High-risk security reports

C

Czechtour

czechtour.net

39

The website www.czechtour.net represents an established chess tournament series in the Czech Republic, active since 2001. It organizes multiple international chess festivals including the well-known CZECH OPEN Pardubice. The site targets chess players and their families, offering tournament participation and accommodation discounts. Technically, the site uses Plume CMS with common JavaScript libraries and Google Analytics for visitor tracking. However, it lacks visible privacy and cookie policies, and no contact information is explicitly provided on the main pages. Security posture is weak due to missing HTTPS confirmation and absence of security headers. WHOIS data is unavailable or the domain is not found in the registry, raising concerns about domain legitimacy and registration status. Overall, the site provides relevant content but requires improvements in security, privacy compliance, and transparency to enhance trust and compliance.

M

Montenegro Chess Federation and the European Chess Union

eycc25.me

46

The European Youth Chess Championship 2025 website serves as the official online presence for a major youth chess event organized by the Montenegro Chess Federation and the European Chess Union. It provides comprehensive event details including registration, official information, venue, accommodation, travel, rules, prizes, and contact pages. The site targets youth chess players and national federations across Europe, positioning itself as a key resource for participants and stakeholders. Technically, the site is built on WordPress with popular plugins like Slider Revolution and WPBakery Page Builder, delivering a modern and responsive user experience with good SEO practices. Security posture is adequate with HTTPS enabled and domain transfer protection, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is basic with a privacy policy and cookie consent banner present, but lacks detailed GDPR compliance indicators or terms of service. Overall, the site is professional, trustworthy, and well-aligned with its event purpose, though it could benefit from enhanced security and compliance transparency.

E

European Chess Union

eccc2025.com

43

The European Chess Club Cup 2025 website serves as the official information portal for the 40th European Chess Club Cup and the 29th European Women’s Chess Club Cup, scheduled in Rhodes, Greece. It targets European chess federations, clubs, players, and enthusiasts by providing event details, prize fund information, live results, news, and media content. The site is affiliated with the European Chess Union and uses official branding and external links to ECU resources, reinforcing its legitimacy and market position within the chess sports event domain. Technically, the site is built on WordPress with common plugins and libraries, including WPBakery Page Builder and Google Analytics, delivering a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. The domain WHOIS data shows an unusual future creation date, which slightly undermines trust but does not negate the site's apparent legitimacy. Overall, the website is professional, functional, and trustworthy for its purpose but would benefit from enhanced privacy and security disclosures.

Š

Šachový svaz České republiky z. s.

chess.cz

40

Šachový svaz České republiky z. s. is the official Czech Chess Federation, serving as the national governing body for chess activities in the Czech Republic. The website provides comprehensive information about chess competitions, commissions, training, and events targeted at chess players, clubs, coaches, and enthusiasts. It maintains partnerships with recognized chess organizations such as FIDE and the European Chess Union, reinforcing its authoritative position in the chess community. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and Font Awesome. It is mobile-optimized and features a structured event calendar, partner showcases, and social media integration. Performance is moderate with good SEO and accessibility basics in place. From a security perspective, the site enforces HTTPS and uses sandboxed iframes for advertising, but lacks some recommended security headers and a cookie consent mechanism. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain legitimacy verification, though the site appears professional and trustworthy. Overall, the website is a well-maintained, content-rich platform supporting the Czech chess community, with room for improvement in privacy compliance and security hardening.

ProScholy.cz is a Czech non-profit platform dedicated to supporting Christian musicians, choirs, and worship leaders by providing resources such as a songbook, a music database, and online support. The platform is volunteer-driven with over 50 contributors and targets a niche community within the Czech Republic. Technically, the website uses a modern but simple tech stack including Bootstrap, jQuery, Google Fonts, and Google Analytics. The site is mobile responsive and well structured, though some SEO and accessibility features could be improved. Security posture is moderate with HTTPS usage and no exposed sensitive data, but lacks security headers and visible privacy or cookie policies. The WHOIS data is consistent with the website's claims, showing a domain registered in 2018 with a Czech registrar, supporting legitimacy. Overall, the site is functional and trustworthy but could improve privacy compliance and security best practices.

K

Komunita Sant'Egidio

santegidio.cz

41

Komunita Sant'Egidio is a Czech non-profit community organization dedicated to prayer, aiding the poor, and promoting peace. The website serves as a platform to engage volunteers, provide information about charitable events such as Christmas meals for the homeless, and share news about their activities across several Czech cities. The organization targets vulnerable populations and volunteers, operating primarily through donations and community involvement. Technically, the website is built on WordPress using a modern theme and plugins, with good mobile optimization and basic SEO practices. Security measures include HTTPS and Google reCAPTCHA, but lack published privacy policies and security headers, which are areas for improvement. The absence of WHOIS data limits domain trust assessment, but the website content and structure indicate a legitimate and professional non-profit entity.

P

Přátelé společenství Cenacolo, z.s.

cenacolo.cz

41

Cenacolo Česká republika is a small non-profit community organization dedicated to supporting individuals struggling with addiction and their families through spiritual and community activities. The website provides information about prayer intentions, parent clubs, and community meetings primarily in the Czech Republic. The organization appears well-established with a domain age since 2005 and official registration details. Technically, the website is built on WordPress using Elementor and Astra theme, with moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but lacks security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy but could improve compliance and security transparency.

