High-risk security reports

Z

Zelené město

zelene-mesto.eu

45

Zelené město is a collaborative project focused on improving the quality of life in Plzeň through environmental and social responsibility initiatives. It is supported by a consortium of local government bodies and major regional companies, positioning itself as a key local initiative in the energy and transportation sectors. The website serves as an informational platform highlighting project goals, partners, and news updates. Technically, the site is built on WordPress with modern plugins for SEO, cookie compliance, and interactive content, reflecting a moderate level of digital maturity. Security posture is solid with HTTPS and GDPR-compliant cookie consent, though some security headers and incident response information are absent. Overall, the site is professional, trustworthy, and well-aligned with its stated mission.

Ask4web, operated by Marek Hejl, is a small Czech Republic-based business currently presenting a placeholder website indicating a forthcoming new web presentation. The site provides basic contact information including email, phone, and physical address but lacks substantive content or detailed business descriptions. The technical infrastructure is minimal, with no detected CMS or advanced technologies, and no evidence of HTTPS or security headers, indicating a low digital maturity level. Security posture is weak due to absence of HTTPS, privacy policies, and security best practices. The domain WHOIS data is unavailable, which raises concerns about domain registration transparency and trustworthiness. Overall, the website is in an early stage of development with significant room for improvement in content, security, and compliance.

T

TRIO-D spol.s.r.o.

trio-d.net

44

TRIO-D spol.s.r.o. is a Czech Republic-based agricultural company specializing in the sale of agrochemical products, seeds, and trading of agricultural commodities. Established in 1991, the company has expanded its services to include storage and post-harvest processing, serving primarily agricultural businesses and farmers. The website reflects a professional presence with clear business information and product offerings focused on agrochemicals, seeds, and commodities. Technically, the website uses standard web technologies such as jQuery and Bootstrap, with a cookie consent mechanism implemented to comply with basic privacy requirements. However, there is no visible privacy policy or terms of service, and security practices such as HTTPS enforcement and security headers are not confirmed, indicating room for improvement in security posture. Overall, the website is functional and trustworthy but would benefit from enhanced security and compliance documentation.

F

fitness-rezervace.cz

fitness-rezervace.cz

47

fitness-rezervace.cz operates a specialized online reservation and information system primarily targeting fitness centers, gyms, yoga studios, and various sports facilities in the Czech Republic. Established in 2011, the company offers a comprehensive software solution that includes user management, payment integration, live streaming capabilities, and advanced features such as turnstiles, vouchers, and REST API for developers. Their market position is that of a niche leader within the Czech fitness and sports reservation software sector, supported by a small but focused business model emphasizing customization and client support. The website reflects a professional and consistent brand image with clear business information and contact details.

The domain roadsafety.international is currently a parked domain with no active website content or business presence. The site displays a Sedo parking iframe and Google ads scripts, indicating it is not operational for any road safety-related business or service. The lack of privacy policies, contact information, or business details further confirms the domain is inactive. Technically, the site uses basic HTML and JavaScript with no detected CMS or advanced frameworks. There is no evidence of HTTPS enforcement or security headers, which poses a security risk if the site were to become active. The WHOIS data is minimal and does not provide creation or expiry dates, with registrant information withheld, reducing trustworthiness. Overall, the domain is not currently suitable for business use and lacks any meaningful security or compliance posture.

Hamernik s.r.o. is a small manufacturing company based in the Czech Republic specializing in the production of quality wooden handles, grips, tools, and wooden briquettes. Established in 1991, the company emphasizes eco-friendly sourcing of wood from European forests and combines modern technology with traditional craftsmanship. The website reflects this focus with detailed descriptions of their products and certifications such as FSC® and EKO-COM, supporting their commitment to quality and sustainability. The company is a member of IIG, a.s., indicating some corporate affiliation. Technically, the website is built on an older version of WordPress (4.6.29) with basic use of jQuery and SEO plugins. The site is accessible, with moderate performance and basic mobile optimization. However, it lacks modern security headers and up-to-date platform versions, which could expose it to vulnerabilities. There is no visible privacy or cookie policy, and no advanced analytics or tracking tools are detected, indicating minimal user tracking. From a security perspective, the site uses HTTPS but does not implement additional security headers or explicit privacy compliance mechanisms. The absence of a vulnerability disclosure policy and incident response contacts suggests limited formal security governance. The WHOIS data is unavailable due to privacy protection, which is common for small businesses but limits domain trust verification. Overall, the site is functional and moderately trustworthy but would benefit from security and compliance enhancements. Strategically, the company should prioritize updating its CMS and plugins, implementing comprehensive privacy and cookie policies, and adding security headers to improve its security posture and regulatory compliance. Enhancing transparency around data protection and incident response would also build greater trust with customers and partners.

E

eMOTION fitness

emotionfitness.cz

42

Emotion fitness is a modern fitness center located in Plzeň, Czech Republic, established in 2020. The business offers a variety of fitness services including state-of-the-art TECHNOGYM equipment, group classes such as yoga, pilates, TRX, and specialized children's exercise programs. Additional wellness services include physiotherapy, cosmetics, massages, maderotherapy, solarium, and a café bar, targeting local residents and families. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing purposes. Hosting is provided by WEDOS, a Czech hosting provider, consistent with the business location. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit cookie consent mechanisms are lacking, representing areas for improvement. Overall, the website is trustworthy and well-positioned in its local market segment.

