High-risk security reports

F

Fünferfilm

fuenferfilm.de

37

Fünferfilm is a small independent film production company based in Hamburg, Germany, founded in 2016. The company focuses on producing artistic and narrative films by dedicated filmmakers, with a strong presence in film festivals and collaborations with various partners in the film industry. Their website showcases a portfolio of films, upcoming projects, and festival participations, targeting film enthusiasts and industry professionals. Technically, the website uses a straightforward tech stack including HTML5, CSS3, jQuery, and Swiper.js for interactive elements. It is hosted on a German hosting provider (kasserver.com) and uses HTTPS, ensuring secure communication. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. From a security perspective, the website enforces HTTPS but lacks important security headers and a cookie consent mechanism, which are important for GDPR compliance and overall security posture. No incident response or security policy information is provided, which could be improved to enhance trust and readiness. Overall, the website is professional and trustworthy with good content quality and business credibility. However, improvements in privacy compliance and security best practices are recommended to strengthen the security posture and regulatory adherence.

P

Port au Prince Film & Kultur Produktion GmbH

port-prince.de

40

Port au Prince is a specialized film production and distribution company based in Germany, operating through multiple GmbH entities focused on production, distribution, and media agency services. The company targets film professionals and enthusiasts, positioning itself as an award-winning niche player in the German film industry. The website reflects a professional and consistent brand image with clear business information and multiple contact channels. Technically, the site is built on WordPress with WooCommerce integration, leveraging modern plugins and tracking tools, and hosted on RZone servers. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is solid with HTTPS and no visible vulnerabilities, but lacks advanced security headers and explicit incident response information. Privacy compliance is partially addressed with a privacy policy but lacks a cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, with room for improvement in security and privacy transparency.

Déjà-vu film UG is a small German film distribution company specializing in art-house and cinephile films. The website showcases current and repertory films with detailed descriptions and festival accolades, targeting film enthusiasts and cultural institutions. The company maintains partnerships with several VoD platforms, enhancing its distribution channels. Technically, the website uses legacy JavaScript libraries such as jQuery and custom carousel and lightbox scripts, hosted on 1blu.de servers. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS assumed but no visible security headers or modern protections. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is clearly presented, supporting business credibility.

R

RED BALLOON FILM GMBH

redballoonfilm.de

47

Red Balloon Film GmbH is a small, creative media company based in Hamburg, Germany, specializing in film production with a focus on children, family entertainment, and arthouse content. The company collaborates with talent and partners to deliver unique film projects, some of which have premiered at prestigious international film festivals such as Venice and Berlinale. Their website reflects a professional and consistent brand image, targeting film industry professionals and arthouse audiences. Technically, the website is built on WordPress using the Semplice theme, leveraging common JavaScript libraries like jQuery and GSAP for animations. Hosting is provided via rzone.de, and the site uses HTTPS with an excellent SSL configuration. Performance is moderate with good mobile optimization, though SEO and accessibility could be improved. No analytics or advertising scripts were detected, indicating minimal user tracking. From a security perspective, the site enforces HTTPS but lacks visible security headers and cookie consent mechanisms, which are important for compliance and protection. No incident response or security policy information is provided, which could be a gap in transparency and readiness. The WHOIS data is limited but does not raise immediate concerns, though more detailed registrant information would improve trust. Overall, the website is professional and trustworthy with good content quality and business credibility. However, improvements in privacy compliance, security headers, and incident response transparency are recommended to enhance security posture and regulatory adherence.

L

Liga Vozíčkářů

ligavozic.cz

45

Liga Vozíčkářů is a Czech non-profit organization dedicated to supporting wheelchair users and people with disabilities. Established since 2000, the organization provides various activities and advocacy services to its target audience. The website is built on WordPress using the Avada theme and several common plugins, including Contact Form 7 and Cookie Notice, indicating a moderate level of digital maturity. The site implements HTTPS and cookie consent mechanisms, reflecting basic compliance with privacy standards. However, it lacks explicit privacy and terms of service policies, which are important for full GDPR compliance. Security posture is adequate with no evident vulnerabilities or exposed sensitive data, but could be improved by adding security headers and formal security policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security documentation.

A

ARES, spol. s r.o.

ares.sk

45

ARES, spol. s r.o. is a Slovak company specializing in barrier-free accessibility solutions, including lifting devices for disabled and seniors, automobile modifications for disabled persons, custom elevator manufacturing, gift basket production, and magazine distribution. The company operates multiple related domains, indicating a diversified business model under the parent company ALTECH. The website is professionally designed, well-structured, and targets customers requiring mobility and accessibility products and services. It holds ISO9001 certification, demonstrating commitment to quality standards. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, Google Analytics, and Google Tag Manager, ensuring good SEO and analytics capabilities. The site is mobile-optimized and provides a cookie consent mechanism, reflecting GDPR compliance. However, some security headers are missing, and no explicit security or incident response policies are published. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. Privacy compliance is good with a clear privacy policy and cookie banner. Business credibility is high due to transparent contact information, certifications, and consistent branding. Overall, the website presents a trustworthy and professional digital presence for ARES, with recommendations to enhance security headers and publish incident response contacts to further strengthen security and compliance.

