High-risk security reports

M

Město Slavkov u Brna

slavkovak.cz

46

Slavkovak.cz is a local leisure and tourism portal operated by the city of Slavkov u Brna, Czech Republic. It provides residents and visitors with news, event listings, information on local associations, gastronomy, accommodation, and tourist destinations. The site serves as an official community resource with a focus on promoting local culture and tourism. The business model is informational and community-driven, supported by the city administration. The website is well-branded and consistent, targeting a general audience interested in local events and tourism. Technically, the site uses a modern tech stack including UIkit for UI components, jQuery, Google Tag Manager, Google Analytics, Facebook SDK, and mapping APIs from Mapy.cz and Leaflet. The site is mobile optimized and performs moderately well, though accessibility and SEO could be improved. The presence of cookie consent and GDPR documentation indicates awareness of privacy compliance, though privacy policy details are basic. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit vulnerability disclosure or incident response policies. No WHOIS data was found, which raises concerns about domain registration legitimacy, though the site content and footer indicate official city operation. Overall, the site is trustworthy but would benefit from improved transparency and security hardening. The risk assessment is moderate with recommendations to improve security headers, add terms of service and security policies, and verify domain registration status to enhance trust and compliance.

Ú

Újezdní úřad Březina

vojujezd-brezina.cz

47

The website vojujezd-brezina.cz serves as the official online presence for the Military Training Area Březina, a government-operated military district in the Czech Republic. It provides authoritative information regarding the military district's administration, access restrictions, safety protocols, and official announcements. The site targets a broad audience including the general public, visitors, government officials, and military personnel. Its business model is focused on public information dissemination and regulatory communication within a government context. Technically, the website employs a traditional HTML/CSS/JavaScript stack with the vismo CMS platform. It integrates Google Translate for multilingual support and maintains a moderate performance profile with basic mobile optimization and accessibility features. SEO and modern web practices are implemented at a basic level, with room for enhancement. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a formal security or incident response policy. Cookie policies exist but lack active consent mechanisms. No vulnerabilities or malicious content were detected, indicating a generally secure posture appropriate for a government informational site. Overall, the website is trustworthy and professional, though improvements in security headers, privacy compliance mechanisms, and mobile accessibility would enhance its digital maturity and user experience. The domain's WHOIS data confirms legitimacy and long-standing registration consistent with the site's official status.

T

Turistické informační centrum Vyškov

ticvyskov.cz

44

Turistické informační centrum Vyškov is a local government-operated tourist information center serving the city of Vyškov, Czech Republic. The website provides comprehensive information about local attractions, events, cultural and sports activities, and services for tourists. It targets visitors and tourists seeking guidance and information about the region. The business model is public service-oriented, focusing on promoting tourism and local culture. The site maintains a consistent brand presence with official city links and active social media channels.

M

Mateřská škola Jiříkovice

msjirikovice.cz

46

Mateřská škola Jiříkovice operates as a local preschool educational institution in the Czech Republic, providing early childhood education and related services such as childcare and school meals. The website serves primarily parents and guardians seeking information about the school, its operations, and events. The institution is positioned as a small, community-focused educational provider with a clear local presence and official contact details. Technically, the website is built on a CMS platform by Galileo Corporation, utilizing common web technologies like jQuery, Bootstrap, and Leaflet for maps. The site is mobile-optimized and accessible, with an accessibility certification indicating compliance with inclusive design standards. Security posture is moderate, with HTTPS in use and cookie consent implemented, but lacking explicit privacy policies and security headers. Overall, the website is professional and trustworthy, though improvements in privacy compliance and security best practices are recommended.

ZŠ Jiříkovice is a small local primary school located in Jiříkovice, Czech Republic, providing education for the first stage of primary schooling. The institution offers additional services such as a school daycare, canteen, and extracurricular activities, targeting primarily parents and students in the local community. The website reflects a well-maintained digital presence with regular updates on school news and events, supporting effective communication with its audience. Technically, the site is built on WordPress with common libraries like jQuery and FontAwesome, delivering moderate performance and good mobile responsiveness. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and privacy mechanisms are recommended. Overall, the site demonstrates a trustworthy and professional online representation of the school, with clear contact information and compliance with GDPR through a dedicated page. Strategic enhancements in privacy consent and security policies would further strengthen its compliance and user trust.

