High-risk security reports

O

Obec Jablůnka

jablunka.cz

44

Obec Jablůnka operates an official municipal website serving the local community in the Czech Republic. The site provides comprehensive information about the municipality, local governance, community events, and public services. It targets residents, visitors, and local businesses, offering tools such as an electronic filing system and reservation services. The website is well-established with a domain age since 2003, reflecting a stable online presence. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Swiper, and Leaflet for interactive maps, supported by a Nette PHP framework backend. The site is mobile-optimized and features good navigation and content quality. However, performance is moderate, and accessibility features are basic. From a security perspective, the website uses HTTPS and includes reCAPTCHA for form protection. Security headers are minimal, and there is no visible security incident response or vulnerability disclosure information. Privacy and cookie policies are absent, representing compliance gaps. Analytics usage includes Google Analytics and Google Tag Manager, with moderate user tracking. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance, improved security headers, and explicit incident response information. These improvements would strengthen user trust and regulatory adherence.

O

Obec Lhota u Vsetína

lhotauvsetina.cz

46

The website lhotauvsetina.cz serves as the official online presence for the municipality of Lhota u Vsetína in the Czech Republic. It provides residents and visitors with local news, official announcements, event calendars, waste collection schedules, and contact information for municipal offices. The site is designed to support community engagement and transparency in local governance. The business model is that of a governmental municipal service portal, targeting local residents and stakeholders. The domain is well-established since 2007, reinforcing its legitimacy and trustworthiness. Technically, the website is built on the vismo CMS platform, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google Analytics and Google Tag Manager for visitor analytics, with a clear cookie consent mechanism in place to comply with GDPR requirements. The site is mobile-optimized and provides basic accessibility features, although there is room for improvement in security headers and SEO. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks explicit security headers like CSP or HSTS. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the website's purpose and geographic location, indicating a trustworthy domain registration. No WAF or blocking mechanisms interfere with content accessibility. Overall, the website presents a professional and trustworthy digital presence for the municipality, with good content quality and user experience. Strategic recommendations include enhancing security headers, publishing explicit security and privacy policies, and considering a vulnerability disclosure policy to further strengthen security posture and user trust.

P

Propagon

propagon.cz

47

Propagon is a small, specialized web development company based in Brno, Czech Republic, focusing on custom website creation with an emphasis on mobile optimization and individual client service. The company positions itself as a professional local agency offering quality web solutions tailored to client needs. The website demonstrates a good level of digital maturity, utilizing WordPress CMS with the Divi Builder framework, and integrates modern technologies such as Google Tag Manager and reCAPTCHA for enhanced user experience and security. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security policies and incident response information are absent. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies. The absence of WHOIS data reduces domain transparency and trustworthiness, but the website content and structured data support the legitimacy of the business. Overall, Propagon presents a professional and trustworthy online presence suitable for its market segment.

D

DESTINATION NANCY

destination-nancy.com

39

DESTINATION NANCY is a public local company primarily focused on promoting tourism and organizing events in the Grand Nancy metropolitan area. It operates key event venues such as Centre Prouvé and Parc Expo, provides free advisory services through its Convention Bureau, and collaborates closely with the local government and tourism office. The website is professionally designed, multilingual (French and English), and regularly updated with event and news content. Technically, it is built on WordPress with modern plugins and analytics tools, delivering a good user experience with mobile optimization and SEO best practices. Security posture is solid with HTTPS and cookie consent, though there is room for improvement in security headers and explicit security policies. WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the site is trustworthy, well-maintained, and serves its target audience effectively.

A

acrowd agency

acrowd.se

45

Acrowd agency is a Stockholm-based digital full-service agency founded in 2021, specializing in branding, web development, SEO, content marketing, and media production. The company targets businesses of all sizes in Sweden and internationally, offering comprehensive digital solutions to help clients achieve measurable digital growth. The website reflects a professional and modern digital presence with rich content, client showcases, and multimedia integration. Technically, the site is built on WordPress with Elementor and uses modern analytics and marketing tools such as Google Analytics, Facebook Pixel, and Hotjar. Security posture is good with HTTPS and reCAPTCHA implemented, though explicit security headers and a privacy policy page are missing. Overall, the site is trustworthy and well-positioned in the digital agency market.

K

KULTURA ČESKÁ LÍPA, příspěvková organizace

cl-kultura.cz

43

Kultura Česká Lípa is a public cultural organization affiliated with the city of Česká Lípa, Czech Republic. It provides a variety of cultural services including theater performances, concerts, workshops, and venue rentals. The website serves as an information portal for upcoming events, ticket sales, and organizational details, targeting the general public interested in cultural activities. The organization is positioned as a key local cultural institution with official city backing, enhancing its credibility and trustworthiness. Technically, the website is built on WordPress using the Divi theme and several plugins such as Complianz for GDPR compliance and Supreme Modules Pro for enhanced UI components. The site demonstrates good mobile optimization, moderate performance, and basic accessibility features. It integrates external services for ticketing and event promotion, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses cookie consent management, but lacks explicit advanced security headers. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is well addressed with clear GDPR documentation and cookie policies. Contact information is comprehensive, including phone, email, and physical address, supporting business credibility. Overall, the website presents a professional and trustworthy digital presence for a government-affiliated cultural organization. The main risk factor is the absence of WHOIS data, which limits domain registration transparency. Strategic recommendations include enhancing security headers, maintaining plugin updates, and verifying domain registration status to strengthen trust and security posture.

