Security Directory

F

Fajn Rock Music - Petr Kůsa

fajnrockmusic.cz

32

Fajn Rock Music is a Czech media project established in 2007, focusing on rock music from the 1960s to current hits. It operates a radio station, a TV rock hit parade, and a radio show featuring Czech and international rock music. The platform targets rock music enthusiasts in the Czech Republic, offering event promotion and music content. The website demonstrates a consistent brand presence with active content and social media integration. Technically, it uses a custom CMS with modern web technologies including jQuery, Flowplayer, and Google Analytics, delivering moderate performance and good mobile optimization. Security posture is moderate with HTTPS usage but lacks visible security headers and formal privacy or cookie policies. No vulnerability disclosure or incident response contacts are provided. Overall, the site is safe, professional, and trustworthy but would benefit from enhanced privacy compliance and security best practices.

G

Green Ways sp. z o. o.

gw-int.pl

69

Green Ways sp. z o. o. is a medium-sized European company specializing in green food products, positioning itself as a leader in the green food trend across Europe. Founded in 2001, the company emphasizes high product quality, scientific backing, and a human-centered approach. Their website reflects a professional and modern digital presence, with multilingual support and clear navigation. The business model focuses on direct sales and partnerships, targeting health-conscious consumers interested in ecological and vegan products. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager for analytics, and optimized image formats like WebP. The site is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured content. Performance is moderate, with room for optimization. Security-wise, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, there is a lack of explicit security policy and incident response information, and no advanced security headers were detected. The absence of WHOIS data for the domain reduces trustworthiness slightly, though the website content and business information appear legitimate and consistent. Overall, the website presents a low-risk profile with strong compliance and professional business representation. Strategic improvements in security transparency and WHOIS data availability would enhance trust and security posture.

D

Design Keller Internetagentur Berlin

design-keller.de

45

Design Keller Internetagentur Berlin is a small, specialized internet agency based in Berlin, Germany, offering professional web design, web programming, and content management services primarily using TYPO3 CMS. The company targets local businesses and organizations seeking customized web solutions, including SEO and consulting. The website reflects a solid market position with a portfolio of diverse client projects and a consistent brand presence. Technically, the site uses legacy and modern web technologies, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and explicit security policies. Overall, the site is professional and trustworthy but could improve privacy compliance and technical modernization. The domain registration data aligns well with the business claims, supporting legitimacy.

INGOLS, s.r.o. is a Czech Republic based small wholesale company specializing in metallurgical and large-area materials, founded in 2003. The company positions itself as a regional service center offering customized products in cooperation with manufacturers of roofing and trapezoidal profiles. The website content reflects this business focus but is basic in design and lacks modern digital features. The technical infrastructure is minimal, relying on basic HTML and CSS without modern CMS or JavaScript frameworks, hosted on websupport.cz. Security posture is weak with no visible HTTPS enforcement or security headers, and no privacy or cookie policies are present, indicating compliance gaps. Contact information is not explicitly provided, limiting user engagement and trust signals. Overall, the website is functional but requires significant improvements in security, privacy compliance, and technical modernization to enhance trust and user experience.

G

Green Ways s.r.o.

gw-int.net

71

Green Ways s.r.o. is a European leader in the green food market, specializing in high-quality, certified organic and vegan products. Founded in 2001, the company emphasizes product quality, scientific backing, and a customer-friendly approach. Their website is professionally designed, multilingual, and provides clear contact and business information, supporting their market position. Technically, the site uses modern JavaScript frameworks and Google Tag Manager for analytics, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent, but lacks advanced security headers and incident response disclosures. The absence of WHOIS registration data raises concerns about domain legitimacy, which impacts overall trustworthiness. Strategic recommendations include improving security headers, publishing security policies, and resolving WHOIS inconsistencies to enhance credibility.

