High-risk security reports

C

Cosa

cosavostra.com

30

Cosa is a French consulting agency specializing in strategy, communication, e-commerce, and digital marketing. The company positions itself as a creative and strategic partner helping businesses reveal their uniqueness through effective digital and e-commerce strategies. The website demonstrates a professional and modern digital presence with multimedia content, client showcases, and multiple contact channels including forms, email, phone, and social media. Technically, the site is built on WordPress with Gravity Forms and integrates Google services such as reCAPTCHA and Tag Manager, indicating a mature digital infrastructure. Security measures like HTTPS and CAPTCHA are implemented, but the absence of security headers and privacy/cookie policies highlight areas for improvement. The WHOIS data is missing or unavailable, which raises concerns about domain legitimacy despite the professional appearance and reputable client logos. Overall, the site is well-designed and functional but should address compliance and transparency gaps to enhance trust and security.

A

Association CERESA

ceresa.fr

39

Association CERESA is a French non-profit organization established in 2005, specializing in autism support and education in the Occitanie region. It operates multiple specialized services including home education and care (SESSAD), educational units (UE), and professional training through its Pôle Formation. The website is professionally designed using WordPress and Elementor, with good content quality and clear navigation targeting parents, professionals, and stakeholders concerned with autism. The organization maintains a social media presence on Facebook and LinkedIn, enhancing its outreach and credibility. Technically, the site uses modern web technologies and includes Matomo analytics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS usage but lacks advanced security headers and explicit privacy policies. WHOIS data is missing from the AFNIC database, which slightly reduces trust but does not negate the legitimacy given the consistent business information and social presence. Overall, the site is safe, professional, and well-positioned within its niche.

Polymny Studio is a small cooperative society based in Toulouse, France, specializing in digital learning platforms, DevOps, and Artificial Intelligence solutions tailored for educational institutions and learners. Their key offerings include the proprietary Polymny Studio application for educational video creation, e-learning platform design and deployment, and AI-powered learning tools. The company emphasizes ethical, sustainable, and sovereign digital solutions, leveraging open source technologies such as Moodle, Big Blue Button, and Nextcloud. Technically, the website uses modern technologies including Rust, Python, and JavaScript frameworks, hosted by Infomaniak Network SA, with a responsive design and good user experience. Security posture is moderate with HTTPS enabled but lacking DNSSEC and explicit security headers. Privacy compliance is partial, with privacy and terms located on a related domain but no cookie consent mechanism on the main site. Overall, the business credibility is strong due to academic partnerships and cooperative structure, though improvements in security and privacy policies are recommended.

M

M45T

m45t.com

45

M45T is a French event agency specializing in creative project management and technical services for cultural and event projects. The company offers personalized logistical support and equipment rental for sound, lighting, and video, targeting event organizers and cultural project managers. The website is built on WordPress using the Divi theme and hosted by Infomaniak Network SA, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but could improve compliance and security practices.

L

L’Atelier Transmédia

lateliertransmedia.com

46

L’Atelier Transmédia is a small audiovisual production company based in Nantes, France, specializing in media content creation and transmedia storytelling. The website reflects a professional service provider targeting businesses and individuals seeking audiovisual production services. The technical infrastructure is built on WordPress with Elementor and optimized using WP Rocket, indicating a moderate level of digital maturity. The site loads moderately fast and is mobile optimized, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy but could improve in compliance and security transparency.

O

OpenStreetMap France

openstreetmap.fr

42

OpenStreetMap France is a non-profit organization dedicated to promoting and supporting the global OpenStreetMap project within France. The website serves as a hub for community engagement, providing information about mapping, events, training, and data reuse. It targets a broad audience including contributors, local communities, and organizations interested in open geographic data. Technically, the site is built on WordPress with modern web technologies and integrates privacy-respecting analytics via Matomo. Security posture is solid with HTTPS enforced, though some security headers and explicit privacy policies are missing. The absence of WHOIS data reduces domain trust slightly but the website's content quality and community trust indicators are strong. Overall, the site is professional, well-maintained, and serves an important role in the open data ecosystem.

A

Agence KN

agence-kn.fr

47

Agence KN is a specialized web agency based in Lyon, France, focusing on WordPress website creation, SEO audits, and digital marketing services since 2011. The company targets businesses seeking tailored digital solutions with a strong emphasis on client satisfaction and technical excellence. Their website demonstrates a mature digital infrastructure using WordPress CMS, modern JavaScript libraries, and GDPR-compliant cookie management. Security posture is good with HTTPS and consent mechanisms, though some security headers are missing. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but does not detract from the professional presentation and business legitimacy. Overall, the agency presents a credible and professional digital presence with room for security enhancements.

