High-risk security reports

S

Svět notebooků

svetnotebooku.cz

39

Svět notebooků is a Czech language media website specializing in news, reviews, and insights about notebooks and related technology. The site targets technology enthusiasts and notebook users primarily in the Czech Republic. It operates on a WordPress CMS platform with modern web technologies and integrates Google Analytics for visitor tracking. The website presents professional content with good design and navigation, optimized for mobile devices. However, it lacks published privacy and cookie policies, which are critical for GDPR compliance and user trust. Security practices are basic, with HTTPS enabled but missing important security headers and incident response information. Overall, the site is legitimate and functional but would benefit from enhanced privacy and security measures.

M

Mělnická zdravotní, a. s.

nemocnice-neratovice.cz

43

Nemocnice Mělník is a regional healthcare provider in the Czech Republic offering a wide range of medical services including surgery, gynecology, radiology, and rehabilitation. The hospital operates under the parent company Group Mediterra and maintains a network of related hospitals and clinics. The website is professionally designed, targeting patients and regional healthcare consumers, providing detailed information about ambulances and departments. Technically, the site is built on WordPress with modern tracking and analytics tools, and it is mobile optimized with good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policies and incident response information. The absence of WHOIS data reduces domain trustworthiness, but the overall business credibility remains high due to comprehensive contact information, certifications, and social media presence. Strategic recommendations include enhancing security headers, publishing security policies, and verifying domain registration details to improve trust.

M

Mělnická zdravotní, a. s.

nemocnice-melnik.cz

44

Nemocnice Mělník is a significant multidisciplinary regional hospital in the Středočeský kraj of the Czech Republic, serving approximately 110,000 residents. It offers a broad spectrum of healthcare services including acute 24-hour care across multiple specialties such as surgery, traumatology, orthopedics, internal medicine, gynecology, neonatology, neurology, infectious diseases, anesthesiology, and rehabilitation. The hospital is part of the Group Mediterra healthcare network, which manages several related healthcare facilities and clinics. The website reflects a professional healthcare provider with comprehensive patient resources and clear communication channels. Technically, the website is built on WordPress and employs modern web technologies including jQuery, Owl Carousel, and Google Analytics for tracking. It uses HTTPS with strong SSL configuration and implements cookie consent mechanisms aligned with GDPR requirements. The site is mobile-optimized and provides good SEO and accessibility features, although some accessibility improvements could be made. From a security perspective, the website enforces HTTPS, uses security headers, and has secure contact forms. However, it lacks a publicly available security policy, incident response information, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy with consistent registrant information matching the healthcare entity's claims. Overall, Nemocnice Mělník's website demonstrates a high level of professionalism, security, and compliance suitable for a healthcare provider. Strategic recommendations include publishing a security policy, incident response contacts, and vulnerability disclosure information to enhance trust and security posture further.

G

Group Mediterra a.s.

mediterra.cz

49

Group Mediterra a.s. is a Czech healthcare group operating multiple hospitals, clinics, and a medical secondary school, providing comprehensive healthcare services including preventive, acute, and follow-up care. The group serves both domestic patients under public health insurance and international patients seeking specialized medical procedures. The website is professionally designed using WordPress CMS with modern technologies and offers multilingual support. It implements GDPR-compliant privacy and cookie policies with user consent mechanisms. Security posture is good with HTTPS and reCAPTCHA but lacks some advanced security headers and explicit security policies. WHOIS data is unavailable, which reduces domain transparency but the website content and business information appear legitimate and trustworthy.

H

Hochschulrektorenkonferenz (HRK)

hrk.de

39

The Hochschulrektorenkonferenz (HRK) is a prominent voluntary association representing state and state-recognized universities in Germany, encompassing 268 member institutions and covering approximately 94% of German students. The website serves as a comprehensive information hub for higher education stakeholders, offering news, policy positions, event information, and resources related to university governance and research. The HRK holds a leading position in the German higher education landscape, acting as a key coordination and advocacy body. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including JavaScript and SVG for graphics. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Privacy-conscious analytics via Piwik are implemented with cookies disabled, reflecting a commitment to user privacy. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a published security policy or incident response contacts, which are recommended for enhanced security posture. The absence of a cookie consent mechanism is a minor compliance gap given GDPR requirements. Overall, the HRK website is professional, trustworthy, and well-maintained, with strong content quality and business credibility. Strategic improvements in security headers, cookie consent, and incident response transparency would further strengthen its security and compliance stance.

The Berlin University Alliance is a prominent academic consortium of four major Berlin universities and university medical centers, established in 2011. It focuses on collaborative research addressing global societal challenges, knowledge exchange, promoting academic talent, sharing research resources, and fostering international partnerships. The alliance is well-positioned as a leading academic excellence network in Germany, supported by government funding and strategic collaborations such as with the University of Oxford. Technically, the website is built on the Infopark CMS Fiona platform using Ruby on Rails, with modern web standards including responsive design and accessibility features. The site performs moderately well with good SEO and mobile optimization, though some improvements in performance and security headers could be made. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and does not provide a public security policy or incident response information. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, but no cookie consent mechanism is present. Overall, the website is professional, trustworthy, and safe, serving its academic audience effectively. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing security and vulnerability disclosure policies to further strengthen trust and compliance.