Firma Handlowo-Usługowa "Wikom" is a small Polish company specializing in creating websites and BIP subject pages for organizational units, primarily in the public sector. Established in 2001, the company emphasizes legal compliance, accessibility, and user-friendly CMS solutions with AI features to prevent errors. Their market position is that of a niche provider with over two decades of experience, offering tailored web services and technical support. Technically, the website uses modern web technologies including Bootstrap and FontAwesome, with Google Tag Manager for analytics. The site is mobile optimized and accessible, though SEO optimization is basic. Security posture is good with HTTPS and cookie consent implemented, but lacks advanced security headers and published security policies. Overall, the website is professional, trustworthy, and compliant with GDPR and accessibility standards, making it suitable for its target audience of public organizations in Poland.

P

Powiat Tomaszowski

powiat-tomaszowski.pl

57

Powiat Tomaszowski operates an official government website serving the local community of Tomaszowski County in Poland. The site provides comprehensive information about local government activities, public services, news, and events. It targets residents, local organizations, and stakeholders seeking official information and access to administrative resources. The website is well-positioned as a trusted source for regional governance and public communication. Technically, the website employs modern web technologies including JavaScript, CSS, and service workers, with integration of Google Analytics and OpenWeatherMap for enhanced user experience. The site is hosted by a reputable Polish registrar and hosting provider, with DNSSEC enabled and HTTPS enforced, reflecting a mature digital infrastructure. Accessibility and SEO optimizations are evident, supporting broad usability. From a security perspective, the website demonstrates good practices such as HTTPS, DNSSEC, and cookie consent mechanisms. While some security headers could be improved or added, no critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies aligned with GDPR requirements. However, no explicit incident response or vulnerability disclosure pages were found. Overall, the website presents a low-risk profile with a solid security posture and trustworthy business credibility. It effectively serves its governmental function with professional content and user-friendly design. Strategic improvements in security headers and incident response transparency could further enhance its security maturity.

G

Gewerkschaft Erziehung und Wissenschaft (GEW)

gew.de

53

The Gewerkschaft Erziehung und Wissenschaft (GEW) is a prominent educational trade union in Germany representing approximately 280,000 professionals in education and science sectors. The website serves as a comprehensive platform offering information on union activities, collective bargaining, member services, publications, and events. It targets educators, researchers, students, and unemployed pedagogues, positioning itself as a key player in the German education labor market. The business model is non-profit, focusing on advocacy and support for its members.

V

Voltage Multimedia Studio

jesinfo.cz

46

Jesinfo.cz is a regional event information portal focused on the Jeseník district in the Czech Republic, providing comprehensive listings of cultural, sports, gastronomic, and other local events. The website is operated by Voltage Multimedia Studio, a small media company founded in 2014. The portal offers event calendars, categories, galleries, and administrative access for event management, targeting residents and visitors interested in local happenings. The site is professionally designed with consistent branding and clear navigation, supporting Czech and Polish languages. Technically, it uses the Noteo Engine CMS, jQuery, FontAwesome, and Google Tag Manager for analytics, hosted under the REG-GRANSY registrar. Security posture is good with HTTPS enforced and basic security headers, though additional headers could improve protection. Privacy compliance is basic, with cookie consent implemented but no explicit privacy or terms of service pages found. Contact information is clearly provided, including phone, email, and physical address, along with social media links to Facebook and YouTube. Overall, the site is trustworthy, safe, and well-positioned as a regional media portal.

M

Město Český Těšín

tesin.cz

46

The website https://tesin.cz/ serves as the official online portal for the city of Český Těšín, Czech Republic. It provides residents and visitors with comprehensive municipal information, including news updates, administrative services, event calendars, and contact details. The site is well-structured, regularly updated, and targets local citizens and stakeholders. The business model is that of a government municipal service platform, focusing on public service delivery and community engagement. Technically, the site is built on the Vismo CMS platform, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google Analytics for minimal user tracking and Google Translate for multilingual support. The site is hosted via Active24, with HTTPS enforced, and demonstrates good mobile optimization and accessibility features. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the website employs HTTPS and cookie consent mechanisms aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. However, security headers like Content-Security-Policy and X-Frame-Options are not explicitly observed and could be improved. There is no dedicated security policy or incident response information published, which is common for municipal sites but represents an area for enhancement. Overall, the site is trustworthy, professionally maintained, and compliant with privacy regulations. The domain is longstanding (since 1998) and consistent with the official nature of the business. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and considering a vulnerability disclosure mechanism to further strengthen security posture.