The website vecerychval.cz serves as a platform for organizing and promoting worship and praise events primarily in the Czech Republic. It targets individuals interested in religious community gatherings and provides event schedules, blog content, and online streaming options. The site is small-scale and community-focused, with a domain age of over 15 years, indicating a stable presence. Technically, the site uses common web technologies such as jQuery, Bootstrap, and Google Analytics, hosted likely by WEDOS, a Czech hosting provider. The design is professional and mobile-optimized, offering a good user experience with clear navigation. However, the site lacks visible privacy and cookie policies, which impacts compliance and user trust. Security posture is moderate, with HTTPS presumably enabled but missing important security headers and vulnerability disclosures. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the site is legitimate and functional but would benefit from enhanced privacy compliance and security hardening.

E

Evangnet, z. s.

evangnet.cz

43

Evangnet.cz is a Czech-language independent evangelical Christian portal primarily serving the Českobratrská církev evangelická community. It offers a variety of services including news articles, event calendars, online worship broadcasts, discussion forums, and resource materials. The portal operates as a non-profit entity and targets evangelical Christians within the Czech Republic. The website content is regularly updated and reflects a consistent branding aligned with its religious mission. Technically, the site uses legacy JavaScript libraries such as jQuery 1.11.2 and jQuery UI, along with CSS and FontAwesome for styling and icons. While the site is functional and content-rich, it lacks modern security headers and uses outdated libraries that may expose it to vulnerabilities. The absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is understandable for a non-profit religious organization. Overall, the site is moderately secure and credible but would benefit from technical and compliance improvements.

I

ITS mobility GmbH

its-mobility.de

48

ITS mobility GmbH operates as one of the largest competence clusters for intelligent mobility in Germany, headquartered at the Forschungsflughafen in Braunschweig. The organization serves a broad audience including businesses, scientific institutions, associations, and municipalities, with over 200 members collaborating to advance intelligent mobility solutions. The website reflects a professional and well-structured digital presence, leveraging WordPress CMS with modern plugins such as Elementor and All in One SEO to optimize content delivery and search engine visibility. Social media integration includes Instagram, YouTube, and LinkedIn, enhancing outreach and engagement. From a technical perspective, the website employs a contemporary technology stack with WordPress 6.8.3, Astra theme, and various plugins for SEO and user experience enhancements. The site is mobile-optimized and demonstrates moderate performance. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure; however, the absence of security headers and explicit security policies suggests room for improvement. Analytics are implemented via Google Tag Manager, indicating moderate user tracking. Security-wise, the site lacks explicit privacy and cookie policies, as well as incident response or vulnerability disclosure mechanisms, which are critical for GDPR compliance and user trust. No WAF or blocking mechanisms were detected, and the WHOIS data, while minimal, does not raise immediate concerns but lacks detailed registrant information. Overall, the site is safe, professional, and trustworthy but would benefit from enhanced privacy compliance and security best practices. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, publishing incident response and vulnerability disclosure information, and improving contact information visibility to bolster user trust and regulatory compliance.

M

Mobil in Pulse

mobilinpulse.com

45

Mobil in Pulse is a well-established French non-profit association dedicated to intelligent mobility and transportation systems. The organization acts as a network connecting public and private stakeholders to promote sustainable and innovative mobility solutions. With over 50 years of history, the association recently rebranded to Mobil'in Pulse and maintains a strong presence in the ITS sector through publications, events, and working groups. The website reflects a professional and comprehensive digital presence targeting mobility professionals and decision-makers. Technically, the website is built on WordPress with WooCommerce integration, leveraging modern libraries such as jQuery, Flickity, and Materialize CSS. SEO is enhanced by Rank Math, and analytics are implemented via Google Analytics. Hosting is provided by OVH sas, a reputable provider. The site performs moderately well with good mobile optimization and accessibility features, though some improvements could be made in accessibility and performance tuning. From a security perspective, the site uses HTTPS and has domain protections in place, but lacks DNSSEC and important security headers like CSP and HSTS. No explicit security or incident response policies are published, and cookie consent mechanisms are absent, which may pose compliance risks. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website is trustworthy and professional, with strong business credibility and content quality. Strategic recommendations include enhancing security headers, enabling DNSSEC, implementing cookie consent, and publishing security policies to improve compliance and trust.

B

Bulgarian Intelligent Transport Systems Association

bitsa.bg

43

The Bulgarian Intelligent Transport Systems Association (BITSA) is a specialized expert association focused on the development and promotion of intelligent transport systems in Bulgaria. It operates as part of the ITS Europe partner network, aiming to enhance sustainable, safe, and efficient transportation through policy advocacy, projects, and stakeholder engagement. The website reflects a professional and consistent brand presence with clear mission and vision statements targeting transport sector professionals and partners. Technically, the website is built on WordPress using Elementor and integrates modern web technologies including Bootstrap and Google reCAPTCHA for form security. Hosting is provided by a reputable Bulgarian hosting provider, inferred from the nameservers. The site is mobile-optimized and SEO-friendly with structured data and meta tags properly implemented. From a security perspective, the site uses HTTPS and includes reCAPTCHA to protect forms, but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. The WHOIS data is privacy protected in compliance with GDPR, which is justified for this type of organization. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, BITSA's website demonstrates a solid digital presence with good business credibility and technical implementation. Enhancing privacy compliance and security headers would further strengthen its security posture and trustworthiness.