E

EDISX

edisx.eu

36

EDISX is a Czech Republic-based company specializing in transportation management solutions, focusing on improving the efficiency of passenger and goods transport through modern dispatching systems and mobile applications for drivers and clients. The website positions the company as a technology provider aiming to reshape transportation processes with a software-driven approach. The business model appears to be SaaS-oriented, targeting transportation operators seeking operational optimization. Technically, the website is built on WordPress using the Divi theme, integrating common analytics and tracking tools such as Google Analytics and Google Tag Manager. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Security-wise, the website uses HTTPS and includes a cookie consent mechanism, but lacks explicit security policies, incident response contacts, and vulnerability disclosure information, which are areas for improvement. Overall, the site is professional and trustworthy but could enhance transparency and compliance documentation. The domain registration data aligns well with the website content, indicating legitimacy. No adult or questionable content is present, making the site safe for general audiences.

K

Kajutova Loď

kajutovalod.cz

42

Kajutova Loď is a small family-run boat rental business operating on the Baťův kanál in southern Moravia, Czech Republic. The company offers a variety of cabin boats and houseboats for rent, targeting families, tourists, and groups seeking recreational boating experiences without the need for a boating license. Their business model focuses on direct rentals, supplementary services such as boat servicing, and gift vouchers. The website is professionally designed using WordPress and Elementor, providing clear navigation and relevant content in Czech. Social media integration and a booking system enhance customer engagement. Technically, the site uses modern web technologies and is hosted by a Czech provider, with moderate performance and good mobile optimization.

F

Freemium Kft.

huskroua-cbc.eu

40

The Hungary-Slovakia-Romania-Ukraine ENI CBC Programme website serves as an official information portal for a European Union cross-border cooperation initiative focused on regional development and collaboration between the four countries. The site provides comprehensive information on programme priorities, calls for proposals, project databases, news, and events targeted at government agencies, project applicants, and regional stakeholders. The business model is public sector driven, emphasizing transparency and accessibility of programme data. Technically, the website is built on Webolucio CMS and leverages a modern JavaScript stack including jQuery, Slick Carousel, and Google Analytics for tracking. It employs HTTPS with good SSL configuration and integrates security tools such as Google reCAPTCHA and Rollbar for error monitoring. The site is mobile optimized with good navigation and SEO practices, although accessibility features are basic. From a security perspective, the site demonstrates good practices with HTTPS enforcement and form protection but lacks explicit security headers and a published security policy or incident response contacts. Privacy compliance is basic with a privacy policy and cookie consent mechanism present, but GDPR compliance indicators could be improved. No contact emails or phone numbers are explicitly provided, which may impact user trust. Overall, the website is professional, trustworthy, and well-maintained, suitable for its government and non-profit audience. Strategic recommendations include enhancing security headers, publishing a security policy, improving GDPR compliance, and providing clearer contact information to strengthen user trust and compliance posture.

N

NEWTON Yacht Club

newtonyachtclub.cz

41

NEWTON Yacht Club is a university-affiliated sailing club that fosters community engagement and competitive sailing events, notably the annual NEWTON CUP regatta. The club targets students, alumni, and sailing enthusiasts, positioning itself as a niche community within the educational and sports sectors. The website reflects a professional and consistent brand image aligned with its parent organization, NEWTON University Group. Technically, the site is built on WordPress with modern JavaScript libraries and integrates Google Analytics and reCAPTCHA for security and analytics. While the site uses HTTPS and standard security practices, it lacks explicit security headers and privacy policies, indicating areas for compliance improvement. Overall, the security posture is moderate, with no critical vulnerabilities detected. The domain registration data aligns well with the business history, supporting legitimacy and trustworthiness.

C

Cannes Lérins TV et Radio

lerinstvradio.fr

49

Cannes Lérins TV et Radio operates as a local media outlet serving the Bassin Cannois region in France, providing live television and radio streaming, podcasts, and local news content. The website targets residents and visitors interested in regional media and cultural events. The business model focuses on content delivery through multiple channels including online streaming and social media engagement. The company appears to be a small-sized media entity, recently founded in 2024, with a consistent brand presence and active content updates.