Lékárna PILULKA is a well-established local pharmacy based in Brno, Czech Republic, with over 20 years of experience. The company offers a broad range of pharmaceutical services including individually prepared medicinal products, veterinary products, diagnostic tests, and medicinal cannabis. They operate both a physical pharmacy and an e-shop, targeting local customers seeking professional pharmaceutical care and products. The website is professionally designed with clear navigation and multilingual support via Google Translate. Technically, it uses a custom CMS and modern JavaScript libraries, providing a moderate performance and good mobile optimization. Security posture is moderate with HTTPS implied but lacks visible security headers and formal privacy or cookie policies. WHOIS data is missing, which raises concerns about domain transparency and trustworthiness. Overall, the business appears credible and professional but would benefit from enhanced security and compliance disclosures.

K

Kožní Brno - Mudr. Lucie Haklová

koznibrno.cz

39

Kožní Brno is a specialized dermatology clinic operated by MUDr. Lucie Haklová, located in the modern Konstancie medical facility in Brno-Komín, Czech Republic. The clinic offers comprehensive dermatological and cosmetic skin care services including medical examinations, removal of skin lesions, botulinum toxin treatments, dermapen procedures, and other advanced skin therapies. The website targets local patients seeking professional dermatological care and cosmetic procedures. The business operates as a small healthcare provider with a clear focus on quality and patient care. Technically, the website is built on LuckyWonder CMS 3.0 and uses common web technologies such as Bootstrap, jQuery, and nanogallery2 for galleries. It includes Google Maps integration for location display. The site is mobile optimized with a clear navigation structure and professional design. However, performance is moderate and accessibility features are basic. SEO optimization is minimal with missing meta descriptions and keywords. From a security perspective, the site lacks visible security headers and there is no evidence of HTTPS enforcement in the provided data. No privacy or cookie policies are published, indicating compliance gaps with GDPR and related regulations. No WHOIS data is available, which limits domain legitimacy verification and reduces trustworthiness. No analytics or tracking scripts are detected, suggesting minimal user tracking. Overall, the website is functional and professional for its healthcare niche but would benefit from improved security practices, published privacy and cookie policies, and domain registration transparency to enhance trust and compliance.

P

PainCare | Home

paincare.cz

43

PainCare is a small healthcare-focused organization dedicated to providing quality health information and education related to pain treatment for both professional and lay audiences. Their business model centers on creating educational projects and offering corporate training in pain management. The website is professionally designed with clear navigation and good content relevance, targeting primarily Czech Republic users interested in healthcare education. Technically, the site uses modern frontend libraries such as jQuery, Bootstrap, and Slick Slider, but lacks a detected CMS or backend platform. Performance and mobile optimization are good, though accessibility and SEO are basic. Security posture is moderate with no HTTPS or security headers explicitly detected in the HTML content, and no privacy or cookie policies are present, indicating compliance gaps. WHOIS data is missing, which reduces trustworthiness and complicates domain legitimacy verification. Overall, the site is safe, professional, and focused on healthcare education but would benefit from improved security and compliance measures.

S

SvatbaTeam

svatbateam.cz

46

SvatbaTeam is a small, professional Czech wedding photography and videography business operating since 2012. They offer a range of services including wedding photography, videography, drone footage, and a photobooth service. Their market position is strengthened by their long-term experience, certification as drone pilots, and collaboration with Czech Television. Technically, the website is built on WordPress using Elementor and Yoast SEO, hosted by a Czech registrar WEDOS, and is well optimized for SEO and mobile devices. Security posture is good with HTTPS and cookie consent, though some security headers and formal policies are missing. Contact information is clearly provided, and social media presence is active on Facebook and Instagram. No blocking or WAF challenges were detected, and the domain registration data aligns well with the business claims, supporting legitimacy.

Event media s.r.o. is a Czech Republic based marketing company specializing in event organization and advertising services, particularly in sports event tours and dealer days. The company positions itself as a creative and reliable partner offering full-service marketing solutions to increase client revenue and brand awareness. The website reflects a small-sized business with a regional focus and a consistent brand presence. Technically, the website uses a variety of jQuery-based scripts and custom code hosted on Czech hosting infrastructure, with moderate performance and good mobile optimization. Security posture is basic, with cookie consent implemented but lacking advanced security headers and policies. No privacy policy or terms of service pages are present, which is a compliance gap. The domain registration data is consistent with the business claims and shows a mature domain age, supporting legitimacy. Overall, the website is functional and professional but could improve in privacy and security compliance.

ACTON s.r.o. is a Czech-based company established in 1993, providing a broad range of services primarily in real estate management, engineering, construction, and hospitality sectors. The company has evolved from property law consulting to a diversified service provider with local market presence in Prague and surrounding regions. The website reflects a small business with a focus on local clients including private individuals and municipal entities. Technically, the website is basic with standard HTML, CSS, and JavaScript usage, including Google Analytics for visitor tracking. However, it lacks modern CMS features and advanced technical frameworks. Security posture is moderate with no visible HTTPS confirmation or security headers, and no privacy or cookie policies are present, indicating compliance gaps. Contact information is limited to email and physical address without phone numbers or social media presence. Overall, the website is functional but would benefit from enhanced security, privacy compliance, and technical modernization.

