High-risk security reports

F

FLIMMO - Elternratgeber für TV, Streaming & YouTube

flimmo.de

43

FLIMMO is a German educational website providing parental guidance on TV, streaming, and YouTube content suitable for children, including age recommendations and pedagogical tips. The site targets parents and families seeking to make informed media choices for their children. The business model appears to be informational and advisory, focusing on child-appropriate media content. Technically, the website is built using modern frontend technologies such as Angular and Material Design, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled, but lacks important security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is safe for general audiences and does not contain adult content.

The website freiwilligendienste-kultur-bildung.de serves as an informational and engagement platform for cultural and educational volunteer services in Germany, including FSJ Kultur, FSJ Schule, FSJ Politik, FJ Beteiligung, and BFD Kultur und Bildung. It targets individuals of all ages interested in volunteering within cultural and educational institutions. The platform is supported by the Bundeskonferenz der Kommunalen Jugendbildungsstätten (BKJ) and funded by the German Federal Ministry for Family Affairs, Senior Citizens, Women and Youth (BMFSFJ), positioning it as a reputable non-profit entity in this sector. Technically, the site is built on TYPO3 CMS, hosted via Schlundtech, and employs modern web technologies including Google Fonts and Matomo analytics for user tracking. The website is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. Security posture is solid with HTTPS enforced and cookie consent implemented, but could be enhanced with additional security headers and published security policies. No critical vulnerabilities or blocking mechanisms were detected, and the site maintains GDPR compliance with a comprehensive privacy policy and cookie consent mechanism. Contact is primarily via a contact form, with no direct emails or phone numbers publicly listed. Social media presence on Facebook, Twitter, and Instagram supports community engagement. Overall, the website demonstrates a strong alignment between its domain registration, hosting, and business purpose, reflecting a trustworthy and professional online presence for a non-profit cultural volunteer service. Strategic improvements in security policy transparency and accessibility could further enhance its digital maturity and user trust.

F

Freiwilliges Ökologisches Jahr Rheinland-Pfalz

foej-rlp.de

43

The website www.foej-rlp.de serves as the official portal for the Freiwilliges Ökologisches Jahr (Voluntary Ecological Year) in Rheinland-Pfalz, Germany. It provides comprehensive information and resources for young people interested in ecological and environmental volunteering opportunities within the region and neighboring France. The site features placement listings, news updates, and application guidance, positioning itself as a key regional non-profit platform for ecological volunteer coordination. Technically, the website is built on the TYPO3 CMS platform, leveraging modern frontend technologies such as Bootstrap, FontAwesome, Leaflet, and TinyMCE. The hosting is managed via kasserver.com, a German hosting provider, ensuring regional alignment. The site demonstrates good mobile optimization, clear navigation, and adequate SEO practices, although accessibility features are basic. From a security perspective, the site enforces HTTPS and includes a cookie consent banner, indicating GDPR compliance awareness. However, it lacks explicit security headers and incident response contact information. No vulnerabilities or exposed sensitive data were detected, and no tracking or advertising scripts are present, reflecting a privacy-conscious approach. Overall, the website is trustworthy, professionally maintained, and well-suited for its target audience. Strategic improvements in security headers and incident response transparency could further enhance its security posture and compliance.

L

Landesverband Offene Kanäle Rheinland-Pfalz e. V.

ok-rlp.de

42

The Landesverband Offene Kanäle Rheinland-Pfalz e. V. is a non-profit association representing and supporting open channels (community media) in the Rheinland-Pfalz region of Germany. The website serves as an information hub for members and interested parties, providing news, event information, and resources related to citizen media and volunteer engagement. The organization positions itself as a regional advocate for media participation and community broadcasting. Technically, the website is built on WordPress 6.7.2 with common plugins such as Download Manager and Bootstrap for styling. It uses modern web technologies including jQuery and Font Awesome, hosted on Manitu servers. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content updates. From a security perspective, the site uses HTTPS with a presumably good SSL configuration. However, it lacks visible security headers and does not implement a cookie consent mechanism, which is important for GDPR compliance. There is no published security policy or incident response contact, which could be improved to enhance trust and readiness. Overall, the website is trustworthy and professional, with a clear focus on its community media mission. The absence of cookie consent and security headers slightly lowers its compliance and security posture scores. Strategic improvements in these areas would strengthen the site's privacy compliance and security maturity.

The website kantinslot.us currently serves only a 404 Not Found error page, indicating that no active content or business presence is available at this domain. The WHOIS data shows the domain is registered to an entity named 'sukses bersama' based in Indonesia, but the domain creation date is suspiciously set in the future (June 2025), which raises concerns about the legitimacy and accuracy of the registration information. There is no visible business description, services, or contact information on the site, making it impossible to assess the company's market position or offerings. Technically, the site is hosted on LiteSpeed Web Server with DNS managed by Cloudflare, but no security headers or HTTPS details are available from the provided data. The absence of privacy, cookie, or terms of service policies further indicates a lack of compliance and professionalism. Overall, the site is non-functional and lacks any meaningful content or security posture.

