with excellent content quality and business credibility. The main risks relate to privacy compliance and security best practices, which if addressed, would enhance the site's security posture and user trust. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear contact and vulnerability disclosure information.

D

Deutsch-Griechische Industrie- und Handelskammer

german-chamber.gr

48

The Deutsch-Griechische Industrie- und Handelskammer (German-Greek Chamber of Industry and Commerce) serves as a bilateral business network fostering trade and cooperation between Germany and Greece. With approximately 900 members, it offers a range of services including market entry consulting, legal and tax advice, delegation support, job portals, and translation services. The organization also hosts social events and networking opportunities to strengthen business ties. The website reflects a professional and consistent brand image aligned with its institutional partners such as BMWK, DIHK, and IHK. Technically, the site is built on the Ibexa DXP CMS with Vue.js and Swiper.js for frontend interactivity, delivering a good user experience with mobile optimization and accessibility considerations. Security posture is solid with HTTPS and no exposed sensitive data, though improvements could be made by adding security headers and explicit incident response information. Privacy compliance is partially met with a clear privacy policy but lacks a cookie consent mechanism. Overall, the site is trustworthy and well-positioned within its niche, serving a medium-sized organization focused on government and non-profit sectors.

Č

České modelky s.r.o.

brigadyhostesky.eu

43

České modelky s.r.o. operates the website brigadyhostesky.eu, providing an online platform for event staffing, specifically offering job opportunities for hostesses and promoters across the Czech Republic. Established since 2006, the company positions itself as a professional service provider in organizing commercial and social events. The website features detailed job listings, profiles of hostesses, and client references, targeting individuals seeking temporary work in promotional roles. The business model revolves around connecting clients with suitable event staff and managing registrations and communications online. Technically, the website employs a modern frontend stack including jQuery, Bootstrap 5, FontAwesome, and Google reCAPTCHA for form security. The site is mobile-optimized with good navigation and content structure, although some advanced security headers and cookie consent mechanisms are missing. External resources and partner domains are well integrated, indicating a mature digital presence. However, the lack of WHOIS data limits domain trust verification. From a security perspective, HTTPS is used, and spam protection is implemented via reCAPTCHA. The absence of security headers like CSP and HSTS, and missing cookie consent, represent areas for improvement. No critical vulnerabilities or adult content were detected, and privacy policy compliance with GDPR is indicated. Overall, the site demonstrates a moderate security posture suitable for its business scope but would benefit from enhanced security controls. The overall risk assessment is moderate with a trust score of 75 out of 100. Strategic recommendations include implementing security headers, adding cookie consent, improving WHOIS transparency, and maintaining up-to-date software. These steps will enhance user trust, compliance, and security resilience.

T

TN Média s.r.o.

salonkyhk.cz

44

Salonky is a regional news media website operated by TN Média s.r.o., focusing on delivering local news, sports, cultural events, and multimedia content to the Hradec Králové region in the Czech Republic. The site targets local residents and those interested in regional affairs, leveraging a content-rich platform with regular updates and social media integration. The business model appears to be advertising-supported, with visible banners and campaign redirects embedded in the site. Technically, the website is built on WordPress and utilizes modern front-end libraries such as jQuery, Bootstrap, Owl Carousel, and Font Awesome. It employs HTTPS for secure communication and integrates Google Analytics for visitor tracking. The site is mobile-optimized with a responsive design and includes interactive features like video tabs and newsletter subscription forms. However, some accessibility and SEO optimizations could be improved. From a security perspective, the site uses HTTPS but lacks visible security headers such as Content-Security-Policy or X-Frame-Options. The newsletter subscription form uses JavaScript fetch API for secure data submission, but no explicit privacy policy or cookie consent mechanism is present, which may raise compliance concerns. The absence of WHOIS data for the domain reduces trustworthiness, although the site content and design indicate a legitimate media outlet. Overall, Salonky presents a professional and content-rich platform for regional news but would benefit from enhanced privacy disclosures, security headers, and WHOIS transparency to improve trust and compliance. Strategic improvements in these areas will strengthen its security posture and user confidence.