S

Sociální poradní sbor (SOPOS)

sopos.cz

34

SOPOS is a newly established Czech non-profit organization focused on providing social and health advisory services to citizens navigating complex social systems. The website presents a clear mission, expert involvement, and community engagement through workshops and information sharing. Technically, the site is built on WordPress using the Genesis Framework and related plugins, delivering a good user experience with mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration data aligns well with the organization's claims, supporting legitimacy. Strategic improvements in privacy compliance and security policies would enhance trust and compliance.

V

Vanesta reklama s.r.o.

vanesta.cz

45

Vanesta reklama s.r.o. is a Czech-based advertising agency specializing in physical advertising solutions including graphic design, digital and large-format printing, production, and installation services. Established in 1991, the company serves a broad range of clients from small local businesses to larger companies across the Czech Republic. Their business model focuses on providing end-to-end advertising services with in-house production capabilities, enabling control over quality and delivery timelines. The website reflects a professional and consistent brand image with clear service offerings and contact channels.

Nartes.cz is the official website for Nartes, a brand of high-quality artesian spring water sourced from a protected underground source in the Nízký Jeseník foothills of the Czech Republic. The company, NUTREND D.S., a.s., markets this water as suitable for infant nutrition and offers various packaging options. The website positions Nartes as a premium water brand with exclusive access to a rare artesian source, supported by hydrogeologist endorsements and distribution partnerships with major retailers. Technically, the website uses modern JavaScript libraries and frameworks such as jQuery, Foundation, Owl Carousel, and Google Analytics for tracking. The site is mobile-optimized and well-structured, though it lacks a CMS and some advanced accessibility features. Security-wise, the site uses HTTPS and avoids exposing sensitive data but lacks visible security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Overall, the domain registration data is consistent and supports the legitimacy of the business. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and improving GDPR compliance to enhance trust and security posture.

The website at runto.eu is currently inaccessible to visitors, presenting a 403 Forbidden error page that blocks access to any substantive content. This indicates either a misconfiguration, restricted access policy, or security control preventing public viewing. Due to the lack of accessible content, no business description, contact information, or user engagement features are available. The domain is registered with a reputable Czech registrar, INTERNET CZ, a.s., but no further business details are disclosed on the site. Technically, the site lacks metadata, SEO tags, scripts, or analytics, and no security headers or privacy policies are present. This severely limits the ability to assess the website's digital maturity or security posture. Overall, the site appears to be either under maintenance, restricted, or improperly configured for public access.

E

EVENT Media a ontheSPOT

run-arena.cz

43

RUNaréna.cz is a Czech media website focused on running sports, providing a television magazine broadcast and an online archive of episodes and articles. The site targets running enthusiasts of all levels and operates as a niche media outlet under the parent company EVENT Media a ontheSPOT. The website is built on WordPress with modern front-end libraries and plugins, offering a good user experience and mobile optimization. However, it lacks key privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enabled but missing security headers and incident response information. WHOIS data is suspicious due to a future domain creation date and lack of registrant details, reducing trustworthiness. Overall, the site is professional and content-rich but requires improvements in privacy compliance and security transparency.

S

Studio Modern Creative

studiomc.cz

45

Studio Modern Creative is a Czech-based digital agency specializing in web development, e-commerce solutions, branding, and artificial intelligence integration. The company targets businesses and professionals seeking modern, responsive websites and online shops, supported by digital marketing and email campaigns. Their market position is that of an established small enterprise with a consistent brand and a professional online presence. Technically, the website uses modern frameworks such as Bootstrap and integrates analytics and marketing tools like Google Analytics and Facebook Pixel. The site is mobile optimized and demonstrates good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though additional security headers could enhance protection. The absence of WHOIS data limits domain legitimacy verification, but the website content and partner ecosystem support trustworthiness. Overall, the site is professional, compliant with GDPR, and provides clear contact channels.

P

PUBLICMC - moderní redakční systém

publicmc.cz

47

PUBLICMC is a Czech-based modern editorial content management system primarily serving regional and local news portals. The platform operates multiple city portals and offers services including web development and AI training through partner sites. The website is well-structured, mobile-optimized, and uses modern web technologies such as Tailwind CSS, Leaflet.js, and Google Tag Manager. The domain is long-established since 2008 and registered with a reputable Czech registrar, aligning with the website's Czech language and regional focus. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit incident response policies are absent. Privacy compliance is basic with a GDPR page present but no cookie consent mechanism detected. Overall, the site demonstrates good professionalism and trustworthiness within its niche.

