High-risk security reports

U

Urban Market

urbanmarket.sk

37

Urban Market is a Slovakian event organizer specializing in large-scale sales exhibitions showcasing local author design, fashion, and artistic creations. The website positions itself as the largest such event in Slovakia, targeting a general audience including families. The business model revolves around organizing events and cultural programs that promote local creators. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, supplemented by event management plugins and Google Analytics for tracking. Hosting appears to be provided by Websupport with DNSSEC enabled, indicating a secure domain setup. Security posture is good with HTTPS and DNSSEC, but lacks explicit privacy, cookie, and security policies, which are important for compliance and trust. Overall, the site is professional and functional but could improve in privacy compliance and security transparency.

I

Ilona Polanski

ilonapolanski.com

44

Ilona Polanski's website serves as a professional portfolio showcasing a diverse range of creative works including posters, books, magazines, and commercial projects. The site targets art enthusiasts and potential clients seeking graphic design and artistic services. Technically, the website is built on WordPress using Elementor and WooCommerce plugins, leveraging modern web technologies and optimized for mobile devices. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers and privacy compliance mechanisms could be improved. The absence of WHOIS registration data raises some concerns about domain legitimacy, but the professional presentation and active social media presence support the site's credibility. Overall, the website is functional, visually appealing, and serves its business purpose effectively.

K

KOKOZA, o. p. s.

kokoza.cz

45

KOKOZA, o. p. s. is a Czech non-profit organization dedicated to promoting urban gardening, food cultivation, and composting within city environments. Their website serves as an educational platform inspiring and connecting communities to grow vegetables and fruits even in limited urban spaces such as terraces and window boxes. The organization focuses on community engagement and environmental sustainability. Technically, the website is built on WordPress using Elementor and enhanced with SEO and analytics tools like Rank Math and Google Tag Manager. The site is served securely over HTTPS with a good SSL configuration and uses modern web technologies and CDNs for performance. However, explicit privacy policies and terms of service are not present, which slightly impacts compliance and trust. Security posture is generally good, but the absence of security headers and incident response information suggests room for improvement. Overall, the website is professional, trustworthy, and well-positioned within its niche, but could enhance transparency and security documentation to improve compliance and user trust.

N

NetFronts Inc.

zeonhost.com

44

NetFronts Inc. is a small US-based web hosting provider established since 1996, offering shared, reseller, dedicated, and VPS hosting services along with domain registration and SSL certificates. The company targets small to medium businesses and resellers seeking affordable and scalable hosting solutions. Their market position is supported by a long domain age and claims of hosting over 30,000 domains. Technically, the website uses basic legacy technologies with JavaScript and Hsphere control panel references, and includes Google reCAPTCHA for form security. However, the site lacks modern CMS or frameworks and shows only basic mobile and accessibility optimizations. Security posture is moderate with no DNSSEC, no visible HTTPS enforcement, and absence of security headers, though reCAPTCHA is used to mitigate spam. Privacy compliance is limited with a privacy policy present but no cookie consent mechanism or GDPR indicators. Overall, the site is functional but could benefit from modernization and enhanced security practices.

F

FW Africa

afripackexpo.com

42

Africa Packaging Expos, operated by FW Africa, is a leading organizer of international trade shows focused on packaging materials, processing, and packaging technologies for various manufacturing and retail sectors across Africa. The company targets high-level professionals including investors and C-suite executives in industries such as food and beverage, agriculture, pharmaceuticals, and hospitality. The website demonstrates a professional digital presence built on WordPress with the Divi theme, incorporating modern web technologies and Google services for analytics and advertising. Security posture is generally good with HTTPS enforced, though some security headers are missing and no explicit vulnerability disclosure or security policy is found. The absence of WHOIS data for the domain raises concerns about domain registration transparency, which impacts trustworthiness. Overall, the website is functional, well-structured, and serves its business purpose effectively, but improvements in privacy compliance and domain transparency are recommended.

K

KOŚCIÓŁ REKTORALNY SANKTUARIUM BOŻEGO MIŁOSIERDZIA w Krakowie-Łagiewnikach

misericordia.eu

44

The website www.misericordia.eu represents the official portal of the KOŚCIÓŁ REKTORALNY SANKTUARIUM BOŻEGO MIŁOSIERDZIA in Kraków-Łagiewniki, Poland. It serves as a comprehensive information hub for religious services, pilgrimages, media broadcasts (live TV and radio), and community engagement related to the Divine Mercy Sanctuary. The site targets a general audience including pilgrims, parishioners, and the wider Catholic community, offering multilingual support and rich content including event calendars and religious publications. The business model is non-profit, focused on religious and community services with a medium organizational size and a founding date around 2002.

Římskokatolická farnost sv. Martina v Jámách is a small local Roman Catholic parish serving the community of Jámy in the Czech Republic. The website provides information about religious services, announcements, and contact details for parishioners and visitors. It also references a pilgrimage church in Slavkovice, indicating community and religious outreach. The site is simple, with a focus on clear communication rather than advanced digital features. Technically, the website uses basic HTML and CSS without detectable CMS or advanced frameworks. There is no evidence of analytics, tracking, or advertising technologies. Mobile optimization and accessibility are basic but functional. The site lacks modern security headers and there is no visible HTTPS confirmation in the provided data, which is a concern for security best practices. Security posture is minimal with no privacy or cookie policies present, and no incident response or vulnerability disclosure mechanisms identified. The WHOIS data is unavailable, likely due to privacy protection, which is reasonable for a small non-profit religious entity. Contact information is clearly presented, enhancing trustworthiness despite the lack of formal policies. Overall, the website is functional and trustworthy for its purpose but would benefit from improved security measures, privacy compliance, and technical modernization to enhance user trust and protection.