SBS "IVA" , s.r.o. is a Czech Republic-based security services company operating since 1996, providing personal and property guarding services. The company has expanded with subsidiaries and is part of SECURITY HOLDING, a.s. The website presents basic information about the company and its services, targeting businesses and organizations in need of security solutions. Technically, the website uses an older jQuery version and the eStránky.cz CMS platform, with basic mobile optimization and accessibility features. Security posture is limited by lack of visible HTTPS enforcement and missing security headers. Privacy and cookie policies are absent, reducing compliance confidence. Overall, the site is functional but requires improvements in security, privacy, and contact transparency to enhance trust and compliance.

P

PPD stav s.r.o.

ppdstav.cz

47

PPD stav s.r.o. is a professional construction company based in the Czech Republic, specializing in residential, civic, and industrial building projects. Founded in 2017, the company leverages over 20 years of employee experience to deliver tailored construction services primarily in Plzeň, the Plzeň region, and Prague. Their key services include bytová výstavba (residential construction), občanská výstavba (civic construction), průmyslová výstavba (industrial construction), and truhlářství (carpentry). The company positions itself as a reliable regional player with a focus on quality and customer-specific solutions.

FOINIA STEEL spol. s r.o. is a medium-sized, family-owned Czech company specializing in the sale and processing of steel and metallurgical materials since 1991. The company serves both business clients and individual craftsmen, offering a broad product range including pipes, profiles, sheets, and additional value-added services such as cutting, bending, locksmith work, and delivery across the Czech Republic. Their website reflects a professional and consistent brand image with clear contact information and GDPR-compliant privacy and cookie policies. Technically, the website is built on a custom CMS platform (IPO CMS) utilizing jQuery, jQuery UI, Google reCAPTCHA, and Matomo analytics for privacy-conscious tracking. The site is mobile-optimized with good SEO and accessibility basics, though some security headers are missing. HTTPS is enforced, and cookie consent mechanisms are implemented effectively. From a security perspective, the site shows good practices such as HTTPS and CAPTCHA protection but lacks explicit security policies and incident response contacts. The absence of WHOIS domain registration data is a notable concern, reducing domain trustworthiness and raising questions about domain legitimacy. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is safe, professional, and functional with moderate technical maturity. Strategic improvements in security headers, incident response transparency, and domain registration transparency are recommended to enhance trust and compliance.

Š

ŠKODA JS a.s.

skoda-js.cz

46

ŠKODA JS a.s. is a well-established Czech company specializing in nuclear engineering, manufacturing, and servicing with a history dating back to 1956. The company positions itself as a strategic partner in the European nuclear energy sector, offering a comprehensive portfolio of services including engineering, production of components, and maintenance of nuclear power plants. Their business model is based on a triangular approach integrating engineering, manufacturing, and servicing, targeting large energy sector clients and nuclear power plant operators. Technically, the website is built on WordPress with modern integrations such as Google reCAPTCHA for security and Facebook Pixel for marketing analytics. The site is mobile-optimized and features a cookie consent mechanism, although it lacks a published privacy policy and detailed security headers. Performance is moderate with good SEO and accessibility basics. From a security perspective, the site uses HTTPS and implements anti-bot measures but lacks advanced security headers and explicit incident response or vulnerability disclosure policies. The absence of WHOIS data reduces domain trustworthiness, although the website content and business information appear legitimate and professional. Overall, the website presents a professional and credible front for ŠKODA JS a.s., but improvements in privacy compliance, security policies, and domain registration transparency are recommended to enhance trust and compliance.

B

BVG Holding a.s.

bvgroup.cz

38

BVG Holding a.s. is a Czech-based holding company specializing in industrial and residential flooring, steel constructions, and related construction services. The company operates through several subsidiaries, each focusing on specific areas such as flooring installation, floor repairs, steel structure manufacturing, real estate management, and marketing services. The website presents a professional image with detailed service descriptions and a portfolio of completed projects, targeting industrial and residential construction clients in the Czech Republic region. Technically, the website uses a legacy jQuery version along with common front-end libraries such as Lightbox and Slick Carousel. The site is mobile-optimized with a responsive design and clear navigation. However, it lacks modern security headers and uses outdated JavaScript libraries, which may pose security risks. No CMS or hosting provider details are evident, and performance is moderate. From a security perspective, the site uses HTTPS but does not implement additional security headers or provide privacy and cookie policies, which are important for GDPR compliance. No incident response or vulnerability disclosure information is available. The absence of WHOIS data limits the ability to fully verify domain legitimacy, although the website content and contact information appear legitimate. Overall, the site is functional and professional but would benefit from improved security practices, updated technology, and enhanced privacy compliance to reduce risk and increase trustworthiness.

S

Stavitelství Drobil s.r.o.

drobil.com

40

Stavitelství Drobil s.r.o. is a well-established construction and development company based in the Czech Republic, with over 25 years of experience. The company specializes in project management, construction of technically demanding buildings including smart homes, and real estate development. Their market position is solid within the regional European construction sector, serving both domestic and foreign investors. The website reflects a professional business model focused on comprehensive construction services and developer activities. Technically, the website uses modern frontend technologies such as jQuery, Bootstrap, and Swiper.js, and is built on the K-CMS 3.0 platform. The site is mobile optimized and provides clear navigation and relevant content, though performance is moderate. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy.