L

Lehner Lifttechnik GmbH

lehner-lifttechnik.at

46

Lehner Lifttechnik GmbH is a family-run Austrian company specializing in the design and manufacture of accessibility lifts including stairlifts, platform lifts, vertical platform lifts, and special lifts. With over 30 years of experience, the company focuses on enabling independent living for mobility-challenged individuals by providing safe, reliable, and innovative lifting solutions. Their market position is supported by a comprehensive product range and international presence. Technically, the website employs modern web technologies such as Google Analytics, Google Tag Manager, Facebook Pixel, and Adobe Typekit fonts. The site is well-structured, mobile-optimized, and uses HTTPS to secure communications. However, explicit privacy and cookie policies are not clearly found, indicating room for improvement in compliance. From a security perspective, the site uses HTTPS and asynchronous loading of tracking scripts but lacks explicit security headers like Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces transparency but is common for privacy-protected domains. Overall, the website presents a professional and trustworthy front with clear contact information and social media presence. Strategic recommendations include enhancing privacy compliance, implementing security headers, and improving WHOIS transparency to strengthen trust and security posture.

W

Weigl-Aufzüge Gesellschaft m.b.H. & Co. KG

weigl.at

49

Weigl-Aufzüge Gesellschaft m.b.H. & Co. KG is a well-established Austrian family-owned company specializing in the manufacturing, planning, installation, and servicing of elevators, stairlifts, homelifts, and related mobility solutions. With a history dating back to 1899, it holds a leading market position in Austria as the largest elevator producer and market leader for stairlifts and wheelchair lifts. The company targets both end consumers and businesses seeking high-quality mobility and lift solutions, offering a broad product portfolio and regional presence in Austria, Germany, Slovenia, and Switzerland. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including asynchronous JavaScript, SVG icons, and Google Tag Manager for analytics and marketing. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience with clear navigation and comprehensive content. However, some technical improvements could be made, such as implementing security headers and cookie consent mechanisms to enhance privacy compliance. From a security perspective, the site uses HTTPS with good SSL configuration and avoids exposing sensitive data. There is no visible security policy or incident response information on the site, and no WHOIS data is available for the domain, which slightly reduces trustworthiness. The company demonstrates trust through certifications, state awards, and detailed contact information. No vulnerabilities or malicious content were detected. Overall, the website presents a professional and trustworthy digital presence for a mature manufacturing business. Strategic recommendations include improving privacy compliance with cookie consent, adding security headers, and publishing explicit security and incident response policies to strengthen the security posture and user trust.

O

OpenSolution.org

opensolution.org

42

OpenSolution.org is a small technology company specializing in providing free and commercial PHP-based content management and shopping cart systems, targeting webmasters and small to medium businesses. The company has a long-standing presence since 2004 and supports a user base of over 32,000 websites. Their business model includes software distribution, professional extensions, and partnerships with web design companies. Technically, the website uses a PHP backend with jQuery and Google Analytics for tracking. The site is moderately optimized for mobile and SEO, with a clean and professional design. Security posture is moderate; while HTTPS usage is assumed, no advanced security headers or explicit security policies are present. Privacy compliance is basic, with cookie notices but no consent mechanism and a basic privacy policy. Overall, the website is trustworthy and professional but could improve in security and privacy compliance to enhance user trust and regulatory adherence.

O

One World Romania

oneworld.ro

47

One World Romania is a well-established non-profit organization dedicated to promoting documentary films through its flagship One World Romania festival and related cultural activities such as workshops and film tours. The organization targets documentary enthusiasts, educators, and the general public interested in socially relevant cinema. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern front-end technologies including Bootstrap and jQuery, hosted on a Romanian hosting provider, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is basic with a cookie policy present but no detailed privacy or incident response policies. Social media integration and newsletter subscription indicate active community engagement. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness.

I

Ing. Radek Balon

radek-balon.cz

44

Ing. Radek Balon operates a professional videography and photography business primarily focused on wedding videos, music videos, and event coverage in the Olomouc region of the Czech Republic. The website serves as a portfolio and contact point, showcasing extensive video references and detailed service descriptions. The business is positioned as a small local service provider with a friendly and optimistic approach to client collaboration. Technically, the website is built on WordPress with modern plugins such as Elementor and WooCommerce, hosted by REG-WEDOS, and includes SEO and accessibility considerations. Security posture is good with HTTPS enabled and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is addressed with GDPR and cookie policies present and consent mechanisms active. Overall, the site is professional, trustworthy, and well-suited for its target audience.

Z

Zukunftsinitiative Klima.Werk

klima-werk.de

46

Zukunftsinitiative Klima.Werk is a collaborative initiative involving cities in the Emscher-Lippe region and water management authorities focused on climate resilience and sustainable urban development. The website serves as an information and engagement platform promoting blue-green infrastructure and climate adaptation projects in the Ruhrgebiet area. The initiative positions itself as a regional leader in climate protection efforts with strong partnerships and community involvement. Technically, the website is built on TYPO3 CMS, uses Usercentrics for cookie consent, and self-hosted Matomo for privacy-friendly analytics, reflecting a mature digital infrastructure. Security posture is solid with HTTPS, bot protection via Friendly Captcha, and privacy compliance, though formal security policies and incident response contacts are not published. Overall, the website is professional, trustworthy, and well-optimized for users, with no signs of malicious content or blocking mechanisms.