I

ITS.be

its.be

43

ITS.be is a well-established public-private non-profit organization focused on accelerating the deployment of intelligent transport systems and linked mobility services in Belgium. The website reflects a professional and consistent brand presence with a clear focus on sustainable mobility and ITS solutions. The organization targets companies, public bodies, associations, and knowledge institutes involved in the ITS domain. Technically, the website is built on Drupal CMS with modern libraries such as Bootstrap and jQuery, and it uses Google Analytics for visitor tracking. The site is mobile-optimized and has good SEO and accessibility features, although accessibility could be improved further. Security posture is adequate with HTTPS enabled and IP anonymization in analytics, but lacks explicit security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. The domain registration data is consistent with the website's claims, showing a legitimate and trustworthy presence since 2007. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

K

Křižovnický domácí hospic

krizovnickapomoc.cz

37

Křižovnický domácí hospic sv. Anežky České is a Czech non-profit organization providing home hospice and palliative care services. The website presents a professional and consistent brand image, targeting patients and families in need of end-of-life care. The organization is relatively new, founded in 2021, and maintains partnerships with several healthcare and social service entities. Technically, the site is built on WordPress with common plugins and libraries, including Contact Form 7 and Google reCAPTCHA for spam protection. While HTTPS is properly configured, the site lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security headers are not visibly implemented, representing an area for improvement. Overall, the site is trustworthy and functional but could enhance privacy compliance and security posture.

The website at adank.de currently serves only as a bare directory index with no substantive content, metadata, or business information. There is no evidence of privacy, cookie, or terms of service policies, nor any contact details or security policies. The domain uses name servers from planetary-networks, indicating a hosting provider relationship, but no registrant details are available to confirm business legitimacy. Technically, the site lacks HTTPS and security headers, and no modern technologies or analytics are detected, reflecting a very low digital maturity level. Security posture is weak due to absence of HTTPS and security best practices, and the site is vulnerable to trust and compliance issues. Overall, the site appears inactive or under development, with minimal risk from content safety perspective but significant risks from a security and compliance standpoint.

E

einhard verlag gmbh

einhardverlag.de

46

Einhard Verlag GmbH is a small regional publishing company based in Aachen, Germany, specializing in religious and cultural publications including a church newspaper (KirchenZeitung), book publishing, and retail through a partner DomShop. The website is built on Drupal 10 and uses modern web technologies, providing a good user experience with clear navigation and mobile optimization. Security posture is adequate with HTTPS enabled but lacks some security headers and cookie consent mechanisms. The WHOIS data is limited but does not raise significant concerns. Overall, the site is professional and trustworthy within its niche.

M

Město Slatiňany

slatinany.cz

47

Město Slatiňany operates an official municipal website providing comprehensive information about the city, its administration, tourist attractions, public services, and community events. The site targets local citizens, tourists, and stakeholders interested in municipal affairs and regional culture. It serves as a digital portal for public communication and service delivery, reflecting the city's historical and cultural heritage. Technically, the website employs modern JavaScript libraries, cookie consent mechanisms, and integrates external services such as YouTube and social media platforms. The site is built on a custom CMS platform with responsive design and good SEO practices, ensuring accessibility and usability across devices. From a security perspective, the site enforces HTTPS and includes cookie consent for GDPR compliance. However, it lacks visible security headers and formal security or incident response policies. The absence of WHOIS data for the domain is a notable gap, though the website content and official contact details support its legitimacy. Overall, the website presents a professional and trustworthy digital presence for the municipality, with room for improvement in security policy transparency and domain registration clarity.

E

endboss

stadtlabor-wittenberg.de

44

Stadtlabor Wittenberg is a community-focused non-profit initiative aimed at fostering participatory urban development and cultural engagement in the Lutherstadt Wittenberg area. The project provides a physical space for collaboration, events, and workshops, managed by the interdisciplinary studio endboss. The website effectively communicates its mission, event calendar, and contact information, targeting local residents and community members interested in shaping their city's future. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile responsiveness and SEO optimization. Security posture is solid with HTTPS and no exposed sensitive data, though it lacks some security headers and formal privacy and cookie policies. Overall, the site is trustworthy and professionally maintained but could improve privacy compliance and security best practices.

B

Begegnungszentrum Wittenberg West e.V.

nachbarschaftstreff.net

49

The website represents the Begegnungszentrum Wittenberg West e.V., a small non-profit organization operating the Nachbarschaftstreff in Wittenberg West, Germany. The organization focuses on fostering community engagement, social support, and intergenerational cooperation through various events and volunteer projects. The website provides comprehensive contact information, event details, and encourages community participation. Technically, the site is built on the CIDEMOS CMS platform, uses modern web technologies including SVG graphics and a Swiper.js slider, and integrates Google Analytics for visitor tracking. The site is mobile-optimized and accessible, with a cookie consent mechanism in place. Security-wise, HTTPS is enabled, but there is a lack of security headers and no published incident response or vulnerability disclosure policies. The absence of WHOIS data for the domain reduces trust in domain legitimacy, although the website content and contact details appear authentic and consistent with a local community organization. Overall, the site is functional, informative, and serves its target audience effectively, but could improve security posture and domain transparency.