T

Team BusinessMC

shopmc.cz

42

SHOPMC is a Czech-based e-commerce solutions provider specializing in modular and customizable online shop systems tailored to client needs. The company offers multiple system variants and rental options, including integrated web hosting and payment solutions. Their target audience includes businesses and entrepreneurs seeking professional e-shop platforms for both B2C and B2B markets. The website demonstrates a good level of digital maturity with modern front-end technologies such as Bootstrap and jQuery, responsive design, and integration of analytics and chat support tools. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure; however, the absence of security headers and explicit privacy policies indicates room for improvement. The lack of WHOIS data reduces trustworthiness from a domain registration perspective, but the presence of client testimonials and partner references supports legitimacy. Overall, the site is professional and functional but would benefit from enhanced privacy compliance and security transparency.

E

EXPOBEAUTY PRAGUE s.r.o.

worldofbeauty.cz

38

Beauty Expo CZ, operated by EXPOBEAUTY PRAGUE s.r.o., is a prominent organizer of international trade fairs focused on cosmetics, hairdressing, wellness, and spa industries in the Czech Republic. The website showcases a long history of events dating back to 2006, attracting over 350 exhibitors and 15,000 visitors, positioning itself as a leading event in its sector. The business model revolves around organizing exhibitions, competitions, and seminars to connect industry professionals and consumers. The target audience includes industry professionals, exhibitors, and visitors interested in beauty and wellness sectors. Technically, the website employs standard HTML, CSS, and JavaScript with jQuery plugins for slideshows, but lacks modern frameworks or CMS indications. The site shows moderate performance and basic mobile optimization.

Joe FIT is a Czech Republic-based fitness and bodybuilding center offering modern gym facilities, professional trainers, and personalized training and nutrition plans. The website presents a professional and welcoming environment targeting fitness enthusiasts of all levels. The business operates a small-scale fitness center with a focus on health, conditioning, and weight loss support. Technically, the website uses modern front-end technologies including Bootstrap, jQuery, and integrates Google Analytics and Facebook SDK for analytics and marketing. The site is mobile-optimized and includes a cookie consent mechanism, but lacks a published privacy policy and terms of service, which are important for compliance. Security posture is moderate with HTTPS enabled but missing explicit security headers and published security policies. WHOIS data is unavailable, which reduces domain trustworthiness, but the website content and social media presence support legitimacy. Overall, the site is functional and professional but would benefit from improved compliance documentation and enhanced security practices.

Dafit Motoracing is a specialized e-commerce retailer focused on motorcycle parts and accessories, serving primarily the Czech market. The website offers a broad catalog of products including fairings, tires, tuning parts, and accessories for various motorcycle brands such as Aprilia, BMW, Ducati, Honda, Kawasaki, KTM, MV Agusta, Suzuki, Triumph, and Yamaha. The business targets motorcycle enthusiasts and professional racers, positioning itself as a niche player in the transportation retail sector. The website is professionally designed with good navigation and content relevance, supporting a positive user experience.

M

MP TOBACCO s.r.o.

mptobacco.cz

46

MP TOBACCO s.r.o. operates as a specialized retailer focusing on premium tobacco products including cigars and humidors, targeting a mature adult audience primarily in the Czech Republic. The company emphasizes direct import of high-quality brands such as VAUEN and BOSSNER, positioning itself as a niche player in the tobacco retail market. The website supports this business model with product showcases, a blog, and a photo gallery to engage customers. Technically, the website employs a moderately modern technology stack including jQuery, Bootstrap, and multiple third-party analytics and chat services. The site is mobile-optimized and includes a cookie consent mechanism compliant with GDPR principles. However, the absence of detected security headers and incomplete WHOIS data indicate areas for improvement in security and transparency. From a security perspective, HTTPS is enabled and form spam protection via Google reCaptcha is present, but the lack of security headers and missing privacy policy reduce the overall security posture. No incident response or vulnerability disclosure information is provided, which could be a risk in case of security events. Overall, the website is functional and professionally presented but would benefit from enhanced security practices, improved transparency through WHOIS data and privacy policies, and clearer contact information to strengthen trust and compliance.

F

Fashion Models

fashion-models.cz

44

Fashion Models is a Czech Republic-based modeling agency website that showcases a variety of models, photographers, and fashion designers. The site offers services including model representation, portfolio creation, event organization, and photo editing. It targets models, fashion professionals, and clients seeking modeling services within the Czech market. The website is professionally designed with good content quality and consistent branding, supported by social media presence and partnerships with industry-related entities. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and Google Analytics, with mobile optimization and moderate performance. Security posture is adequate with HTTPS and CAPTCHA protections, but lacks some security headers and explicit privacy policy documentation. The domain WHOIS data is unavailable, which reduces transparency and trustworthiness assessment. Overall, the website is safe, professional, and functional, but could improve in privacy compliance and security best practices.