R

RSKUK |

rskuk.cz

47

The website www.rskuk.cz represents a regional governmental or non-profit organization focused on the development and coordination of the Ústecký region in the Czech Republic. It provides information about regional conferences, strategic projects, and various working groups related to energy, tourism, education, and innovation. The site is built on WordPress using the Divi theme, indicating a moderate level of digital maturity with modern web technologies and responsive design. However, the absence of WHOIS data and lack of explicit privacy and cookie policies suggest areas for improvement in transparency and compliance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response information. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices to strengthen its risk profile.

H

HELU Connectivity Solutions Bielefeld GmbH

sangel.com

47

HELU Connectivity Solutions Bielefeld GmbH, formerly Sangel Systemtechnik GmbH, is a medium-sized manufacturing company specializing in LED industrial lighting and cable assemblies. As part of the HELUKABEL Group, it leverages a global network to provide integrated and holistic solutions to industrial clients. The website reflects a professional B2B focus with clear branding and product offerings in LED luminaires and cable assemblies. Technically, the site is built on WordPress with modern plugins and is mobile optimized, though some security headers are missing. The security posture is adequate with HTTPS enabled and privacy policies in place, but could be improved by adding cookie consent and incident response information. WHOIS data is missing, which raises some concerns about domain registration transparency. Overall, the website is trustworthy and professional but would benefit from enhanced security and compliance disclosures.

Chefsblogg.se is a professionally maintained blog platform operated by Ledarna, Sweden's prominent organization for managers and leaders. The site focuses on leadership, sustainability, inclusion, equality, and related societal topics, targeting managers and professionals interested in leadership development. The blog features multiple authors and regularly updated content, reinforcing its position as a thought leadership platform within the Swedish leadership community. Technically, the site is built on WordPress using the Enfold theme, leveraging common web technologies such as jQuery and PHP. It employs CookieYes for cookie consent management, ensuring compliance with cookie regulations. Security posture is solid with HTTPS enforced and basic security headers, though there is room for improvement in header implementation and privacy documentation. The WHOIS data for the exact domain www.chefsblogg.se is unavailable, suggesting it is a subdomain or alias under a parent domain, consistent with its affiliation to Ledarna. Overall, the site presents a trustworthy, professional, and content-rich platform with moderate technical sophistication and good security hygiene.

HopeTV is a Slovak Christian multimedia portal providing religious video content, live streams, and archives primarily targeting the Slovak-speaking Christian community. The website is built on WordPress CMS with a custom theme and uses popular plugins such as Slider Revolution and Essential Grid to manage multimedia content. The platform demonstrates good digital maturity with structured data, SEO optimization, and mobile responsiveness. Security posture is adequate with HTTPS enforced, but lacks some security headers and explicit incident response information. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service. Overall, the website is legitimate and trustworthy, serving a niche media segment with consistent branding and quality content.

A

Advent Orion

adventorion.sk

49

Advent Orion is a Slovak-based small retail and publishing company specializing in books for children, youth, and spiritual growth. The website serves as an e-commerce platform built on WordPress and WooCommerce, offering a variety of books, calendars, and magazines. The company maintains a clear online presence with contact information, privacy and cookie policies, and social media integration, primarily Facebook. Technically, the site uses modern web technologies including Bootstrap and Google Tag Manager, and is optimized for mobile devices with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and WHOIS data aligns with the business claims, supporting legitimacy. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

D

Dobré Jitro

dobrejitro.cz

39

Dobré Jitro is a Czech website providing daily inspirational quotes, stories, and wallpapers aimed at a general audience seeking positive morning content. The site has a consistent branding and good content quality, with archives dating back to 2004, indicating a long-standing presence. Technically, the site uses modern web fonts, Google Analytics, and Google Ads for tracking and advertising, and is mobile optimized with good SEO practices. However, the absence of privacy and cookie policies, lack of contact information, and missing WHOIS data reduce its overall trust and compliance posture. Security headers are not detected, and SSL configuration details are unknown, suggesting room for improvement in security practices. Overall, the site is safe and suitable for general audiences but would benefit from enhanced transparency and security measures.

U

Je víra v Boha utopie?

utopie.cz

37

The website www.utopie.cz is a Czech language content platform focused on religious and philosophical topics, particularly Christianity. It offers a series of thematic articles and a newsletter subscription, targeting a general audience interested in faith and spirituality. The site appears to be small-scale and content-driven without clear commercial intent or extensive business infrastructure. Technically, the site uses legacy JavaScript libraries such as jQuery 1.10.2, integrates Google Analytics and Facebook SDK for tracking, and includes Google Ads remarketing scripts. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features and modern frameworks. Security-wise, the site uses HTTPS but lacks visible security headers and employs outdated libraries that may expose vulnerabilities. No privacy or cookie policies are present, which impacts compliance with GDPR and user trust. The WHOIS data is unavailable, limiting domain legitimacy verification and reducing overall trust. Suspicious hidden links to unrelated pharmaceutical domains were detected, which could indicate potential security or SEO manipulation risks. Overall, the site is functional and content-rich but requires improvements in security, privacy compliance, and domain transparency to enhance trust and resilience.