D

Dopravný podnik Bratislava, a.s.

tapnisa.sk

44

TAPni sa is a digital ticketing platform operated by Dopravný podnik Bratislava, a.s., providing a convenient contactless payment solution for public transportation in Bratislava. The website offers detailed information about ticket types, pricing, and usage instructions, targeting local commuters and visitors using MHD services. The platform integrates modern web technologies including WordPress CMS, Google Analytics, and GDPR-compliant cookie management, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, DNSSEC, and secure form handling, though formal security policies and incident response contacts are not publicly documented. Overall, the site demonstrates professionalism, compliance, and user-centric design, supporting Dopravný podnik Bratislava's position as a trusted public transport provider.

W

Webhelp s.r.o.

webhelp.sk

41

Webhelp s.r.o. is a Slovak-based small technology service provider specializing in web design and development. Their website showcases a range of services including logo creation, website development, PSD to HTML conversion, WordPress theme creation, e-commerce solutions, and mobile optimization. The company targets businesses and individuals seeking professional and modern web presence solutions. The website is built on WordPress with modern frameworks like Bootstrap and includes integrations such as Google Analytics and GDPR compliance tools. Security posture is adequate with HTTPS and reCAPTCHA usage, but lacks explicit security policies and headers. Privacy compliance is partial with cookie consent but missing privacy and terms policies. Overall, the site is professional and trustworthy with room for improvement in security and compliance documentation.

M

Medienanstalt Hessen

lpr-hessen.de

47

Medienanstalt Hessen is a regional public authority responsible for licensing and oversight of radio and television broadcasters, as well as media education and promotion within the German state of Hessen. The organization serves a broad audience including media companies, educational institutions, parents, children, and the general public. The website is professionally designed using TYPO3 CMS and modern web technologies, providing comprehensive information about regulatory functions, media education projects, and public services. Security posture is strong with HTTPS enforced and cookie consent implemented, though some advanced security headers and explicit incident response policies are not evident. Overall, the site demonstrates a mature digital presence appropriate for a government-related entity.

M

Medienanstalt Hessen

medienanstalt-hessen.de

48

Medienanstalt Hessen is a regional public institution responsible for licensing radio and television broadcasters, supervising broadcasting and telemedia services, and promoting media education in the German state of Hessen. The website reflects a well-established organization with a clear focus on media regulation, education, and public service. It targets media professionals, educators, children, parents, and the general public interested in media literacy and regulation. The institution offers a broad range of services including licensing, oversight, media education projects, and public information dissemination. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries, providing a responsive and accessible user experience. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and policies could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations.

N

Netzwerk für Senior-Internet-Initiativen Baden-Württemberg e.V.

netzwerk-sii-bw.de

39

Netzwerk für Senior-Internet-Initiativen Baden-Württemberg e.V. is a regional non-profit organization dedicated to promoting digital literacy and inclusion among senior citizens in Baden-Württemberg, Germany. The website serves as a platform to provide educational seminars, newsletters, community events, and digital resources tailored to seniors and community initiatives. The organization positions itself as a key regional player in senior digital inclusion with a focus on community engagement and support. Technically, the website is built on WordPress 6.8.3 with a variety of plugins including The Events Calendar and Matomo for analytics, indicating a moderate level of digital maturity. The site is mobile-optimized and uses HTTPS, ensuring secure access. However, some modern security headers are not explicitly detected, and there is no cookie consent mechanism, which could be improved for compliance. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and privacy-respecting analytics via Matomo. There are no visible vulnerabilities or exposed sensitive data. The absence of a published security policy or incident response contact limits transparency in security management. WHOIS data is minimal but does not raise suspicion, supporting the legitimacy of the domain. Overall, the website is professional, trustworthy, and well-suited for its target audience. Strategic improvements in security headers, privacy compliance, and incident response transparency would enhance its security posture and regulatory adherence.

O

OK54 Bürgerrundfunk

ok54.de

44

OK54 Bürgerrundfunk operates as a non-commercial community television broadcaster serving Trier and the Greater Region in Germany. The website offers TV programming, a video archive (Mediathek), WebTV, and information for viewers, producers, and supporters. The organization has a strong local presence and is supported by the Medienanstalt Rheinland-Pfalz. The business model focuses on community engagement and education, with a history dating back to 1989. Technically, the website is built on WordPress with a modern theme (OceanWP) and several plugins for SEO, video playback, and social media integration. The site is mobile-optimized and uses HTTPS with a reputable hosting provider (manitu.net). SEO practices are good, with proper metadata and structured data enhancing search visibility. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, it lacks visible security headers and a cookie consent mechanism, which are important for GDPR compliance. No incident response or security policy information is provided. The site does not appear to use extensive tracking or advertising technologies, which reduces privacy risks. Overall, the website is trustworthy, professionally maintained, and focused on community media services. Strategic improvements in privacy compliance and security policies would enhance its posture and user trust.

O

OKTV Mainz

ok-mainz.de

43

OKTV Mainz is a community-focused media organization based in Mainz, Germany, providing local TV programming, media education, and citizen journalism opportunities. The website serves as a platform for community engagement and media creation, targeting residents interested in local culture and media literacy. Technically, the site is built on WordPress with modern plugins such as Videojs and uses Matomo for privacy-conscious analytics. The site is mobile-optimized and well-structured, offering a good user experience. Security posture is adequate with HTTPS enabled, but lacks some security headers and cookie consent mechanisms. Contact information is clearly presented, enhancing business credibility. Overall, the site is trustworthy and professionally maintained.