D

Dětský domov Dolní Lánov

ddlanov.cz

42

Dětský domov Dolní Lánov is a small non-profit institution in the Czech Republic providing child care, primary education, and school dining services. The website serves as an informational portal for the institution, targeting children in need, their families, and the supporting community. The organization maintains partnerships with local foundations and media entities, enhancing its community presence. Technically, the website is built on the PublicMC CMS platform and uses legacy JavaScript libraries including jQuery 1.7.2 and Flash components, which indicate a need for modernization. The site includes tracking and analytics tools such as Google Analytics, Facebook SDK, AddThis, and MyxHeat heatmaps, reflecting moderate digital maturity but limited privacy compliance. From a security perspective, the site uses HTTPS but lacks visible security headers and employs outdated libraries, which could expose it to vulnerabilities. No privacy or cookie policies are explicitly presented, and WHOIS data for the domain is unavailable, which reduces trustworthiness. Contact information and a GDPR data protection officer are clearly provided, supporting compliance efforts. Overall, the website is functional and informative but requires technical updates and enhanced privacy and security measures to improve trust and compliance. Strategic improvements in technology stack, security headers, and policy transparency are recommended to strengthen its digital posture.

A

Agence tactee

tactee.fr

49

Agence tactee is a French digital marketing agency founded in 2014, specializing in SEO, SEA, inbound marketing, and website creation and redesign. The company operates multiple regional offices across France and serves a diverse clientele including SMEs, startups, and large corporations. Their website demonstrates a strong market position with a professional design, comprehensive service offerings, and a portfolio of notable clients. Technically, the website is built on WordPress with modern tools such as Yoast SEO and Google Tag Manager, ensuring good SEO and analytics capabilities. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security and privacy policies are not found in the provided content. Overall, the site is professional, trustworthy, and well-optimized for its business goals.

Queens of Kink is an adult entertainment website specializing in dominant femdom and fetish videos featuring crossdressers, transvestites, and shemales. The site operates on a subscription-based model offering exclusive content to adult audiences. It has been active since 2013, indicating a stable presence in its niche market. The website presents content professionally with clear navigation and an age verification splash page to restrict access to adults only. Technically, the site uses common web technologies such as jQuery, Bootstrap, and Font Awesome, hosted on MojoHost servers. While the site is mobile optimized and performs moderately well, it lacks advanced security headers and DNSSEC, which are recommended for improved security posture. Privacy compliance is basic, with a privacy policy and cookie notice present but no explicit consent mechanism. No direct company contact emails or phone numbers are provided, limiting business transparency. Overall, the site is legitimate and consistent with its business model but could improve security and privacy practices.

F

Free-Solutions Sàrl

free-solutions.ch

46

Free-Solutions Sàrl is a Swiss technology company specializing in vocal artificial intelligence solutions, notably offering the first Swiss vocal AI assistant accessible via their website. Their market position is that of an innovative niche player focusing on AI voice technology and hosting services. The website is built on the Jive Clearspace platform and uses standard web technologies including JavaScript and TinyMCE. While the site is functional and presents professional content with good design and navigation, it lacks comprehensive privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enabled but missing security headers and incident response information. Google Analytics is used for user tracking without visible consent mechanisms, indicating privacy compliance gaps. Overall, the site is safe and suitable for a general audience, with no adult or explicit content detected.

The website aciah-linux.org represents the Association A.C.I.A.H, a French non-profit organization dedicated to digital accessibility and inclusion. They provide an accessible Linux distribution called Aciah-Linux, along with tutorials, training, and personalized support primarily targeting people with disabilities, elderly users, and beginners. The association is supported by various regional and national partners and funders, indicating a solid community presence and trust. The website content is primarily in French with options for translation, and it is well-structured with good navigation and relevant educational content. Technically, the site uses the SPIP CMS with several plugins and is hosted by OVH, a reputable provider. While the site is functional and moderately optimized, it lacks some modern security practices such as DNSSEC and security headers. Privacy and cookie policies are absent, which is a compliance gap. No social media presence or direct contact emails/phones are visible, limiting direct communication channels. Overall, the site is trustworthy and serves a niche community effectively but could improve in security and privacy compliance.

E

Emmabuntüs

emmabuntus.org

47

Emmabuntüs is a French non-profit collective dedicated to the reconditioning and reuse of computers through its Debian-based GNU/Linux distribution. The organization targets humanitarian associations, educational institutions, and beginners in Linux, aiming to extend hardware lifespan and reduce electronic waste. Their collaborations with projects in France and Africa, including Togo and Côte d’Ivoire, highlight their social impact and community engagement. Technically, the website is built on WordPress with common plugins and offers moderate performance and good mobile optimization. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and explicit privacy or incident response policies. Overall, the site is trustworthy and professional, though improvements in privacy compliance and security transparency are recommended.

O

Oxalis scop

oxalis-scop.fr

42

Oxalis SCOP is a French cooperative of entrepreneurs providing a supportive framework for professionals to develop their activities with administrative, financial, and social assistance. The cooperative emphasizes collective and ethical entrepreneurship, targeting freelancers and small business owners. The website is built on Joomla CMS and integrates privacy-conscious analytics tools such as Matomo and Plausible. The technical infrastructure is moderate in performance with some outdated libraries that pose minor security risks. Security posture is generally good with HTTPS enforced but lacks some modern security headers and explicit cookie consent mechanisms. Business credibility is high with clear contact information, testimonials, and certifications like Qualiopi. Overall, the website is professional, trustworthy, and well-aligned with the cooperative's mission.