Odyssey Angels is a small non-profit community program focused on encouraging creative problem-solving to assist overlooked individuals in local communities. The website serves as an informational portal for enrollment and program details, linking to related official sites and sponsors. Technically, the site is built on Drupal 7 and hosted by InMotion Hosting, with moderate performance and basic mobile optimization. Security posture is moderate but lacks modern best practices such as DNSSEC, security headers, and visible HTTPS enforcement. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is safe and trustworthy but would benefit from improved security and compliance measures.

The website omworldfinals.com currently displays a 403 Forbidden error page, indicating that access to the site content is blocked or restricted. There is no accessible business or contact information, privacy or cookie policies, or any other content that would provide insight into the company's operations or services. The domain is registered with NameCheap since 2021 and hosted on SiteGround, but the lack of accessible content severely limits the ability to assess the business or technical maturity. The site uses basic HTML and CSS with Google Fonts but no advanced frameworks or analytics are detected. Security posture is weak due to missing DNSSEC and absence of security headers, although HTTPS status cannot be confirmed from the content. Overall, the site is inaccessible for meaningful analysis and presents a low trust profile.

The website odysseyofthemind.com currently serves a 403 Forbidden error page, indicating that access to the content is blocked or restricted. No meaningful content, metadata, or business information is accessible from the provided HTML. The domain is well-established, registered since 1998 with a reputable registrar, but the website itself is inaccessible for analysis. The technical infrastructure appears to be hosted on SiteGround based on nameservers, but no further technical or CMS details are available. Security posture cannot be fully assessed due to lack of accessible content and headers. No privacy, cookie, or contact policies are present, indicating poor compliance and transparency. Overall, the site is currently non-functional for public access, limiting any business or security evaluation.

P

Pivovarna Laško Union d.o.o.

union-experience.si

41

Pivovarna Laško Union d.o.o. operates a well-established brewery business in Slovenia with a rich history spanning over 160 years. The website serves as a comprehensive platform promoting their brewery tours, events, product offerings, and brand experiences, targeting adult consumers interested in beer and related hospitality services. The company maintains a strong market position with consistent branding and a professional online presence. Technically, the website employs modern web technologies including Google Tag Manager and Google Fonts, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and GDPR-compliant cookie consent mechanisms, although explicit security policies and headers could be improved. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

S

Sportway

sportway.com

49

Sportway is a Sweden-based media technology company specializing in AI-automated sports video production, data services, and media rights acquisition. The company targets sports federations, clubs, and fans by providing end-to-end automated live sports video production solutions, focusing on lower tier leagues and youth divisions. Their market position is strong as one of Europe's fastest growing broadcast solutions with thousands of live broadcasts and installations worldwide. The website reflects a professional and modern digital presence with good content quality and clear business messaging. Technically, the site is built on WordPress with Elementor and uses modern web technologies including SEO plugins and tracking tools like Hotjar. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and publishing security policies. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms of service pages. Contact information is clearly provided, enhancing business credibility. Overall, the site is trustworthy and well-maintained, supporting the company's professional image.

U

UNICO | innovation consultancy

unicoanalytics.cz

48

The website www.unicoanalytics.cz appears to be a Wix-hosted site with minimal accessible content. The absence of WHOIS data and registrant information raises concerns about domain legitimacy and transparency. The site lacks visible privacy policies, cookie consent mechanisms, contact information, and business descriptions, which limits its credibility and trustworthiness. Technically, the site uses standard Wix scripts and polyfills but does not demonstrate advanced SEO or accessibility features. Security posture is weak due to missing security headers and unknown SSL configuration. Overall, the site presents a low maturity level in digital presence and security readiness.

I

Informační centrum Trutnov

ictrutnov.cz

46

The website www.ictrutnov.cz serves as the official Tourist Information Center for the city of Trutnov, Czech Republic. It provides comprehensive visitor information including local attractions, events, and practical visitor services. The site targets tourists and visitors interested in exploring the region, offering multilingual support and a well-organized content structure. The business operates primarily in the hospitality and government/non-profit sectors, focusing on tourism promotion and visitor assistance. Technically, the website is built on Drupal 8 CMS and integrates modern web technologies such as Google Analytics, Google Tag Manager, FontAwesome icons, and AddToAny sharing tools. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Cookie consent and GDPR compliance mechanisms are implemented, reflecting awareness of privacy regulations. From a security perspective, the site uses HTTPS and cookie consent banners but lacks explicit security headers and incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data limits domain trust verification, although the website's official branding and contact information support its legitimacy. Overall, the site is professional, user-friendly, and trustworthy for its intended audience. Strategic improvements include enhancing security headers, publishing security policies, and improving domain registration transparency to strengthen trust and compliance.