O

Obec architektů z.s.

grandprixarchitektu.cz

45

Obec architektů z.s. is a Czech non-profit organization established in 1921, dedicated to representing the Czech Republic in international architectural forums such as UIA and V4, and organizing the Grand Prix Architektů, the largest architecture competition in the Czech Republic. The website serves as an informational and promotional platform targeting both professional and general audiences interested in architecture. Technically, the site uses modern JavaScript libraries including jQuery and slick.js, integrates Google Analytics for visitor tracking, and implements a cookie consent mechanism compliant with GDPR principles. The site is mobile-optimized with good design and navigation clarity. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks visible security headers and published privacy or security policies. WHOIS data is unavailable, which impacts domain legitimacy verification. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security documentation.

The website desvix.com is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. The domain WHOIS data is suspicious due to a future creation date, which undermines trust and legitimacy. No business information, contact details, or policies are published on the site, indicating a lack of transparency and professionalism. The technical infrastructure appears minimal with SiteGround hosting but lacks DNSSEC and security headers. Overall, the site is not operational or publicly accessible, preventing a full assessment of business or security posture.

B

BTR Consulting s.r.o.

btrconsulting.cz

47

BTR Consulting s.r.o. is a specialized real estate consulting company focused on the Build to Rent segment in the Czech Republic. The company offers a comprehensive suite of services including project acquisition consulting, expert advice, marketing strategies, property management, rental services, construction optimization, and furnishing of rental apartments. Their target audience includes investors, developers, and small companies seeking tailored real estate solutions. The website reflects a boutique service provider with a strong emphasis on quality and long-term client relationships. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates Google Analytics and reCAPTCHA for analytics and security. The site is mobile-optimized and uses security best practices such as HTTPS and security headers. However, it lacks explicit cookie consent mechanisms and dedicated security or incident response policies. Overall, the website is professional, trustworthy, and well-aligned with the company's business model and market position.

M

MS Group

wemakespaces.archi

49

MS Group operates the website 'We Make Spaces - MS Architekti', an established architectural studio based in the Czech Republic since 1990. The company specializes in architectural design, urban planning, and realization of various projects including residential, commercial, and public spaces. The website presents a professional image with a clear focus on their services and portfolio, targeting clients seeking architectural and urban planning expertise. Technically, the site uses a moderate technology stack including Bootstrap, jQuery, Google Analytics, and Hotjar for analytics and user behavior tracking. The site is mobile optimized and has good SEO practices but lacks visible privacy and cookie policies, which is a compliance concern. Security posture is moderate with HTTPS usage but no detected security headers or explicit security policies. WHOIS data is unavailable due to privacy protection and malformed WHOIS response, limiting domain registration transparency. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security best practices.

S

Srdce na dlani, nadační fond

srdcenadlani.cz

48

Srdce na dlani is a Czech non-profit foundation dedicated to supporting children from children's homes through motivational programs, assistance for independent living, and educational activities. The organization has a clear mission and a network of partners, with a website that reflects its charitable focus and community engagement. The site provides contact information and showcases partner logos, indicating established relationships within the sector. Technically, the website employs modern web technologies including Google Tag Manager and Google Analytics for tracking, along with jQuery and Lightbox for UI enhancements. The site is mobile-optimized and features good navigation and content structure, although some accessibility features could be improved. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and does not expose sensitive data, but lacks visible security headers and explicit privacy or cookie policies. The absence of WHOIS data limits domain legitimacy verification, which slightly reduces trustworthiness. No incident response or security policy information is published, which could be improved to enhance transparency and compliance. Overall, the website is professional and trustworthy for its non-profit purpose, but would benefit from enhanced privacy compliance documentation, improved security headers, and verified domain registration information to strengthen its security posture and business credibility.

1

1001coques

1001coques.fr

46

1001coques is a French e-commerce retailer specializing in mobile phone cases and accessories, offering a large catalog of over 100,000 references. The website targets consumers owning mobile phones and tablets, providing a variety of products including personalized cases and gift cards. The platform is built on PrestaShop and integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and Hotjar. The site is professionally designed with good mobile optimization and clear navigation. Security measures include HTTPS and standard security headers, but there is no publicly available security policy or incident response information. WHOIS data is unavailable, which raises some concerns about domain transparency, though the site appears legitimate and operational.

The website godefense.fr is currently inaccessible due to a Cloudflare Turnstile security challenge page, which blocks direct access to its content. As a result, no business descriptive content, contact information, or compliance documentation is available for analysis. The domain is registered since 2013 with Scaleway as registrar, indicating a legitimate and established registration. However, the lack of accessible content limits the ability to assess the company's market position, services, or technical maturity. The technical infrastructure includes Cloudflare security mechanisms but no visible CMS or analytics tools. Security posture is difficult to evaluate fully due to blocked content, but the presence of Cloudflare WAF indicates some level of protection. Overall, the site scores low on content quality and privacy compliance due to inaccessibility, with recommendations to reduce blocking for better transparency and trust.