B

Biskupství brněnské

dekanstvi.cz

42

The website dekanstvi.cz serves as an informational platform for the Brno diocese, focusing on pastoral activities, spiritual events, and community engagement within local parishes. It is clearly affiliated with the Biskupství brněnské, providing targeted content for members of the religious community in the Czech Republic. The site uses modern web technologies such as Bootstrap and Google Fonts, and features an interactive SVG map to enhance user experience. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and ownership details. Technically, the website demonstrates moderate digital maturity with responsive design and good SEO practices. The lack of detected analytics or tracking scripts suggests a privacy-conscious approach, though no explicit privacy or cookie policies were found, indicating compliance gaps with GDPR requirements. Security posture is basic, with no visible security headers or incident response information, which could be improved to enhance trust and protection. Overall, the site is safe and appropriate for general audiences, with no adult or questionable content. The business credibility is supported by consistent branding and clear organizational affiliation, but the lack of contact information and privacy documentation reduces transparency. Strategic improvements in security headers, privacy compliance, and WHOIS transparency would strengthen the website's trustworthiness and compliance standing.

Grace Themes operates as a small business specializing in professional WordPress themes, targeting WordPress users and developers seeking quality themes. The website content is minimal, primarily serving as a demo or landing page linking to the main company site gracethemes.com. The technical infrastructure is basic, utilizing standard HTML and CSS with Google Fonts, hosted on servers associated with BigRock Solutions Ltd. There is no evidence of advanced frameworks or CMS detection beyond the business focus on WordPress themes. Security posture is weak, with no HTTPS or security headers visible in the provided data, and no privacy or cookie policies published, indicating low compliance with modern web security and privacy standards. The domain registration is consistent and legitimate, with no privacy protection or suspicious patterns, supporting moderate business credibility. Overall, the website is functional but lacks comprehensive content, security features, and compliance documentation, resulting in a moderate risk profile.

C

Centrum pro komunitní práci střední Čechy

cpkp-stc.cz

48

Centrum pro komunitní práci střední Čechy is a Czech non-profit organization focused on community work and development in the Central Bohemia region. The website presents the organization as a regional community support entity offering educational, consulting, and networking services to local stakeholders. The site is built on WordPress using the Divi theme, indicating a moderate level of digital maturity with a professional design and good mobile optimization. However, the absence of WHOIS data and lack of explicit privacy and cookie policies suggest gaps in transparency and compliance. Security posture is basic with no detected security headers or incident response information, which could be improved to enhance trust and protect user data. Overall, the website is functional and safe for general audiences but would benefit from enhanced security and compliance measures.

P

Pinkpill design

pinkpilldesign.com

44

Pinkpill design is a small creative duo consisting of Monika Baudisova and Jordi Trilla, specializing in illustration, graphic design, and animation. Their website serves as a portfolio showcasing their work and a shop for limited edition prints and merchandise. The business targets creative professionals and art enthusiasts, positioning itself as a niche provider of original visual identities and marketing content. The company operates primarily from Spain, with a domain registered since 2016, reflecting a stable presence in the creative industry. Technically, the website is built on WordPress using the Yoast SEO plugin and jQuery, hosted likely by CDmon based on DNS information. The site demonstrates good design quality, mobile optimization, and SEO practices, although accessibility features are basic. Performance is moderate, with no major technical issues detected. However, security practices could be improved by enabling DNSSEC and implementing security headers. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. There is no evidence of security or incident response policies, and no privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening to reduce risk and improve user trust.

M

Malvern Festival of Innovation

festival-innovation.com

46

The Malvern Festival of Innovation is a UK-based event organizer focused on promoting innovation through an annual festival that combines in-person and virtual experiences. The website presents a professional and consistent brand image, targeting entrepreneurs, technology experts, and businesses interested in future technologies and innovation. The festival is well-established since 2012 and enjoys national recognition. Technically, the website is built on Joomla CMS with common libraries such as jQuery and Bootstrap, delivering a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and CSRF tokens present, but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, which impacts compliance. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. Overall, the website is trustworthy and functional but could improve in privacy compliance and security best practices.

KAD::Systems is a small technology company specializing in developing Shopify applications aimed at improving e-commerce experiences. Their website presents a professional image with clear descriptions of their commitment to quality and customer satisfaction. The company targets Shopify users and e-commerce businesses, offering app development and support services. Technically, the site is built on the Tilda CMS platform, utilizing jQuery and Yandex Metrika for analytics. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. Security posture is moderate with no HTTPS or security headers explicitly confirmed, and no privacy or cookie policies are published, which impacts compliance and trust. WHOIS data is unavailable due to TLD restrictions, limiting verification of domain ownership and reducing overall trust. Contact information is clearly provided, including company domain email and US toll-free phone numbers. Overall, the site is functional and professional but would benefit from enhanced security, compliance, and transparency measures.

A

AMINOGRAM SAS

aminogram.com

49

Aminogram SAS is a French healthcare technology company specializing in bioimpedance measurement devices and software solutions for clinical nutrition, fitness, and research professionals. With over 20 years of innovation, Aminogram offers a comprehensive suite of products including medical devices, a web platform (BiodyManager), and a mobile app (Biody Connect), supported by educational content such as webinars. The company targets healthcare providers, nutritionists, and fitness coaches, positioning itself as a trusted innovator in body composition analysis. Technically, the website is built on WordPress with modern plugins and frameworks, providing a good user experience with mobile optimization and GDPR compliance. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC and additional HTTP security headers could enhance defenses. Overall, Aminogram demonstrates a mature digital presence with strong business credibility and compliance, though it lacks publicly disclosed security policies or incident response contacts.