M

MARK of the BRAND

themolitor.com

45

MARK of the BRAND is a small, Seattle-based independent design studio specializing in brand identity services including monograms, brand marks, and logos primarily serving the Pacific Northwest region. The website presents a professional portfolio showcasing various brand mark designs and related services, targeting businesses and professionals seeking distinctive visual identity solutions. The business appears newly founded in 2024, consistent with the domain registration date. Technically, the website is built on WordPress with modern web technologies including optimized CSS and JavaScript, Google Fonts integration, and caching mechanisms. The site is mobile-optimized and SEO-friendly with appropriate meta tags and structured data. Hosting appears to be through NameCheap, the domain registrar, with HTTPS enabled ensuring secure communications. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and security headers such as Content-Security-Policy or X-Frame-Options. No privacy or cookie policies are present, which is a compliance gap. The site uses minimal tracking scripts and has no visible forms collecting sensitive data, reducing attack surface. No incident response or vulnerability disclosure information is provided. Overall, the website is professionally designed and trustworthy with a good security baseline but would benefit from enhanced privacy compliance and security hardening to improve user trust and regulatory adherence.

M

MéthaFrance

methafrance.fr

41

MéthaFrance operates as a national informational portal focused on methanisation, a renewable energy process in France. The website provides comprehensive educational content, event information, FAQs, and resources targeted at the general public, agricultural stakeholders, and energy sector participants. It positions itself as a leading resource in the French renewable gas sector. Technically, the site is built on Drupal 10 with Bootstrap for responsive design and uses privacy-conscious analytics (Matomo) and cookie consent management (tarteaucitron). Security posture is good with HTTPS and captcha protections, though explicit security headers and policies are lacking. The absence of WHOIS registrant data slightly reduces trust but does not detract significantly from the site's legitimacy. Contact is available via a webform but lacks direct email or phone contacts. Overall, the site is professional, informative, and well-structured, serving its educational mission effectively.

S

Énergies Renouvelables : le savoir-faire français à l'international - Accueil

savoirfairefrancais-enr.fr

45

The website www.savoirfairefrancais-enr.fr serves as an informational and promotional platform highlighting French renewable energy projects worldwide. It is supported by reputable French organizations such as the Syndicat des énergies renouvelables and ADEME, positioning it as a niche but credible resource within the energy sector. The site offers an interactive map and sector-specific project information aimed at a general audience interested in renewable energy. Technically, the site employs modern JavaScript libraries, analytics tools like Matomo and Google Analytics, and cookie consent management via tarteaucitron.js, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, though accessibility features could be improved. Security-wise, the site uses HTTPS and includes bot protection via reCAPTCHA, but lacks visible security headers and explicit privacy or security policies, which are areas for improvement. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced transparency and security practices.

A

Alliance Qualité Photovoltaïque (AQPV)

aqpv.fr

49

The AQPV website represents a professional certification body focused on photovoltaic solar energy companies in France. It provides detailed information about the AQPV certification, its requirements, and lists certified companies with verifiable certificates. The website is built on WordPress with standard technologies and is well-structured for its target audience of project owners and photovoltaic operators. The technical infrastructure is modern but could benefit from enhanced security headers and explicit privacy compliance documentation. Security posture is moderate with HTTPS and reCAPTCHA usage but lacks visible security policies or incident response information. Overall, the site is trustworthy and serves as a credible resource for photovoltaic certification in France.

Opale Énergies Engagées is a French renewable energy company specializing in local green energy projects such as biogas, photovoltaic, and wind energy. Established since 2008, it collaborates with local communities, elected officials, farmers, and enterprises to promote decentralized and sustainable energy production and consumption. The company recently strengthened its capital base with a consortium including BPI, OCCTE, and ENERFIP, enhancing its capacity for innovative and responsible energy solutions. The website reflects a professional and consistent brand image with clear messaging targeting stakeholders interested in energy transition and sustainability. Technically, the website is built on WordPress, leveraging modern JavaScript libraries like GSAP and jQuery, and optimized with WP Rocket for performance. It is mobile-friendly and SEO-optimized, providing a good user experience. However, some security best practices such as security headers and explicit cookie consent mechanisms are missing, which could be improved to enhance trust and compliance. Security posture is solid with HTTPS enabled and no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data for the domain is a concern, limiting the ability to fully verify domain legitimacy and ownership. Social media presence is strong, supporting business credibility. Overall, the website is safe, professional, and aligned with its business goals but would benefit from enhanced transparency and security practices. Recommendations include implementing security headers, publishing detailed privacy and cookie policies with consent mechanisms, adding vulnerability disclosure information, and verifying domain registration details to improve trustworthiness and compliance.

FetishLiza.com is a niche adult entertainment website specializing in fetish and kinky video content, primarily focusing on femdom, leather, pantyhose, and related themes. The site operates on a subscription and pay-per-view business model, offering exclusive clips and featuring a roster of models. It maintains a consistent brand presence with clear adult content warnings and age verification mechanisms. Technically, the site uses a modern frontend stack including jQuery, Bootstrap, and Font Awesome, hosted on mojohost.eu servers. While the site is accessible without WAF or blocking, it lacks advanced security headers and explicit cookie consent mechanisms, which are areas for improvement. Privacy and terms pages exist but are basic and do not fully demonstrate GDPR compliance. The domain registration is consistent with the site's history and content, showing legitimacy and no suspicious patterns.