O

OK Kaiserslautern

ok-kl.de

43

OK Kaiserslautern operates as a local community media platform providing a space for citizens to create and broadcast television content in Kaiserslautern, Germany. The website serves as an information hub for programming, production resources, educational seminars, and community engagement. It positions itself as a public access channel empowering local creatives and residents to participate in media production. The business model centers on community involvement and media education rather than commercial broadcasting. Technically, the website is built on WordPress with common plugins such as Visual Composer and LayerSlider, utilizing Google Fonts and jQuery. The site is mobile optimized and offers a good user experience with clear navigation and relevant content. Performance is moderate, and SEO practices are adequately implemented. However, some technical improvements could enhance accessibility and security. From a security perspective, the site enforces HTTPS but lacks visible security headers and explicit security policies. No vulnerability disclosures or incident response contacts are published. Privacy compliance is partially met with a comprehensive privacy policy but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and serves its community media purpose well. Strategic improvements in security headers, cookie consent, and incident response transparency would strengthen its security posture and compliance. The domain appears legitimate with consistent content and partner relationships, supporting a positive risk assessment.

O

Offener Kanal Idar-Oberstein/Herrstein e.V.

ok-nahetv.de

41

Offener Kanal Idar-Oberstein/Herrstein e.V. operates naheTV, a regional community media broadcaster in Rheinland-Pfalz, Germany. The website provides livestreams, program previews, and background information focused on local cultural and social events. It targets local community members interested in media production and participation. The business model is non-profit, emphasizing volunteer engagement, media education, and local content creation. The site is positioned as a trusted regional media outlet with partnerships with local media authorities and organizations.

The website vkj.lt is currently inaccessible due to a Cloudflare security challenge page that blocks all content behind a Turnstile captcha verification. No business-related content, contact information, or policies are accessible for analysis. The domain WHOIS data indicates registration by IĮ "OWEXX" with a suspicious future creation date, which raises concerns about data accuracy or legitimacy. The technical infrastructure relies on Cloudflare services for security and content delivery, but no further technology stack or CMS information is available due to blocked content. Security posture cannot be fully assessed, but the presence of Cloudflare WAF indicates some level of protection. Overall, the site cannot be properly evaluated, and the legitimacy of the domain is questionable based on WHOIS inconsistencies and lack of accessible content.

M

Ministerstvo dopravy a výstavby SR

studujdopravu.sk

44

The website www.studujdopravu.sk is a Slovak government-supported educational platform aimed at promoting vocational education in the transportation sector. It is managed by the Ministry of Transport and Construction of the Slovak Republic in cooperation with recognized railway companies and the Museum of Transport in Bratislava. The site targets parents, students, teachers, and educational counselors to provide career guidance and information about secondary and higher education opportunities in transportation. The platform serves a niche but important role in supporting the transportation education ecosystem in Slovakia. Technically, the website employs a modern but straightforward technology stack including jQuery, FontAwesome, Google Analytics, and a video player library. The site is mobile optimized and provides a good user experience with clear navigation and multimedia content. However, some technical improvements are recommended such as adding security headers and enhancing accessibility features. The site uses HTTPS and implements a cookie consent banner, indicating some compliance with privacy regulations. From a security perspective, the website shows a moderate security posture with HTTPS enabled and cookie consent implemented. However, the absence of security headers and a privacy policy page are notable gaps. No forms or sensitive data collection points were detected, reducing immediate risk exposure. The WHOIS data confirms the domain is registered to the Slovak Ministry of Transport, consistent with the website's purpose and location, supporting high legitimacy. Overall, the website is a credible and professional government initiative with good content quality and business credibility. To improve, it should publish a privacy policy, implement security headers, and provide clear contact information for security and general inquiries. These steps will enhance compliance, trust, and security posture.

M

MH Invest II s.r.o.

mhinvest2.sk

36

MH Invest II s.r.o. is a Slovak government-affiliated company specializing in the development, monitoring, and construction of industrial parks and zones. The company collaborates closely with government institutions, regional authorities, and investors to facilitate industrial infrastructure projects supported by state and EU funding. The website reflects a professional government service entity with clear contact information and a focus on transparency and public service. Technically, the site uses legacy JavaScript libraries such as jQuery 1.9.0 and FlexSlider 2.2.2, indicating moderate digital maturity. The site is accessible, mobile responsive at a basic level, and SEO optimized to a basic degree. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is basic with GDPR-related pages present but no explicit cookie consent mechanism. Overall, the site is trustworthy and suitable for its government and investor audience.

E

Eterus Capital – private equity fond

eterus.sk

44

Eterus Capital is a Slovak private equity fund specializing in growth capital investments primarily in Slovak companies. With over 40 million EUR invested across more than 20 firms, the fund focuses on minority equity positions while maintaining management control with original shareholders. The website reflects a mature digital presence built on WordPress with Elementor, integrating modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and LinkedIn tracking. Security measures include HTTPS, DNSSEC, Google reCAPTCHA on contact forms, and a comprehensive cookie consent mechanism compliant with GDPR. The WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the site presents a professional, trustworthy image suitable for its target audience of investors and companies seeking private equity funding.