R

Recyclingzentrum Zwickau

recyclingzentrum-zwickau.de

49

Recyclingzentrum Zwickau operates as a local recycling center in Germany, focusing on sustainable recycling services. The website serves primarily as an informational portal with links to partner companies Hofmann Metall and Hofmann Recycling. The digital infrastructure is based on the Contao CMS platform, integrating standard tracking and consent management tools such as Google Analytics and Usercentrics. The site demonstrates basic technical implementation with moderate performance and mobile optimization. Security posture is adequate with SSL enabled and IP anonymization for analytics, but lacks advanced security headers and explicit security policies. Privacy compliance is supported by a GDPR-compliant cookie consent mechanism and a privacy policy page. However, the absence of contact information and terms of service reduces business credibility. Overall, the website is functional but basic in content and security sophistication.

Zámek Poláky is a cultural heritage site and tourist attraction located in the Czech Republic, offering guided tours, special events, and seasonal programs. The website provides detailed visitor information including opening hours, ticket prices, and upcoming events, targeting tourists and local visitors interested in history and culture. The business operates primarily as a small-scale hospitality and tourism entity with a focus on cultural experiences. Technically, the website is built on Joomla CMS with modern frontend technologies such as Bootstrap 5 and jQuery, ensuring a responsive and user-friendly experience. The site is well-structured with appropriate meta tags and JSON-LD structured data for SEO. However, there is room for improvement in accessibility and performance optimization. From a security perspective, the website uses HTTPS and includes CSRF tokens, but lacks important security headers and privacy-related policies. The absence of WHOIS data raises concerns about domain registration legitimacy, although the website content and social media presence suggest a legitimate operation. No forms or tracking scripts were detected, indicating minimal data collection. Overall, the site is functional and informative but would benefit from enhanced security practices, privacy compliance, and domain registration transparency to improve trust and compliance posture.

H

Hugo na cestách

hugonacestach.info

42

Hugo na cestách is a Czech educational and cultural project centered around travel and heritage exploration within the Czech Republic and occasionally abroad. The website offers rich content including travel reports, photo galleries, and cultural insights, targeting a general audience interested in Czech history, architecture, and nature. The project appears to be run by an individual or small team, with the author identified as Michal Plaňanský. The site maintains a consistent brand and provides social media links to Google+, Facebook, and Twitter, enhancing its outreach. Technically, the website uses standard HTML5, CSS3, and JavaScript with jQuery and Lightbox libraries for interactive image galleries. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. There is no evidence of a CMS or modern frameworks. Security posture is limited due to missing HTTPS confirmation and absence of security headers. Privacy and cookie policies are not present, indicating compliance gaps. The WHOIS data is incomplete due to unsupported TLD WHOIS service, with no registrant or domain creation information available. This reduces trustworthiness from a domain registration perspective, although the website content itself appears legitimate and professional. No signs of malicious content or adult material were found. Overall, the site is a niche educational resource with good content quality but requires improvements in security, privacy compliance, and technical modernization to enhance trust and user experience.

C

Cargo Trans Logistik AG

ctl-ag.de

48

Cargo Trans Logistik AG operates as a medium-sized, independent logistics network specializing in piece goods logistics across Germany and Europe. The company leverages a network of over 200 system partners to provide a broad range of logistics services including standard, express, XXL, fixed date, and partial load transport solutions. Their business model emphasizes cooperation and IT-driven innovation, supported by an in-house software service provider. The website is professionally designed, multilingual, and optimized for user experience and SEO. Technical infrastructure is based on WordPress with modern plugins and image optimization, ensuring good performance and mobile responsiveness. Security posture is strong with HTTPS, cookie consent, and secure forms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the website and domain present a trustworthy and credible business presence in the transportation sector.

S

Strom života

zivotastrom.cz

49

Mobilní hospic Strom života is a Czech Republic based small-sized healthcare non-profit organization founded in 2015, providing mobile hospice care services to terminally ill patients and support to their families. The website reflects a professional and consistent brand presence with a clear focus on patient care and community support. Technically, the site is built on WordPress using the Divi theme, leveraging modern analytics and marketing tools such as Google Tag Manager, Microsoft Clarity, and Facebook Pixel. Security posture is good with HTTPS enforced and use of reCAPTCHA, though some security headers could be improved. Privacy compliance is strong with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the site is trustworthy, well-maintained, and serves its target audience effectively.

S

Sdílení o.p.s.

sdileni-telc.cz

48

Sdílení o.p.s. is a Czech non-profit organization specializing in hospice and palliative care services, supporting elderly and seriously ill individuals to remain at home with their families. Established since 2007, it offers a comprehensive range of healthcare and social services including nursing care, respite care, social counseling, and equipment rental. The organization maintains a strong local presence with clear contact information, active social media channels, and a professional website designed to engage donors and clients alike. Technically, the website is built on WordPress with modern frameworks like Bootstrap and includes GDPR-compliant cookie consent mechanisms. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure, though the absence of HTTP security headers and missing WHOIS data are areas for improvement. Overall, the site is well-structured, content-rich, and trustworthy from a user perspective, but domain legitimacy verification is hindered by unavailable WHOIS information.