Č

Český svaz házené

handball.cz

47

The website represents the Czech Handball Federation (Český svaz házené), a national sports organization dedicated to handball in the Czech Republic. The site provides information about the federation but lacks detailed business or contact information in the analyzed HTML snippet. The technical infrastructure is modern, leveraging Nuxt.js and Bootstrap frameworks, with integration of Google Analytics and Tag Manager for user tracking. However, the absence of visible privacy and cookie policies indicates a gap in compliance with data protection regulations such as GDPR. Security posture is moderate due to lack of detected security headers and unknown SSL configuration. The domain WHOIS data is not publicly available, likely due to privacy protection, which is common but slightly reduces trust. Overall, the site is functional and professional but would benefit from enhanced transparency and security measures.

Č

Čokoládovna Chocotopia

chocotopia.cz

46

Čokoládovna Chocotopia is a Czech Republic-based chocolate experience center and retailer specializing in chocolate products and immersive chocolate-related experiences. The website is professionally designed using WordPress and Elementor, optimized for mobile devices, and includes comprehensive privacy and cookie policies compliant with GDPR. The technical infrastructure leverages modern CMS plugins and caching technologies to ensure moderate performance and good SEO. Security posture is solid with HTTPS enforcement and security headers, though no explicit security policy or incident response information is published. The absence of WHOIS data introduces some uncertainty regarding domain registration legitimacy, but the website content and business information appear consistent and trustworthy. Overall, the site presents a low-risk profile with room for improvement in transparency and security documentation.

J

Jojo Gym | Vaše sportovní centrum

jojogym.cz

47

Jojo Gym is a local sports and fitness center based in the Czech Republic, offering gym facilities and fitness training services. The website is built on WordPress using the Divi theme and includes WooCommerce for e-commerce capabilities. The technical infrastructure is modern with common web technologies such as jQuery and Google reCAPTCHA for form security. The website is accessible without any WAF or security challenges, indicating good availability. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and ownership. Security posture is moderate with HTTPS enabled and reCAPTCHA implemented, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and terms of service pages, though a cookie consent mechanism is present. Overall, the website is functional and professional but would benefit from enhanced security and compliance documentation.

S

Senta s.r.o.

air-track.cz

46

Air-Track.cz is a Czech Republic based e-commerce retailer specializing in branded AirTrack inflatable gymnastics and acrobatic equipment. The company operates as the exclusive distributor for AirTrack Factory in the Czech Republic and an authorized distributor for Slovakia, targeting gymnastics enthusiasts, cheerleading, freerun, parkour practitioners, schools, trampoline parks, and home users. The website is professionally designed with good content quality and clear navigation, supporting a positive user experience. Technically, it is built on the PrestaShop CMS platform, utilizing common web technologies and analytics tools such as Smartlook and Google Tag Manager. Security posture is adequate with HTTPS enforced and cookie consent implemented, though lacking advanced security headers and explicit security policies. Business credibility is strong with clear contact details, company registration, and trust signals like warranty and exclusive distributorship. Overall, the website presents a trustworthy and professional online presence for a niche sports equipment retailer.

S

SPARROW

sp-sparrow.cz

45

SPARROW is a small family-owned business based in the Czech Republic specializing in the manufacture and retail of sportswear and fitness clothing, with over 25 years of experience. The company offers custom club clothing, costumes, and jerseys, leveraging high-quality imported materials and modern production technologies. Their website serves as an e-commerce platform showcasing their product range and custom design services. Technically, the website uses a legacy jQuery version and BohemiaSoft e-commerce platform scripts, with Google Tag Manager and Google Analytics for tracking. While the site is accessible and mobile-optimized, some technical issues such as outdated libraries and malformed script tags were identified. Security posture is moderate with HTTPS enforced and basic cookie consent mechanisms, but lacks advanced security headers and updated libraries. The absence of WHOIS data and a formal privacy policy page reduces trust and compliance confidence. Overall, the site is functional and professional but would benefit from technical and compliance improvements.

Č

Česká unie kolektivních a individuálních sportů z.s.

cukis.cz

42

ČUKIS (Česká unie kolektivních a individuálních sportů z.s.) is a Czech non-profit sports union established in 2016, supporting a variety of collective and individual sports with over 40,000 athletes across 16 member organizations. The website serves as an informational portal providing news, member lists, and contact details, targeting sports organizations and athletes within the Czech Republic. Technically, the site is built on WordPress using the Elementor page builder, incorporating modern web technologies such as jQuery and YouTube embeds. The site is mobile-optimized and presents a professional design with clear navigation. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and functional but could improve in compliance and security transparency.