A

Aerophile

vasqueparis2024.fr

45

The website vasqueparis2024.fr represents a public event installation called La Vasque, associated with the Paris 2024 Olympic and Paralympic Games. It is operated by Aerophile and features partnerships with governmental and cultural institutions such as the Prefecture of Île-de-France, EDF, the Louvre, and the City of Paris. The event is scheduled for summer 2025 at the Jardin des Tuileries, targeting general public visitors and Olympic enthusiasts. The business model revolves around event hosting and public engagement with sponsorship support. Technically, the website is built on WordPress with a modern tech stack including UIkit and jQuery. It uses HTTPS with a reputable hosting provider (Infomaniak Network SA) and implements cookie consent management via tarteaucitron. The site is mobile optimized and has good SEO and accessibility basics. Analytics are handled via Google Analytics (GA4) with moderate user tracking. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks advanced security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected. The domain is newly registered in April 2025, which is unusual given the event dates but does not indicate malicious intent. Privacy policies are comprehensive and GDPR compliant. Overall, the website presents a professional and trustworthy front for a niche event tied to the Paris 2024 Olympics. Recommendations include enhancing security headers, adding a vulnerability disclosure policy, and improving direct contact information for better transparency and incident response readiness.

R

RehaKomp

rehakomp.cz

49

RehaKomp is a Czech-based company specializing in the rental and sale of rehabilitation and compensatory medical aids, including motodlahy, rotopeds, wheelchairs, and related equipment. Established as a family business since 1990, it has evolved into a medium-sized enterprise with a strong regional presence and a comprehensive product offering. The website serves both as an e-commerce platform and a rental service portal, targeting individuals requiring home care rehabilitation aids and healthcare providers. Technically, the site is built on the PrestaShop platform, leveraging modern web technologies and analytics tools such as Google Analytics, Google Tag Manager, and Smartlook for user behavior insights. The site is well-optimized for mobile devices and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR, though it lacks explicit security policy or incident response contact information. WHOIS data is not publicly available, likely due to privacy protection, but the website content and trust signals indicate a legitimate and professional business. Overall, the site demonstrates a solid digital maturity with room for improvement in security transparency and header configurations.

M

Magyar Víz- és Szennyvíztechnikai Szövetség

vizertek.hu

38

The website www.vizertek.hu serves as an educational and awareness platform focused on sustainable water supply and wastewater management in Hungary. It is operated by the Magyar Víz- és Szennyvíztechnikai Szövetség in partnership with WWF Hungary and funded under the Széchenyi 2020 program. The site targets the general public to promote knowledge about tap water usage, environmental protection, and water infrastructure. The content is well-structured, informative, and consistent with the organization's mission. Technically, the site is built on WordPress and utilizes common JavaScript libraries such as jQuery, Nivo Slider, and Owl Carousel for interactive elements. Google Tag Manager is implemented for analytics and tracking purposes. The site is mobile-optimized with moderate performance and basic accessibility features. However, there is room for improvement in SEO and technical modernization. From a security perspective, the site uses HTTPS but lacks visible security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is available. No forms collecting user data were detected on the main page, reducing immediate data protection concerns but also limiting user engagement. Overall, the website is trustworthy and professional but requires enhancements in privacy compliance and security best practices to improve its risk posture and user trust.

N

NADAČNÍ FOND GES

nadacnifondges.cz

45

NADAČNÍ FOND GES is a Czech charitable foundation established in 2024 by GES ASSET HOLDING, a.s., focusing on supporting social projects in education, health, culture, sports, and social inclusion. The foundation aims to connect donors with those in need, emphasizing long-term positive impact in Czech society. The website is professionally designed using WordPress and Elementor, providing clear information about the foundation's mission, values, and activities. Contact details include a company email and physical address in Prague, but no phone numbers or social media links are provided. The absence of privacy and cookie policies indicates compliance gaps. No WHOIS data is available, which raises some concerns about domain legitimacy, though the website content and branding appear consistent and trustworthy.

O

OSTRA GROUP a.s.

ostragroup.cz

47

OSTRA GROUP a.s. is a large multi-sector strategic group based in the Czech Republic, primarily focused on transportation services including sales and servicing of transport technology, logistics, modular construction, real estate rental, and R&D of vehicle chassis components. The group also supports a professional motorsport racing team and offers diverse career opportunities. The website is professionally designed, mobile optimized, and provides clear navigation and comprehensive business information. Technically, it uses modern web technologies such as Bootstrap, jQuery, and integrates multiple analytics and advertising tools including Google Analytics, Facebook Pixel, and retargeting services. Security posture is good with HTTPS enabled and cookie consent implemented, though security headers and incident response policies could be improved. The domain registration data is consistent with the business claims and founding year, indicating legitimacy. Overall, the website presents a trustworthy and professional image suitable for its target audience of businesses and professionals in transportation and related sectors.