B

Bundesministerium für Familie, Senioren, Frauen und Jugend

pausentaste.de

62

The website pausentaste.de is an official government-supported platform operated under the Bundesministerium für Familie, Senioren, Frauen und Jugend. It provides comprehensive support, information, and resources for children and adolescents who care for family members. The site is well-branded, professionally designed, and targets a sensitive audience with appropriate content and privacy considerations. Technically, it is built on TYPO3 CMS and uses Matomo analytics configured for privacy compliance, including IP anonymization and opt-in consent mechanisms. Security posture is good with HTTPS and cookie consent, though explicit security headers and incident response policies are not published. Overall, the site is trustworthy, accessible, and compliant with GDPR requirements.

A

Antidiskriminierungsstelle des Bundes

antidiskriminierungsstelle.de

62

The Antidiskriminierungsstelle des Bundes is a German federal government agency dedicated to combating discrimination and providing support to affected individuals. The website serves as an official portal offering comprehensive information about discrimination laws, consultation services, research, and publications. It targets individuals experiencing discrimination, public authorities, and the general public seeking information or assistance. The agency operates under a public service model, funded by the government, and holds a strong market position as the central anti-discrimination authority in Germany. Technically, the website is built on the Government Site Builder CMS, featuring a modern and accessible design optimized for mobile devices. It employs Matomo analytics with a clear cookie consent mechanism, reflecting a mature digital infrastructure with moderate performance. The site demonstrates good SEO and accessibility practices, ensuring broad usability and compliance with privacy regulations. From a security perspective, the site enforces HTTPS and provides cookie consent controls, but lacks explicit security policy documentation and incident response contacts. No critical vulnerabilities or suspicious elements were detected. The WHOIS data aligns with the official government entity, confirming legitimacy and trustworthiness. Overall, the website presents a professional, secure, and privacy-conscious platform that effectively supports its mission. Strategic improvements could include publishing a dedicated security policy and incident response information to enhance transparency and trust further.

C

Conterganstiftung

contergan-infoportal.de

53

The Contergan Infoportal website serves as the official online presence of the Conterganstiftung, a German government foundation dedicated to supporting individuals affected by thalidomide-related disabilities. The foundation provides statutory benefits including pensions, specific needs payments, advisory services, and research funding to improve the quality of life and societal participation of affected persons. The website is professionally designed using TYPO3 CMS and Bootstrap, offering a responsive and accessible user experience primarily in German. It features comprehensive content about the foundation's mission, services, news, and contact information, targeting affected individuals, their families, and professionals. Technically, the site is hosted on Schlund Technologies infrastructure with secure HTTPS and cookie consent mechanisms in place, reflecting good digital maturity. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the site demonstrates a strong security posture with no detected vulnerabilities or suspicious elements, and complies well with GDPR requirements. The domain registration and hosting details align with the foundation's official status, supporting high legitimacy and trustworthiness.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend

wege-zur-pflege.de

66

The website 'Wege zur Pflege' is an official German government portal managed by the Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend. It provides comprehensive information and support resources for family caregivers, employers, and care recipients, focusing on caregiving laws, financial support, and counseling services. The site is well-positioned as an authoritative source in the caregiving sector within Germany, targeting a broad audience including caregivers and employers. Technically, the site employs modern web technologies with a privacy-respecting Matomo analytics setup, hosted likely on German infrastructure, and demonstrates good mobile optimization and accessibility features. Security posture is solid with HTTPS and privacy controls, though explicit security headers and incident response policies are not publicly documented. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable resource for its users.