U

Unecuillerepourdoudou

unecuillerepourdoudou.com

48

Unecuillerepourdoudou is a French e-commerce retailer specializing in birth gifts, wooden toys, and organic comforters for babies. The website presents a well-structured, professionally designed platform built on the PrestaShop CMS, targeting parents and gift buyers in the baby products niche. The company offers a curated selection of high-quality products with a focus on originality and eco-friendly materials. Technically, the site uses modern web technologies including Google Fonts, FontAwesome, Facebook Pixel for marketing, and Piwik (Matomo) for analytics. The site is mobile-optimized and provides a good user experience with clear navigation and product presentation. Security-wise, the site enforces HTTPS and avoids exposing sensitive data, but lacks some recommended security headers and visible privacy or cookie policies, which are important for GDPR compliance. The WHOIS data for the domain is missing, which raises questions about domain registration legitimacy, though the website content and HTTPS presence suggest a legitimate business. Overall, the site scores well on content and technical implementation but needs improvements in privacy compliance and domain registration transparency.

T

TOMPRINT

tomprint.cz

48

TOMPRINT is a Czech-based company specializing in textile printing and promotional product services, including screen printing, digital printing, sublimation, embroidery, and advertising production. With an established presence of approximately 35 years, they serve both business and individual customers through a physical location in Prague and an online e-shop. The website reflects a professional and customer-focused business with clear contact information and positive customer testimonials. Technically, the site uses modern web technologies and tracking tools such as Google Tag Manager and analytics scripts, with a cookie consent mechanism implemented to comply with privacy regulations. However, the absence of a published privacy policy and terms of service, along with missing WHOIS registration data, presents gaps in transparency and trust. Security posture is moderate, with HTTPS implied but no visible security headers or incident response information. Overall, the site is functional, safe, and well-designed but would benefit from enhanced compliance and security documentation.

A

AiVision, s.r.o.

paper.cz

47

Paper.cz is a Czech Republic-based e-commerce retailer specializing in paper goods, gift wrapping, party supplies, stationery, and related products. The company operates both online and through multiple physical retail locations in Czech cities such as Třinec, Nový Jičín, Prostějov, Havířov, Frýdek-Místek, and Jablunkov. The website offers a broad product range including creative materials, decorations, seasonal goods, and school supplies, targeting general consumers and event organizers. The business model focuses on direct online sales complemented by physical stores, positioning Paper.cz as a significant distributor in its market segment.

V

VORWERK CS k.s.

vorwerk.cz

48

Vorwerk Czech Republic operates a professional and well-established website focused on retailing household appliances, specifically vacuum cleaners under the Kobold brand and kitchen appliances under the Thermomix brand. The company has a strong market presence in the Czech Republic, supported by a comprehensive e-commerce platform and customer service infrastructure. The website demonstrates good content quality, clear navigation, and consistent branding, targeting consumers interested in home cleaning and cooking solutions. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google Tag Manager, with a custom e-commerce CMS (AiShop). Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is well addressed with accessible privacy and cookie policies. Overall, the site reflects a mature digital presence aligned with business goals.

The website isl2025lymphology.org serves as the official platform for the 30th World Congress of the International Society of Lymphology (ISL) scheduled for October 2025 in Antalya, Turkey. It targets medical professionals, researchers, and clinicians specializing in lymphology, providing comprehensive event information including scientific programs, workshops, registration, and social activities. The business model centers on event organization and promotion within the healthcare sector, positioning itself as a specialized international congress organizer. Technically, the site employs a modern frontend stack including Bootstrap, jQuery, Font Awesome, and various UI enhancement libraries such as Owl Carousel and AOS for animations. The site is mobile optimized and uses HTTPS with Google reCAPTCHA for form security. However, it lacks DNSSEC, security headers, and visible privacy or cookie policies, indicating room for improvement in security and compliance maturity. From a security perspective, the site benefits from HTTPS and anti-bot measures but misses critical security headers and formalized privacy and incident response policies. The WHOIS data shows a recently registered domain consistent with the event timeline but with an unclear registrant name, slightly reducing trust. No signs of malicious content or blocking mechanisms were detected. Overall, the site is professionally designed and functional with moderate security posture and limited privacy compliance. Strategic improvements in policy publication, security headers, and registrant transparency would enhance trust and compliance.