H

Hospic Tempus, z.s.

hospictempus.cz

47

Hospic Tempus, z.s. is a Czech non-profit organization specializing in home hospice care services primarily in the Mělník and Prague-East districts. The organization collaborates with local healthcare providers to deliver expert home-based hospice care, psychosocial support, and respite services to patients and their families. Their website reflects a professional and community-focused approach, providing clear contact information and showcasing partnerships and testimonials that enhance trust. The business model centers on compassionate care within the patient's social environment, targeting patients requiring end-of-life care and their families in the region. Technically, the website employs modern web technologies including Bootstrap, jQuery, Font Awesome, and Fancybox, ensuring a responsive and user-friendly experience. The site includes a comprehensive cookie consent mechanism compliant with GDPR standards, indicating a mature approach to privacy compliance. However, the absence of explicit privacy and terms of service pages and missing WHOIS domain registration data are notable gaps. From a security perspective, the site uses HTTPS and implements cookie consent but lacks visible HTTP security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The missing WHOIS data reduces the ability to fully verify domain legitimacy, which is a risk factor. Overall, Hospic Tempus presents as a trustworthy and professional healthcare non-profit with a solid digital presence but would benefit from enhanced transparency in domain registration, privacy policies, and security disclosures to improve trust and compliance posture.

N

Northstar Travel Media Singapore Pte Ltd

cruiseworld-asia.com

46

CruiseWorld Asia is a professional event website representing a flagship cruise conference organized by Travel Weekly Asia, targeting travel agents and cruise industry professionals in the Asia Pacific region. The website provides detailed event information, speaker profiles, partner logos, and multimedia content, reflecting a well-established presence since 2017. Technically, the site is built on WordPress with common plugins and integrates Google services for analytics and security (reCAPTCHA). The hosting is via Namecheap, and the domain registration is consistent and stable with no privacy protection, indicating transparency. Security posture is moderate with HTTPS enabled but lacking DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy measures.

Č

ČeskoZdravě.cz

ceskozdrave.cz

42

ČeskoZdravě.cz is a well-established Czech online magazine focused on healthy lifestyle, natural treatment, prevention, and nutrition. Founded in 2015, it offers a broad range of articles and a disease database targeting a general audience interested in health and wellness. The website is built on WordPress using the Jannah theme, hosted by Wedos, a Czech hosting provider, reflecting a mature digital infrastructure. The site demonstrates good SEO practices, mobile optimization, and a consistent brand presence. Security posture is solid with HTTPS and security headers, though there is room for improvement in privacy compliance, particularly regarding cookie consent mechanisms. No critical vulnerabilities or blocking mechanisms were detected, indicating stable and accessible content.

B

BMW Wallis Motor Ljubljana

bmw-wallis.si

42

BMW Wallis Motor Ljubljana operates as an authorized BMW dealership and service center located in Ljubljana, Slovenia. The company offers new and used BMW vehicles, servicing, test drives, and related automotive services. The website reflects a medium-sized business with a clear focus on the automotive transportation sector, targeting BMW customers in the local region. The business was founded in 2020, consistent with the domain registration date, and maintains consistent BMW branding and professional presentation. Technically, the website is built on WordPress using the Divi theme, enhanced with plugins such as WooCommerce, UberMenu, Ajax Search Pro, and Matomo analytics. The site is mobile-optimized and shows moderate performance. HTTPS is enabled, ensuring secure communication, but lacks some advanced security headers. The site does not currently display privacy or cookie policies, which impacts its privacy compliance score. From a security perspective, the site demonstrates good basic practices with no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The use of Matomo analytics indicates moderate user tracking without a visible consent mechanism, which may raise GDPR compliance concerns. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, improved security headers, and explicit security and incident response policies to strengthen its security posture and regulatory adherence.

G

Gostisce-Dolinsek.com

gostisce-dolinsek.com

43

Gostišče Dolinšek is a hospitality business located in Slovenia offering a range of services including restaurant dining, event hosting such as weddings, catering, and accommodation in luxury rooms. The website positions the business as a local gourmet destination with a focus on quality food, excellent wine selection, and memorable experiences. The target audience includes local and regional visitors seeking fine dining and event venues. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies and Google Analytics for visitor insights. The site is mobile optimized and provides clear navigation and contact options. Security posture is good with HTTPS and GDPR compliance, though there is room for improvement in security headers and incident response transparency. The domain WHOIS data is missing, which raises some concerns about domain legitimacy, but the website content and presentation are professional and trustworthy. Overall, the site represents a credible small hospitality business with a solid digital presence.

D

D-energy s.r.o.

d-energy.cz

47

D-energy s.r.o. is a Czech-based energy services provider specializing in projects that guarantee future savings through the Energy Performance Contracting method. Established in 2011, the company has invested over 650 million CZK in energy-saving projects and is a member of the Czech Association of Energy Service Providers (APES). Their key services include energy services and EPC, construction and delivery works, project documentation, design-build, energy management, and consulting services. The website is professionally designed, well-structured, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the website runs on WordPress with modern plugins such as Yoast SEO, Contact Form 7, and Complianz GDPR for cookie management. It integrates Google Tag Manager and Google Maps API for analytics and location services. Hosting and DNS are managed via REG-WEDOS and Cloudflare, ensuring reliable infrastructure. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. However, explicit security headers are not visibly set in the HTML, and no published security policy or incident response contacts are found. No vulnerabilities or exposed sensitive data were detected. The domain registration data is consistent with the business claims, showing a mature and trustworthy online presence. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance the security posture and trustworthiness.