Compel s.r.o. is a small Czech IT company based in Trutnov, specializing in computer hardware sales, IT services, web development, and hosting. The company has a long-standing presence since 2000, supported by consistent WHOIS data and a domain age that aligns with its business claims. The website provides detailed information about their product offerings including gaming computers, software, and specialized systems like point of sale and hotel management. Technically, the website uses basic HTML, CSS, and JavaScript with Google Analytics for visitor tracking. The site is functional but lacks modern mobile optimization and accessibility features. Security posture is moderate with HTTPS implied but no advanced security headers or policies published. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is safe, professional, and trustworthy but would benefit from improvements in privacy, security, and technical modernization.

K

Coming Soon

krkonosska70.cz

49

The website www.krkonosska70.cz currently serves as a placeholder page announcing the 71st edition of an event scheduled for March 14, 2026. It provides minimal content, primarily a coming soon message with a background video and a logo. There is no detailed business information, contact details, or policies presented. The site is built using Webflow CMS and includes jQuery 3.5.1 as a JavaScript library. Hosting is via Webflow's CDN, ensuring moderate performance and good mobile optimization. Security posture is weak due to lack of security headers and absence of privacy or cookie policies. No WHOIS registration data is available, which raises concerns about domain legitimacy and trustworthiness. Overall, the site is in an early development or maintenance phase with limited digital maturity and business credibility.

S

SECTRON s.r.o.

sectron.cz

36

SECTRON s.r.o. is a well-established Czech company specializing in wireless technologies, manufacturing antennas, cable adapters, and distributing wireless modules, modems, and routers. With 29 years of experience and a presence in 58 countries, the company serves industrial and IoT markets, including smart city, agriculture, energy, and electromobility sectors. Their business model combines manufacturing with B2B distribution and an e-commerce platform. Technically, the website employs modern web technologies such as jQuery, Google Tag Manager, and consent-based analytics, ensuring a good digital maturity level. Security posture is strong with HTTPS, cookie consent, and CAPTCHA-protected forms, though some security headers and explicit policies could be improved. Overall, the website is professional, GDPR compliant, and trustworthy, supporting the company's credibility and market position.

A

Aspit AS

aspit.no

49

Aspit AS is a Norwegian small-sized company specializing in healthcare journal systems, primarily serving musculoskeletal therapists, psychologists, and psychiatrists in Norway. Their key offerings include the Physica and Psykbase journal systems, supported by dedicated customer portals. The company emphasizes local development in Seljord and green, secure data hosting within Norway. Technically, the website employs modern web technologies including Google Tag Manager and Cookiebot for analytics and consent management, hosted on a green-certified data center. The site is well-structured, mobile-optimized, and SEO-friendly, providing a professional user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though formal security policies and incident response details are absent. Overall, the website and WHOIS data align well, indicating a trustworthy and legitimate business presence.

Des Livres en Communs is a French non-profit initiative operated by Framasoft that offers an innovative publishing model supporting authors with grants and editorial assistance to produce works published under free licenses. The website presents a clear mission focused on free culture and alternative publishing, targeting authors and readers interested in open access literature. Technically, the site is built using the Hugo static site generator with Bootstrap and Fork Awesome for styling, hosted by OVH, and uses Matomo for analytics, reflecting a modern and privacy-conscious infrastructure. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks DNSSEC and security headers, and no privacy or cookie policies are present, indicating room for compliance improvements. Overall, the site is professional and trustworthy but could enhance transparency and security practices to better align with GDPR and best practices.

V

Vercom S.A.

vercom.pl

45

Vercom S.A. is a Polish technology company specializing in cloud-based communication platforms (CPaaS) that enable businesses to engage with their audiences via multiple channels including email, SMS, push notifications, and OTT messaging. Established in 2005, Vercom has positioned itself as a significant player in the Central and Eastern European market, offering scalable and reliable communication solutions supported by flexible APIs and strong customer support. The website reflects a mature digital presence with multilingual support, active content updates, and integration with reputable marketing and analytics tools. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the company demonstrates high business credibility and technical competence, making it a trustworthy provider in the CPaaS sector.

Red de Consultores is a Mexican consulting firm specializing in food safety and quality management services, with over 20 years of experience. The company offers professional consulting and training services including HACCP, SQF, ISO 22000, and other food safety standards, targeting food industry professionals and quality managers primarily in Mexico. The website reflects a solid market position with clear service offerings and a professional presentation. Technically, the website is built on Joomla CMS with Gantry5 framework, utilizing common libraries such as jQuery and Bootstrap. It integrates Matomo analytics and Olark live chat for user engagement and tracking. The site is moderately optimized for mobile and performance, with basic SEO and accessibility features. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and important security headers. There is no visible privacy or cookie policy, which is a compliance gap. No incident response or security contact information is provided. The domain WHOIS data is consistent with the business claims, indicating legitimacy. Overall, the website is functional and professional but would benefit from enhanced security practices and privacy compliance to improve trust and reduce risk.