I

InsiderData360

insiderdata360online.com

45

InsiderData360 operates a proprietary dashboard platform, likely focused on data analytics or business intelligence services. The website serves primarily as a login portal for authorized users to access the dashboard. The business appears to be a small technology company founded around 2018, with claims of proprietary technology protected by patents. The platform targets business users requiring data insights and dashboard services. Technically, the website uses modern web technologies including Bootstrap, Chartist.js, Moment.js, and integrates Calendly for scheduling. The site is basic in design and functionality, optimized for desktop and mobile with minimal content beyond the login form. Security posture is moderate but lacks advanced protections such as security headers, CSRF tokens, and CAPTCHA on login forms. No privacy or cookie policies are present, indicating limited compliance with privacy regulations. The domain registration is consistent and stable, supporting legitimacy. Overall, the site is functional but could benefit from enhanced security and compliance measures.

The website ethicalfactorrx.com is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. This prevents any direct analysis of business offerings, contact information, or compliance documentation. The domain is registered with GoDaddy.com, LLC since 2011, indicating a stable registration history, but no registrant organization details are publicly available. The lack of DNSSEC and security headers, combined with the blocked content, results in a low security posture. No privacy, cookie, or terms of service policies are present, and no contact or social media information is found. Overall, the site appears inactive or restricted, limiting trust and credibility assessments.

P

Plus Production Prague s.r.o.

plusproduction.cz

46

Plus Production Prague s.r.o. is a Czech-based company specializing in outdoor LED advertising, offering strategically located LED screens primarily in Prague and select regional cities. The company provides high-impact advertising solutions with a focus on maximizing daily reach and visibility for clients. Their business model revolves around renting advertising space on LED screens and supporting clients with production and campaign services. The website reflects a professional and consistent brand image, targeting advertisers and marketing agencies seeking effective outdoor media solutions. Technically, the website is built on WordPress with Elementor and incorporates modern SEO and privacy compliance tools, including GDPR cookie consent management. Security posture is strong with HTTPS, security headers, and reCAPTCHA integration, though explicit security policies and incident response information are absent. Overall, the site is well-structured, user-friendly, and compliant with privacy regulations, supporting a trustworthy online presence for the business.

K

Kine-MAX, Erawan s.r.o.

kine-max.cz

45

Kine-MAX, operated by Erawan s.r.o., is a specialized healthcare and sports product company based in the Czech Republic. The company focuses on manufacturing and retailing kinesiology tapes, bandages, massage tools, and related physiotherapy products. Their market position is niche, targeting healthcare professionals, sportsmen, and physiotherapists, supported by an e-commerce platform and partnerships with sports clubs. The website is professionally designed using WordPress CMS with modern plugins and integrates Google Maps for location display. The technical infrastructure is moderate in performance with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies. WHOIS data is missing, which impacts domain trustworthiness. Overall, the website is functional and trustworthy but could improve privacy compliance and security transparency.

V

VARTA AG

varta.cz

47

VARTA AG is a well-established European leader in battery technology and energy storage solutions, with a history dating back to 1887. The company operates multiple divisions including Consumer Batteries, Micro Batteries, and Lithium-Ion technologies, with a significant automotive battery division owned by Clarios LLC. The website reflects a professional corporate presence with detailed business and contact information, targeting both consumers and industrial clients. Technically, the site uses TYPO3 CMS and integrates Matomo analytics for privacy-conscious tracking, alongside Google reCAPTCHA for form security. Security posture is generally strong with HTTPS enforced, though the absence of security headers and privacy policies indicates room for improvement. The missing WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the detailed corporate disclosures on the site.

R

Rukavice Espeon

espeon.cz

48

Rukavice Espeon operates a specialized e-commerce platform focused on selling disposable gloves tailored to various professional sectors such as food industry, healthcare, beauty salons, cleaning, fine work, and automotive. The website is well-structured, professionally designed, and targets primarily Czech-speaking professionals and businesses requiring protective gloves. The business model is retail e-commerce with a niche specialization, supported by customer reviews and clear contact information enhancing trust. Technically, the website leverages the Shoptet e-commerce platform with a modern tech stack including jQuery, Google Analytics (both UA and GA4), Microsoft Clarity, Facebook SDK, and various performance and UX enhancing libraries. The site is mobile optimized, accessible, and SEO friendly, with a moderate performance profile. Hosting appears to be via Shoptet's CDN and Cloudfront. From a security perspective, the site enforces HTTPS and uses CSRF tokens on forms, along with cookie consent mechanisms aligned with GDPR. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected, suggesting room for improvement. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website presents a low-risk profile with good privacy compliance and business credibility, though the absence of WHOIS data reduces domain trustworthiness. Strategic recommendations include enhancing security headers, verifying domain registration details, and maintaining up-to-date third-party libraries to sustain security and compliance.