T

TVVU s.r.o.

povodnovyportal.cz

46

TVVU s.r.o. operates the Povodňový portál, a specialized website dedicated to flood management solutions in the Czech Republic. The company provides digital flood plans, flood warning systems, monitoring services, and mobile flood barriers, targeting government agencies and emergency services. The website reflects a niche market position with strong partnerships with Czech hydrometeorological and water management institutions. Technically, the site uses a basic but modern tech stack including Google Analytics and Bootstrap-like CSS classes, hosted via WEDOS. While the site is accessible and professionally presented, it lacks critical privacy and cookie policies, which impacts compliance. Security posture is moderate with no visible security headers and no incident response information. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

K

KTS Ekologie s.r.o.

kts-ekologie.cz

47

KTS Ekologie s.r.o. is a Czech company specializing in ecological waste management services, including waste collection, disposal, and compost sales. The company primarily serves municipalities, businesses, and citizens within the Czech Republic, positioning itself as a regional service provider with a focus on environmental sustainability. The website reflects a professional and consistent brand image, with clear contact information and integration of social media for community engagement. The presence of EU-funded projects further supports the company's legitimacy and public sector involvement. Technically, the website is built on Drupal 10 with Bootstrap 5, ensuring a responsive and modern user experience. The site loads with moderate performance and includes accessibility and SEO best practices, although some improvements could be made in accessibility and performance optimization. The hosting provider is inferred to be Webglobe based on DNS data, aligning with the domain registration information. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, there is a lack of visible security headers and no published security or incident response policies, which are areas for improvement. Privacy compliance is partially met with a privacy policy present, but the absence of a cookie consent mechanism and vulnerability disclosure reduces compliance completeness. Overall, the security posture is moderate but could be enhanced with additional policies and technical controls. The overall risk assessment is low, with no signs of malicious activity or suspicious domain registration patterns. Strategic recommendations include implementing cookie consent, publishing security policies, adding security headers, and conducting regular security audits to strengthen the security posture and compliance. These steps will enhance trust and protect both the company and its users.

G

Groupe Arcade-VYV

groupearcadevyv.fr

45

Groupe Arcade-VYV is a major French real estate group specializing in affordable and health-centered housing solutions. It operates as a leader in the Logement Santé sector, providing a comprehensive range of housing and residence services for families, seniors, youth, and vulnerable populations, including private sector involvement. The website reflects a mature digital presence with professional design, structured data, and integration of modern analytics tools such as Matomo and Google Tag Manager. However, the absence of explicit privacy and cookie policies, as well as missing WHOIS data, indicates areas for improvement in transparency and compliance. Security posture is generally good with HTTPS enabled, but lacks some security headers and formal vulnerability disclosure mechanisms. Overall, the website is trustworthy and well-positioned but would benefit from enhanced privacy compliance and security best practices.

The website amenworld.com currently presents an extremely minimalistic and non-informative front with only the text 'amen' visible. There is no metadata, no structured data, no contact information, and no visible business description or services. The domain is registered since 1999 with Network Solutions, indicating a long-standing registration, but the website itself lacks any meaningful content or digital maturity. Technically, the site does not demonstrate modern web practices, lacks HTTPS information, and shows no evidence of security or privacy compliance mechanisms. The security posture is weak due to absence of HTTPS and security headers, and no privacy or cookie policies are present to indicate GDPR compliance. Overall, the site appears inactive or placeholder, resulting in a low trust and credibility score.

De Nigris 1889 operates a multilingual brand website with a language selection gateway directing users to Italian, USA, and global versions of their site. The company appears to be established since 2014 and targets a general audience with a professional and consistent brand presentation. The technical infrastructure includes WordPress CMS hosted on GoDaddy with integration of Google Tag Manager and Facebook Pixel for analytics and marketing. The website is mobile optimized and presents a good user experience with clear navigation. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies and no explicit GDPR compliance indicators. No contact or incident response information is provided, limiting trust and transparency. Overall, the site is safe and suitable for general audiences with no adult or explicit content detected.

Y

Home -

yuton.rs

47

The website www.yuton.rs represents a Serbian-based food product distributor operating under the Gaston Grupa umbrella. The company offers a variety of food products including tuna, seafood, fruits, vegetables, olives, oils, vinegars, pasta, rice, and specialty items. The site targets retail and wholesale buyers in Serbia and neighboring regions, positioning itself as a regional distributor within a larger group of related brands. The business is relatively new, with domain registration in early 2023, consistent with the company's recent establishment. From a technical perspective, the website uses several JavaScript libraries including multiple versions of jQuery, jQuery UI, and plugins for UI enhancements such as sliders and lightboxes. The site is moderately optimized for performance and mobile use but shows room for improvement in accessibility and SEO. The CMS or hosting provider is not explicitly identified. The website is accessible without any WAF or security challenges. Security posture is moderate; HTTPS is enabled but no DNSSEC or security headers are present. Multiple jQuery versions loaded may introduce vulnerabilities. No privacy or security policies are published, though a cookie consent banner is implemented, indicating some GDPR awareness. Contact information is clearly provided, enhancing business credibility. No analytics or tracking scripts were detected, suggesting minimal user tracking. Overall, the website is functional and moderately professional but lacks comprehensive privacy and security policies. Strategic improvements in security headers, privacy documentation, and script management are recommended to enhance trust and compliance.