S

Serco Comercial S.A. de C.V.

isitios.com

48

Isitios, operated by Serco Comercial S.A. de C.V., is a small technology service provider specializing in web design, development, cloud services, and digital marketing. The company claims over 25 years of IT service experience and offers a range of services including AWS cloud solutions, SEO, VPS hosting, and social media management. The website is professionally designed with clear navigation and good mobile optimization, targeting businesses seeking IT and web development services primarily in Mexico. Technically, the site uses Bootstrap 5.1 and Mobirise CSS frameworks, with no detected CMS or advanced backend technologies. Hosting and domain registration are managed via IONOS SE, with DNS servers at iaasdns.com.

A

APA Polska Sp. z o.o. Sp.K.

apapolska.pl

43

APA Polska Sp. z o.o. Sp.K. is a well-established Polish company specializing in the distribution and sale of high-quality framing products and art supplies. With over 20 years of experience and a domain registered since 2002, the company serves a diverse clientele including framers, galleries, museums, and artists. Their product portfolio includes wooden and aluminum frames, passepartout, museum glass, framing machines, and art materials under the Renesans brand. The website is professionally designed, SEO optimized, and provides comprehensive product information and partner links. Technically, the site is built on WordPress with modern plugins and tracking tools, hosted by a reputable provider. Security posture is good with HTTPS and cookie consent implemented, though additional security headers and policies could enhance protection. Overall, the company demonstrates strong business credibility and digital maturity, with room for improvement in privacy and security transparency.

The website dxlabs.fr currently serves only a 404 Not Found error page, indicating that the site content is inaccessible or missing. The domain is registered with OVH, a reputable French registrar, and has been active since 2018, suggesting a legitimate registration. However, the lack of accessible content prevents any meaningful analysis of the business, services, or security posture from the website itself. The technical infrastructure appears minimal with no detectable technologies or security features. The absence of privacy, cookie, or security policies and contact information further reduces the site's credibility and compliance posture. Overall, the site presents a high risk due to lack of content and transparency.

N

WebPortal

napec-portal.com

47

The website napec-portal.com serves as a login portal for NAPEC, presumably the Nigerian Association of Petroleum Explorationists or a related entity. The portal is designed for members or authorized users to access their profiles and services. The site is built using Angular 14 framework and incorporates Usercentrics for cookie consent management, indicating some attention to privacy compliance. However, the public-facing content is minimal, focusing solely on login functionality without detailed business or contact information. The domain is recently registered in April 2023, consistent with a new portal launch. From a technical perspective, the site uses modern web technologies including Angular and Bootstrap for styling. DNS is managed via Google Domains, and the domain registrar is Squarespace Domains II LLC. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. No CMS or hosting provider details are explicitly found. Cookie consent is implemented via Usercentrics, but Google Analytics is present only in commented form, indicating limited active tracking. Security posture is moderate but could be improved. HTTPS is implied but no explicit security headers such as CSP, HSTS, or X-Frame-Options are detected in the HTML content. The login form lacks visible anti-CSRF tokens or advanced input security measures. No privacy policy, terms of service, or incident response contacts are published, which limits compliance and user trust. The domain registration is consistent and shows no suspicious patterns, but the lack of detailed business information and security policies reduces overall trustworthiness. Overall, the website is functional as a login portal but lacks comprehensive privacy, security, and business transparency features. Strategic improvements in security headers, privacy documentation, and contact information publication are recommended to enhance trust and compliance.

O

OTIDEA vzdělávání, s.r.o.

otideavzdelavani.cz

47

OTIDEA vzdělávání, s.r.o. is a Czech Republic-based educational company specializing in online courses, seminars, and customized training programs primarily targeting professionals and individuals seeking high-quality educational content. The company has an established market presence since 2013 and offers a variety of educational services including rental of teaching spaces. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site is built on a modern Angular framework with integration of multiple analytics and tracking tools, hosted behind Cloudflare DNS services. Security posture is adequate with HTTPS and no visible vulnerabilities, though improvements in security headers and explicit security policies are recommended. Privacy compliance is partially met with presence of privacy and terms pages but lacks a cookie consent mechanism. Overall, the website is trustworthy and well-positioned in the education sector.

Základní umělecká škola Rosice is a small educational institution based in the Czech Republic, providing foundational arts education in music, visual arts, and dance primarily to children and young people in the local community. The school is operated under the Jihomoravský kraj regional authority and offers various programs including student concerts, exhibitions, and competitions. The website reflects a well-structured and professionally designed platform that supports enrollment and provides information about the school's offerings and events. Technically, the site uses common web technologies such as jQuery, Bootstrap, and FontAwesome, with integration of Google Analytics for visitor tracking. Security-wise, the site implements cookie consent mechanisms but lacks visible security headers and detailed privacy or security policies. WHOIS data is unavailable, which limits domain trust assessment, but the website content and contact details appear legitimate and consistent with a local educational institution. Overall, the site is safe, accessible, and provides a good user experience, though improvements in security posture and privacy transparency are recommended.