Č

Česká asociace cheerleaders

cheerleadingjesport.cz

45

The website 'Cheerleading je sport!' serves as the official online presence for the Czech Association of Cheerleaders (ČACH), a national sports authority representing cheerleading clubs and athletes in the Czech Republic. It provides educational content about cheerleading, club directories, national team information, and historical context. The site targets cheerleading enthusiasts, athletes, and the general public interested in the sport within the Czech Republic. The business model is non-profit and focused on sport promotion and community building. Technically, the website employs standard web technologies including HTML5, CSS3, JavaScript, jQuery, and FontAwesome icons, with a responsive design framework (Skel) to support mobile devices. The site loads moderately fast and offers a good user experience with clear navigation and relevant content. However, there is no detected CMS or advanced analytics, indicating a relatively simple technical infrastructure. From a security perspective, the site lacks visible security headers and privacy/cookie policies, which are important for GDPR compliance and user trust. No forms or sensitive data collection mechanisms are present, reducing immediate privacy risks. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for small non-commercial organizations. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website is a legitimate, well-structured resource for cheerleading in the Czech Republic but would benefit from enhanced privacy compliance, improved security headers, and more transparent business contact information to strengthen trust and compliance.

L

LabBoîte

labboite.fr

48

LabBoîte is a French fablab community platform established since 2016, offering services such as machine and space reservations, training registrations, event participation, and project documentation. The website serves makers and hobbyists interested in collaborative fabrication activities. Technically, the site is built on AngularJS and the Fab-manager platform, integrating Google Analytics for user tracking and Stripe for payment processing. The site is mobile-optimized with a moderate performance profile. Security posture is adequate with HTTPS and CSRF protections, but lacks visible security headers and explicit privacy policies. The domain registration is consistent and legitimate, supporting trust in the platform. Overall, the site provides a functional and community-focused digital presence with room for improvement in privacy and security transparency.

T

To pravé bydlení

topravebydleni.cz

40

To pravé bydlení is a Czech language online magazine focused on home living, providing articles and practical advice on interior design, construction, gardening, hobbies, and finance related to housing. The website uses WordPress CMS with popular plugins such as Yoast SEO and Elementor, indicating a modern and maintainable technical infrastructure. HTTPS is properly configured, and Google Analytics is used for visitor tracking. However, the site lacks visible privacy and cookie policies, contact information, and security headers, which are important for compliance and security posture. The WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trustworthiness but is common for content publishing sites. Overall, the website presents a professional and content-rich platform for its target audience of homeowners and individuals interested in home improvement.

F

femme.cz

femme.cz

39

femme.cz is a Czech lifestyle media website offering content on fashion, beauty, health, personal development, entertainment, and family relationships. The site targets Czech-speaking audiences interested in lifestyle topics and operates primarily as a content publishing platform with advertising revenue. Technically, the site is built on WordPress with Elementor and Yoast SEO plugins, hosted by Wedos, and uses modern web technologies including Google Analytics for tracking. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks some security headers and explicit privacy and cookie policies. The domain registration is transparent but the domain age is very recent compared to the content age, suggesting a possible domain transfer or re-registration. Overall, the site is professional and trustworthy but could improve privacy compliance and security best practices.

Z

Zákaz vjezdu - magazín o všem, co jezdí

zakaz-vjezdu.cz

40

The website zakaz-vjezdu.cz operates as a Czech language online magazine focused on automotive and transportation topics, including cars, motorcycles, electromobility, and motorsport. It targets automotive enthusiasts and the general public interested in vehicle-related content. The business model is content publishing through a WordPress-based platform, with monetization likely via advertising such as Google Adsense. The site is relatively young, founded in 2020, and hosted with WEDOS, a Czech hosting provider. Technically, the site uses a modern WordPress CMS with popular plugins like Yoast SEO and Elementor for content management and design. It integrates external services such as Google Fonts, YouTube embeds, Google Analytics, and Adsense for analytics and advertising. The site demonstrates good mobile optimization and SEO practices but lacks advanced accessibility features. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is present, and no direct contact details are provided, which may impact user trust and compliance. No suspicious or malicious content was detected. Overall, the site is functional and professionally designed but would benefit from enhanced privacy compliance, security hardening, and clearer contact and policy disclosures to improve trustworthiness and regulatory adherence.

M

mestavevrope.cz

mestavevrope.cz

39

The website mestavevrope.cz is a Czech-language travel guide focused on interesting cities across Europe. It provides visitors with information and inspiration for travel, highlighting historical, cultural, and architectural aspects of various European cities. The site appears to be a niche content platform targeting Czech-speaking travelers interested in European destinations. Technically, the site is built on WordPress using popular plugins such as Yoast SEO and Elementor, with modern frontend libraries like jQuery and Owl Carousel. It employs HTTPS and integrates Google Analytics for visitor tracking. However, the site lacks visible privacy and cookie policies, contact information, and security headers, which are important for compliance and security best practices. The WHOIS data for the domain is unavailable, likely due to privacy protection, but the website content dates back to 2020, suggesting a domain age consistent with the site's history. Overall, the site is professionally designed with good content quality but could improve its privacy compliance and security posture.

4

4H production s.r.o.

golfcourses.cz

47

Golfcourses.cz is a Czech Republic-based niche website focused on providing detailed information about golf courses, indoor golf clubs, golf stay packages, and golf news primarily in the Czech Republic and neighboring countries. The site operates under the company 4H production s.r.o., established in 2008, and serves golf enthusiasts and players with relevant content and e-commerce links for golf accessories. The website uses Drupal 7 CMS and integrates common web technologies such as jQuery and Google Analytics with IP anonymization to track user interactions. While the site is accessible and functional with a good user experience and content relevance, it lacks explicit privacy and cookie policies, which impacts its privacy compliance score.