L

Leben in Wittenberg

leben-in-wittenberg.de

46

Leben in Wittenberg is a professionally maintained city marketing website promoting the Lutherstadt Wittenberg region as a vibrant place to live, work, and visit. It targets residents, students, and prospective movers with comprehensive information on housing, culture, events, and local businesses. The site leverages modern web technologies including Craft CMS, Splide.js, and Alpine.js, ensuring a responsive and accessible user experience. Security posture is solid with HTTPS, CSRF protections, and cookie consent mechanisms, though explicit security policies are not published. Overall, the website demonstrates strong business credibility and compliance with GDPR, supported by clear contact information and partner endorsements.

R

RNDr. Miloš Vystrčil | Senátor | Senátní obvod č. 52 – Jihlava

vystrcil.cz

47

The website www.vystrcil.cz represents Miloš Vystrčil, the chairman of the Senate of the Czech Republic and a senator for district 52 – Jihlava. It serves as a political and informational platform providing news, biography, calendar events, and press releases related to his political activities. The site targets Czech citizens, particularly voters in his senatorial district, and functions primarily as a communication channel for his political work. Technically, the website is built on WordPress, utilizing common plugins for SEO, GDPR compliance, and user interaction such as contact forms. The site is well-structured, mobile-optimized, and uses HTTPS, indicating a modern and secure infrastructure. Security posture is adequate but could be improved by implementing additional security headers and publishing a vulnerability disclosure policy. Privacy compliance is strong with a comprehensive cookie consent mechanism and GDPR-aligned policies. Overall, the site is professional, trustworthy, and serves its purpose effectively as a political communication tool.

Dialogversand.de is an established German e-commerce platform specializing in the sale of books, particularly those published by the in-house dialogverlag as well as other publishers. The website targets German-speaking customers interested in religious, regional, and thematic literature. The business operates as a small-sized retailer with a focused niche market. Technically, the website is built on WordPress with WooCommerce, leveraging modern plugins and a professional theme to deliver a good user experience. The site is mobile-optimized and includes SEO best practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and explicit security policies. The WHOIS data aligns well with the business, indicating a legitimate and consistent domain registration. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

S

Socomec

socomec.si

49

Socomec.si is the Slovenian website for Socomec, a well-established manufacturer specializing in electrical equipment focused on power monitoring, energy efficiency, power conversion, and energy storage solutions. The company targets industrial and commercial sectors requiring advanced energy management. The website demonstrates a professional digital presence with a structured product catalog and multi-language support, indicating a mature international business. Technically, the site is built on Drupal CMS, uses modern libraries like Font Awesome 6, and integrates analytics tools such as Piwik PRO and Abtasty for marketing and user behavior insights. Security posture is moderate with HTTPS enforced but lacks visible security headers and explicit privacy or cookie policies, which are critical for GDPR compliance. No contact emails or phone numbers were found in the provided content, limiting direct communication channels. The domain is legitimate, registered since 2005 with consistent WHOIS data aligning with the business profile. Overall, the website is professional and trustworthy but requires improvements in privacy compliance and security best practices.

C

Confédération Nationale de Radios Associatives

cnra.fr

37

The Confédération Nationale de Radios Associatives (CNRA) is a French non-profit organization representing associative radio stations across France. It serves as a national confederation providing advocacy, resources, and coordination for community and non-commercial radio broadcasters. The website reflects a well-established entity with a domain registered since 2008, consistent with the organization's history. The CNRA offers services including representation with regulatory bodies, employment and training support, and organizing congresses and assemblies for its members. The target audience primarily includes associative radio stations and media professionals within France. Technically, the website is built on WordPress 6.8.3, utilizing common plugins such as Everest Forms and jQuery libraries. The hosting provider is OVH, a reputable European hosting company. The site demonstrates moderate performance and good mobile optimization, with a professional and consistent design. SEO and accessibility are basic to good, with room for improvement in accessibility features. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks explicit security headers and published security policies. No vulnerability disclosure or incident response information is available, and no contact emails or phone numbers are explicitly provided on the homepage. Privacy and cookie policies are absent, indicating gaps in GDPR compliance. Social media presence is active, enhancing trust and engagement. Overall, the CNRA website is a credible and professional platform for its niche audience but would benefit from enhanced privacy compliance, security disclosures, and clearer contact information to improve trust and regulatory adherence.

Д

Данон България

danone.bg

48

Danone Bulgaria operates as a leading manufacturer and distributor of fresh dairy products in Bulgaria, with a strong market position since 1995. The website reflects a mature business with a comprehensive product portfolio and active social responsibility initiatives. The digital presence is professional, with good content quality and consistent branding. Technically, the site uses established frameworks like Bootstrap and jQuery, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks explicit security policies and advanced security headers. Privacy compliance is well addressed through detailed cookie policies and GDPR-aligned consent. Overall, the site is trustworthy and professionally maintained, supporting Danone's brand reputation in Bulgaria.

V

VWI Verband Deutscher Wirtschaftsingenieure e.V.

vwi.org

48

The VWI Verband Deutscher Wirtschaftsingenieure e.V. is a well-established professional association representing Wirtschaftsingenieure (industrial engineers) in the German-speaking region. With over 6,000 members, 20 regional groups, and 40 university groups, the association focuses on personal networking, quality education, and political advocacy for its members. The website serves as an information hub for members and interested parties, presenting a professional and consistent brand image. Technically, the website is built on WordPress, utilizing popular plugins such as LayerSlider and WPBakery Page Builder. It employs Matomo for analytics and Cookiebot for cookie consent management, reflecting a moderate level of digital maturity and compliance with privacy regulations. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. From a security perspective, the site uses HTTPS and implements cookie consent with granular user controls. However, it lacks DNSSEC and security headers, which are recommended for enhanced protection. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms a long-standing domain registration consistent with the association's history, enhancing trustworthiness. Overall, the website presents a low-risk profile with good business credibility and privacy compliance. Strategic improvements in security headers, explicit privacy and security policies, and clearer contact information would further strengthen its posture.