E

European Business Angel Network (EBAN)

eban.org

46

European Business Angel Network (EBAN) is a leading European association representing business angels and early stage investors. The organization focuses on fostering successful and responsible angel investing by providing networking opportunities, educational resources, policy advocacy, and community engagement. EBAN positions itself as a network of networks, connecting thousands of professional investors across Europe and beyond. The website reflects a mature digital presence with comprehensive content, event promotion, and membership services. Technically, the site is built on WordPress using modern plugins and page builders, with good mobile optimization and SEO practices. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. WHOIS data is unavailable due to privacy protection, which is typical for such organizations. Overall, EBAN's website demonstrates professionalism, trustworthiness, and a solid digital infrastructure supporting its business objectives.

F

Fond Fit

fondfit.sk

43

Fond Fit is a Slovak investment fund focused on supporting innovative startups and companies with successful technologies. With over 10 years of experience, it provides capital financing, mentoring, and project analysis services to Slovak entrepreneurs. The website reflects a professional and consistent brand image, targeting the Slovak innovation ecosystem. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile optimization and SEO practices. Security posture is strong with HTTPS, security headers, and GDPR-compliant cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the site is trustworthy and well-maintained, supporting its business credibility.

S

Slovenský živnostenský zväz

szz.sk

47

Slovenský živnostenský zväz is a Slovak business association representing craftsmen and small business owners. The organization provides advocacy, consulting, insurance, and educational services to its members, aiming to strengthen the middle entrepreneurial sector in Slovakia. The website is built on WordPress with modern plugins such as Elementor and Yoast SEO, indicating a mature digital infrastructure. The site is well-structured, mobile-optimized, and includes an event calendar and multimedia content to engage its audience. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is basic with a GDPR cookie consent mechanism but lacks explicit privacy and terms of service pages. Overall, the website is professional, trustworthy, and serves its target audience effectively.

The domain npc.sk is registered since 2013 and hosted via websupport.sk with DNSSEC enabled, indicating a legitimate and stable domain registration. However, the website content is inaccessible, returning a standard 404 Not Found error page with no metadata, structured data, or business information. There are no visible contact details, privacy or cookie policies, or any security-related disclosures on the site. The technical infrastructure appears minimal with no detectable scripts or frameworks, and no evidence of analytics or advertising technologies. Security posture is limited by the lack of content and security headers, though the domain registration data is consistent and trustworthy. Overall, the website currently does not provide any meaningful user experience or business presence online.

R

ROFUS - Register Over Frivilligt Udelukkede Spillere

rofus.nu

49

The website www.rofus.nu serves as a Danish government platform for voluntary gambling self-exclusion, allowing users to register via MitID to exclude themselves from online and physical gambling activities. The site is clearly targeted at Danish residents and integrates with national identity services, indicating a strong official backing. The technical infrastructure includes multiple third-party monitoring and analytics tools such as Dynatrace, New Relic, and Adobe Experience Cloud, reflecting a modern approach to performance and security monitoring. However, the absence of WHOIS registration data for the domain raises questions about domain legitimacy, although the content and external references strongly suggest it is a legitimate government service. Security posture is moderate with room for improvement in security headers and explicit privacy policies. Overall, the site is professionally designed, mobile-optimized, and provides a comprehensive cookie consent mechanism, but lacks visible contact and legal documentation on the domain itself.

K

Kasys

kasys.sk

41

Kasys is a Slovak company specializing in automated logistics systems for storage and archiving, including flexible barriers, marking, and aerosol fire extinguishing systems. The company appears to serve business clients requiring advanced warehouse automation solutions. The website is built on WordPress using the Avada theme and popular slider plugins, indicating a moderate level of digital maturity. While the site is accessible and uses HTTPS with DNSSEC enabled, it lacks visible privacy and cookie policies, security headers, and explicit contact information, which are important for compliance and trust. The domain is well-established since 2004, supporting the legitimacy of the business. Overall, the security posture is moderate but could be improved with better security practices and compliance documentation.

G

Geis SK s.r.o.

geis-group.sk

49

Geis SK s.r.o. is a well-established logistics and transportation company operating primarily in Slovakia with a strong international presence through its parent Geis Group. The company offers a comprehensive range of logistics services including pallet transport, full truckload transport, warehousing, air and sea freight, and packaging solutions. The website reflects a mature business with over 75 years of experience, targeting business customers requiring reliable logistics solutions. Technically, the website uses a modern tech stack including jQuery, Google Tag Manager, Hotjar, and a web chat system, hosted on a German hosting provider. The site is mobile optimized and provides good user experience and navigation. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks explicit security headers and publicly available incident response or vulnerability disclosure policies. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business. The site is free from adult or questionable content and complies well with GDPR requirements.

PRAGUE INSTITUTE is an established Czech language school founded in 2000, offering a broad range of language education services including group, corporate, and individual courses, as well as preparation for internationally recognized exams such as TOEFL and Cambridge English. The institute also provides translation and interpreting services, positioning itself as a comprehensive language education provider in the Czech Republic. The website reflects a medium-sized education business with a consistent brand and a strong market presence supported by official certifications and client references. Technically, the website employs a custom CMS with a technology stack including jQuery, Google Analytics, and Zopim Live Chat, but uses outdated JavaScript libraries that pose moderate security risks. The site is GDPR compliant with a clear cookie consent mechanism and privacy policy. Security posture is adequate but could be improved by updating libraries and adding security headers. Overall, the website is professional, trustworthy, and serves its target audience effectively.