C

CEDAR HOME

cedarhome.cz

48

CEDAR HOME is a Czech Republic based company specializing in the manufacturing and construction of modern and classic cedar wooden houses (roubenky). The company has a strong market presence with over 500 completed projects and multiple awards, positioning itself as a reputable player in the wooden house construction sector. Their website offers detailed information about their services, showcases realizations, and provides contact options including social media links and consultation forms. Technically, the website is built on Joomla CMS using Helix Ultimate framework and includes modern libraries such as jQuery, Bootstrap, and LayerSlider. The site is mobile optimized and has good SEO practices. Security posture is decent with HTTPS and CSRF protections, but lacks some security headers and explicit privacy policies. The absence of WHOIS data reduces domain trust slightly, but overall the business credibility and professionalism are high. Cookie consent is implemented, indicating some privacy compliance. No adult or questionable content is present, making the site safe for general audiences.

Cedrový Penzion is a small hospitality business located in the Czech Republic offering accommodation services with a focus on nature and sport enthusiasts such as cyclists and golfers. The website provides detailed information about lodging options, event hosting including weddings and corporate events, and offers gift vouchers and tourist packages. The business targets local and regional tourists seeking a wooden-scented, cozy lodging experience. The website is professionally designed with clear navigation and integrates a third-party booking system for reservations. Social media presence on Facebook and Instagram supports customer engagement. Technically, the website uses a traditional tech stack including jQuery, Google Analytics, Google Tag Manager, and a CMS platform called Web-SOUL. The site is served over HTTPS with good SSL configuration but lacks advanced security headers. Performance is moderate with basic mobile optimization and accessibility features. Cookie consent mechanisms are implemented in compliance with GDPR requirements. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust verification, but the website content and contact information appear legitimate and professional. Overall, the website presents a trustworthy and functional online presence for a small hospitality business, with room for improvement in security headers, accessibility, and domain transparency.

The website web-soul.cz serves primarily as an administrative login portal for the WebSOUL system, with minimal public-facing content. It lacks any visible business descriptions, contact information, or user engagement features. The site is in Czech and appears targeted at internal users or administrators. The domain is registered since 2009 with a Czech registrar, indicating a stable and legitimate presence, but the lack of public business information limits external trust. Technically, the site is very basic, built with simple HTML and CSS, without modern frameworks or CMS detected. There is no evidence of HTTPS enforcement or security headers, which poses security risks especially for a login page. The site does not implement privacy or cookie policies, nor does it provide any compliance information. No analytics or advertising technologies are present, indicating minimal tracking. From a security perspective, the absence of HTTPS, security headers, and CSRF protections on the login form are significant vulnerabilities. The site does not provide any incident response or security policy information. The WHOIS data is consistent and public, supporting legitimacy but does not compensate for the lack of security best practices. Overall, the website scores low on content quality, security posture, and privacy compliance. It is recommended to implement HTTPS, add security headers, provide privacy and cookie policies, and improve transparency with contact and business information to enhance trust and security.

The website smartteplomery.cz represents a small technology business focused on providing smart thermometers and meteorological stations with remote administration capabilities. The business appears to be newly established in 2024, targeting consumers and small businesses interested in temperature monitoring solutions. The website offers an e-shop and user account management features, emphasizing data visualization and remote device control. Technically, the website is built with standard HTML, CSS, and JavaScript without reliance on major frameworks or CMS platforms. Hosting is provided by WEDOS, a Czech hosting provider. The site demonstrates good mobile optimization and user experience with a clean, consistent design. However, SEO and accessibility features are basic, and no advanced analytics or marketing tools are detected. From a security perspective, the site uses HTTPS (assumed from domain and modern standards, though not explicitly confirmed in the HTML). There is a lack of security headers and no visible privacy or cookie policies, which impacts GDPR compliance. No contact information or incident response channels are provided, limiting transparency and trust. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, security hardening, and clearer business contact information to improve trust and regulatory adherence.

Mateřská škola Chvojenec is a small, local preschool institution located in the Pardubice region of the Czech Republic. The website provides detailed information about the school's educational philosophy, programs, and community engagement, targeting parents of preschool-aged children. The business operates as a public contributory organization, emphasizing child development through experiential learning and Czech cultural heritage. Technically, the website is built with standard HTML and CSS, includes basic forms for login and search, and embeds Google Maps for location reference. The site uses Google Fonts and has a cookie consent mechanism, but lacks advanced CMS or modern frameworks. Security posture is basic with no visible HTTPS enforcement or security headers, and no privacy or terms of service policies are published. Contact information is clearly presented, supporting business credibility. Overall, the site is functional and informative but would benefit from improved security and privacy compliance measures.