D

Dialog Medien Verwaltungsgesellschaft mbH

dialog-medien.eu

45

Dialog Medien Verwaltungsgesellschaft mbH is a medium-sized company affiliated with the Bistum Münster, specializing in church-related media services including publishing, media agency work, travel organization, and book shipping. The company targets religious institutions, schools, and community organizations with a niche focus on Christian and regional content. The website is built on TYPO3 CMS, reflecting a mature technical infrastructure with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS usage and no exposed sensitive data, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy, with clear contact information and relevant partner links.

D

Dialog Medien Verwaltungsgesellschaft mbH

dialog-medien.org

46

Dialog Medien Verwaltungsgesellschaft mbH is a medium-sized media company affiliated with the Bistum Münster, focusing on church-related media, publishing, travel, and communication services. Their offerings include a media agency (kampanile), a travel organizer (Emmaus Reisen), an online magazine and newspaper (Kirche+Leben), a specialized publisher (dialogverlag), and a book shipping service (dialogversand). The website is built on TYPO3 CMS, reflecting a mature technical infrastructure with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is clearly provided, enhancing business credibility.

The website 'Nechybí ti něco?' is a Czech-language wellness and personal development platform offering an interactive self-assessment quiz focused on physical, mental, and spiritual well-being. It targets individuals interested in reflecting on their lifestyle habits and improving overall wellness. The site is small-scale and community-oriented, with no commercial or transactional features detected. Technically, the site uses modern frontend technologies including Bootstrap 4.3.1, jQuery, and Google Fonts, providing a responsive and user-friendly experience. However, it lacks advanced SEO and accessibility features and has moderate performance characteristics. Security posture is basic; while HTTPS is assumed, no security headers or explicit security policies are present. Privacy compliance is weak due to the absence of privacy and cookie policies and no consent mechanisms, despite the use of Google Analytics for tracking. Business credibility is moderate but limited by the lack of contact information and trust indicators. WHOIS data is consistent and supports legitimacy, with the domain registered in 2019 by a Czech registrar matching the website's language and content. Overall, the site is safe, professional, and functional but requires improvements in privacy compliance, security best practices, and business transparency.

L

Lukáš Krása

kraasa.cz

43

The website kraasa.cz represents a personal brand and portfolio of Lukáš Krása, a Czech graphic designer, web designer, coder, photographer, and lecturer. The site showcases a professional portfolio with various projects and emphasizes educational offerings with a well-reviewed course. The business operates as a small freelance entity targeting clients seeking creative design and training services. Technically, the site is built on WordPress with common plugins such as Yoast SEO and Easy Fancybox, using jQuery and Font Awesome for UI elements. The site is mobile optimized and SEO friendly but lacks advanced accessibility features. Security posture is moderate with HTTPS enabled but missing important security headers and privacy policies. No WHOIS data is available, which slightly impacts trust but the professional presentation and contact details support legitimacy. Overall, the site is safe, professional, and well-maintained but could improve privacy compliance and security hardening.

M

MINUTACZ s.r.o.

minutacz.cz

46

MINUTACZ s.r.o. operates as an authorized distributor and retailer of Swiss watch brands TISSOT and BALL within the Czech Republic. The company has a well-established market presence since 2010, offering official products, service locations, and brand information targeted at consumers seeking quality Swiss watches. The website is professionally designed using WordPress CMS, incorporating SEO and GDPR compliance plugins to enhance digital maturity and user experience. The site is optimized for mobile devices and provides clear navigation and contact information, reinforcing trust and credibility. From a technical perspective, the website employs modern web technologies including Google Analytics and Tag Manager for user tracking, Yoast SEO for search optimization, and Slider Revolution for visual content. The site uses HTTPS with good SSL configuration, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected, indicating a solid security posture for a retail website. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, reflecting adherence to GDPR requirements. However, the absence of explicit security policies or incident response contacts suggests room for improvement in transparency and preparedness. Overall, the domain registration data aligns with the business claims, supporting legitimacy and trustworthiness. Strategically, MINUTACZ should focus on enhancing security headers, publishing a security policy, and establishing a vulnerability disclosure channel to strengthen its security culture and compliance posture. These steps will further solidify customer trust and reduce risk exposure in the evolving digital landscape.

F

Fly United

flyunited.cz

49

Fly United is a professional travel service provider based in the Czech Republic, offering comprehensive travel management solutions for private and corporate clients. With over 30 years of experience and a strong client base exceeding 850 corporate customers, the company positions itself as a reliable partner in the transportation sector. Their services include flight bookings, accommodation, travel insurance, visas, transfers, car rentals, and airport parking, supported by online platforms such as Onesto, Symphony SME, and Fly Online. The website is bilingual (Czech and English) and targets both private travelers and businesses seeking travel management solutions. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Google Analytics integration, ensuring good SEO and user tracking capabilities. Security measures include HTTPS enforcement and Google reCAPTCHA v3 on forms, alongside visible PCI DSS certification, indicating compliance with payment security standards. However, the absence of WHOIS data and lack of explicit security policies or incident response information on the site represent areas for improvement. Overall, the website demonstrates a mature digital presence with professional design, clear navigation, and comprehensive content. The security posture is solid but could be enhanced by implementing additional HTTP security headers and publishing vulnerability disclosure information. Privacy compliance is good, with a clear privacy policy and terms of service, though a cookie consent mechanism is not evident. Strategic recommendations include improving security header implementation, adding incident response and vulnerability disclosure details, and enhancing accessibility features to meet broader compliance standards. These steps will strengthen trust and security culture, supporting Fly United's market position as a dependable travel service provider.