The website www.rop.cz serves as a minimal landing or redirect page for a regional internet service provider targeting cities in the Czech Republic such as Plzeň, Rokycany, Klatovy, and Příbram. The business offers customized internet connectivity solutions including ADSL, SHDSL, mobile and wireless internet, along with related services like corporate servers, email, VPN, VoIP telephony, and webcams. The website content is basic and primarily informational with no interactive elements or contact details. Technically, the site uses simple HTML and CSS with no detected modern frameworks or CMS, and lacks mobile optimization and accessibility features. Security posture is weak due to absence of HTTPS and security headers, and no privacy or cookie policies are present, indicating non-compliance with GDPR standards. WHOIS data is unavailable, suggesting privacy protection or domain non-registration, which impacts trustworthiness. Overall, the site appears legitimate but minimal and outdated, requiring significant improvements in security, privacy, and user engagement to enhance credibility and compliance.

S

Simplea pojišťovna, a.s.

simplea.pl

71

Simplea pojišťovna, a.s. is an insurance company specializing in life insurance products, operating primarily in the Czech Republic and Slovakia, with expanding services in Poland. The company is part of the Czech financial group Partners and benefits from partnerships with global reinsurance firms such as Swiss Re. Their business model focuses on transparent, customer-centric insurance products supported by modern technology and clear communication. The website reflects a professional and consistent brand image targeting individual customers seeking reliable life insurance solutions in the EU market. Technically, the website employs modern frontend technologies including lazy loading and responsive design, ensuring good performance and user experience across devices. Security posture is solid with HTTPS and secure form handling, though some security headers and explicit security policies are missing. Privacy compliance is well addressed with cookie consent and GDPR-aligned policies. WHOIS data is not publicly available, likely due to privacy protection, which slightly impacts trust but is reasonable for the business type. Overall, the site is trustworthy, professional, and well-positioned in its market segment.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend

regenbogenportal.de

66

The Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMFSFJ) is a German federal government ministry dedicated to policies and programs supporting families, seniors, women, youth, and equality issues including sexual and gender diversity. The website provides comprehensive information on queer politics and gender diversity, including policy plans, legal frameworks, and public awareness initiatives. It targets a broad audience including citizens, policymakers, and the LSBTIQ* community. The site is professionally designed with clear navigation and strong branding consistent with government standards. Technically, the website uses a custom or proprietary CMS with a modern tech stack including JavaScript and CSS, and employs Matomo for privacy-conscious analytics. Hosting is provided by a German technical service provider, ensuring data residency compliance. The site is mobile-optimized and accessible, with good SEO practices and privacy compliance including GDPR-aligned cookie consent mechanisms. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though explicit security headers and incident response information are not publicly detailed. No vulnerabilities or suspicious elements were detected. WHOIS data confirms the domain's legitimacy and consistency with a government entity. Overall, the website is a trustworthy, professional government resource with strong privacy and content quality, suitable for general audiences seeking information on equality and diversity policies in Germany.

B

Bundeszentrale für Kinder- und Jugendmedienschutz

bzkj.de

62

The Bundeszentrale für Kinder- und Jugendmedienschutz (BzKJ) is a German federal government agency dedicated to protecting children and youth in media and digital environments. It provides regulatory oversight, educational resources, and enforcement mechanisms related to youth media protection. The website serves as an authoritative source for information, legal frameworks, and public communication on these topics, targeting parents, educators, media providers, and policymakers. Technically, the website employs standard web technologies including jQuery UI and custom CSS/JS, with a responsive and accessible design. It demonstrates good SEO and accessibility practices, although some modern security headers are missing. The site is served over HTTPS with no detected blocking or WAF interference, ensuring secure and reliable access. From a security perspective, the site shows a solid posture with encrypted connections and no exposed sensitive data. However, it lacks explicit incident response contacts and a security.txt file, which could enhance transparency and vulnerability management. Privacy compliance is strong, with a comprehensive privacy policy and GDPR adherence, though no cookie consent mechanism was detected. Overall, the website is a trustworthy and professional government resource with high content quality and business credibility. Strategic improvements in security headers and incident response disclosures would further strengthen its security posture.