LUVENEX is a small Czech digital agency specializing in creative graphic work, website development, and internet marketing services. The company presents itself as a team of experienced professionals offering comprehensive digital solutions including web design, SEO, PPC advertising, and social media management. The website is professionally designed with clear service descriptions and client testimonials, indicating a stable market position within its niche. Technically, the site uses standard web technologies such as HTML5, CSS3, and Google Fonts, with moderate performance and good mobile optimization. However, there is no evidence of advanced frameworks or CMS platforms. Security posture is limited due to lack of HTTPS verification, missing security headers, and absence of privacy or cookie policies. The WHOIS data is unavailable, which raises concerns about domain legitimacy and transparency. Overall, the website is functional and professional but requires improvements in security, compliance, and trust signals to enhance its credibility and risk profile.

T

TRIOPS Ökologie & Landschaftsplanung GmbH

triops-consult.de

47

TRIOPS Ökologie & Landschaftsplanung GmbH is a specialized ecological and landscape planning consultancy based in Germany. Their website presents a comprehensive portfolio of environmental services including species protection, environmental impact assessments, management plans, and ecological construction supervision. The company targets municipalities, developers, and environmental planners requiring expert consulting in ecological and landscape matters. The website is professionally designed using Drupal 10 with Bootstrap and jQuery, offering good mobile optimization and clear navigation. Cookie compliance is implemented with an opt-in banner, reflecting awareness of GDPR requirements. However, no explicit privacy officer or security policies are published on the site. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response information. No advertising or tracking beyond cookie compliance is detected, indicating a privacy-conscious approach. WHOIS data is limited but shows no suspicious patterns, supporting legitimacy. Overall, the website is a good representation of a small specialized consultancy with solid technical implementation and privacy compliance.

The website bo64.de is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. Due to this restriction, no business information, contact details, or policies are available for analysis. The domain is hosted on netcup servers, but no registrant or company data is provided. The lack of accessible content severely limits the ability to assess the company's market position, services, or technical infrastructure. From a security perspective, the absence of HTTPS and security headers information, combined with no visible privacy or cookie policies, indicates a low security posture. Overall, the site appears either under maintenance, misconfigured, or intentionally restricted, resulting in a very low AI score and limited trustworthiness.

Audin Film & Medienproduktion is a small German media production company specializing in film, video, and digital education services, led by Dörte Ulka Engelkes. The company offers documentary films, image films, e-learning development, visualizations including 360° panoramas and augmented reality, and workshops. Their market position is that of a niche regional expert with international project experience, serving educational institutions, scientific communities, and organizations focused on inclusion and diversity. The website is professionally designed, content-rich, and well-structured, reflecting a mature digital presence built on WordPress with the Enfold theme. Hosting is provided by hosterplus.net with multiple nameservers ensuring reliability. Security posture is good with HTTPS enforced and GDPR-compliant cookie consent mechanisms in place, although some security headers and explicit policies could be improved. Contact information is clearly presented, and social media presence is active on Facebook, Xing, and YouTube. No critical vulnerabilities or suspicious indicators were found, and the domain registration data aligns well with the business history and claims.

H

Hoßfeld-Coaching

seminarhof-iber.de

40

Hoßfeld-Coaching is a small German coaching and training service provider focusing on personal and professional development in the Göttingen, Kassel, and Berlin regions. The website is professionally designed using WordPress and Elementor, providing clear navigation and relevant content for its target audience. The technical infrastructure is modern and hosted on kasserver.com, with SSL properly configured and a cookie consent mechanism implemented. Security posture is good but could be improved by adding security headers and incident response information. Privacy compliance is strong with a comprehensive privacy policy and cookie notice. Overall, the website presents a trustworthy and professional business presence with clear contact information and no suspicious indicators.

PURO Bistro is a small hospitality business located in Göttingen, Germany, specializing in high-quality bistro, café, and bar services with a focus on organic and locally sourced products. The website presents a well-structured and visually appealing digital presence emphasizing their menu offerings, team, and contact information. The business targets local residents and visitors seeking quality food and beverages in a relaxed atmosphere with terrace seating. Technically, the website uses modern front-end technologies including Bootstrap, FontAwesome, and jQuery-based plugins, hosted on netcup.net infrastructure. The site is mobile-optimized and SEO-friendly but lacks advanced CMS or analytics integrations. Security posture is good with HTTPS enabled and no visible vulnerabilities, though security headers and incident response policies are absent. Overall, the site is trustworthy and professional, though improvements in privacy compliance (cookie consent) and security best practices are recommended. No forms or data collection mechanisms are present, reducing privacy risks. Social media links are generic and could be enhanced with direct company profiles. Strategically, PURO Bistro should focus on enhancing privacy and security transparency, adding cookie consent, and possibly integrating analytics to better understand user engagement while maintaining compliance with GDPR.

BSC NETZWERK BIELEFELD is a small German consulting and coaching business led by Meinhard Utecht, offering services in consulting, training, and coaching primarily for small and medium enterprises. The company leverages a network of expert consultants to deliver tailored solutions in quality management, environmental and organizational development, and personnel development. The website is professionally designed, content-rich, and targets German-speaking business clients seeking expertise in these areas. Technically, the site uses Grav CMS with Bootstrap 4 and standard JavaScript libraries, hosted on rzone.de servers. The site is mobile-optimized and includes a cookie consent banner with opt-in compliance, reflecting good privacy awareness. Security posture is moderate with no visible security headers or incident response information, and SSL configuration details are not provided. Overall, the site is trustworthy and credible with clear contact information and social media presence.