F

Food Is Good

foodisgood.cz

43

Food Is Good is a small hospitality business specializing in catering services for weddings, celebrations, and corporate events primarily in South Bohemia, Czech Republic. The website presents a professional and consistent brand image with clear contact information and social media presence. The business model focuses on providing customized catering menus and event support, positioning itself as a local trusted catering provider. Technically, the website is built on WordPress using the Divi theme, leveraging modern web technologies including Google Fonts and Google Analytics. The site is mobile-optimized and implements standard SEO best practices. Security posture is solid with HTTPS enforced and appropriate security headers present, though explicit security policies and vulnerability disclosure mechanisms are absent. Privacy compliance is well addressed with comprehensive cookie and privacy policies and a consent mechanism. The lack of WHOIS data limits domain trust assessment but the website content and contact details support legitimacy. Overall, the site is well-constructed, secure, and compliant for its business scope.

P

PŮJČOVNA LODÍ NAPALUBU S.R.O.

napalubu.eu

49

PŮJČOVNA LODÍ NAPALUBU S.R.O. operates a professional boat rental and captain training service primarily focused on the Vltava, Slapy, and Orlík regions in the Czech Republic. The company offers modern and sport boats for rent, catering to customers both with and without boating licenses. The website reflects a well-established local business with a clear market position and a small company size. Technically, the site is built on WordPress with WooCommerce and uses common plugins for SEO, marketing, and user interaction, including Google Tag Manager and Facebook Pixel. Security posture is adequate with HTTPS enforced and reCAPTCHA on forms, though some security headers could be improved. Privacy compliance is strong with GDPR and cookie policies clearly presented and an opt-in consent mechanism. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

KOBODAS INDUSTRY s.r.o. is a small Czech company specializing in the sale of construction materials, targeting local customers and construction professionals. The website is currently a 'coming soon' placeholder with basic contact information, business hours, and company representatives listed. The technical infrastructure is based on WordPress with common plugins such as SeedProd for coming soon pages, jQuery, Tailwind CSS, and FontAwesome. The site is mobile responsive but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled but missing important security headers and privacy policies. No WHOIS data was available, which limits domain legitimacy verification. Overall, the site presents a basic but functional online presence for a small local business.

D

DRAGON solutions s.r.o.

mindtreat.art

47

mindtreat.art is a Czech Republic based small healthcare service provider specializing in psychotherapy, coaching, seminars, and mindful dance activities. The business operates under DRAGON solutions s.r.o. and targets individuals seeking personal development and mental health support in Olomouc. The website is built on WordPress using the Divi theme and includes modern SEO and performance optimization plugins. Security posture is good with HTTPS and anonymized Google Analytics, but lacks DNSSEC and formal privacy policies. Contact information is clearly presented, enhancing business credibility. Overall, the site is professional and trustworthy with room for compliance improvements.

C

CLITIA a.s.

clitia.cz

47

CLITIA a.s. is a Czech holding company established in 1992, operating primarily in the energy, real estate, and hospitality sectors. The company manages a portfolio of subsidiaries engaged in electromontage, energy services, property rental and sales, and hospitality including hotels and wellness spas. The website presents a professional image with clear business information and contact details, targeting business clients and customers interested in these sectors. Technically, the site uses modern JavaScript libraries and a CMS platform, providing a good user experience with mobile optimization and clear navigation. However, the absence of WHOIS data and privacy policies reduces trust and compliance posture. Security headers are not detected, and no incident response or vulnerability disclosure information is provided, indicating room for improvement in security maturity. Overall, the website is functional and business-appropriate but would benefit from enhanced security and privacy compliance measures.

E

ELEKTRO-COMP spol. s r.o.

elektrocomp.cz

41

ELEKTRO-COMP spol. s r.o. is a Czech-based small enterprise specializing in electrical engineering services including manufacturing of fittings for low and high voltage poles, public lighting installation, high voltage work, surveying, and electrical project activities. The company has a long-standing presence since 1999, serving primarily local or regional clients in the energy sector. The website reflects a basic digital presence built on Joomla CMS with dated technology and limited modern features. Security posture is minimal with no visible HTTPS enforcement or security headers, and privacy compliance is basic with a privacy policy page but no cookie consent or GDPR explicit statements. Contact information is not clearly presented on the main page, limiting direct communication channels. Overall, the site is functional but lacks advanced technical and security maturity.

H

Hotel Rajská Zahrada

hotelrajskazahrada.cz

42

Hotel Rajská Zahrada is a spa and wellness hotel located in Nové Město nad Metují, Czech Republic, offering stylish accommodation, wellness services, a restaurant, fitness facilities, and event hosting. The hotel targets tourists, families, and wellness seekers, positioning itself as a regional hospitality provider with a focus on relaxation and active holidays. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and APIs, including Google Maps and reCAPTCHA, ensuring a secure and user-friendly experience. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the site demonstrates high trustworthiness and compliance with GDPR, supporting the legitimacy of the business. Recommendations include enhancing accessibility, publishing security and incident response policies, and continuous monitoring of third-party components.