K

Klub svobodných matek z.s

klubsvobodnychmatek.cz

38

Klub svobodných matek z.s is a Czech non-profit organization dedicated to supporting single-parent families across the Czech Republic. The organization provides financial, material, legal, and informational assistance to help single parents and their children manage daily challenges. Their services include aid for food, housing costs, school supplies, summer camps, and clothing through their Oděvní banka program. They also offer a free helpline and legal online advice. The website reflects a well-established entity with a clear mission and consistent branding, supported by testimonials and active social media channels. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, incorporating modern web technologies such as jQuery and Swiper.js. The site is mobile-optimized and performs moderately well, though there is room for improvement in SEO and accessibility. The hosting and domain registration are consistent with a Czech-based non-profit organization, with no suspicious indicators. From a security perspective, the site uses HTTPS but lacks visible security headers and formal security policies such as incident response or vulnerability disclosure. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms, which is a notable compliance gap. Tracking is implemented via Leadhub pixels, indicating moderate user tracking. Overall, the website is professional and trustworthy for its intended audience but should enhance privacy compliance and security best practices to improve its security posture and regulatory adherence.

Brána do Čech is a regional tourism portal focused on promoting the Ústecký region of Czechia. It provides visitors with comprehensive information about local attractions, events, accommodations, and leisure activities. The website targets tourists and regional visitors seeking travel guidance and cultural experiences. The business model is informational and promotional, aiming to enhance regional tourism visibility. Technically, the website employs a range of JavaScript libraries including jQuery, bxSlider, and Magnific Popup, alongside Google Analytics and Facebook SDK for tracking. The site shows moderate performance and basic mobile optimization. However, the use of an outdated jQuery version and lack of modern security headers indicate areas for improvement in technical maturity. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit privacy or cookie policies, which are critical for GDPR compliance and user trust. No forms or direct data collection mechanisms were detected, reducing immediate data exposure risks. The absence of WHOIS data limits domain trust verification, though the content and external links suggest legitimacy. Overall, the site is functional and content-rich but would benefit from enhanced security practices, privacy compliance, and domain transparency to improve trustworthiness and user confidence.

E

Ekofond SPP, n.o.

ekofondspp.sk

48

Ekofond SPP is a Slovak non-profit organization dedicated to environmental sustainability, carbon footprint reduction, and social responsibility. The website presents a professional and well-structured platform focused on promoting environmental projects and educational initiatives. The organization has an established market presence since 2007 and targets a general audience interested in energy and sustainability. Technically, the website employs modern JavaScript libraries, Google Tag Manager, and a comprehensive cookie consent mechanism, reflecting a moderate level of digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information could be improved. Overall, the site is trustworthy and compliant with GDPR, with clear privacy and cookie policies. Recommendations include enhancing security headers, publishing terms of service and incident response contacts, and improving accessibility features.

S

Sector s.r.o.

vibe.sk

43

Vibe.sk is a Slovak music and entertainment website operated by Sector s.r.o., focusing on providing music news, music videos, and artist profiles primarily for Slovak and international audiences. The site offers categorized music content by genre and style, targeting general music enthusiasts. It maintains a moderate market position as a regional media portal with consistent branding and regular content updates. Technically, the site uses a mix of JavaScript libraries including jQuery, Google Analytics, Google Adsense, and Video.js for media playback, with a custom or sector.sk-based CMS platform. The website is served over HTTPS and includes cookie consent mechanisms compliant with GDPR, but lacks visible security headers and explicit security or incident response policies. No contact emails or phone numbers are publicly listed, which may impact user trust and support accessibility. Overall, the site is functional with good content quality and moderate technical implementation, but could improve security posture and compliance transparency.

2

2exVia

masteredit.com

39

2exVia is a well-established French digital communication and marketing agency with over 25 years of experience. They offer a broad range of services including custom web and app development, video production, brand identity, and social media management. Their proprietary CMS, MasterEdit®, powers over 250 websites, demonstrating technical maturity and a strong market presence. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Matomo analytics and lazy loading for performance. Security posture is good with HTTPS and cookie consent implemented, though explicit security policies and incident response contacts are absent. WHOIS data is unavailable, which slightly reduces transparency but does not detract significantly from the overall trustworthiness given the professional content and social media presence. Overall, the site represents a credible and competent digital agency with a solid technical foundation.

I

International Visegrad Fund

visegradgroup.eu

43

The website represents the official online presence of the Visegrad Group, an intergovernmental cooperation platform among Czechia, Hungary, Poland, and Slovakia. It serves as an informational and cultural exchange hub, promoting regional cooperation and European integration. The site is supported by the International Visegrad Fund and includes partner links to official tourism and think tank sites. Technically, the site uses a legacy but stable technology stack including Bootstrap 3 and jQuery 1.9.1, managed via the Webra CMS. The design is professional and content-rich, targeting government officials, researchers, and the general public interested in Central European affairs. Security posture is adequate with HTTPS enabled but lacks modern security headers and explicit privacy policies. Contact options are limited to a web form without direct email or phone contacts. Overall, the site is trustworthy and legitimate, though improvements in privacy compliance and security hardening are recommended.