W

WOGGON Mode

woggon-mode.de

44

WOGGON Mode is a small retail business based in Göttingen, Germany, specializing in sustainable and high-quality fashion and accessories. The company emphasizes European production and certified labels, catering to customers seeking fashionable and environmentally conscious apparel. The website reflects a local boutique positioning with occasional cultural events such as concerts, enhancing community engagement. Technically, the website is built on WordPress using the Avada theme and Slider Revolution plugin, indicating a mature and widely supported infrastructure. The site is mobile-optimized with good SEO practices and a cookie consent mechanism, demonstrating digital maturity and privacy awareness. Hosting is managed via nameservers linked to agenturserver domains, suggesting a professional hosting environment. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is good with a clear privacy policy and cookie banner, though no terms of service or data protection officer information is provided. Overall, the website presents a trustworthy and professional image suitable for its retail business model. Strategic improvements in security headers, incident response transparency, and expanded compliance documentation would enhance the security and trustworthiness further.

H

Hoßfeld-Coaching

hossfeld-coaching.de

41

Hoßfeld-Coaching is a small German coaching and training service provider specializing in personal and professional development, communication, and change management. The company operates primarily in the Göttingen, Kassel, and Berlin regions, offering coaching sessions, seminars, and workshops. The website is professionally designed using WordPress and Elementor, providing clear navigation and relevant content tailored to individuals seeking coaching services. The technical infrastructure is modern and hosted on kasserver.com, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be added to enhance protection. Privacy policies are present and GDPR compliant, but no explicit security or incident response policies are published. Overall, the website is trustworthy and well-maintained, with clear contact information and no suspicious elements detected.

The website zionministry.org currently displays a Cloudflare 525 SSL handshake failed error page, indicating that the origin server's SSL configuration is incompatible or misconfigured, preventing secure connections. Due to this, the website content is inaccessible, and no business or contact information is available for analysis. The domain is registered since 2015 via GoDaddy and uses Cloudflare DNS services, suggesting a stable registration history. However, the lack of DNSSEC and SSL issues reduce the overall security posture. No privacy, cookie, or terms of service policies are present, and no contact details or forms are found on the page. The site appears to represent a small non-profit organization based on the domain name and WHOIS data, but this cannot be confirmed due to the lack of accessible content.

The domain key.live currently hosts a website that is inaccessible, returning only a 404 error page with no meaningful content or metadata. The lack of any business information, contact details, or security policies indicates that the site is either non-operational or a placeholder. The WHOIS data for the domain is unavailable or unsupported for this TLD, providing no registrar, registrant, or domain age information, which further reduces trust in the domain's legitimacy. Technically, the site lacks HTTPS, security headers, and any modern web technologies, resulting in a poor security posture and minimal technical maturity. Overall, the domain presents a high risk due to its lack of transparency, content, and security controls.

T

TRL SPACE

trlspace.cz

43

TRL SPACE is a Czech Republic-based mission integrator specializing in small satellites, probes, and space technology solutions. Founded in 2021, the company focuses on providing affordable and customized satellite solutions for sovereign satellite systems, Earth Observation, Communications, and lunar missions. Their business model centers on mission integration services and delivering bespoke satellite products and services to a diverse client base including commercial customers and space sector entities. The company maintains a strong partnership ecosystem with numerous research and space organizations, enhancing its market position as a premier mission integrator in the region. Technically, the website is built on the Webflow CMS platform, utilizing modern web technologies such as HTML5, CSS3, JavaScript, and jQuery. The site demonstrates good mobile optimization and user experience with clear navigation and professional design. However, SEO and accessibility features are basic, and performance is moderate. The hosting provider is not explicitly identified, but external scripts are served via Amazon CloudFront. From a security perspective, the website uses HTTPS but lacks visible security headers and published security policies such as privacy, cookie, or incident response policies. No forms collecting sensitive data are present on the homepage, reducing immediate risk exposure. The WHOIS data is consistent with the business profile, showing domain registration in 2021 with no privacy protection, supporting legitimacy. Overall, the security posture is moderate but could be improved by implementing security headers, privacy policies, and incident response information. The overall risk assessment indicates a trustworthy and professional business with minor compliance gaps primarily in privacy and security policy disclosures. Strategic recommendations include publishing comprehensive privacy and cookie policies, enhancing security headers, and providing incident response contacts to improve compliance and trust.

B

BRNO SPACE CLUSTER z.s.

brnospacecluster.cz

42

Brno Space Cluster z.s. is a technology-focused business entity formed by multiple companies and institutions from the Brno region, specializing in engineering services and cooperation on space projects. Leveraging experience from major aerospace players such as ESA, ArianeGroup, OHB, Avio, and Leonardo, the cluster operates in the commercial space market, providing services including satellite development exemplified by the Mise Drak project. The website reflects a professional and consistent brand presence with clear contact information and a strong partner ecosystem. Technically, the website is built on the Webflow CMS platform, utilizing modern web technologies including HTML5, CSS3, JavaScript, and jQuery. It integrates Google Analytics for user tracking and is hosted on servers associated with the Ignum nameservers. The site is mobile-optimized with good SEO practices but lacks some accessibility features and security headers which could enhance its technical robustness. From a security perspective, the website uses HTTPS with excellent SSL configuration, but it lacks visible security headers and does not provide privacy or cookie policies, indicating compliance gaps with GDPR and related regulations. No forms or direct data collection mechanisms are present, reducing immediate data exposure risks. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the organization's founding date and no suspicious registration patterns. Overall, the website presents a moderate risk profile with good business credibility but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