B

BushcraftPortal.cz | Rady, tipy, návody, recenze produktů pro život v přírodě.

bushcraftportal.cz

38

BushcraftPortal.cz is a Czech language website dedicated to providing advice, tips, tutorials, and product reviews for outdoor bushcraft and survival enthusiasts. Established in 2012, it serves a niche audience interested in nature and survival skills, supported by a small but consistent content publishing model. The site integrates multimedia content including a YouTube channel and links to a partner e-commerce site, bushcraftshop.cz. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses common SEO and social sharing plugins, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies, which is a notable gap given the use of tracking technologies like Facebook Pixel. Overall, the website is functional, professionally designed, and trustworthy within its niche, but would benefit from enhanced privacy and security transparency.

R

Royal Spa, a.s.

diana-losiny.cz

48

The website www.diana-losiny.cz represents Wellness hotel DIANA Velké Losiny, a medium-sized hospitality business operating in the Czech Republic's Jeseníky region. It offers accommodation, wellness services, therapeutic procedures, sports facilities, and family-friendly amenities. The hotel is part of the Royal Spa group, a recognized spa and wellness operator in the Czech market. The site is professionally designed with good content quality, clear navigation, and mobile optimization, targeting tourists and wellness seekers. The business model focuses on hospitality and wellness services with additional conference facilities and gourmet cuisine offerings. Technically, the website uses a custom CMS platform with common JavaScript libraries such as jQuery, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is served over HTTPS with good SSL configuration, though security headers are not explicitly detected. Cookie consent mechanisms and privacy policies are implemented, indicating a good level of privacy compliance. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site shows good practices such as HTTPS enforcement and cookie consent but lacks explicit security policies and incident response information. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data reduces domain registration trustworthiness, but the strong brand association with Royal Spa and consistent business information support legitimacy. Overall, the site presents a low risk but would benefit from enhanced security headers and domain registration transparency. Strategic recommendations include implementing security headers, publishing a security policy and vulnerability disclosure, and verifying domain registration details to improve trust and compliance.

C

Cakir's Burger

cakirs.cz

41

Cakir's Burger is a small local burger restaurant based in Šumperk, Czech Republic, offering a variety of burgers and related menu items through an online e-shop and mobile application. The business focuses on providing diverse burger options including single, double, and triple burgers, along with sides and drinks, targeting general consumers seeking convenient food delivery and takeaway services. The website is professionally designed with good content quality and clear navigation, supporting online ordering and customer engagement features such as order tracking and bonus systems. Technically, the site employs modern web technologies including service workers and integrates external APIs like OpenStreetMap for geolocation services. However, the absence of WHOIS data and lack of visible security headers or explicit privacy and cookie policies indicate areas for improvement in transparency and compliance. The security posture is moderate with room for enhancement in SSL configuration and security best practices. Overall, the website presents a functional and user-friendly platform for its business model but should address privacy and security gaps to strengthen trust and regulatory compliance.

H

H+M Breakrstorm, s.r.o.

chatacervenohorskesedlo.cz

40

Chata Červenohorské Sedlo is a small hospitality business offering affordable mountain accommodation and related services in the Jeseníky region of the Czech Republic. The website highlights lodging options, restaurant services, parking, sports activities including skiing and cycling, group event hosting, and wellness facilities. The business targets tourists and visitors seeking budget-friendly stays above 1000 meters altitude with access to mountain activities. Technically, the website is built on WordPress using Elementor and supports multilingual content via TranslatePress. It employs Google Analytics and Tag Manager for visitor tracking but lacks visible privacy and cookie policies, which may impact compliance. Security posture is moderate with HTTPS enabled and use of reCAPTCHA on forms, but missing security headers and absence of WHOIS data reduce trust. Overall, the site is functional, well-structured, and provides clear contact information, but could improve privacy compliance and security transparency.

H

Hospůdka U Bosé nohy

ubosenohy.cz

37

Hospůdka U Bosé nohy is a small hospitality business operating a pub and restaurant in Brno Veveří, Czech Republic. The establishment offers traditional Czech pub food, daily lunch menus, and a selection of beers including Březňák from the Velké Březno brewery. The website presents clear business information, including contact phone number and physical address, and emphasizes quality beer service with a certification from Liga garantované kvality. The target audience is local residents and visitors seeking a traditional pub experience. Technically, the website uses legacy JavaScript libraries such as jQuery and related plugins for slideshows and lightbox functionality. The site has a moderate performance profile with basic mobile optimization and accessibility features. SEO is basic but sufficient for a small local business. No modern CMS or hosting provider information is detected. The site lacks privacy and cookie policies and does not implement user tracking or analytics, indicating minimal data collection. From a security perspective, the site does not present advanced security headers or policies, and no forms are present to collect sensitive data, reducing attack surface. However, the absence of HTTPS verification and security headers is a concern. The WHOIS data is missing, which reduces trustworthiness and raises questions about domain legitimacy. No WAF or blocking mechanisms are detected, and the site content is fully accessible. Overall, the website is functional and suitable for its business purpose but would benefit from improved security practices, privacy compliance, and domain registration transparency to enhance trust and compliance.