Legendary Cards is an e-commerce platform operated by eSports s.r.o., specializing in collectible sports cards and memorabilia primarily targeting Czech sports enthusiasts and collectors. The website offers a range of products including limited edition cards, sports figures, and related accessories, supported by promotional content and news updates. The business operates with a clear focus on the Czech market and maintains an active social media presence to engage its audience. Technically, the website employs modern web technologies including jQuery, Google Analytics, Google Tag Manager, and the Nette Framework. The site is mobile-optimized with a responsive design and uses cookie consent mechanisms to comply with GDPR. Performance is moderate with good navigation and content structure, though some improvements in accessibility and SEO could be made. From a security perspective, the site uses HTTPS with a good SSL configuration and implements cookie consent with granular user controls. However, it lacks explicit security headers and a published security policy or incident response contact. No critical vulnerabilities or exposed sensitive data were detected, indicating a generally sound security posture. Overall, the website is trustworthy and professionally maintained, with legitimate domain registration consistent with the business identity. Strategic improvements in security headers and incident response transparency would enhance the security posture further.

S

Středočeský krajský atletický svaz

skas.cz

42

Středočeský krajský atletický svaz is a regional athletics association serving the Central Bohemia region of the Czech Republic. The organization focuses on athletics event management, communication with clubs, and dissemination of athletics news and documentation. The website serves as an information hub for athletes, coaches, and sports clubs within the region, providing schedules, results, and official documents. The domain is well-established since 2013, reflecting a mature regional sports entity. Technically, the site is built on Joomla CMS with common JavaScript libraries like jQuery and MooTools, offering a moderate performance and basic mobile optimization. Security posture is moderate with HTTPS usage and CSRF tokens in forms but lacks advanced security headers and incident response information. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy compliance measures.

Běh města Příbrami is a local event website dedicated to the 32nd annual running race held in Příbram, Czech Republic. The site provides detailed information about the event schedule, registration links, fees, and sponsors. It targets runners and the local community interested in participating or supporting the event. The business model centers on event organization and promotion with partnerships from local sponsors and organizations. The website content is relevant and well-structured, focusing on event details and participant information. Technically, the website is built on WordPress using Bootstrap for responsive design and jQuery for interactivity. It employs plugins for image galleries and lightbox effects. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site uses HTTPS, ensuring encrypted communication. However, it lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No contact email or security incident response information is available, limiting transparency. The domain registration is consistent with the website's purpose and location, supporting legitimacy. Overall, the website is functional and serves its purpose as an event information portal but requires improvements in privacy compliance, security best practices, and contact transparency to enhance trust and regulatory adherence.

Brdská 25 is a Czech-based small-scale event organization focused on endurance running and related outdoor sports competitions in the Central Brdy region. The website serves as an informational and registration portal for the annual running race and associated events such as Nordic walking and cruiser bike races. The target audience includes sports enthusiasts, families, and the local community. The business operates primarily as an event organizer with a niche regional market position. Technically, the website is built on WordPress with common plugins such as Contact Form 7 and Responsive Lightbox. The infrastructure is moderate in performance and basic in mobile optimization and accessibility. The site lacks HTTPS, which is a critical security shortfall. No advanced security headers or privacy policies are present, indicating gaps in compliance and security posture. Security evaluation reveals significant vulnerabilities due to the absence of HTTPS and security headers, exposing users to potential risks. No privacy or cookie policies are found, which may lead to GDPR non-compliance. The site does not appear to collect extensive user data or employ tracking technologies, reducing privacy risks but also limiting analytics capabilities. Overall, the website is functional and content-rich for its purpose but requires urgent improvements in security and privacy compliance to protect users and enhance trust. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and improving mobile and accessibility features.

P

Pavliš a Hartmann, spol. s r.o.

firefighting-phhp.com

45

Pavliš a Hartmann, spol. s r.o. is a traditional Czech manufacturer specializing in fire hoses and firefighting equipment, including hydrant systems, pumps, nozzles, and valves. The company operates an e-commerce platform targeting firefighting professionals and safety equipment buyers, with a market presence primarily in the Czech Republic and Slovakia but serving customers worldwide. The website is professionally designed, mobile-optimized, and provides comprehensive product information and contact details, supporting a medium-sized manufacturing business model. Technically, the website uses a custom CMS (Live System), integrates Google Tag Manager with privacy-conscious consent settings, and employs modern web technologies such as Bootstrap and Lightbox. Hosting appears to be provided by Active24. The site demonstrates good SEO and accessibility basics, though some improvements in accessibility and security headers could be made. From a security perspective, the site enforces HTTPS and uses secure forms, but lacks explicit security policies, incident response information, and vulnerability disclosure mechanisms. The absence of WHOIS domain registration data reduces trustworthiness slightly, though the website content and contact information appear legitimate and professional. Overall, the website scores well in content quality, technical implementation, and business credibility, with moderate privacy compliance and security posture. Strategic improvements in security transparency and domain registration clarity are recommended to enhance trust and compliance.