Vlastivědný spolek Rosicko-Oslavanska is a small non-profit organization dedicated to documenting and educating about the history and culture of the Rosicko-Oslavansko region in the Czech Republic. The website serves as a regional cultural portal with event announcements, historical articles, and links to partner sites. The organization appears to have a modest but focused presence, leveraging Facebook for social engagement and promoting local cultural heritage. Technically, the website uses older JavaScript libraries and lacks modern security practices such as HTTPS enforcement and security headers. The presence of PHP notices in the HTML indicates suboptimal error handling and potential information leakage risks. Privacy and cookie policies are absent, which may impact compliance with GDPR regulations. Overall, the site is functional but requires modernization and security improvements to enhance trust and compliance.

Dům dětí a mládeže Zastávka, příspěvková organizace is a local non-profit educational organization based in Zastávka, Czech Republic, focused on providing extracurricular activities, camps, and events for children and youth. The website presents a clear and professional digital presence with detailed program offerings and community partnerships. Technically, the site leverages modern frontend libraries such as Bootstrap, jQuery, and Owl Carousel, ensuring a responsive and user-friendly experience. However, the absence of WHOIS data limits domain legitimacy verification, and the lack of security headers indicates room for improvement in security posture. The site implements a cookie consent mechanism but lacks a dedicated privacy policy page, which is critical for GDPR compliance. Overall, the website is safe, trustworthy, and well-suited for its target audience, but enhancing security and compliance documentation would strengthen its risk profile.

G

Gymnázium T. G. Masaryka Zastávka, příspěvková organizace

gzastavka.cz

41

Gymnázium T. G. Masaryka Zastávka is a public secondary educational institution in the Czech Republic offering four-year and six-year study programs. The website serves as an informational portal for students, parents, and the local community. The institution appears to be a small-sized educational entity focused on providing general secondary education. Technically, the website is built on WordPress using the Divi theme, with external resources such as Google Fonts and a cookie consent script from CookieYes. The site is accessible without any WAF or blocking mechanisms, indicating good availability. However, the absence of WHOIS data and lack of privacy and terms of service policies indicate gaps in transparency and compliance. Security posture is basic, with no detected security headers and unknown SSL configuration. Overall, the website is functional and relevant but requires improvements in security and compliance documentation.

M

Mighty Shake

mighty-shake.com

45

Mighty Shake is a well-established dance group and educational organization based in the Czech Republic, with a history dating back to 1995. The organization focuses on street dance and offers training and choreography services to a broad age range, from children to adults. Their market position is that of a respected local community group with a strong cultural presence and partnerships with local authorities and sports agencies. Technically, the website is built on WordPress with a variety of plugins and external libraries, providing a moderate performance and good mobile optimization. However, the site lacks modern security headers and privacy compliance documentation, which are areas for improvement. The security posture is adequate with HTTPS enforced but could be enhanced with additional headers and incident response information. The absence of WHOIS data for the domain raises concerns about domain legitimacy, although the website content and business information appear genuine. Overall, the website is functional and informative but requires improvements in privacy, security, and domain transparency to increase trust and compliance.

K

Klub absolventů Gymnázia v Zastávce

gzklub.cz

30

Klub absolventů Gymnázia v Zastávce is a small non-profit alumni association dedicated to organizing events and activities for former students of Gymnázium v Zastávce in the Czech Republic. The website serves as a community hub providing announcements about social events, cultural exhibitions, and sports activities. The organization appears well-established since 2015 and maintains consistent branding aligned with the school's identity. Technically, the site is built on WordPress with common plugins and libraries, offering moderate performance and good mobile optimization. However, there are gaps in privacy compliance and security best practices, such as missing privacy and cookie policies and lack of security headers. The site uses HTTPS properly, and no malicious content or vulnerabilities were detected. Overall, the website is trustworthy and professional but could improve its compliance and security posture.

C

Chachar catering s.r.o.

chachar.cz

46

Chachar catering s.r.o. operates a regional pizza delivery and catering service in the Czech Republic, established since 2006. The company offers fast delivery of pizza, wings, and other fresh food items through an online ordering platform and telephone. With multiple branch locations across various Czech cities, the business targets general consumers seeking convenient food delivery. The website is professionally designed with consistent branding and good content quality, supporting a medium-sized enterprise model focused on retail and hospitality sectors. Technically, the website is built on WordPress 4.9.8 with a modern tech stack including jQuery, Bootstrap, Google Tag Manager, and reCAPTCHA for security. Hosting is consistent with Czech providers, and the site uses HTTPS with no detected blocking or WAF interference. Performance and mobile optimization are good, though accessibility is basic. SEO practices are adequate with proper meta tags and structured navigation. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms in place. However, explicit security headers and a formal security policy or incident response contacts are absent. No vulnerabilities or exposed sensitive data were found in the HTML content. Privacy compliance is evident with GDPR-related pages and cookie consent, though no dedicated data protection officer contact was identified. Overall, the website and business present a trustworthy and professional front with low risk. Strategic improvements include enhancing security headers, updating WordPress to the latest version, and publishing explicit security and incident response policies to further strengthen trust and compliance.