K

Králický Sněžník, z.ú.

kralickysneznik.net

43

Králický Sněžník, z.ú. operates a comprehensive tourism promotion website for the Králický Sněžník region in the Czech Republic. The site provides detailed information on local attractions, accommodation options, events, and live weather and webcam feeds, targeting tourists and visitors interested in outdoor activities and regional culture. The business model focuses on destination marketing and supporting local hospitality services. Technically, the website employs modern JavaScript libraries such as jQuery, Leaflet.js for interactive maps, and Google Tag Manager for analytics and tracking, indicating a moderate level of digital maturity. The site is mobile-optimized and features a cookie consent mechanism aligned with GDPR requirements. Security-wise, the website uses HTTPS with good SSL configuration and implements cookie consent, but lacks explicit security headers and incident response contact details, which are areas for improvement. The absence of WHOIS registrant data introduces some uncertainty regarding domain registration legitimacy, though the website content and contact information suggest a legitimate regional tourism entity. Overall, the website presents a professional and trustworthy front for regional tourism promotion with moderate technical and security maturity.

Z

ZŠ a MŠ Červená Voda

cvvoda.cz

47

The website www.cvvoda.cz serves as the official online presence for Základní a mateřská škola Červená Voda, an elementary and kindergarten school located in the Czech Republic. It provides essential information and resources for students, parents, and staff, including access to school portals such as Bakaláři and Office 365, school news, calendar events, and cafeteria ordering. The site targets the local community and is designed to facilitate communication and engagement with the school environment. Technically, the website employs a traditional web stack with jQuery, jQuery UI, and several UI enhancement libraries like Colorbox and Malihu custom scrollbar. The site is served over HTTPS, ensuring encrypted communication, and is moderately optimized for mobile devices with responsive design elements. However, it lacks modern security headers and advanced accessibility features, indicating room for technical improvement. From a security perspective, the site demonstrates basic good practices such as HTTPS usage and no visible exposure of sensitive data. Nonetheless, the absence of privacy and cookie policies, security.txt files, and vulnerability disclosure mechanisms highlight compliance and security posture gaps. The WHOIS data for the domain is unavailable, which limits the ability to fully verify domain legitimacy, though the website content and official links strongly suggest a legitimate educational institution. Overall, the website is functional and professional for its intended educational purpose but would benefit from enhanced privacy compliance, security hardening, and transparency measures to improve trust and regulatory adherence.

S

Služby obce Červená Voda, s.r.o.

socv.cz

40

Služby obce Červená Voda, s.r.o. is a small municipal services company serving the village of Červená Voda in the Czech Republic. The website provides information about local services such as water supply, sewage, technical services, waste collection, and local taxi services. The company appears to be a local government-related entity focused on providing essential community services. The website is built using CMS Bakery and employs several JavaScript libraries including jQuery, jQuery UI, Colorbox, Select2, and Swiper.js for UI enhancements. The site is mobile optimized and has a consistent branding approach, though it lacks comprehensive contact details and legal policies.

M

Město Jeseník

jesenik.org

45

Město Jeseník operates an official municipal website providing comprehensive information about the city, its services, cultural events, and public announcements. The site targets residents, visitors, and tourists, offering a centralized platform for city-related information and engagement. The website is well-established, with a domain registered since 1998, reflecting a mature digital presence. Technically, the site employs modern web technologies including jQuery, YouTube and Vimeo APIs, and Font Awesome icons, hosted via REG-WEBGLOBE. Security posture is solid with HTTPS enforced and cookie consent implemented, though it lacks explicit security headers and a published privacy policy. The site integrates Google Analytics for minimal user tracking and maintains active social media channels to engage its audience. Overall, the website is professional, trustworthy, and serves its public service role effectively.

The website www.trebonpenzion.cz represents a small family-run pension offering accommodation near Třeboň in the Czech Republic. It targets families, cyclists, fishermen, and tourists interested in the natural and historical attractions of the Třeboň region. The site provides detailed information about the pension's amenities, location, and nearby points of interest, supporting a local hospitality business model. Technically, the site uses legacy JavaScript frameworks like Dojo and integrates Google Analytics and Tag Manager for user tracking. The site is accessible and contains a cookie consent mechanism indicating GDPR awareness. However, no WHOIS data is available for the domain, which reduces trustworthiness and raises questions about domain registration transparency. Security headers are not detected, and SSL configuration details are unknown, suggesting room for improvement in security posture. Overall, the site is functional and informative but would benefit from enhanced security practices and clearer contact information.

Penzion Mlýnský Dvůr is a small family-run hospitality business located near Třeboň in the Czech Republic, offering accommodation in farm-style apartments and rooms with additional services such as horse riding, fishing, and event hosting. The website presents a well-structured and content-rich platform targeting families, cyclists, and groups seeking a nature-oriented vacation experience. Technically, the site uses standard web technologies including Google Fonts and Font Awesome, but lacks advanced frameworks or CMS identification. Security posture is moderate with HTTPS assumed but no visible security headers or incident response information. Privacy policies exist but lack active consent mechanisms. The absence of WHOIS data is a concern for domain legitimacy and trust, requiring further verification. Overall, the website is professional and trustworthy from a content perspective but would benefit from enhanced security and compliance measures.