Q

QUARTIS, s.r.o.

batavan.cz

47

Batavan.cz is a Czech cosmetics brand with over 20 years of history, operated by QUARTIS, s.r.o. The company specializes in manufacturing and retailing cosmetic products including foot care, body care, anti-cellulite, and spa products. The website is professionally designed using WordPress with WooCommerce and Elementor, supporting multiple languages and providing a smooth user experience. The business targets general consumers interested in wellness and beauty products within the Czech Republic. The site includes comprehensive privacy and cookie policies, with a consent mechanism compliant with GDPR. Contact information and company registration details are clearly presented, enhancing trust and credibility. Technically, the site uses modern web technologies and integrates Google Analytics and Facebook SDK for marketing and analytics purposes. Security posture is good with HTTPS enforced, though some security headers could be improved. No signs of blocking or WAF interference were detected, and the domain registration data aligns well with the business claims, supporting legitimacy.

F

Fomei s.r.o.

fomei.cz

45

Fomei s.r.o. is a Czech-based company specializing in the supply and support of high-quality diagnostic medical devices and software solutions, including mammography, X-ray, MRI, and veterinary medical equipment. The company serves healthcare providers and diagnostic professionals, positioning itself as a trusted regional partner with established manufacturer relationships. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its target audience. Technically, the website employs a moderate technology stack including jQuery, Lightbox, Google Analytics, and a proprietary CMS. It is mobile-optimized and uses HTTPS, but lacks some modern security headers and cookie consent mechanisms, indicating room for improvement in security and privacy compliance. Performance is moderate with good SEO and accessibility basics. From a security perspective, the site shows a solid baseline with HTTPS and no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS data and security headers reduces overall trustworthiness. Privacy compliance is partial, with a privacy policy present but no cookie consent banner. No incident response or security policy information is publicly available. Overall, the site is professional and trustworthy for its business domain but would benefit from enhanced transparency in domain registration, improved security headers, and stronger privacy compliance to reduce risk and increase user trust.

P

Podiart Kft.

podiart.hu

49

Podiart Kft. operates a Hungarian-language website focused on foot health services and retail products, including computerized foot examinations, custom insoles, therapeutic slippers, and footwear. The company appears to be a small-sized healthcare retail and service provider established in 2010, with a consistent domain registration history. The website is built on WordPress with WooCommerce, leveraging modern plugins and tracking technologies such as Google Analytics, Facebook Pixel, and Cookiebot for cookie consent management. While the site uses HTTPS and integrates multiple analytics and marketing tools, it lacks explicit privacy policy and terms of service pages, which are critical for GDPR compliance and user trust. Security headers are not explicitly visible, and no incident response contacts or vulnerability disclosures are provided, indicating room for improvement in security posture and transparency.

E

Extra Publishing, s. r. o.

casopisrozmarynka.cz

41

Rozmarýnka is a Czech children’s magazine published by Extra Publishing, s. r. o., offering creative and educational content for children and families. The website serves as a digital platform for magazine issues, creative tasks, coloring pages, and subscription information. It targets a niche market of young readers and their parents in the Czech Republic. The business model revolves around content publishing, subscription sales, and advertising partnerships. The site maintains a consistent brand presence with active social media channels and a user-friendly design.

N

Nadační fond Mathilda

mathilda.cz

43

Nadační fond Mathilda is a Czech non-profit foundation dedicated to supporting people with severe visual impairments primarily through the training of guide dogs and related social services. Established in 2010 and named after its patron Mathilda Nostitzová, the foundation has successfully trained over 110 guide dogs and offers a variety of projects including social rehabilitation, digital libraries, and cultural activities. The website reflects a well-established organization with a clear mission and active community engagement. Technically, the site is built on WordPress using Elementor and WooCommerce, optimized for performance and mobile devices, and employs modern security practices such as HTTPS and security headers. However, it lacks a cookie consent mechanism and explicit security or incident response policies, which are recommended for full GDPR compliance and enhanced trust. Overall, the site is professional, trustworthy, and serves its target audience effectively.

E

emocio s.r.o.

powerjoga.sk

44

Powerjoga Akadémia Slovensko is a small educational organization specializing in yoga training and instructor certification in Slovakia. The website presents a clear focus on yoga philosophy, practical training, and seminars, targeting yoga practitioners and aspiring instructors. The business maintains a network of related partner sites in the Czech Republic and Slovakia, enhancing its regional presence. Technically, the website uses legacy JavaScript libraries alongside modern analytics and cookie consent tools, indicating moderate digital maturity. The site is mobile-optimized with a good user experience but could benefit from modernization of its tech stack and improved accessibility features. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and uses outdated libraries, posing potential risks. Privacy compliance is well addressed with a clear cookie consent banner and a privacy policy in Slovak. Overall, the website is professional and trustworthy but should address technical and security improvements to enhance resilience and compliance.