S

SK K2 z. s.

beskydskasedmicka.cz

48

The website www.beskydskasedmicka.cz represents the official online presence of the Beskydská sedmička endurance race, a well-established outdoor sporting event held in the Czech Republic. The site provides comprehensive information about the race, including results, historical data, partner information, and multimedia content such as videos and photo galleries. The business operates primarily as an event organizer and promoter targeting outdoor sports enthusiasts and participants in endurance races. The site demonstrates a consistent brand identity and maintains active engagement with its audience through social media and partner networks. Technically, the website is built on WordPress with Bootstrap for responsive design and uses modern web technologies including jQuery and Google Tag Manager. SEO optimization is handled via the Yoast SEO plugin, and GDPR compliance is addressed through a cookie consent mechanism. The site is mobile-optimized and performs moderately well, though some accessibility features could be improved. From a security perspective, the site enforces HTTPS and implements cookie consent controls. However, no advanced security headers were detected, and there is no published security policy or incident response information. The absence of WHOIS data limits domain trust verification, but the presence of multiple official partners and detailed organizational contacts supports legitimacy. No vulnerabilities or exposed sensitive data were found in the content. Overall, the website is a credible and professional platform for the Beskydská sedmička event, with room for improvement in privacy policy transparency and security best practices. Strategic recommendations include publishing a clear privacy policy, adding security headers, and providing vulnerability disclosure information to enhance trust and compliance.

The website vlauma.com is currently inaccessible, presenting a 502 Bad Gateway error served by an nginx 1.24.0 server on Ubuntu. Due to the lack of accessible content, no business description, contact information, or policies are available for analysis. The domain is registered since 2015 with GoDaddy.com, LLC and uses Vultr name servers, indicating a potentially legitimate hosting setup. However, the absence of DNSSEC and the server error suggest technical issues impacting availability. Security posture is weak due to missing HTTPS and security headers information. Overall, the site is not currently functional, limiting any meaningful security or compliance evaluation.

O

Online Apotheke Europa B.V.

diskrete-apotheke24.de

49

The website diskrete-apotheke24.de operates as an online pharmacy specializing in the sale of erectile dysfunction medications such as Viagra, Cialis, and Levitra. It targets adult male customers primarily in Germany and Europe, offering discreet, legal, and duty-free pharmaceutical products. The business model is e-commerce focused, with an emphasis on convenience, privacy, and customer satisfaction. The site presents itself professionally with consistent branding and a clear navigation structure. Technically, the website uses modern web technologies including Bootstrap and Google Fonts, and is hosted behind Cloudflare DNS for performance and security. However, there is no evidence of advanced CMS or extensive third-party integrations. Security posture is moderate; while HTTPS is implied, no explicit security headers or incident response policies are visible. Privacy compliance is basic with cookie consent implemented and a privacy policy linked in the impressum page. Overall, the site is functional and trustworthy for its niche but could improve security and compliance transparency.

N

Nadace AGROFERT

nadace-agrofert.cz

47

Nadace AGROFERT is a well-established non-profit foundation based in the Czech Republic, focused on providing social support, grants, and scholarships primarily for children, youth, handicapped individuals, and single parents. The foundation has been operational since 2012 and is affiliated with the Agrofert group. Their website reflects a professional and consistent brand image, offering clear information about their projects, grant programs, and contact details. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google Analytics, ensuring a responsive and accessible user experience. Security measures such as HTTPS, reCAPTCHA, and cookie consent are implemented, although some security headers could be improved. Overall, the site demonstrates a good security posture and compliance with GDPR requirements. The domain registration data aligns well with the business claims, supporting the legitimacy of the foundation.

BlučinaNet s.r.o. is a small Czech telecommunications company established in 2002, specializing in internet connectivity and technical infrastructure network statements primarily in the Židlochovice region. The website functions mainly as an informational and redirect portal guiding users to their new site and providing contact details for infrastructure inquiries. The technical infrastructure of the website is minimal, lacking modern CMS, SEO optimization, and mobile responsiveness. Security posture is weak due to absence of HTTPS confirmation, security headers, and privacy policies. No forms or email contacts are provided, limiting user engagement and support channels. Overall, the site reflects a basic digital presence consistent with a small regional service provider.

V

VITÆ - Arts Martiaux / Fitness Centre privé Arts Martiaux - Fitness - Remise en forme

vitaeartsmartiaux.fr

45

VITÆ - Arts Martiaux / Fitness is a newly established private martial arts and fitness center located in the Yvelines region of France, specifically serving Le Vésinet and Le Pecq. The business offers a range of martial arts disciplines including Brazilian Jiu Jitsu, MMA, boxing, cross training, and self-defense courses for adults and children. Positioned as a local specialist in martial arts and fitness, the center targets individuals seeking both beginner and advanced training in these disciplines. The website reflects a professional and consistent brand image with good content quality and clear service offerings.