Z

Zväz vojakov Slovenskej republiky

zvazvojakov.sk

46

Zväz vojakov Slovenskej republiky is a Slovak non-profit organization representing military veterans. The website serves as an information hub for members and the public, providing updates on events, legal advice, and cooperation with other military and veteran organizations. The site is built on WordPress using Elementor and JetEngine, reflecting a moderate level of digital maturity with good content quality and navigation. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and explicit privacy policies. Overall, the website is legitimate and trustworthy, with room for improvement in privacy compliance and security best practices.

D

DMD GROUP, a.s

dmdgroup.eu

44

DMD GROUP, a.s is a Slovak defense manufacturing company specializing in research, development, and production of weapon systems. The company operates as a group with multiple subsidiaries focused on weapon design, ammunition lifecycle management, and production of barrels and cannons. Their website reflects a professional and consistent brand presence targeting defense industry stakeholders and government agencies. Technically, the site is built on WordPress with modern libraries and scripts, providing moderate performance and good mobile optimization. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers and incident response policies are absent. Privacy compliance is addressed with a GDPR privacy policy, but lacks a cookie consent mechanism. Overall, the website is trustworthy and well-maintained, supporting the company's credibility in the defense sector.

H

HOREZZA, a.s.

granithotels.sk

44

HOREZZA, a.s. operates the Granit Hotels brand, managing multiple hotel properties in Slovakia, providing accommodation and booking services primarily targeting general consumers and travelers. The website presents a professional and consistent brand image with clear navigation and booking functionality. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and various JavaScript libraries, hosted on a CMS platform by SoftSolutions. Mobile optimization and user experience are good, though accessibility features are basic. Security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, but lacks explicit security policies and incident response contacts. Overall, the domain registration aligns well with the business identity, indicating legitimacy and trustworthiness.

C

Corner

wineplanet.sk

48

WinePlanet.sk is a well-established Slovak e-commerce platform specializing in premium wines and spirits from around the world. Founded in 2006, it offers an extensive catalog of over 2,500 wine varieties and 260,000 bottles in stock, targeting wine enthusiasts and consumers primarily in Slovakia. The website supports Slovak and English languages and provides fast delivery services, wine tastings, and masterclasses, positioning itself as the largest wine e-shop in the Slovak market. The business model focuses on direct online retail complemented by physical stores and events.

The website 4fstore.sk appears to be an established e-commerce retail platform, likely specializing in sportswear or apparel, based on the domain and URL patterns. The domain has been registered since 2013 and is hosted via Akamai CDN, indicating a mature infrastructure. The site employs modern web technologies including React and Tailwind CSS, and integrates multiple analytics and marketing tools such as Google Analytics, Google Tag Manager, SalesManago, and Cookiebot for cookie consent management. However, explicit privacy policies, terms of service, and contact information are not found in the analyzed content, which may impact user trust and compliance. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks visible security headers and formal security policies. Overall, the site is functional and professionally designed but could improve transparency and security practices.

S

Sportway

sportway.se

48

Sportway is a Sweden-based technology and media company specializing in AI-automated sports video production, data services, and media rights acquisition. They provide end-to-end automated live sports video production, focusing on lower tier leagues and youth divisions, serving sports federations and clubs across multiple countries. Their market position is strong as one of Europe's fastest growing broadcast solutions for sport, with thousands of live broadcasts and installations worldwide. Technically, the website is built on a modern WordPress CMS with Elementor and Yoast SEO, showing good digital maturity and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements like DNSSEC and advanced security headers are recommended. Overall, the website is professional, trustworthy, and business credible, with clear contact information and consistent branding.

U

Union Sport & Cycle (USC)

filieresport.com

44

Filière Sport is a French media platform dedicated to the sports industry, providing news, data, and insights on topics such as economy, corporate social responsibility, health, territories, and market data. It serves professionals and stakeholders in the sports sector, offering a mix of free and premium content. The website is linked to Union Sport & Cycle, a recognized entity in the sports industry, which acts as the parent organization. Technically, the site uses modern web technologies including jQuery, Google Tag Manager, Facebook SDK, and reCAPTCHA, ensuring a functional and moderately performant user experience with good mobile optimization. Security practices include HTTPS enforcement and use of CAPTCHA for forms, though some security headers could be improved. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service found on the homepage. The WHOIS data for the domain is unavailable, which slightly reduces trust but the professional presentation and consistent branding mitigate concerns. Overall, the site is a credible and useful resource for its target audience, with room for improvement in privacy transparency and security headers.

The website moravy.eu serves as a basic informational portal focused on Moravia, a historical and cultural region in the Czech Republic. It provides links and minimal content related to Moravian history, symbols, and geography. The site is small in scale and targets a general audience interested in regional information. Technically, the site is simple, built with basic HTML and CSS, hosted by a reputable Czech registrar, but lacks modern web technologies and optimization. Security posture is minimal with no visible HTTPS confirmation or security headers, and no privacy or cookie policies are present. The absence of contact information and security policies limits trust and compliance. Overall, the site is safe but basic, with significant room for improvement in security, privacy, and content richness.