S

Skorošice ubytování

skorosiceubytovani.cz

40

Skorošice ubytování is a small hospitality business offering apartment rental accommodation in the Jeseníky mountain region of the Czech Republic. The website presents a family-friendly lodging option with amenities such as a garden, children's play area, and bike storage, targeting tourists interested in hiking and cycling. The business operates seasonally and emphasizes a peaceful natural environment. Technically, the website uses modern frontend technologies including Bootstrap, jQuery, and FontAwesome, with additional features like live chat and Google reCAPTCHA for security. However, the absence of WHOIS data and lack of privacy and cookie policies indicate gaps in compliance and trust verification. Security posture is moderate with HTTPS usage but missing security headers and limited vulnerability mitigation measures. Overall, the website is functional, professional, and safe for general audiences but would benefit from enhanced privacy compliance and security hardening.

České modelky s.r.o. is a Czech Republic based modeling and hostess agency established in 2006, offering a wide range of services including hostesses, photo modeling, fashion shows, casting organization, and photo competitions. The company maintains a large database of over 22,000 models and operates multiple partner sites across Europe. The website is professionally designed with good content quality and moderate technical implementation, leveraging technologies such as jQuery, Google Analytics, and Google reCAPTCHA. Security posture is adequate with HTTPS enabled but lacks several important security headers. Privacy compliance is limited due to absence of explicit privacy and terms of service pages, though cookie consent is implemented. Overall, the business appears legitimate and well-established with a moderate risk profile.

The website vpn-streaming.com is an informational platform in French focused on educating users about the benefits and usage of VPNs for streaming video content. It targets French-speaking users seeking to bypass geo-restrictions and enhance privacy while streaming. The site primarily recommends third-party VPN providers such as ExpressVPN, NordVPN, and CyberGhost through affiliate links, without offering its own VPN service. Technically, the site uses common frontend technologies including Bootstrap, jQuery, OwlCarousel, and FontAwesome, delivering a moderately optimized and mobile-friendly experience. However, it lacks advanced SEO and accessibility features. Security posture is weak due to missing HTTPS verification, absence of security headers, and no visible privacy or cookie policies. The WHOIS data is unavailable, raising concerns about domain registration legitimacy. Overall, the site is safe for general audiences but requires improvements in security, privacy compliance, and business transparency to enhance trust and credibility.

I

Idea Books

ideabooks.nl

46

Idea Books is a specialized wholesaler and distributor of books, magazines, and exhibition catalogues focused on architecture, art, photography, design, fashion, and film. Established in 1976 and based in the Netherlands, it serves a niche market including book retailers and cultural institutions. The website reflects a professional e-commerce platform built on Shopware 6, featuring a catalog of products and a clean, navigable design optimized for mobile devices. Technical infrastructure includes modern web technologies and Google Tag Manager for analytics. Security posture is solid with HTTPS enforced and no obvious vulnerabilities, though explicit security headers and privacy policies are lacking. Overall, the site is trustworthy and well-positioned in its market segment but would benefit from enhanced privacy compliance and clearer contact information.

P

Paon diffusion

paon-diffusion.com

40

Paon diffusion is a French small business operating an e-commerce website primarily built on WordPress with WooCommerce and the Divi theme. The site targets retail customers in France, offering products through an online storefront. The technical infrastructure is modern and leverages popular CMS and e-commerce plugins, with hosting provided by OVH sas, a reputable provider. The website demonstrates moderate performance and good mobile optimization, though accessibility features are basic. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC, indicating room for improvement. No privacy or cookie policies were detected, which is a compliance gap. Overall, the site appears legitimate and functional but would benefit from enhanced security and privacy measures.

A

Agence Parisienne du Climat

adaptaville.com

45

Adaptaville is a French non-profit platform initiated by the Agence Parisienne du Climat, dedicated to cataloging and promoting ecological adaptation solutions to climate change specifically for the Île-de-France region. The website serves as a resource hub for local authorities, policymakers, and environmental actors to access proven solutions such as vegetation, water management, and urban cooling techniques. The platform emphasizes facilitating the replication of these solutions through public policies at various administrative levels. Technically, the website employs a custom CMS with modern JavaScript libraries including jQuery and Lucide icons, and integrates privacy-focused analytics via Plausible. The site is mobile-optimized with good SEO practices and a professional design, though some accessibility features could be enhanced. Security posture is solid with HTTPS enforced, but lacks some security headers and explicit cookie consent mechanisms. From a security and compliance perspective, the site does not expose sensitive data and uses secure forms, but it lacks a published security policy, incident response contacts, and vulnerability disclosure mechanisms. WHOIS data for the domain is unavailable, which slightly impacts trust but the professional presentation and partnerships mitigate concerns. Overall, the site is trustworthy, well-maintained, and serves a clear public interest mission. Recommendations include implementing security headers, adding cookie consent for GDPR compliance, publishing a security policy, and enhancing contact transparency to improve user trust and regulatory adherence.