N

N/A

glovemansion.com

40

Glove Mansion is a niche adult entertainment website specializing in erotic fetish videos and pictures focused on glove fetishism. The site operates on a subscription-based model offering exclusive content featuring English and European models. It has been active since 2006, indicating a stable presence in its market niche. The website targets adults only, with an explicit age verification splash page and clear adult content warnings. Technically, the site uses a legacy technology stack including jQuery 2.1.0 and Bootstrap, with Google Analytics and DoubleClick for tracking and advertising. Mobile optimization and accessibility are basic but functional. Security posture is moderate with no visible security headers or DNSSEC enabled, and use of outdated JavaScript libraries introduces potential vulnerabilities. Privacy and terms policies exist but are basic, and no incident response or vulnerability disclosure information is provided. Overall, the site is functional and professional within its niche but could improve security and compliance measures.

N

N/A

chateau-cuir.com

44

Chateau-Cuir.com is a niche adult entertainment website specializing in premium leather fetish videos and photo galleries. Established in 2011, it operates a subscription-based business model targeting adults interested in leather and fetish content. The site offers unique, regularly updated content with a focus on high-quality fetish media. Its market position is that of a specialized provider within the adult media industry, leveraging partnerships such as Clips4sale for affiliate sales and maintaining a presence on social media platforms including OnlyFans, Facebook, and Twitter. Technically, the website uses a traditional web stack including jQuery, Bootstrap, and Google Fonts, with Google Analytics for visitor tracking. Hosting is managed via mojohost.eu as indicated by the nameservers. The site shows basic mobile optimization and SEO practices but lacks advanced accessibility features. Performance is moderate, with no critical technical issues detected in the HTML content. From a security perspective, the site lacks visible security headers and DNSSEC is not enabled, which are notable gaps. There is no explicit HTTPS enforcement data available, and no dedicated security or incident response policies are published. The site does implement an age verification splash page and complies with 18 U.S.C. 2257 record-keeping requirements, which are important trust signals in the adult content industry. Privacy and terms of service pages exist but are basic and do not explicitly indicate GDPR compliance. Overall, Chateau-Cuir.com presents a moderate risk profile typical for niche adult content sites. It is recommended to enhance security posture by enabling DNSSEC, implementing security headers, enforcing HTTPS, and publishing clear security and incident response policies. Improving privacy compliance and providing direct contact information would also strengthen business credibility and user trust.

Mistress No. 1 operates a niche adult entertainment website focused on femdom content, offering exclusive membership access to videos, photos, and event information. The site targets an adult audience with explicit age verification and content warnings. Technically, the site uses a variety of JavaScript libraries and frameworks to deliver multimedia content and user interface features, including video playback and cookie consent management. However, the absence of structured metadata and limited SEO optimization indicates room for improvement in digital maturity. Security posture is moderate with some best practices like cookie consent and age verification, but lacks visible security headers and privacy policies, which are critical for trust and compliance. The WHOIS data is missing or unavailable, raising concerns about domain legitimacy and transparency. Overall, the site is functional and professionally branded but requires enhancements in security, privacy compliance, and domain registration transparency to improve trustworthiness and reduce risk.

C

C & K člen skupiny AUTO UH a.s.

motouh.cz

42

The website www.motouh.cz represents a medium-sized Czech retail and service business specializing in CFMOTO motorcycles and ATVs. It operates under the parent company AUTO UH a.s., offering sales, service, and rental of motor vehicles primarily targeting customers in the Czech Republic. The site is professionally designed with good content quality, clear navigation, and mobile optimization. Technically, it employs modern JavaScript libraries and Google Fonts, with HTTPS enforced and a cookie consent mechanism ensuring GDPR compliance. Security posture is solid with no evident vulnerabilities, though some security headers and policies could be improved. The absence of WHOIS data is a notable gap, reducing domain trustworthiness, but the visible business information and social media presence support legitimacy. Overall, the site is a reliable digital presence for a local transportation retailer.

Q

QuattroPole

quattropole.org

44

QuattroPole is a regional network of four cities—Luxemburg, Metz, Saarbrücken, and Trier—focused on enhancing economic attractiveness, cultural exchange, and tourism collaboration. The website serves as an informational platform promoting events, projects, and language learning initiatives across these cities. The organization operates as a non-profit governmental cooperation entity with a long-standing presence since 2000. Technically, the website employs modern JavaScript libraries such as jQuery, Owl Carousel, and Foundation framework, ensuring a responsive and user-friendly experience. Hosting and domain registration are stable and consistent with the organization's profile. However, some security best practices like DNSSEC and security headers are missing, and privacy compliance is incomplete due to the absence of privacy and cookie policies. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but improvements are needed in security headers and explicit privacy disclosures. No WAF or blocking mechanisms interfere with content accessibility. Overall, the website is professional, trustworthy, and serves its target audience effectively, though it would benefit from enhanced privacy and security measures.