R

Repromeda

repromeda.hr

43

Repromeda is a healthcare provider specializing in assisted reproduction and infertility treatment, targeting couples and individuals seeking to build families. The website presents a professional image with a clear focus on fertility services and has a strong market presence with over 6000 successful births. The company operates multiple country-specific domains, indicating a regional expansion strategy. Technically, the website is built on WordPress using Elementor and Yoast SEO, with integrations for Google Tag Manager and reCAPTCHA, reflecting a modern digital infrastructure. Security posture is adequate with HTTPS and some best practices, but lacks comprehensive security headers and explicit security policies. Privacy compliance is basic, with cookie consent present but no clear privacy policy or terms of service found. WHOIS data shows inconsistencies, notably a future domain creation date, which raises questions about domain registration legitimacy. Overall, the website is trustworthy and professional but would benefit from improved transparency and security enhancements.

R

Repromeda

repromeda.pl

43

Repromeda is a healthcare provider specializing in fertility treatments and family planning services, operating primarily in Poland with a network of related sites across Central and Eastern Europe. The website presents a professional and content-rich platform targeting individuals and couples seeking fertility assistance, boasting a track record of 6000 children born through their services. Technically, the site is built on WordPress using modern plugins such as Elementor, Yoast SEO, and Fluent Forms, with integration of Google Tag Manager and reCAPTCHA for analytics and security. The security posture is solid with HTTPS and anti-bot measures, though it lacks some advanced security headers and explicit security policies. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a clearly identified privacy policy page. Overall, the site is trustworthy and well-positioned in its market segment, though improvements in transparency and security documentation are recommended.

R

Repromeda

repromeda.it

42

Repromeda is a healthcare provider specializing in reproductive medicine and genetic fertility treatments, operating primarily as a Czech clinic with localized websites for multiple European countries including Italy. The website presents a professional image with a clear focus on advanced fertility technologies and accessible treatments. The business targets individuals seeking fertility solutions, positioning itself competitively against Western European providers by offering high medical standards and no waiting lists. Technically, the site is built on WordPress with modern plugins such as Elementor and Yoast SEO, integrating Google services like Tag Manager and reCAPTCHA for analytics and security. The security posture is solid with HTTPS and spam protection, though it lacks visible security headers and formal security policies. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the site is well-structured, mobile-optimized, and SEO-friendly, but could improve transparency and security documentation.

R

Repromeda

repromeda.de

49

Repromeda is a healthcare service provider specializing in fertility treatments and family planning support, operating primarily in Germany with a strong regional presence and over 6,000 babies born through their services. The website is professionally designed using WordPress and modern plugins, supporting multiple languages to cater to a broad European audience. The technical infrastructure includes Google Tag Manager, Fluent Forms, and Elementor, indicating a mature digital presence. Security posture is adequate with HTTPS enabled and use of Google reCAPTCHA, but lacks explicit security headers and published security policies. Privacy compliance is weak due to absence of visible privacy and cookie policies. Overall, the website is trustworthy and professional but could improve transparency and compliance aspects.

R

Repromeda

repromeda.hu

46

Repromeda is a healthcare provider specializing in fertility and reproductive services, operating primarily in Hungary with a strong presence across multiple European countries via sister sites. The company has a solid market position, having facilitated the birth of over 6000 babies, targeting individuals and couples seeking family planning and fertility treatments. The website is professionally designed using WordPress with modern plugins such as Elementor and Yoast SEO, supporting multilingual content and optimized for mobile devices. Security measures include HTTPS enforcement, security headers, and Google reCAPTCHA integration, reflecting a good security posture. However, the absence of explicit privacy policies, terms of service, and incident response documentation indicates room for improvement in compliance and transparency. Overall, the site is trustworthy and well-positioned but would benefit from enhanced privacy and security disclosures.

R

Repromeda

repromeda.com

48

Repromeda is a healthcare service provider specializing in fertility and family planning treatments, with a notable track record of over 6,000 children born through their services. The website is professionally designed using WordPress with Elementor and integrates modern technologies such as Fluent Forms and Google services for analytics and advertising. The site is accessible without any WAF or security challenges, indicating good availability. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Security posture is generally good with HTTPS and reCAPTCHA implemented, but lacks visible security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site presents a professional front for fertility services but would benefit from improved transparency and compliance documentation.

R

Repromeda

repromeda.sk

45

Repromeda is a healthcare provider specializing in assisted reproduction and infertility treatment, operating primarily in Slovakia with multiple sister sites in neighboring countries. The website presents a professional and consistent brand image, targeting individuals and couples seeking fertility services. The technical infrastructure is based on WordPress with modern plugins such as Elementor and Yoast SEO, ensuring good performance and SEO optimization. Security measures include HTTPS, Google reCAPTCHA, and Google Tag Manager, though explicit security policies and incident response information are not published. Overall, the site is trustworthy and well-maintained, with room for improvement in privacy compliance documentation and accessibility features.