V

Vak - Vodovody a kanalizace Jesenicka, a. s.

vakjes.cz

43

Vak - Vodovody a kanalizace Jesenicka, a. s. is a regional utility company based in Jeseník, Czech Republic, providing essential water supply and sewage management services. The company operates a customer service center and regularly communicates with its customers through news updates and public announcements. The website reflects a stable regional utility provider with a history dating back to 2003, indicating a mature market presence. Technically, the website is built on the Noteo Engine CMS platform, utilizing standard web technologies such as HTML5, CSS, JavaScript, and jQuery, with embedded multimedia content from YouTube and Vimeo. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the website enforces HTTPS and includes a cookie consent mechanism denying ad and analytics storage by default, but lacks published security policies or incident response contacts. Overall, the site is safe, professional, and trustworthy, though it would benefit from enhanced privacy and security disclosures.

Z

Zmizelé domy | Hradec nad Moravicí

zmizeledomy.cz

40

The website zmizeledomy.cz is an informational platform dedicated to documenting the history of vanished houses in Hradec nad Moravicí, Czech Republic. It provides historical descriptions, images, and an interactive map to educate the general public about local cultural heritage. The site is relatively new, established in 2023, and targets history enthusiasts and local residents interested in the town's architectural past. Technically, the site uses modern front-end libraries such as Bootstrap, jQuery, Font Awesome, and integrates the Mapy.cz API for mapping features. The design is professional and mobile-optimized, offering a good user experience with clear navigation. However, the site lacks critical privacy and security policies, including privacy, cookie, and terms of service documents, as well as contact information for business or security inquiries. Security headers and incident response mechanisms are absent, which lowers the security posture. No analytics or advertising scripts were detected, indicating minimal user tracking. Overall, the domain registration is consistent with the website's purpose and shows no suspicious patterns. Strategic improvements in privacy compliance and security practices are recommended to enhance trust and compliance.

C

Centrum pre umelú inteligenciu (CUI)

slovak.ai

46

AIslovakIA is a Slovak national platform dedicated to the development and promotion of artificial intelligence. It operates as a neutral, independent, and non-profit entity, connecting academia, industry, government, and international institutions to foster AI excellence in Slovakia. The platform is managed by the Center for Artificial Intelligence (CUI) and has founding members including the American Chamber of Commerce in Slovakia, IT Association of Slovakia, and the Slovak University of Technology in Bratislava. The website provides information about AI dialogue, infrastructure, education, and think tank activities, targeting professionals and stakeholders in the AI ecosystem. Technically, the website is built on WordPress with Elementor, using modern web technologies such as Bootstrap and jQuery. It is hosted likely by WebSupport, a Slovak hosting provider, and is optimized for mobile devices with good SEO practices. However, some technical improvements could be made, such as enabling DNSSEC and adding security headers to enhance security posture. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. The Google Analytics plugin is installed but not configured, indicating minimal user tracking currently. No privacy or cookie policies are present, which is a compliance gap under GDPR. Contact information is clearly provided, including an email and physical address, enhancing business credibility. Overall, the website is professional, trustworthy, and serves its purpose as a national AI platform. The main risks relate to privacy compliance and security hardening. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, and properly configuring analytics to balance data collection with user privacy.

G

GNSS Centre of Excellence

gnss-centre.cz

43

GNSS Centre of Excellence is a Czech national center coordinating GNSS activities, focusing on applications in aviation, railways, roads, and public administration. The organization partners with key governmental and commercial entities such as the Ministry of Transport and Prague Airport, positioning itself as a critical hub for GNSS technology development and validation in the Czech Republic. The website reflects a professional and consistent brand image, targeting government institutions and commercial sectors involved in satellite navigation and communication technologies. Technically, the site is built on WordPress with multilingual support and gallery plugins, hosted by WEDOS, a Czech hosting provider. Performance and mobile optimization are moderate, with room for improvement in accessibility and SEO. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced privacy and security disclosures.

Fórum pre komunikačné technológie is a Slovak non-profit organization established in 1996, focused on the development and operation of telecommunication broadband networks. The website serves as an informational portal for members and stakeholders, providing organizational details, event updates, and access to official documents. The organization holds a niche position within the Slovak telecommunications sector, targeting professionals and entities involved in communications technology. Technically, the website employs a modern but basic technology stack including Bootstrap, jQuery, and common analytics tools such as Google Analytics and Facebook Pixel. While the site is mobile-optimized and professionally designed, it lacks comprehensive privacy and cookie policies, as well as advanced security headers and incident response information. The security posture is moderate, with HTTPS usage but missing several best practices. Overall, the domain registration data aligns well with the organization's claims, supporting legitimacy and trustworthiness.

P

PARTNERSHIPS FOR PROSPERITY (PPP)

p3.sk

46

PARTNERSHIPS FOR PROSPERITY (PPP) is a Slovak non-governmental non-profit organization established in 2001, focused on fostering public-private partnerships in IT development, digital transformation, and responsible entrepreneurship. The organization targets government, business, and academic sectors to promote modernization projects in e-Government, e-Learning, and e-Business. The website reflects a professional and consistent brand presence with clear content and navigation, supporting its mission effectively. Technically, the site uses modern web technologies including Google Analytics and Tag Manager, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though lacks explicit security policies and incident response information. WHOIS data confirms domain legitimacy and consistency with the organization's history. Overall, the site is trustworthy and well-maintained, suitable for its audience and purpose.