A

ALTECH, spol. s r.o.

altech.cz

48

ALTECH, spol. s r.o. is a Czech company specializing in manufacturing and providing tailored barrier-free accessibility solutions such as stair lifts, vertical and inclined platforms, and lifting systems for immobile persons. Established in 1992, the company holds a strong market position in the Czech Republic and exports globally. Their website reflects a mature digital presence with comprehensive product information, customer testimonials, and clear contact channels. Technically, the site is built on WordPress with modern frameworks and includes robust SEO and mobile optimization. Security posture is strong with HTTPS, security headers, and privacy compliance, although no explicit security policy or incident response information is published. WHOIS data is missing, which slightly impacts domain trust but does not detract from the professional business presentation. Overall, ALTECH demonstrates a credible and trustworthy online presence aligned with its business operations.

The website ceske-budejovice.cz currently presents no accessible content beyond an empty HTML skeleton. The domain is registered since 1999 with consistent WHOIS data indicating a legitimate registration through REG-GRANSY and name servers ns1.redirect.host and ns2.redirect.host. However, the absence of any metadata, content, or contact information suggests the site is either inactive, under construction, or abandoned. There is no evidence of privacy, cookie, or security policies, nor any technical or business information available on the site. The lack of HTTPS and security headers further indicates a minimal security posture. Overall, the site does not provide any meaningful business or security information and scores very low on content quality, technical implementation, and privacy compliance.

Nakladatelství UMÚN s.r.o. is a Czech Republic based publishing company specializing in artwork created by artists with severe physical disabilities who paint using their mouth and feet. Established since 1993, it operates as part of a global association supporting such artists, offering products including calendars, greeting cards, and reproductions. The website reflects a niche cultural and retail business model focused on social inclusion and artistic promotion. Technically, the website uses basic web technologies including JavaScript and CSS, with no modern frameworks or CMS detected. The site is moderately optimized for performance and accessibility but lacks advanced mobile responsiveness and SEO features. Security posture is moderate; no HTTPS or security headers were explicitly identified in the provided data, and no incident response or security policies are publicly disclosed. Privacy and cookie policies are present with consent mechanisms, indicating compliance with GDPR principles. The absence of WHOIS data reduces domain trustworthiness, though the business appears legitimate based on content and history. Overall, the website is functional but would benefit from enhanced security, technical modernization, and clearer contact information.

B

Benes Consulting Group

spolecnebezpecne.cz

43

The website 'Společně bezpečně' is a safety awareness and educational project primarily focused on increasing road safety and general safety awareness in the Czech Republic. It is a collaborative initiative involving ESSOX and the Hasičský záchranný sbor Jihočeského kraje, targeting children and the general public through educational campaigns and activities. The site presents a professional and consistent brand image with clear navigation and relevant content. Technically, it employs a modern front-end stack including jQuery, Bootstrap, and various plugins, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and use of reCAPTCHA, but lacks some security headers and explicit privacy and cookie policies. The absence of WHOIS data reduces transparency and trust somewhat, but partnerships and content quality support legitimacy. Overall, the site is a trustworthy educational resource with room for improvement in privacy compliance and security best practices.

S

SOVA NET, s.r.o.

sovanet.cz

46

SOVA NET, s.r.o. is a well-established Czech digital agency specializing in comprehensive IT business solutions, online marketing, and custom web development, including e-shops and internal communication portals. With over 20 years of experience, the company holds a strong market position in Brno and serves notable clients such as Hyundai and ESSOX. The website reflects a mature digital presence with professional design, clear navigation, and extensive client references. Technically, the site uses modern tools like Google Tag Manager, Google Maps API, and Nette Framework for form validation, ensuring a solid digital infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though improvements in HTTP security headers and incident response disclosures are recommended. Overall, the site is trustworthy and business credible, though the absence of WHOIS data slightly reduces domain trustworthiness.

T

Transkript online s.r.o.

transkript.cz

42

Transkript online s.r.o. is a well-established social enterprise based in the Czech Republic, specializing in providing professional online transcription services primarily aimed at persons with hearing impairments. The company holds a leading position in its market segment, offering innovative technical solutions such as simultaneous speech transcription via its eScribeDroid mobile application and accessibility to numerous hotlines. The website reflects a mature digital presence built on WordPress, with good SEO and accessibility features. Security posture is adequate with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the site demonstrates a trustworthy and professional image aligned with its social mission.

eHutník.cz is a regional news website operated by Třinecké Železárny a.s., providing news, sports, culture, and legal advice focused on the Třinecko region in the Czech Republic. The site targets local residents and stakeholders, offering timely regional information and advertising opportunities. The business model centers on content publishing and local advertising, positioning itself as a trusted regional media outlet. Technically, the website runs on WordPress with popular plugins for SEO, advertising, and forms, supported by Google Analytics and Tag Manager for tracking. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, the site uses HTTPS and cookie consent mechanisms, with some security headers implied but not explicitly detected. No critical vulnerabilities or blocking mechanisms are present, indicating a secure and accessible platform. Overall, the website is professional, trustworthy, and compliant with GDPR, though it could improve by adding explicit security headers and a security policy. The domain registration data supports the legitimacy and maturity of the business.