H

HUisHU. Digitale Kreativagentur GmbH

huishu-agentur.de

48

HUisHU. Digitale Kreativagentur GmbH is a German digital creative agency with offices in Hannover and Hamburg. The company specializes in digital development, campaigns, and communication aimed at fostering growth for individuals, brands, and medium-sized enterprises. Their key services include brand building, social media campaigns, content creation, websites, and applications. The agency holds multiple industry certifications and awards, positioning itself as a reputable player in the media and creative sector within Germany. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Matomo Analytics, Google Tag Manager, and Borlabs Cookie for consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Hosting appears to be managed via kasserver.com, consistent with the domain's nameservers. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or suspicious indicators were detected. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent banner, indicating GDPR adherence. Overall, the website is professional, trustworthy, and well-maintained, with strong business credibility and digital maturity. Strategic recommendations include enhancing security headers, publishing a security policy, and establishing a vulnerability disclosure process to further strengthen security posture.

N

Nutrisens

nutrisens.com

49

Nutrisens is a French agro-food group specializing in nutrition and health products tailored for patients with malnutrition, dysphagia, specific diets, and allergies. The company offers products developed by expert nutritionists and chefs, targeting both individual patients and healthcare professionals. Their business model includes direct sales through an online shop and professional channels, positioning them as a specialized player in the healthcare nutrition sector. The website is professionally designed, multilingual, and optimized for SEO, reflecting a medium-sized enterprise with a clear market focus. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates multiple analytics and tracking tools including Matomo, Microsoft Clarity, Bing UET, and LinkedIn Insight. The site uses HTTPS and includes a cookie consent mechanism via Axeptio, indicating a baseline compliance with privacy regulations. However, explicit privacy and terms of service pages were not detected in the provided content, which could be improved. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in the HTML. There is no evidence of security headers in the provided data, and no direct incident response or security policy information is available. The absence of WHOIS data for the domain reduces trustworthiness from a domain registration perspective, though the website content and technical setup suggest a legitimate business. No vulnerabilities or malicious indicators were found. Overall, Nutrisens presents a professional and trustworthy online presence in the healthcare nutrition industry, with room for improvement in privacy transparency and security header implementation. The lack of WHOIS data is a concern that should be investigated further to confirm domain legitimacy.

V

VIP Studio 360

vip-studio360.fr

45

VIP Studio 360 is a French-based small business specializing in virtual tours, 360° imaging, and virtual reality solutions aimed at enhancing online presence and customer engagement. The company targets sectors such as education, industry, institutions, tourism, and training, providing immersive digital experiences to boost conversions and visibility. The website is professionally designed using WordPress with the Divi theme, integrating modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Google Ads. Cookie consent is managed via Tarteaucitron, reflecting some level of privacy compliance. Security posture is adequate with HTTPS enforced and use of reCAPTCHA, but lacks comprehensive security headers and explicit privacy or terms of service pages. WHOIS data is unavailable, likely due to privacy protection, which is common for small businesses but reduces transparency. Overall, the site is functional, professional, and business-focused with moderate technical maturity and security awareness.

Z

Združenje Manager

mqportal.si

41

MQ portal is a Slovenian web platform dedicated to modern leadership and management excellence, operated by Združenje Manager, an established organization with nearly 30 years of experience. The portal serves as a knowledge base offering articles, best practices, interviews, and event information targeted at managers and business professionals. The business model revolves around content dissemination, membership networking, and training events. Technically, the site is built on WordPress with modern plugins for performance and GDPR compliance, including WP Rocket and Moove GDPR Cookie Compliance. The site is moderately performant, mobile-optimized, and SEO-friendly. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved and incident response information is absent. No critical vulnerabilities or suspicious WHOIS patterns were detected, and the domain registration aligns well with the business claims. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

C

CRMT d.o.o.

crmt.si

43

CRMT d.o.o. is a well-established Slovenian technology company specializing in data-driven business transformation, controlling modernization, corporate performance management, and regulatory reporting solutions. With over 20 years of experience, CRMT serves business clients seeking to leverage advanced data management and analytics technologies to improve operational efficiency and compliance. The company maintains strong partnerships with leading technology providers such as Exasol, Qlik, and Wolters Kluwer, reinforcing its market position as a trusted consulting and solutions provider. Technically, the website is built on a modern WordPress CMS platform with common optimization and analytics tools including Google Tag Manager and Cookiebot for consent management. The site demonstrates good mobile optimization, clear navigation, and professional design, supporting a positive user experience. Performance is moderate, with opportunities for further optimization. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence. Overall, CRMT's website reflects a mature, professional business with a solid digital presence and good security posture. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and considering a vulnerability disclosure program to further strengthen trust and compliance.