S

SPOT – Social Psychology of Transformation

spot-psychology.eu

48

The SPOT website represents an academic Erasmus Mundus Joint Master Programme focused on social psychology and social change, delivered by a consortium of European universities. It targets prospective graduate students seeking transformative education across multiple countries. The site is professionally designed using TYPO3 CMS and Bootstrap, with good mobile optimization and accessibility. It employs GDPR-compliant cookie consent and integrates Google Analytics for user behavior insights. Security posture is solid with HTTPS and no exposed sensitive data, though security headers and explicit policies could be improved. Overall, the domain registration and website content are consistent and legitimate, reflecting a trustworthy educational institution.

The analyzed URL corresponds to a Chrome internal error page (chrome-error://chromewebdata/) indicating that the actual website content is inaccessible or blocked. The page contains no business-related content, contact information, or policies. Instead, it hosts embedded scripts and styles for the Chrome Dinosaur offline game, which is a browser Easter egg. Due to the lack of accessible content, no meaningful business or security insights can be derived. The technical infrastructure is limited to client-side JavaScript for the game, with no server-side or hosting information available. Security posture cannot be assessed beyond the absence of HTTPS or security headers. Overall, the site is non-functional as a business website and provides no user or compliance information.

S

ServiceCenter KHS

kunsthochschulen-berlin.de

45

ServiceCenter KHS operates as a centralized support hub for artistic universities in Berlin, providing essential services in financial management, personnel, and IT support. The website clearly targets university staff and students, offering structured navigation to various service areas. The business model focuses on internal administrative support for higher education institutions, positioning itself as a niche service provider within the education sector in Germany. Technically, the website is built on TYPO3 CMS with Bootstrap, indicating a modern and maintainable infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. No advanced analytics or tracking tools are detected, suggesting a privacy-conscious approach. From a security perspective, the site lacks visible security headers and explicit security policies, which lowers its security posture score. The absence of cookie consent mechanisms and limited privacy disclosures on the site itself indicate areas for improvement in privacy compliance. However, the domain registration data aligns well with the website's purpose and location, supporting its legitimacy. Overall, the website is professional and functional with moderate risk. Strategic improvements in security headers, privacy disclosures, and contact transparency would enhance trust and compliance.

S

ServiceCenter KHS

servicecenter-khs.de

45

ServiceCenter KHS operates as a centralized support hub for artistic universities in Berlin, providing essential services in financial management, personnel, and IT support. The website clearly targets staff and students of Hochschule für Musik Hanns Eisler Berlin, Hochschule für Schauspielkunst Ernst Busch Berlin, and Weißensee Kunsthochschule Berlin. The business model focuses on administrative support within the education sector, positioning itself as a niche service provider for these institutions. Technically, the website is built on TYPO3 CMS with a Bootstrap package, leveraging modern web technologies such as CSS animations, WebGL, and WebSockets. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Hosting appears to be managed via a Berlin-based provider, consistent with the domain's nameservers. From a security perspective, the site lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance and overall security posture. No forms or data collection mechanisms were detected on the main page, reducing immediate risk exposure. The domain registration aligns well with the website's claimed purpose and location, supporting legitimacy. Overall, the website is professional and functional with good content quality and navigation. However, improvements in security headers, privacy compliance (cookie consent), and explicit contact information would enhance trust and compliance. The risk level is moderate with no critical vulnerabilities detected.

K

komplexx-figurentheater.de

komplexx-figurentheater.de

35

Bündnis KompleXX Figurentheater is a small cultural alliance based in Germany that promotes puppet, figure, and object theater through events, symposiums, podcasts, and collaborative projects. The website is built on WordPress using the Astra theme and several plugins, indicating a moderate level of digital maturity. The site is mobile-optimized and provides relevant content for its niche audience of artists, researchers, and cultural practitioners. Security posture is basic with HTTPS enabled but lacking important security headers and privacy compliance mechanisms such as cookie consent. No direct contact information or incident response channels are visible, which may impact user trust and compliance. Overall, the site is functional and professional but could improve in security and privacy compliance to better serve its audience and meet regulatory requirements.

K

Krista Exhibitions

interpharma-indonesia.com

46

Indonesia Pharmaceutical Expo (IPEX) is a well-established event organized by Krista Exhibitions, focusing on the pharmaceutical industry and related sectors in Indonesia. The website serves as a platform for event information, exhibitor and visitor registration, and partnership details. The business model centers on event management and trade show facilitation, targeting pharmaceutical manufacturers, suppliers, and industry professionals. The domain age and WHOIS data support the legitimacy and maturity of the business. Technically, the website uses modern JavaScript libraries and frameworks such as Bootstrap, jQuery, and Owl Carousel, hosted on AWS infrastructure, providing a moderate performance and good mobile optimization. However, the site lacks a visible CMS and advanced accessibility features. Security posture is moderate with HTTPS enabled but missing critical security headers and no published privacy or cookie policies, indicating compliance gaps. No incident response or vulnerability disclosure information is provided. Overall, the website is professional and functional but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.