S

Svět neziskovek, z.ú.

grantovydiar.cz

46

Grantový diář is a Czech Republic-based subscription service focused on providing non-profit organizations with a comprehensive and up-to-date listing of grant opportunities. The website serves as a centralized platform for fundraisers and non-profit managers to find relevant funding calls, with over 1000 grants tracked annually. The business operates under the parent foundation Nadace Neziskovky.cz and has been active since 2014, establishing a credible presence in the Czech non-profit sector. The service offers personalized notifications, advertising options, and a user-friendly online tool to simplify grant searching and management. Technically, the website employs modern JavaScript frameworks, likely Vue.js, and integrates analytics and marketing tools such as Google Analytics and Facebook Pixel. Hosting is provided by a reputable Czech registrar and hosting provider, Active24. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and uses secure forms with validation. However, it lacks explicit security headers and does not publicly disclose a security policy or incident response contacts. Privacy compliance is partial, with a cookie consent banner present but no dedicated privacy policy or terms of service pages found. Contact information is clearly provided, enhancing business credibility. Overall, the website presents a trustworthy and professional service for its target audience, with room for improvement in privacy and security transparency. Strategic recommendations include publishing privacy and terms documents, enhancing security headers, and formalizing incident response communications to strengthen compliance and trust.

L

La Semaine du Son

lasemaineduson.org

43

La Semaine du Son is a recognized non-profit organization dedicated to raising awareness about societal issues related to sound. It organizes international events, conferences, and competitions, notably in partnership with UNESCO, focusing on auditory health and sound culture. The website is professionally designed, multilingual, and provides comprehensive information about its activities and partners. Technically, it is built on WordPress with modern plugins and themes, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers and policies could be improved. Overall, the site presents a trustworthy and professional digital presence aligned with its mission.

N

Nez en herbe

nez-en-herbe.org

42

Nez en herbe is a French non-profit association dedicated to developing olfactory education programs for children starting from kindergarten. The website presents a focused mission to enhance sensory education in schools, positioning itself as a niche educational organization. The digital infrastructure is built on WordPress with the Divi theme and incorporates SEO best practices via Yoast SEO. The site is accessible, mobile-optimized, and uses HTTPS with a good SSL configuration, indicating a reasonable level of technical maturity for a small organization. However, the absence of a privacy policy, terms of service, and explicit contact information limits its privacy compliance and business transparency. Security posture is adequate but could be improved by adding security headers and formal vulnerability disclosure mechanisms. Overall, the website is professional and trustworthy within its domain but would benefit from enhanced compliance and security documentation.

É

Éveil'O'Goût

eveilogout.com

45

Éveil'O'Goût is a French non-profit association based in Dijon focused on food education and nutrition awareness. The organization offers educational animations, training sessions, and interventions to promote a sensory and holistic approach to alimentation. The website is professionally designed using WordPress and includes clear navigation, contact information, and relevant content targeted at the general public and educators interested in food education. Despite the lack of WHOIS data, the site presents a trustworthy and consistent brand image with good content quality and user experience. Technically, the site uses modern web technologies and SEO best practices but lacks some security headers and cookie consent mechanisms. The security posture is adequate with HTTPS enabled and no visible vulnerabilities, though improvements are recommended in security policies and compliance documentation.

O

Orchestre Lamoureux

orchestrelamoureux.com

44

Orchestre Lamoureux is a well-established French orchestra with a domain registered since 2000, offering a variety of classical music concerts, including family-oriented Bébé Concerts and collaborations with notable artists. The organization focuses on cultural enrichment, professional training, and artistic transmission, targeting classical music enthusiasts and families. The website is built on WordPress, leveraging common plugins and frameworks such as Bootstrap and jQuery, hosted by OVH sas. It features a professional design with good navigation and mobile optimization. Security posture is moderate with HTTPS enforced but lacks DNSSEC and security headers, which are recommended for improvement. Privacy compliance is good with visible cookie consent and privacy policy. Contact information and social media presence enhance business credibility. Overall, the website is trustworthy and professionally maintained.

The website videoarchiv-nfa.cz serves as a specialized digital archive for experimental film and video art, operated under the auspices of the Národní filmový archiv (National Film Archive) of the Czech Republic. It provides access to curated collections, research databases, and distribution services primarily targeting researchers, academics, and film enthusiasts interested in audiovisual heritage. The site is professionally designed with consistent branding and clear navigation, supporting both Czech and English languages. Technically, it is built on WordPress with a custom theme, hosted likely by Webglobe, and uses HTTPS for secure access. However, it lacks explicit privacy and cookie policies, security headers, and analytics or tracking tools, indicating a minimal data collection approach and some compliance gaps. The domain registration data aligns well with the stated purpose and timeline of the project, enhancing trustworthiness.

Laterna Research is a cultural and archival project focused on the multimedia theater project Laterna Magika. The website serves as a repository of research, stories, photos, videos, and media related to this cultural heritage. It targets researchers, historians, and cultural enthusiasts primarily in the Czech Republic. The site is built on WordPress using the Twenty Seventeen theme and incorporates standard web technologies such as jQuery and Google Analytics for tracking. The technical infrastructure is moderate with basic mobile optimization and SEO. Security posture is adequate with HTTPS enabled but lacks advanced security headers and updated libraries. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanisms. Business credibility is moderate with social media presence but lacks direct contact details or formal certifications.