B

buff.rocks GmbH

weihnachtsmarkt-magdeburg.de

45

The website www.weihnachtsmarkt-magdeburg.de serves as the official online presence for the Magdeburger Weihnachtsmarkt, a prominent seasonal Christmas market event in Magdeburg, Germany. It provides visitors with detailed information about the event dates, attractions, and highlights such as the Riesenrad and the Magdeburger Lichterwelt. The site targets a broad audience including families and tourists interested in cultural and festive experiences. The business model centers on event promotion and tourism enhancement within the hospitality sector. Technically, the site is built on TYPO3 CMS, leveraging modern JavaScript libraries and Matomo for analytics, with GDPR-compliant cookie consent implemented via Klaro. The site is mobile-optimized and well-structured, offering a good user experience with clear navigation and relevant content.

L

Lutherstadt Wittenberg Marketing GmbH

wittenberg-marketing.de

49

Lutherstadt Wittenberg Marketing GmbH operates as a regional city marketing organization promoting the cultural, tourism, and business opportunities of Lutherstadt Wittenberg, Germany. The website serves as an information hub for visitors, businesses, and event organizers, highlighting the city's historical significance and current economic vitality. The company positions itself as a key facilitator for tourism, cultural events, and congresses in the region. Technically, the website is built on Craft CMS with modern web technologies including ES modules and CSS3. It employs Matomo analytics with a GDPR-compliant cookie consent mechanism, ensuring privacy-conscious data collection. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security posture is solid with HTTPS enforced, CSRF protection, and no visible vulnerabilities or sensitive data exposure. However, security headers could be improved and formal security policies or incident response information are not publicly available. The WHOIS data aligns with the website content, indicating a legitimate and consistent registration. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting the organization's mission effectively. Strategic improvements in security transparency and terms of service publication could further enhance trust and compliance.

L

Luthers Hochzeit

lutherhochzeit.de

48

Luthers Hochzeit is a cultural event website dedicated to promoting a historic city festival in Lutherstadt Wittenberg, Germany. The festival celebrates the medieval heritage and the Reformation anniversary, targeting tourists and history enthusiasts. The website is well-branded and consistent with its regional cultural focus, providing relevant event information and engaging visitors with multimedia content. Technically, the site is built on Craft CMS and uses modern JavaScript libraries such as Splide.js for sliders, with Matomo analytics for visitor tracking. The site is mobile-optimized and includes accessibility features, though some improvements could be made. Security-wise, the website enforces HTTPS, uses security headers, and implements CSRF protection in forms. Cookie consent is properly managed, reflecting GDPR compliance. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, which could be improved to enhance trust and compliance. Overall, the website is professional, secure, and trustworthy for its purpose, with a moderate to good digital maturity level.

L

Lutherstadt Wittenberg: Urlaub zwischen Kultur und Natur

lutherstadt-wittenberg.de

45

The website lutherstadt-wittenberg.de serves as the official regional tourism portal for Lutherstadt Wittenberg, Germany, promoting cultural and natural attractions with a focus on family-friendly tourism. It provides information on events, accommodations, sightseeing, and local services, positioning itself as a key resource for visitors to the region. The site targets a general audience interested in cultural heritage and nature tourism. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and includes multimedia content such as videos and images. The site is mobile-optimized and offers multilingual support including German and English. Security posture is moderate; HTTPS is implied but no explicit security headers or incident response contacts are visible. Privacy and cookie policies are not found in the provided content, indicating a compliance gap. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy transparency.

T

Triklub Příbram

triklubpribram.cz

40

Triklub Příbram is a local sports club based in the Czech Republic, focused on organizing triathlon, running, and duathlon events. Established in 2008, the club serves sports enthusiasts and the local community by providing event organization, timing services, and media coverage. The website reflects a community-oriented non-profit model with partnerships across local sports and municipal organizations. Technically, the site is built on WordPress with Bootstrap and jQuery, incorporating SEO best practices via Yoast and security measures such as Google reCAPTCHA. The site is mobile-optimized and moderately performant, with clear navigation and good content relevance. Security posture is adequate with HTTPS and CAPTCHA, but lacks advanced security headers and explicit policies. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional, though improvements in security and privacy transparency are recommended.

SK Sporting Příbram is a well-established sports club based in the Czech Republic, focusing primarily on youth athletics and ultimate frisbee training. Founded in 2003, the club serves over 200 athletes with a dedicated team of trainers and organizes regular training sessions and events. The website reflects a community-oriented organization with clear contact information and active social media presence. Technically, the site is built on WordPress using modern themes and plugins, providing a good user experience with mobile responsiveness and SEO optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy policies, indicating room for improvement in compliance and security best practices. The absence of WHOIS data reduces domain trustworthiness, but the overall content and business information suggest a legitimate local sports entity. Strategic recommendations include enhancing security headers, implementing privacy and cookie policies, and verifying domain registration details to improve trust and compliance.