A

Autoplachty Gejza Vajda s.r.o.

autoplachtyvajda.sk

44

Autoplachty Gejza Vajda s.r.o. is a Slovak company established in 1992 specializing in manufacturing autoplachty (truck tarpaulins), large-format digital printing, and rental of storage halls. The company serves customers primarily in Slovakia and Europe, offering tailored products with a focus on quality and innovation. Their website reflects a professional business with clear service offerings and contact information. Technically, the site uses modern web technologies including PHP, JavaScript, and CookieYes for cookie consent, and is built on the MODX CMS platform. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and formal security policies. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and accessible online presence. Overall, the site demonstrates a solid digital maturity for a small manufacturing business.

D

Darklace Limited

kvpzr.cz

47

Adell Casino is an online gambling platform operated by Darklace Limited, licensed in Cyprus. The website offers a variety of casino games including slots, live dealer games, jackpots, and video poker, targeting adult players primarily in Czech and German languages. The platform provides demo modes, multiple payment options, and various bonuses to attract and retain players. Technically, the site is built on modern frameworks such as Next.js and React, hosted behind Cloudflare DNS services, and shows moderate performance and good mobile optimization. However, the site lacks explicit privacy and terms of service pages, security headers, and incident response contact information, which are critical for compliance and trust. The WHOIS data shows a suspicious domain creation date in the future, which raises concerns about legitimacy. Overall, the site is functional and professional but requires improvements in security posture and compliance documentation.

Římskokatolická farnost Fulnek is a small non-profit religious organization serving the Fulnek community in the Czech Republic. The website provides parishioners and visitors with information about religious services, announcements, events, and church tours. The site is built on WordPress and uses several plugins to enhance user experience, including sliders and portfolio galleries. The target audience is local parishioners and visitors interested in church activities. The organization has maintained the domain since 2010, reflecting a stable presence in the community. Technically, the website employs a standard WordPress infrastructure with common plugins such as Smart Slider 3 and Visual Portfolio. The site is hosted with a Czech registrar and uses HTTPS, ensuring secure communication. Performance is moderate with good mobile optimization, though accessibility and SEO could be improved. Analytics are implemented via Google Analytics, but no visible cookie consent or privacy policy is present, indicating compliance gaps. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, it lacks security headers and a formal privacy or cookie policy, which are important for GDPR compliance and user trust. No incident response or vulnerability disclosure mechanisms are evident. The domain registration details are consistent and legitimate, supporting the site's trustworthiness. Overall, the website is functional and professional for its purpose but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

The website 'Kniha milosrdenství' is a small non-profit religious platform focused on Christian mercy and prayer, providing spiritual reflections, downloadable materials, and news updates primarily for the Czech Christian community. The domain is well-established since 2012 and hosted on Czech infrastructure, supporting its legitimacy and stable presence. Technically, the site uses basic HTML, CSS, and JavaScript with Google Analytics for visitor tracking but lacks modern CMS or advanced frameworks. Security posture is moderate with no visible security headers or privacy policies, and no HTTPS confirmation from the provided data, indicating room for improvement. Privacy compliance is low due to missing cookie and privacy policies and no consent mechanisms. Overall, the site is safe with no adult or questionable content, but it would benefit from enhanced security and privacy practices to improve trust and compliance.

P

Pěší pouť k Božímu milosrdenství - Pěší pouť

pout.cz

41

The website pout.cz is dedicated to organizing and providing information about the annual walking pilgrimage to Slavkovice, Czech Republic, focused on spiritual and religious activities related to Divine Mercy. The site targets a niche audience interested in religious pilgrimages and community events. The business model is non-commercial and community-driven, with offerings including event information, registration forms, and merchandise such as T-shirts. The domain is well established since 2006, supporting the site's legitimacy and history. Technically, the website uses a traditional HTML/CSS/JavaScript stack with jQuery libraries and embeds Google Forms for data collection. The site is hosted likely via the registrar Active24, a Czech hosting provider. The design and navigation are basic but functional, with moderate performance and limited mobile optimization. SEO and accessibility features are minimal but present. From a security perspective, the site uses HTTPS but lacks visible security headers and employs multiple versions of jQuery, which may introduce vulnerabilities. There are no privacy or cookie policies, and no explicit contact emails or phone numbers are provided, which impacts compliance and trust. The embedded Google Forms handle user data collection without visible privacy disclosures, representing a compliance gap. Overall, the website is safe and appropriate for general audiences, with no adult or questionable content. The domain registration data is consistent with the website's purpose and location. Strategic improvements in security headers, privacy compliance, and technical modernization would enhance the site's security posture and user trust.

S

Slavkovice, Svatyně Božího milosrdenství

slavkovice.cz

49

Slavkovice.cz is the official website of a religious pilgrimage sanctuary dedicated to Divine Mercy located in Slavkovice, Czech Republic. The site provides detailed information about church services, pilgrimage events, religious projects, and community activities, targeting pilgrims and the local Catholic community. The business operates as a non-profit religious entity with a focus on spiritual services and community engagement. Technically, the website employs modern frontend technologies including Bootstrap and jQuery, and is built on the FenomioFlow CMS platform. It is mobile responsive and offers a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and implements a cookie consent mechanism, but lacks visible security headers and formal privacy or terms of service pages. The absence of WHOIS data for the domain raises some concerns about domain registration legitimacy, although the website content and contact information appear professional and trustworthy. Overall, the site scores well in content quality and business credibility but should improve transparency and security practices.