The website hemimusichub.com currently serves as a minimal splash page with a background video and no substantive content or metadata. The business behind the site is not clearly identified, and no contact or policy information is provided. The domain is registered since 2020 with a reputable registrar, indicating some legitimacy, but the lack of content and business details limits trust and credibility. Technically, the site uses WordPress with an outdated jQuery version and a simple splash page plugin, resulting in poor performance and minimal mobile optimization. Security posture is weak due to absence of security headers and no visible HTTPS enforcement. Privacy compliance is lacking as no privacy or cookie policies are present. Overall, the site appears to be under construction or a placeholder rather than a fully operational business website.

B

Biograf Kotva

biografkotva.cz

43

Biograf Kotva operates as a local cinema in the Czech Republic, providing a comprehensive film program, online ticket sales, and additional services such as a cafe and venue rental. The website is professionally designed with clear navigation and a focus on cultural and family-friendly content. Technically, the site uses modern JavaScript libraries and asynchronous loading to enhance performance and user experience. However, the absence of privacy and cookie policies indicates potential compliance gaps with GDPR and related regulations. Security posture is generally good with HTTPS and some security best practices, but could be improved by adding security headers and formal policies. The lack of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency, which impacts overall trustworthiness. Strategic improvements in privacy compliance and domain registration transparency are recommended to enhance business credibility and user trust.

D

DeliBarry Inc.

delibarry.com

40

DeliBarry Inc. operates a parcel delivery service focused on fast, reliable shipping within the U.S., Europe, and worldwide. The company targets both general consumers and businesses requiring efficient courier services. Their business model leverages online ordering, courier partnerships, and package tracking to provide a seamless shipping experience. The website presents a professional and user-friendly interface with good mobile optimization and clear service descriptions. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Technically, the site uses modern web technologies and tracking tools but lacks visible privacy and cookie policies, which impacts compliance. Security posture is generally good with HTTPS and secure forms, but missing security headers and incident response information are gaps. Overall, the business appears operational and credible but would benefit from improved transparency and compliance documentation.

The website www.luxusni-bydleni-praha.com presents a professional online presence focused on luxury real estate sales, design, and development in Prague. It targets affluent buyers and investors interested in premium properties in prime locations. The site is built on Drupal 7 CMS and integrates modern marketing and tracking tools such as Google Tag Manager and Facebook Pixel. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. The site implements cookie consent mechanisms but lacks explicit privacy policy and terms of service pages, indicating partial privacy compliance. Security posture is moderate with HTTPS usage but no visible security headers or advanced protections. Overall, the website is functional and well-designed but would benefit from improved security practices and clearer compliance documentation.

dotFOX s.r.o. is a Czech digital marketing company specializing in affiliate marketing, lead generation, and performance marketing, with additional proprietary projects in financial comparison and affiliate networks. Established in 2014, the company positions itself as a professional and experienced player in the Czech online marketing sector, targeting businesses seeking effective marketing partnerships. The website is well-structured, professionally designed using modern frontend technologies such as Bootstrap and jQuery, and includes Google Analytics for user tracking. However, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is moderate with no visible security headers and no publicly disclosed security policies or incident response mechanisms. The domain registration data is consistent with the business claims, supporting legitimacy. Overall, the website presents a credible business but requires improvements in privacy compliance and security best practices.

V

VIDIA-DESIGN s.r.o.

zijushandicapem.cz

43

Žiju s handicapem is a Czech Republic-based non-profit portal dedicated to supporting people with disabilities (OZP) by providing informational articles, job offers, community blogs, and sponsorship opportunities. The website is operated by VIDIA-DESIGN s.r.o., which appears as the author and creator of the site. The portal targets disabled individuals and their families, aiming to improve quality of life and social inclusion through content and community engagement. Technically, the website uses a modern JavaScript stack including jQuery, Modernizr, and NetteForms, with integration of Google Tag Manager and Facebook SDK for analytics and social media. The site is served over HTTPS and includes a cookie consent mechanism compliant with GDPR principles, offering granular cookie control in multiple languages. However, the site lacks advanced security headers such as CSP and HSTS, which could improve security posture. Security-wise, the site shows basic good practices like HTTPS and secure login forms but misses important headers and explicit privacy and terms of service pages. The WHOIS data for the domain is missing, which reduces transparency and trustworthiness from a domain registration perspective. Despite this, the site links to reputable partners and sponsors, and no suspicious or adult content is present. Overall, the site is a well-structured, content-rich portal serving a niche community with moderate technical maturity and security posture. Strategic improvements in security headers, privacy policy publication, and domain registration transparency would enhance trust and compliance.

V

Ville d’Aubervilliers

aubervilliers.fr

43

The website aubervilliers.fr serves as the official digital portal for the City of Aubervilliers, France, providing residents and visitors with municipal news, administrative services, event information, and community resources. It is positioned as a trusted government source with a clear focus on local engagement and public service. The site leverages the SPIP CMS platform and integrates common web technologies such as jQuery and Nivo Slider to deliver a functional and navigable user experience. While the design and content quality are good, mobile optimization and accessibility are basic, indicating room for improvement in user experience across devices. Security posture is moderate; the site uses cookie consent mechanisms but lacks explicit security headers and detailed security policies. WHOIS data confirms the domain's legitimacy and long-term registration consistent with an official municipal entity. Overall, the site is credible and serves its purpose effectively but would benefit from enhanced security and privacy compliance measures.