S

Sedláček s.r.o.

author-sedlacek.cz

49

Sedláček s.r.o. operates the website www.author-sedlacek.cz as a retail and service center specializing in bicycles, particularly the Author brand, along with related accessories and rental services. The company has an established presence since 1994 and targets cycling enthusiasts in the Czech Republic. The website is professionally designed with clear navigation and good mobile optimization, supporting a positive user experience. Technically, the site employs modern analytics and tracking tools such as Google Analytics, Facebook Pixel, Hotjar, and Google Tag Manager, alongside security measures like HTTPS and reCAPTCHA for form protection. However, the absence of privacy and terms of service pages indicates a compliance gap. The WHOIS data is unavailable, limiting domain legitimacy verification, but the website content and contact information suggest a legitimate small retail business. Overall, the site demonstrates a solid security posture with room for improvement in privacy compliance and security header implementation.

Bezpečná Příbram is a Czech Republic local government public safety portal focused on providing crime prevention information, police news, traffic updates, and community engagement for the city of Příbram. The website serves residents and visitors by offering crime maps, statistics, and alerts to enhance local safety awareness. The site is branded with official police and municipal logos, reinforcing its legitimacy as a government-affiliated resource. Technically, the website uses common JavaScript libraries such as jQuery, bxSlider, and Lightbox, with a moderate performance profile and good mobile optimization. The site implements HTTPS and a cookie consent mechanism, indicating attention to privacy compliance. However, no advanced security headers or explicit incident response policies are published, which could be improved to enhance security posture. The security posture is moderate with no visible vulnerabilities or exposed sensitive data, but the absence of WHOIS registration data limits trust assessment. The website does not show signs of WAF blocking or content restrictions, allowing full content access. Privacy and cookie policies are present and GDPR compliant, but terms of service and vulnerability disclosure mechanisms are missing. Overall, the website is a trustworthy and useful public safety resource with room for improvement in security best practices and transparency. Strategic recommendations include implementing security headers, publishing incident response and vulnerability disclosure policies, and verifying domain registration details to strengthen trust and compliance.

The analyzed content corresponds to a Chrome internal error page (chrome-error://chromewebdata/) which is displayed when the browser cannot load the requested website content. This page is not a real website but a built-in error page with embedded Chromium offline game scripts (the T-Rex runner game). Consequently, there is no business information, privacy policies, or contact details available. The page serves as a placeholder and does not represent an actual web presence or business entity. From a technical perspective, the page uses standard HTML5, CSS3, and JavaScript technologies embedded within the Chromium browser environment. It includes scripts and styles related to the offline T-Rex game. There is no evidence of external hosting, CMS, or third-party integrations. The page is optimized for mobile and desktop with responsive design elements but lacks SEO and accessibility features typical of commercial websites. Security posture is minimal as this is a local error page without external connections or forms. No HTTPS or security headers apply in this context. Privacy compliance and business credibility cannot be assessed due to the nature of the content. No WHOIS data or domain registration information is applicable since the domain is an internal Chrome namespace. Overall, this content is safe and free from adult or malicious content but does not represent a legitimate business website. It is recommended to analyze the actual target website URL for meaningful security, compliance, and business insights.

L

Lama PB s.r.o.

obytnevozypribram.cz

37

Obytné vozy Příbram is a small Czech Republic-based business specializing in luxury camper van rentals, operated by Lama PB s.r.o. The website presents a professional and clear user experience focused on promoting their rental fleet and reservation services. The business targets individuals and families seeking comfortable and stylish travel options in the Příbram region and beyond. The domain age and WHOIS data align well with the business claims, supporting legitimacy. Technically, the website uses common web technologies such as jQuery, Font Awesome, Google Analytics, and Google Maps API. The site is moderately optimized for mobile and SEO, with a clean navigation structure. However, no CMS or advanced frameworks were detected, indicating a relatively simple technical infrastructure. From a security perspective, the site lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance. HTTPS status is unknown from the data but should be verified. No incident response or vulnerability disclosure information is present. The site uses Google Analytics for user tracking without visible consent mechanisms, indicating privacy compliance gaps. Overall, the website is functional and trustworthy for its business purpose but would benefit from improved security and privacy practices to enhance compliance and user trust.

L

Literární noviny

literarky.cz

43

Literární noviny is a well-established Czech monthly magazine focused on culture, literature, and politics, targeting Czech-speaking audiences interested in critical thinking and cultural discourse. The website serves as a digital platform for publishing articles, event announcements, and related content. Technically, the site is built on Joomla CMS with common web technologies such as jQuery and Bootstrap, hosted by Active24, and includes advertising integrations primarily via Seznam's Sklik network. The site uses HTTPS and a cookie consent mechanism, but lacks explicit privacy policy and terms of service pages, which are important for compliance and user trust. Security posture is moderate with no visible security headers and moderate tracking via Google Analytics. Overall, the website is professional, content-rich, and trustworthy, but could improve privacy transparency and security hardening.

P

P6PA+Architects

p6pa.com

41

P6PA+Architects is a premium architecture studio with a global outlook and local presence, notably in Prague and New York. The company offers architectural design and consulting services, targeting clients seeking high-quality architectural solutions. The website presents a professional portfolio and branding consistent with a niche premium service provider in the real estate sector. Technically, the site uses a combination of legacy and modern web technologies including jQuery, Google Maps API, and Swiper.js, with integration of Google Tag Manager and Facebook Pixel for analytics and marketing purposes. While the site is accessible and well-structured, it lacks visible privacy and cookie policies, explicit contact information, and WHOIS registration data, which raises concerns about transparency and compliance. Security posture is moderate with HTTPS usage implied but no security headers detected in the provided data. Overall, the site is functional and professional but would benefit from enhanced compliance and security practices.