The website smartmaritimenetwork.com is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. The domain is registered with Squarespace Domains II LLC since 2018 and uses Microsoft Online DNS servers, indicating it is hosted on the Squarespace platform. However, no business information, contact details, privacy policies, or terms of service are available on the landing page. The site lacks any visible analytics, tracking, or advertising scripts, and no social media or external business links are present. This severely limits the ability to assess the business or security posture comprehensively. The technical infrastructure is minimal and lacks DNSSEC and security headers, which are recommended for improved security. Overall, the site appears to be either under maintenance, restricted, or misconfigured, resulting in poor user experience and low trustworthiness.

American Proofreading Company is a small business specializing in proofreading, marketing assistance, print materials, and web design services. The company operates through a network of freelancers and has a history of receiving national APEX Awards of Excellence since 1994. The website content is basic but relevant, targeting businesses and organizations seeking professional communication services. The business model leverages freelance talent rather than full-time employees, positioning itself as a niche service provider with a long-standing market presence. Technically, the website is built using basic HTML, CSS, and JavaScript without modern frameworks or CMS platforms. The site appears static and somewhat outdated, with limited mobile optimization and accessibility features. Hosting is inferred to be through GoDaddy.com, LLC based on registrar data. Performance is moderate but could benefit from modernization and improved SEO practices. From a security perspective, the site lacks HTTPS enforcement, security headers, and privacy or cookie policies, indicating a low security maturity level. No incident response or vulnerability disclosure mechanisms are present. The absence of analytics or tracking scripts suggests minimal user data collection, but also a lack of modern marketing tools. The domain WHOIS data is consistent and indicates a legitimate, long-established business. Overall, the website is functional but basic, with significant opportunities for security, privacy, and technical improvements to enhance trust and compliance. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, improving mobile responsiveness, and adopting security best practices to protect user data and improve professional credibility.

W

World Sweeping Association

worldsweepingpros.org

48

The World Sweeping Association operates as a professional membership organization dedicated to power sweeping contractors and property managers. It provides industry-specific resources, educational materials, ethics guidelines, and a contractor locator service, positioning itself as a leading U.S. association in this niche. The website is built on WordPress with a mature technical stack including SEO and anti-spam plugins, delivering a good user experience with professional content and clear navigation. Security posture is solid with HTTPS and nonce-protected forms, though lacking explicit security headers and incident response information. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data is malformed, limiting domain trust verification, but the website content and branding indicate a legitimate and established business. Overall, the site scores well on content quality and business credibility but should improve privacy compliance and security transparency.

B

Bitumen Broker

bitumenbroker.com

49

Bitumen Broker is a specialized brokerage and sourcing platform focused on providing high-quality bitumen and additives to clients globally. The company operates from the United Arab Emirates under Cyberbizz FZE and leverages a network of global partners to source bitumen from refineries worldwide, offering flexible delivery and payment options. Their website is professionally designed with clear navigation, SEO optimization, and GDPR-compliant cookie consent mechanisms, targeting businesses in construction and infrastructure sectors. Technically, the site is built on WordPress with modern plugins and security features such as HTTPS and Google reCAPTCHA, although DNSSEC is not enabled and some security headers are missing. The absence of direct contact emails or phone numbers is mitigated by well-implemented contact forms with spam protection. Overall, the security posture is solid but could be improved with enhanced DNS security and published security policies. The domain registration is consistent and transparent, supporting the legitimacy of the business.

WebX.cz is a Czech-based web hosting and domain registration service provider established in 2001. The company offers Linux-based web hosting with support for PHP, SQL databases, SSL certificates, and domain registrations across multiple TLDs, primarily targeting Czech and European customers. The website presents a basic but functional online self-service platform for managing hosting services, domains, and email. The market position is that of a small but established player with a significant number of hosted domains and a focus on reliability and user convenience. Technically, the website uses legacy HTML standards and lacks modern frameworks or analytics tools, indicating a need for modernization. Security posture is moderate, with SSL encryption and daily backups, but lacks published security policies, incident response contacts, and security headers. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is trustworthy but would benefit from enhanced privacy, security, and technical improvements.

S

sCO2 Energy

sco2energy.com

45

sCO2 Energy is a Czech-based company specializing in advanced energy systems focusing on supercritical CO2 technology. Their website provides detailed information on sCO2 Brayton cycles, applications in nuclear and renewable energy, and infrastructure for experimental setups. The company targets energy professionals and researchers interested in future energy technologies. The website is built on WordPress using modern themes and plugins, offering a good user experience with mobile optimization and clear navigation. Privacy compliance is well addressed with a comprehensive cookie policy and consent mechanism. Security posture is adequate with HTTPS and domain transfer protection, though improvements in security headers and incident response policies are recommended. Overall, the site is professional and trustworthy with moderate business credibility but lacks explicit public contact details.