P

Patrick Hofmann IT-Solutions

p-hofmann.de

36

Patrick Hofmann IT-Solutions is a small, specialized IT service provider based in Berlin, focusing on WordPress development, web design, security, and server management. The company offers a comprehensive range of services including WordPress maintenance contracts, web hosting, e-commerce consulting, automation with AI, API programming, and progressive web apps. The website positions the business as a reliable and competent partner for clients seeking professional IT solutions in the local market. Technically, the website is built on WordPress using the Enfold theme and several well-known plugins such as Contact Form 7 and Mailster. The site is mobile-optimized, has good SEO practices, and includes modern web technologies like HTML5 and JavaScript. Hosting details are not explicit, but the use of anycast DNS suggests a focus on performance and reliability. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism with Google Analytics opt-out functionality. The contact form is protected by a captcha and requires explicit privacy consent. However, additional security headers and a published security policy or incident response contacts are absent, representing areas for improvement. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. The business demonstrates a solid digital presence with good content quality and user experience. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.

Transparency International Czech Republic is a well-established non-profit organization dedicated to combating corruption within the Czech Republic. The website clearly communicates its mission, ongoing projects, and impact metrics, supported by a professional and modern web presence built on WordPress. The organization provides legal assistance, advocacy, and educational services, funded primarily through donations facilitated by a trusted third-party platform. Technically, the site employs modern SEO and analytics tools, ensuring good performance and user experience across devices. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in publishing explicit security policies and incident response contacts. The absence of WHOIS data reduces domain registration transparency but does not detract significantly from the organization's credibility given the consistent branding and external references.

The website balbooa.com is currently inaccessible, returning a 403 Forbidden error page which blocks access to any meaningful content. The domain is registered since 2013 with Hosting Ukraine LLC as the registrar and uses SiteGround name servers. No privacy, cookie, or terms of service policies are present on the accessible page, nor is there any contact information or business details. The website appears to be down or access restricted, preventing a full assessment of its business or technical infrastructure. The visible content is limited to an error message with no scripts, analytics, or external business links detected. Security posture is minimal with no DNSSEC enabled and no security headers observed. Overall, the site lacks transparency and accessibility, which significantly impacts trust and credibility.

C

Církev adventistů s.d.

hopetv.cz

42

HopeTV is a Czech Christian internet television channel affiliated with the international Hope Channel network and operated by the Církev adventistů s.d. It provides religious video content including sermons, live church services, and thematic programs targeting the Christian community and general public interested in faith-based media. The website features a professional design with good navigation and mobile optimization, supporting a positive user experience. Technically, it employs a mix of legacy and modern web technologies including jQuery, Nette AJAX, Video.js, and Google Analytics, but some components like jQuery are outdated and may pose security risks. Security posture is moderate with HTTPS enforced but lacking security headers and updated libraries. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. The WHOIS data is unavailable, limiting domain registration trust assessment, but the website's affiliation with known organizations supports legitimacy. Overall, the site is functional and trustworthy but requires improvements in security and privacy compliance.

C

Cirkev adventistov siedmeho dňa na Slovensku – CASD

casd.sk

38

The website www.casd.sk serves as the official online presence of the Slovak Seventh-day Adventist Church, providing religious content, community news, event information, and links to affiliated organizations. It targets Slovak-speaking members and followers of the church, offering spiritual resources and institutional information. The site is built on WordPress with a moderate technical infrastructure and basic mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks advanced security headers and vulnerability disclosures. The site demonstrates good content quality and trustworthiness, supported by consistent branding and regular updates. No critical security issues or adult content were detected, and the WHOIS data aligns well with the organization's claims, indicating legitimacy.

B

Biblické přednášky

tvanadeje.cz

48

Tvánadeje.cz is a Czech Republic based small-scale religious content website offering 26 biblical lectures and the life story of Radim Passer. The site targets a general audience interested in Christian teachings and religious education. It maintains a niche position within the non-profit religious education sector, leveraging social media platforms such as Facebook, Instagram, and YouTube to extend its reach. The business model is content-driven, focusing on educational and inspirational material. Technically, the website is built on WordPress using the Divi theme, incorporating modern analytics and marketing tools like Google Analytics, Google Tag Manager, and Facebook Pixel. The site is hosted by Active24 and uses HTTPS with reCAPTCHA for basic security. However, it lacks advanced security headers and explicit privacy or terms of service documentation, which are areas for improvement. Overall, the website demonstrates moderate digital maturity with good content quality and user experience but could enhance its security posture and compliance transparency.

A

Advanced Technology Cluster

atcluster.eu

44

Advanced Technology Cluster is a Czech Republic-based technology cluster focused on fostering innovation and collaboration in advanced technologies such as Artificial Intelligence, XR technologies, cybersecurity, process optimization, and ESG principles. The cluster supports research and development, promotes education, and facilitates cooperation between businesses, academia, and the public sector. The website is professionally designed using WordPress and Elementor, with modern plugins and a focus on user experience. However, it lacks explicit privacy and cookie policies, and contact information is limited to a phone number. Security posture is good with HTTPS enabled, but security headers and vulnerability disclosure mechanisms are absent.