A

Apoštol Božího milosrdenství

apostol.cz

48

The website www.apostol.cz represents a small non-profit religious organization focused on promoting trust in Divine Mercy through a magazine and pilgrimages. The site content is primarily in Czech and targets a religious audience interested in Catholic spirituality and community events. The organization appears to have a stable presence since 2006, with partnerships to related religious entities. Technically, the website uses modern frontend technologies including Bootstrap 5 and jQuery, and is powered by the FenomioFlow CMS platform. The site is mobile responsive and provides a good user experience with clear navigation and relevant content. Security posture is moderate with HTTPS enabled and a cookie consent mechanism implemented, but lacks visible security headers and a published privacy policy. No WHOIS data was found, which reduces trust signals but may be due to privacy protection. Overall, the site is safe, professional, and trustworthy for its niche audience.

M

Misijný sekretariát – pallotíni

pallotini.sk

44

Pallotíni is a Slovak non-profit mission secretariat focused on charitable projects primarily in Rwanda, Burkina Faso, and Madagascar. Their activities include supporting education, building religious and community centers, and aiding poor students to complete their studies. The organization targets donors, religious communities, and supporters interested in mission work. The website is built on WordPress with Yoast SEO and uses a moderate technical infrastructure hosted by Websupport. While the site is well-structured and content-rich, it lacks some advanced security headers and cookie consent mechanisms. The domain is well-established since 2005 with DNSSEC enabled, indicating a trustworthy presence. Overall, the site demonstrates good professionalism and trustworthiness but could improve in privacy compliance and security posture.

F

FW Africa

africadairysummit.com

44

The Africa Dairy Innovations Summit is a newly established event organized by FW Africa, positioned as the leading dairy industry event in Africa. It targets dairy industry investors, managers, professionals, and stakeholders, focusing on innovation and sustainability within the dairy sector. The business model revolves around event hosting, networking, and industry knowledge sharing, with additional revenue from sponsorship and exhibition opportunities. The website reflects a professional and consistent brand image, with clear event details and contact information, supporting its market positioning as a key industry summit in Kenya and the broader African region. Technically, the website is built on WordPress using the Divi theme, integrating Google Analytics and Matomo for visitor tracking. Hosting is via a provider associated with the domain's nameservers, likely a commercial hosting service. The site demonstrates good mobile optimization and SEO practices but lacks advanced security headers and DNSSEC, which are recommended for enhanced security. Performance is moderate, with no blocking or WAF detected, allowing full content access. From a security perspective, the site uses HTTPS with a valid SSL certificate and domain transfer protection. However, it lacks explicit security policies, privacy and cookie notices, and GDPR compliance indicators, which are critical for user trust and regulatory adherence. No incident response or vulnerability disclosure mechanisms are present. The WHOIS data is consistent with the business claims, showing a recent domain registration aligned with the event's founding year, and no privacy protection, indicating transparency. Overall, the website presents a moderate risk profile with good business credibility but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, enabling DNSSEC, adding security headers, and publishing security and incident response policies.

A

Africa Food Manufacturing (AFMASS) Expos

afmass.com

41

Africa Food Manufacturing (AFMASS) Expos operates as a leading organizer of international food and beverage manufacturing and milling industry trade shows across Africa, targeting key markets such as Kenya, Nigeria, Uganda, Zambia, and Tanzania. The company positions itself as the premier platform showcasing the latest technologies in grain storage, milling, processing, packaging, ingredients, laboratory technologies, and supply chain solutions for the food, beverage, milling, and hospitality sectors. The website reflects a professional digital presence built on WordPress with the Divi theme, integrating standard analytics and advertising tools such as Google Analytics and AdSense. However, the absence of WHOIS registration details raises questions about domain registration transparency.

S

Spolek A.K.N.

akncr.cz

48

Spolek A.K.N. is a Czech non-profit organization focused on strengthening the capacity of community foundations through collaborative projects supported by grant programs such as the Active Citizens Fund. The website presents detailed information about a two-year project (2020-2022) involving multiple Czech community foundations aimed at enhancing community leadership and activation roles. The organization operates in a niche non-profit sector with a clear mission to support civil society and community development in the Czech Republic. Technically, the website uses a CMS platform called inPage, with common web technologies including jQuery, Bootstrap, and FontAwesome. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is moderate, with HTTPS enabled and basic consent management via Google Analytics gtag, but lacks explicit privacy and cookie policies and security headers. No WHOIS data is available due to privacy protection, but the website content and external partner links indicate legitimacy. Overall, the site is professional and trustworthy but could improve in privacy compliance and security best practices.

T

TicTacROI.cz

tictacroi.cz

46

TicTacROI.cz is a Czech Republic based small marketing agency specializing in PPC advertising, web and e-commerce development, graphic design, social media management, web analytics, and consulting services. The company presents a professional and consistent brand image with a clear focus on creative marketing solutions for businesses. The website is built on WordPress using Elementor and integrates modern SEO and privacy compliance tools such as Yoast SEO and Complianz GDPR plugin. The technical infrastructure is solid with HTTPS enforced and Google Analytics for tracking, complemented by Google reCAPTCHA for form security. However, the site lacks explicit security policies and incident response information, which could be improved to enhance trust and compliance. Overall, the website is well-structured, user-friendly, and compliant with GDPR cookie regulations, reflecting a mature digital presence for a small marketing firm.