E

EGLV - Emschergenossenschaft Lippeverband

eglv.de

45

EGLV - Emschergenossenschaft Lippeverband is a major public water management organization in Germany, operating as one of the largest wastewater disposal and sewage treatment entities. The organization focuses on ecological, technical, and design solutions for the Emscher and Lippe river regions, serving a broad audience including residents, local governments, and environmental stakeholders. Their business model is centered on public service and environmental stewardship with a strong regional presence. Technically, the website is built on WordPress with modern optimizations such as lazy loading and responsive design, supported by SEO tools like Yoast and analytics via Etracker. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements can be made by adding security headers and formal incident response policies. Overall, the site is professional, trustworthy, and content-rich, reflecting the organization's credibility and commitment to sustainability.

C

Czech Society for Mass Spectrometry

czechms.org

44

The Czech Society for Mass Spectrometry is a professional scientific association based in Olomouc, Czech Republic, affiliated with Palacký University. It serves research scientists and professionals in the field of mass spectrometry by organizing events, seminars, and providing informational resources. The website reflects a niche, well-established organization focused on advancing mass spectrometry techniques within the Czech scientific community. The site content is professional and consistent with the organization's mission, featuring event announcements and partner collaborations with reputable scientific and commercial entities. Technically, the website employs standard web technologies including HTML, CSS, JavaScript, and Google Analytics for visitor tracking. The site is moderately optimized for performance and accessibility but lacks advanced frameworks or CMS detection. Mobile optimization is basic, and SEO practices are adequately implemented through meta tags and structured navigation. However, there is no evidence of modern security headers or comprehensive privacy and cookie policies, which are important for compliance and user trust. From a security perspective, the site uses HTTPS as indicated by secure links, but no explicit security headers were detected in the provided data. The login form for members lacks visible advanced protections such as CAPTCHA. The absence of privacy, cookie, and terms of service policies, as well as incident response and vulnerability disclosure information, indicates gaps in compliance and security transparency. WHOIS data is unavailable due to a malformed request, limiting domain registration trust verification. Overall, the website presents a professional and trustworthy front for a small scientific association but would benefit from enhanced security practices, privacy compliance, and WHOIS transparency to improve trustworthiness and regulatory adherence.

M

Matosoft

matosoft.cz

40

Matosoft is a small Czech Republic-based web development company specializing in custom WordPress websites, e-commerce solutions, and PHP/Nette framework programming. The company has been operating since 2011 and serves primarily local businesses and individuals seeking professional web presence and digital marketing services. The website demonstrates a solid portfolio and client testimonials, indicating a reputable market position within its niche. Technically, the site uses modern technologies including WordPress, PHP, and various analytics and tracking tools, hosted likely with Wedos, a Czech hosting provider. The site is mobile responsive and SEO optimized, providing a good user experience. However, the security posture is moderate with no advanced security headers or published security policies, and privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy compliance measures.

1

Galerie 100 dřevostaveb, které se vám líbí

100drevostaveb.cz

43

The website www.100drevostaveb.cz serves as an interactive catalog showcasing wooden houses favored by Czech users. It allows visitors to view various wooden house projects, vote on them, and engage with the content via social media plugins. The business model revolves around community engagement and providing inspiration for wooden house construction enthusiasts in the Czech Republic. The site targets a general audience interested in architecture and wooden homes. Technically, the site employs a range of JavaScript libraries including jQuery, Facebook SDK, Google Analytics, and advertising scripts from Google Adsense and Gemius. The site is served over HTTPS with no visible SSL issues, but lacks advanced security headers and formal privacy or cookie policies. No WHOIS data is available, which reduces trustworthiness from a domain registration perspective. Overall, the site is functional, moderately optimized for mobile, and provides a good user experience, but would benefit from improved privacy compliance and security transparency.

The website ds-slave.cz currently serves only a default Apache HTTP server test page powered by CentOS, indicating that the site is either under construction or not yet deployed with actual business content. There is no evidence of an active business presence, contact information, or compliance policies. The domain is registered since 2019 with a reputable registrar and uses Cloudflare name servers, suggesting legitimate domain ownership but minimal operational maturity. Technically, the site uses Apache on CentOS with Bootstrap for styling, but lacks modern web features, SEO optimization, and accessibility enhancements. Security posture is weak due to absence of HTTPS confirmation, security headers, and privacy compliance. Overall, the site is not currently suitable for business or customer engagement.

S

S - STAV s.r.o.

s-stav.cz

48

S - STAV s.r.o. is a Czech Republic-based construction company specializing in building family and apartment houses, renovations, and machine-applied plasters and coatings. The company positions itself as a reliable partner with long-term experience and trusted suppliers, targeting individuals and businesses seeking quality construction and renovation services. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content in Czech language. Technical infrastructure includes modern libraries such as Bootstrap, jQuery, and Swiper.js, with HTTPS enforced and cookie consent implemented, indicating a moderate level of digital maturity. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and company registration details. Security posture is adequate with HTTPS but lacks advanced security headers and incident response information. Privacy compliance is supported by visible privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a trustworthy and professional image but would benefit from enhanced security practices and transparency in domain registration.