M

Město Třebíč

trebic.cz

49

The website www.trebic.cz serves as the official digital presence of the city of Třebíč, Czech Republic. It provides comprehensive information and services for residents, tourists, and local businesses, including municipal news, event updates, electronic citizen services, and urban development projects. The site is well-structured and targets a broad audience interested in local government and community activities. Technically, the site uses a custom CMS platform (Vismo) and integrates several Google services such as Analytics, Tag Manager, reCAPTCHA, and Translate. The website is mobile-optimized, accessible, and includes cookie consent mechanisms compliant with GDPR. Performance is moderate with good SEO and accessibility features. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for form protection. However, it lacks visible security headers and does not publish formal security or incident response policies. No vulnerability disclosure or security.txt files are present, which could be improved to enhance transparency and security posture. Overall, the website is trustworthy and professional, with clear contact information and official branding. The absence of WHOIS data limits domain trust assessment but does not detract from the site's legitimacy as a government portal. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to strengthen security and compliance.

S

Stellplatz Lednice s.r.o.

stellplatzlednice.cz

47

Stellplatz Lednice s.r.o. operates a specialized hospitality business offering a peaceful camping site in the heart of the Lednicko-valtický wine region in the Czech Republic. The business integrates camping services with a winery experience, including wine tastings, tours, and a bistro serving regional specialties. The website is professionally designed using WordPress and Elementor, providing multilingual support and clear navigation. Contact information and partner affiliations are prominently displayed, enhancing trust and business credibility. Technically, the site uses modern web technologies and tracking tools such as Google Tag Manager and Facebook Pixel, with HTTPS enabled and basic security practices in place. However, explicit security policies and incident response information are absent, representing an area for improvement. Overall, the website presents a legitimate, small-sized hospitality business with a good security posture and compliance with privacy regulations.

H

HZ Hotel s.r.o.

chateaudefrontiere.com

47

Chateau de Frontiere is a luxury 4-star hotel resort located in South Moravia, Czech Republic, within the UNESCO-listed Lednicko-valtický area. The business offers upscale accommodation, wellness, fine dining through its restaurants ESSENS and Chateau Petit, wine cellar experiences, and event hosting services. The website is professionally designed with multilingual support and integrated booking functionality, reflecting a mature digital presence. Technically, the site uses modern libraries and tracking tools but lacks some advanced security headers and explicit incident response information. The security posture is adequate with HTTPS and cookie consent mechanisms but could be improved with additional security best practices. WHOIS data is missing, which slightly reduces trustworthiness, but the overall business credibility is high due to clear contact information, social media presence, and external references.

I

IndyMotion

indymotion.fr

48

IndyMotion is an independent French-language PeerTube instance offering free and unlimited video hosting access primarily to individuals and organizations with a non-profit focus. The platform leverages the open-source PeerTube technology to provide decentralized video streaming and live chat capabilities. The website presents a consistent brand and clear business purpose, targeting the French-speaking community interested in alternative video hosting solutions. Technically, the site uses modern web technologies including Angular and PeerTube version 7.3.0, hosted on Scaleway infrastructure in France. The platform supports advanced video streaming features such as HLS and WebRTC, ensuring a good user experience across devices. Security-wise, the site enforces HTTPS and avoids exposing sensitive data, but lacks explicit security headers and formal privacy or cookie policies, which are areas for improvement. Overall, the domain registration data aligns well with the website content, indicating legitimacy and transparency. The site is safe for general audiences with no adult or explicit content detected.

The website yottlyscript.com currently returns a 404 error page with no accessible content, metadata, or business information. The domain is registered with GoDaddy.com, LLC since 2015 and is valid until 2028, indicating a potentially legitimate registration. However, the absence of any visible website content or contact details severely limits the ability to assess the business or its market position. Technically, the site lacks HTTPS and security headers, and no privacy or cookie policies are present, indicating a low digital maturity and poor security posture. Overall, the site appears inactive or improperly configured, posing a risk to trust and credibility.

The website www.doutniky-humidory-prislusenstvi.cz appears to be an e-commerce platform focused on selling tobacco-related products such as cigars, humidors, and pipes. The site content is minimal, primarily consisting of a placeholder image with a clickable map and basic metadata describing the business. The lack of WHOIS data and registrant information limits the ability to verify the domain's legitimacy and history. Technically, the site uses common libraries such as Bootstrap, jQuery UI, and Google Analytics, but lacks visible security headers and privacy compliance documentation. The security posture is weak due to missing HTTPS confirmation and absence of security best practices. Overall, the site presents a low trust profile with poor content quality and minimal business transparency.