R

RND s.r.o.

rndoc.cz

48

RND s.r.o. is a Czech-based company specializing in railway freight transport and logistics services. With over 20 years of experience, it offers tailored logistics solutions including railway freight forwarding, dispatching, and leasing of specialized railway freight wagons. The company targets businesses requiring reliable and efficient rail transport across European and Asian networks. The website reflects a professional and well-structured digital presence, leveraging WordPress with modern plugins and SEO optimizations. Security measures include HTTPS and Google reCAPTCHA on forms, though some security headers are missing and privacy policies are not explicitly presented. The absence of WHOIS data reduces domain trustworthiness, but the detailed business information and contact channels support legitimacy. Overall, the site is well-designed, content-rich, and suitable for its business audience.

H

H-PRO GEO s.r.o.

h-progeo.cz

43

H-PRO GEO s.r.o. is a Czech Republic-based engineering company specializing in project design and geodetic services primarily for railway and transportation infrastructure projects. Established in 2017 as a subsidiary of Chládek & Tintěra, a.s., it continues a legacy dating back to 1997 through its predecessor. The company targets state and private sector clients involved in transportation construction across the Czech Republic. The website reflects a professional business presence with clear service descriptions and contact information. Technically, the website is built on WordPress, utilizing standard plugins including a GDPR cookie consent tool. It employs Google Fonts and includes some JavaScript libraries, though jQuery is commented out. The site is mobile-optimized with good navigation and SEO practices. Performance is moderate, and accessibility is basic but functional. From a security perspective, the site enforces HTTPS and implements a cookie consent banner, indicating some compliance with privacy regulations. However, no advanced security headers were detected, and no privacy policy or terms of service pages are present, which are gaps in compliance and security posture. The absence of WHOIS data for the domain reduces trust in domain legitimacy, although the website content and contact details appear consistent and professional. Overall, the website is a good representation of a small specialized engineering firm with room for improvement in security best practices, privacy documentation, and domain registration transparency.

D

Digitalka s.r.o.

digitalka.cz

44

Digitalka s.r.o. is a Czech-based creative digital agency specializing in online communication strategies, digital marketing, web development, SEO, PPC, social media marketing, and corporate identity services. The company positions itself as a client-focused agency delivering measurable performance and attractive internet presentations. Their market presence is supported by a portfolio of clients and a Google Partners certification, indicating a reputable standing in the digital marketing sector. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content relevant to their services and target audience. Technically, the website is built on WordPress using modern plugins such as WPBakery Page Builder and Slider Revolution. It integrates multiple analytics and tracking tools including Google Analytics, Microsoft Clarity, and LinkedIn Insight Tag, alongside a GDPR-compliant cookie consent mechanism powered by Cookiebot. The site demonstrates good SEO practices and moderate performance, with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and employs cookie consent management, but lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the analysis. The absence of WHOIS data reduces domain trustworthiness, but the website content and business information suggest a legitimate and operational company. Overall, Digitalka.cz presents a solid digital presence with good content quality, technical implementation, and privacy compliance. Strategic recommendations include enhancing security headers, publishing security policies, and conducting regular security audits to strengthen their security posture and trustworthiness.

M

Město Lovosice

tclovosice.cz

38

The website www.tclovosice.cz represents the Technologické centrum Lovosice, a technology center serving the town of Lovosice in the Czech Republic. It primarily provides IT services such as record management (spisová služba), server hosting, internet, email, and web services targeted at local government and public administration entities. The site content is in Czech and includes historical updates about service maintenance and upgrades, indicating an operational presence since at least 2011. The business model is focused on public sector IT support with a small-scale local footprint. Technically, the website is built on BlazeBlogger CMS, with basic HTML and CSS. It lacks modern frameworks or advanced technical features. Performance and mobile optimization are basic, and SEO and accessibility features are minimal. No analytics or tracking scripts were detected, indicating a low level of digital marketing maturity. From a security perspective, the site uses HTTPS for some services but lacks visible security headers and formal privacy or cookie policies. No WHOIS data was retrievable, which raises concerns about domain registration transparency. The absence of contact emails or phone numbers on the main page limits direct communication channels. Overall, the security posture is moderate but could be improved by implementing standard security headers, privacy compliance, and clearer contact information. The overall risk assessment suggests the site is functional and serves its intended audience but has gaps in compliance and security best practices. Strategic recommendations include adding privacy and cookie policies, improving security headers, verifying domain registration details, and enhancing contact transparency to build trust and compliance.

R

Roudnické městské služby, p.o.

roudnickesluzby.cz

44

Roudnické městské služby, p.o. is a municipal organization serving the city of Roudnice nad Labem, Czech Republic. The organization provides essential city technical services including operation of the winter stadium, swimming pool, and collection yard. The website targets local residents and visitors seeking information about these municipal services. The business model is that of a government-funded public service entity with a medium organizational size and a clear local focus. Technically, the website employs a modern frontend stack including Bootstrap, jQuery, FontAwesome, and Google Tag Manager for analytics. The site is mobile responsive and has a cookie consent mechanism implemented, indicating some level of privacy awareness. However, no CMS or hosting provider information is evident, and performance is moderate. Accessibility is basic but present. From a security perspective, the site uses HTTPS (assumed from external Google APIs usage), but no explicit security headers were detected. There is no visible privacy policy or terms of service, and no incident response or vulnerability disclosure information is provided. The WHOIS data is missing, which reduces trustworthiness somewhat, but the presence of official contact information and consistent branding supports legitimacy. Overall, the website is functional and professional for its purpose but would benefit from improved transparency in privacy and security policies, enhanced security headers, and verified domain registration information to strengthen trust and compliance.