S

Sangel Systemtechnik GmbH

helulight.de

48

The website helulight.de represents HELU Connectivity Solutions Bielefeld GmbH, formerly known as Sangel Systemtechnik GmbH, a medium-sized German company specializing in intelligent lighting concepts, cable assemblies, and LED industrial luminaires. The company is part of the HELUKABEL Group, which enhances its market position and product portfolio. The site targets industrial manufacturers and machine builders, offering B2B solutions for process visualization and industrial lighting. Technically, the website is built on the Shopware CMS platform with modern JavaScript and Bootstrap frameworks, providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enforced and cookie consent enabled, but lacks advanced security headers and explicit security policies. Privacy compliance is moderate with a privacy policy linked on a partner domain but no dedicated cookie or terms of service pages on the site itself. Overall, the site is professional, trustworthy, and safe for general audiences.

G

Gaston, s.r.o.

yuton.biz

45

Gaston, s.r.o. is a Czech-based distributor specializing in canned fish, vegetables, and fruits under multiple brands such as Gianna and Franz Josef. The company operates a medium-sized business with a regional presence supported by several subsidiaries across Central and Eastern Europe. Their website reflects a professional and consistent brand image with clear product categories and contact information. Technically, the site uses legacy JavaScript libraries like jQuery but implements modern UI components such as sliders and cookie consent mechanisms. Security posture is moderate with HTTPS usage implied but lacking explicit security headers and updated libraries. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact details appear legitimate. Privacy and terms policies are not explicitly found, indicating room for compliance improvements.

The website for paysdegrasse.fr is currently inaccessible, displaying only a minimal error message indicating the host name is not valid for the server. This prevents any meaningful extraction of business, technical, or security content from the site itself. The domain is registered with OVH since 2011 and is active with a valid expiry date in 2026, suggesting a legitimate registration. However, the lack of accessible content and metadata severely limits the ability to assess the business operations, services, or digital maturity. Security posture cannot be evaluated due to absence of data, and no privacy or compliance policies are present on the site. Overall, the site appears offline, misconfigured, or protected by restrictive server settings.

E

ELTON hodinářská, a.s.

eltonhodinarska.cz

40

ELTON hodinářská, a.s. is a Czech watch manufacturing company with a heritage dating back to 1949. The company specializes in producing PRIM brand wristwatches, as well as wall clocks, alarm clocks, and other measuring instruments. Their manufacturing process includes in-house production of mechanical movements and components, emphasizing traditional craftsmanship. The company distributes its products through branded stores in major Czech cities and selected partners. Technically, the website is built on ASP.NET with modern front-end libraries such as Bootstrap and jQuery, and integrates Google Analytics and Tag Manager for visitor tracking. The site is mobile-optimized and presents content professionally with clear navigation. Security-wise, the site uses HTTPS and implements a cookie consent banner, but lacks visible security headers and explicit privacy or security policies. WHOIS data is unavailable, which reduces transparency but does not critically impact trust given the brand's established reputation. Overall, the website reflects a medium-sized manufacturing business with a solid digital presence but could improve in security and privacy transparency.

Z

zariadim.sk

zariadim.sk

46

zariadim.sk is a Slovak online platform that connects customers with verified service providers across various sectors including home, garden, family, automotive, health, and business services. The platform features extensive user-generated content such as references and job postings, indicating a mature and active user base. The website integrates multiple subdomains targeting specific service categories, enhancing user experience and market segmentation. Technically, the site leverages modern web technologies including jQuery, Bootstrap, and the Nette PHP framework, supported by analytics and marketing tools like Google Analytics, Facebook Pixel, Hotjar, and Zopim chat. Security posture is adequate with HTTPS enforced, but could benefit from enhanced security headers and a formal vulnerability disclosure policy. Privacy compliance is partial, with a privacy policy and terms of service present but lacking cookie consent mechanisms. Overall, the site demonstrates a solid business presence with moderate risk and room for security and privacy improvements.

D

Digital Garden - Tvorba web stránok Bratislava

digitalgarden.sk

45

Digital Garden is a Slovak-based creative agency specializing in professional web design, web development, SEO optimization, online marketing, and corporate identity branding. The company targets businesses and individuals seeking comprehensive digital solutions to enhance their online presence and sales channels. The website is built on WordPress, leveraging popular plugins such as Yoast SEO, Contact Form 7, and Slider Revolution, indicating a modern and maintainable technical infrastructure. The site is mobile-optimized and includes social media integration, enhancing its digital maturity. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, though some security headers are missing and no explicit security or incident response policies are published. Privacy compliance is partial, with a cookie consent banner present but no dedicated privacy policy or terms of service pages found. Overall, the website presents a professional and trustworthy image consistent with a small technology service provider in Slovakia.