C

CLOUDMC

cloudmc.cz

46

CLOUDMC is a Czech-based media and web services provider specializing in cloud-hosted websites and a network of local city portals. Founded in 2014, the company operates multiple thematic and city-focused portals, targeting a general Czech audience. It also offers web development and AI training services through partner sites. The website demonstrates a good level of content quality, consistent branding, and a clear navigation structure optimized for mobile devices. Technically, it uses modern frontend technologies such as Tailwind CSS, Leaflet.js for maps, and Google Tag Manager for analytics. Security posture is moderate with HTTPS implied but lacks explicit security headers and has minor PHP code notices. Privacy compliance is well addressed with a cookie consent mechanism and links to GDPR and terms of service pages. Overall, the site is legitimate, stable, and professionally maintained, though improvements in security headers and code hygiene are recommended.

C

Czech Fashion Week

czechfashionweek.eu

44

Czech Fashion Week is a well-established fashion event and media platform based in the Czech Republic, focusing on organizing fashion shows, publishing interviews, news, and photo galleries related to the fashion industry. The website serves as a hub for event information, ticket sales, and partner promotion, targeting fashion enthusiasts and industry professionals. The business operates with a small-sized footprint and has been active since at least 2005, as indicated by copyright dates and content history. Technically, the website employs a modern technology stack including Bootstrap, jQuery, Google Analytics, Facebook SDK, and various tracking and marketing tools. It uses HTTPS with good SSL configuration and implements cookie consent mechanisms compliant with GDPR principles. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, use of Google reCaptcha for form protection, and cookie consent banners. However, it lacks explicit security headers and publicly available security or incident response policies. No critical vulnerabilities or exposed sensitive data were detected. The domain WHOIS information is privacy protected, which is common and justified for this type of business. Overall, the website presents a trustworthy and professional digital presence with moderate to good security and privacy compliance. Strategic improvements could include publishing explicit privacy and security policies, enhancing security headers, and providing incident response contact information to further strengthen trust and compliance.

Česká podologická společnost, z.s. is a Czech non-profit professional association dedicated to podology and pedicure care. The organization provides education, certification, events, and advocacy for professionals such as pedicurists and physiotherapists. The website reflects a well-structured and content-rich platform targeting healthcare professionals in the Czech Republic. Technically, the site uses legacy JavaScript libraries and the Nette framework, with moderate performance and basic mobile optimization. Security posture is adequate but could be improved by adding security headers and updating libraries. Privacy compliance is weak due to the absence of privacy and cookie policies. WHOIS data is missing, which raises concerns about domain legitimacy, though the website content and contact information appear professional and trustworthy. Overall, the site is functional and serves its audience well but requires improvements in security and compliance to enhance trust and protection.

E

Estetica Magazine

estetica.it

38

Estetica.it is a well-established digital magazine focused on the Italian hairdressing industry, providing news, trends, product information, and educational content. It serves a professional audience of hairdressers and industry stakeholders, positioning itself as a leading media outlet in this niche. The website is part of a broader international media network with sister sites targeting multiple countries. Technically, the site is built on WordPress with modern plugins and SEO tools, ensuring good performance and search visibility. Security posture is strong with HTTPS, security headers, and GDPR-compliant cookie management. No critical vulnerabilities or blocking mechanisms were detected, indicating a mature and secure digital presence. Overall, Estetica.it demonstrates a professional, trustworthy, and user-friendly platform with effective business and technical implementations.

R

restartuj s.r.o.

fanonline.cz

38

FANonline.cz is a Czech cultural and entertainment website operated by restartuj s.r.o., providing event listings, club and cinema information, and contests primarily targeting the Prague region. The site serves as a local media platform with advertising partnerships and a modest user base. Technically, the website uses basic JavaScript and jQuery libraries along with Google Analytics for tracking. The site lacks modern CMS indications and shows limited mobile optimization and accessibility features. Security posture is weak due to missing HTTPS confirmation and absence of security headers or privacy policies. The WHOIS data is unavailable, which raises concerns about domain registration legitimacy, although the presence of company contact information partially mitigates trust issues. Overall, the site is functional but requires improvements in security, privacy compliance, and technical modernization.

Zpravodajství Online is a Czech media and digital marketing company operating a network of over 60 local and niche portals. The company focuses on helping entrepreneurs and businesses grow their online presence through strategic content, SEO, and marketing services. Their offerings include web development, AI training, and extensive local media coverage. The website demonstrates a mature digital infrastructure using modern frontend technologies and provides a comprehensive user experience with clear navigation and responsive design. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and incident response details are missing. Overall, the site is professional, trustworthy, and well-positioned in its market segment.