R

Roudnické městské služby

bazenroudnice.cz

40

The website www.bazenroudnice.cz serves as the official online presence for the indoor swimming pool facility in Roudnice nad Labem, operated by Roudnické městské služby. It provides visitors with comprehensive information about the pool's facilities, operating hours, ticketing options, and current news updates. The target audience primarily includes local residents and visitors interested in swimming and wellness services. The business operates as a public municipal service, focusing on community wellness and recreational activities. Technically, the website is built on the WordPress CMS platform, utilizing common plugins such as WPBakery Page Builder, jQuery, Bootstrap, and various sliders for enhanced user experience. The site is mobile-optimized and presents a professional design with clear navigation. Performance is moderate, with room for improvement in SEO and accessibility features. From a security perspective, the site benefits from HTTPS encryption but lacks important security headers and publicly available security policies. There is no evidence of tracking or analytics scripts, indicating minimal user data collection. The absence of privacy and cookie policies suggests compliance gaps with GDPR and related regulations. No vulnerabilities or malicious content were detected. Overall, the website is legitimate and trustworthy, representing a municipal service with clear contact information and consistent branding. However, improvements in privacy compliance, security headers, and accessibility would enhance its security posture and regulatory adherence.

Ř

Říp, o.p.s.

kulturaroudnice.cz

47

Říp, o.p.s. operates the KulturaRoudnice.cz portal, a local cultural platform focused on promoting and managing cultural and leisure activities in Roudnice nad Labem and the surrounding Podřipsko region. The portal provides event listings, ticket pre-sales, and additional services such as venue rentals and poster placements. The organization positions itself as a key local cultural facilitator serving residents and visitors with a user-friendly, content-rich website. Technically, the site leverages modern web technologies including Bootstrap, jQuery, and Google Analytics, ensuring responsive design and moderate performance. Security measures include HTTPS enforcement, CSRF tokens, and a cookie consent mechanism, though explicit security headers and incident response policies are absent. The lack of WHOIS data limits domain trust verification but is likely due to privacy protection, which is reasonable for a small non-profit. Overall, the site demonstrates good business credibility and privacy compliance, with room for security enhancements.

K

Knihovna Ervína Špindlera

knihovnaroudnice.cz

38

Knihovna Ervína Špindlera is a public library serving the community of Roudnice nad Labem, Czech Republic. It operates as an organizational unit of the city, providing access to physical and electronic books, cultural events, and educational resources. The website reflects a well-structured and community-focused institution with clear contact information and links to an external KOHA catalog system. The library benefits from EU co-financed modernization projects enhancing accessibility and community engagement. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, and Google Fonts, ensuring a responsive and user-friendly experience. However, there is room for improvement in security practices, such as implementing security headers and publishing privacy and cookie policies to enhance compliance and user trust. The absence of WHOIS data limits domain legitimacy verification but the official city affiliation and professional presentation support its credibility. Security posture is moderate with HTTPS implied but lacking explicit security headers and vulnerability disclosures. No tracking or advertising scripts were detected, indicating minimal user tracking and a privacy-conscious approach. Overall, the site is safe, professional, and serves its public service mission effectively.

S

Svazek obcí Podřipsko

svazekpodripsko.cz

44

Svazek obcí Podřipsko is a voluntary association of 23 municipalities in the Litoměřice district of the Czech Republic, focused on regional development and cooperation. Founded in 2004, it operates as a non-profit government entity headquartered in Roudnice nad Labem. The website serves as an official informational portal providing contact details, news, and links to member municipalities. The technical infrastructure is basic, relying on standard HTML and CSS without modern frameworks or CMS detected. Hosting and domain registration are managed by WEDOS, a reputable Czech provider, with the domain registered since 2010, consistent with the organization's history. Security posture is minimal with no detected HTTPS enforcement or security headers, and no privacy or cookie policies are published, indicating room for compliance improvements. No forms or tracking scripts are present, reducing data privacy risks but also limiting user engagement features. Overall, the site is functional and trustworthy but would benefit from enhanced security and privacy practices.

S

Sdružení obcí pro nakládání s odpady SONO

sdruzenisono.cz

47

Sdružení obcí pro nakládání s odpady SONO is a Czech non-profit association focused on municipal waste management, providing consultancy, support for landfill construction, and hazardous waste collection services to its 93 member municipalities. The organization has a long history dating back to 1993 and maintains a professional online presence with clear contact information and relevant content tailored to local government entities. Technically, the website is built on Joomla CMS with modern frameworks like Bootstrap and jQuery, hosted by WEDOS, and optimized for mobile devices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No analytics or advertising scripts are present, reflecting a privacy-conscious approach. Overall, the website is trustworthy, well-structured, and compliant with GDPR requirements.

M

Místní akční skupina Podřipsko, z. s.

maspodripsko.cz

42

Místní akční skupina Podřipsko, z. s. is a Czech non-profit organization dedicated to regional and community development in the Podřipsko area. The organization manages EU and national funding programs, supports local businesses and municipalities, and promotes sustainable development initiatives. Their website is built on WordPress and integrates various plugins for content management, photo galleries, and download management. The site is well-structured, mobile-optimized, and provides comprehensive information about projects, funding opportunities, and community events. Security posture is adequate with HTTPS enabled and some security best practices in place, though improvements in security headers and cookie consent mechanisms are recommended. WHOIS data confirms the domain's legitimacy and consistency with the organization's history. Overall, the website presents a professional and trustworthy digital presence for a regional non-profit entity.