ŠupŠup.cz is an online supermarket e-commerce platform based in the Czech Republic, founded in 2017. The website is currently under maintenance, displaying only a minimal notice without any operational content or user interaction features. The business appears to target general consumers seeking online grocery shopping services. Technical infrastructure details are limited, with no detected CMS, frameworks, or analytics tools. The domain is registered with a reputable Czech registrar and shows consistency with the business location and age. Security posture is weak due to lack of HTTPS and security headers, and no privacy or cookie policies are published, indicating compliance gaps. Overall, the website's current state limits user trust and operational functionality.

HIT OFFICE, s.r.o. is a Czech-based company specializing in office supplies and food packaging products, offering both standard and custom manufacturing solutions. The company operates a multilingual website with an integrated e-shop, targeting business customers in need of office and food packaging materials. The website demonstrates a solid market position supported by multiple certifications such as FSC, ISO, and BRC, and showcases awards that emphasize quality and sustainability. The company was founded in 1994, indicating a mature presence in its sector. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Select2, Swiper, and Google services such as reCAPTCHA and Analytics. The site is mobile-optimized with good navigation and content quality, although some accessibility and SEO aspects could be improved. Security posture is generally good with HTTPS enforced and reCAPTCHA protecting forms, but lacks some security headers and explicit cookie consent mechanisms. The absence of WHOIS data is a notable gap, reducing transparency and trustworthiness from a domain registration perspective. However, the website content, certifications, and business information support the legitimacy of the company. No critical security vulnerabilities or adult content were detected, and the site appears safe for general audiences. Overall, HIT OFFICE's website is professional and functional, with room for improvement in privacy compliance and security best practices. Strategic recommendations include enhancing security headers, implementing cookie consent, publishing incident response policies, and providing clearer contact information for data protection officers.

A

ASPEKTA Trading s.r.o.

aspekta.cz

49

ASPEKTA Trading s.r.o. is a well-established family-owned automotive dealership and service company based in Plzeň, Czech Republic, operating since 1990. The company specializes in authorized sales and servicing of Hyundai, Mazda, Fiat, Fiat Professional, and Jeep vehicles, targeting both personal and corporate customers. Their business model includes new and used car sales, vehicle servicing, financing, insurance, and additional services such as vehicle wrapping and extended warranties. The company maintains a strong local market position with multiple showrooms and a reputation for personalized customer care. Technically, the website employs a modern technology stack including jQuery, Bootstrap, and Google Tag Manager, with good mobile optimization and SEO practices. The site features a comprehensive cookie consent mechanism and privacy policy, demonstrating GDPR compliance. However, some security best practices such as HTTP security headers are not evident, and WHOIS data for the domain is unavailable, which slightly impacts trustworthiness. From a security perspective, the site uses HTTPS and implements cookie consent but lacks visible security headers and publicly available security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The website content is professional, safe, and free from adult or questionable material. Overall, the website presents a credible and professional business presence with room for improvement in security posture and transparency regarding domain registration details. Strategic recommendations include enhancing HTTP security headers, publishing security policies, and improving WHOIS transparency to strengthen trust and compliance.

D

Die Länderbahn CZ s.r.o.

laenderbahn.cz

46

Die Länderbahn CZ s.r.o. is a private regional railway operator active in the Czech Republic since 2010, with a Czech subsidiary founded in 2019. The company operates under the parent Die Länderbahn GmbH DLB and is part of the NETINERA group, itself linked to Ferrovie dello Stato Italiane. The website targets regional travelers in Liberec, Českolipsko, and Lounsko areas, offering train schedules, tariffs, and tourist information. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google services, providing a responsive and user-friendly experience. Security posture is generally good with HTTPS and reCAPTCHA usage, but lacks some security headers and cookie consent mechanisms. WHOIS data is unavailable, which reduces domain trust but the website content and business information appear consistent and professional. Overall, the site is a reliable source for regional rail transport information with room for security and privacy improvements.

R

ROKA komíny s.r.o.

roka-kominy.cz

46

ROKA komíny s.r.o. is a Czech-based manufacturer specializing in chimney systems with over 30 years of industry experience. The company offers a wide range of chimney parts, including over 7000 items in stock, and provides custom manufacturing services. Their business model combines manufacturing with retail through an integrated e-shop, targeting construction professionals and end customers in the Czech Republic. The website reflects a medium-sized enterprise with consistent branding and a professional online presence. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and Google Analytics, ensuring good mobile optimization and user experience. Security measures include HTTPS enforcement and reCAPTCHA integration, though some security headers are missing. Privacy compliance is addressed with a cookie consent banner and a privacy policy page. However, the absence of WHOIS data reduces transparency and trustworthiness somewhat. Overall, the site is professional, secure, and business-focused, with room for improvement in security headers and WHOIS transparency.

GW Train Regio a.s. operates regional train services across multiple regions in the Czech Republic, providing transportation solutions with a focus on passenger convenience through online ticket sales and timely operational updates. The company maintains a professional web presence with clear branding, comprehensive contact information, and certifications that enhance trust. Technically, the website employs modern frameworks such as Bootstrap and jQuery, integrates Google services for analytics and security, and implements a robust cookie consent mechanism aligned with GDPR requirements. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, though some HTTP security headers could be improved. Overall, the website is accessible, well-structured, and serves its target audience effectively.