P

Partners Banka

partnersbanka.cz

72

Partners Banka is a Czech financial institution offering a comprehensive range of banking services including current and savings accounts, investments, mortgages, loans, insurance, and personalized financial advisory. The website positions the bank as customer-centric with a focus on bundled account packages and a unified mobile application to manage all financial products. The target audience includes individuals and families seeking modern, convenient banking solutions in the Czech Republic. Technically, the website employs modern JavaScript frameworks such as StimulusJS and Swup, integrates Google Analytics and marketing automation tools like Exponea, and uses a third-party web chat service (Daktela) for customer support. The site is mobile-optimized and demonstrates good SEO and accessibility practices, though some accessibility features could be improved. Security posture is strong with HTTPS enforced and multiple security headers present, but the absence of a publicly accessible privacy policy and terms of service pages is a compliance gap. The WHOIS data is unavailable, which raises concerns about domain registration legitimacy and age verification. Overall, the website is professional and trustworthy but would benefit from enhanced transparency and compliance documentation.

E

Elite | Monday Lovers

elitesolutions.sk

40

Elite | Monday Lovers is a Slovak full-service advertising agency with approximately 15 years of experience, specializing in strategy, identity, campaigns, print, web design, social media, mobile applications, and PR. The company targets businesses seeking comprehensive marketing solutions and maintains a strong regional presence with notable clients and projects. Their website is professionally designed, multilingual, and showcases a portfolio of campaigns and client references. Technically, the site is built on OctoberCMS, uses modern web technologies including Google Tag Manager and Google Maps API, and is mobile optimized with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers are missing and no explicit security policy or vulnerability disclosure is present. Overall, the website is trustworthy, compliant with GDPR, and free of adult or questionable content.

The website mpvnet.cz serves as a public transport monitoring platform providing departure boards and real-time vehicle locations for several integrated transport systems across Czech regions. It is operated by CHAPS, spol. s r.o., a small company specializing in transport monitoring solutions. The site targets public transport users seeking timely information on bus and train schedules and vehicle positions. Technically, the site uses basic web technologies including jQuery and FontAwesome, with no advanced frameworks or CMS detected. The design and content quality are basic but functional, with moderate mobile optimization and accessibility. Security posture is minimal, lacking HTTPS verification details, security headers, and privacy policies, which presents compliance and risk concerns. No contact information or incident response details are provided, limiting user trust and support avenues. Overall, the domain is long-established and legitimate, but the site would benefit from enhanced security, privacy compliance, and richer business information to improve trust and user experience.

B

bonprix

bonprix.at

74

bonprix.at is an established e-commerce platform specializing in fashion and home products, targeting primarily the Austrian market with a broad offering including women's, men's, and children's clothing, shoes, and furniture. The site is part of the larger bonprix brand under the Otto Group umbrella, indicating a strong market position in European retail. The website demonstrates a mature digital infrastructure with modern technologies such as React and Contentful CMS, ensuring a responsive and user-friendly experience. Security measures are robust, with HTTPS enforced and multiple security headers implemented, though there is room for improvement in publicizing incident response and vulnerability disclosure policies. Privacy compliance is well addressed with comprehensive GDPR-aligned policies and cookie consent mechanisms. Overall, bonprix.at presents a trustworthy and professional online retail presence with a good balance of business credibility and technical sophistication.

P

Pädagogischer Austauschdienst (PAD) des Sekretariats der Kultusministerkonferenz

erasmusplus.schule

62

The website erasmusplus.schule serves as the official German national portal for the Erasmus+ program focused on the school sector. It is operated by the Pädagogischer Austauschdienst (PAD) under the Kultusministerkonferenz, providing comprehensive information, consultation, and application support for educators, schools, and kindergartens engaging in European exchange programs. The site is well-positioned as a trusted government resource with clear branding and authoritative content tailored to its target audience in the education sector. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, and employs modern web technologies including JavaScript and CSS. It features a responsive design optimized for mobile devices and accessibility, with good SEO practices and structured navigation enhancing user experience. Hosting is managed via timmehosting.de, with domain registration through INWX GmbH, reflecting a stable and professional infrastructure. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms via Klaro, demonstrating compliance with privacy regulations such as GDPR. However, DNSSEC is not enabled, and no explicit security headers were detected, indicating areas for improvement in domain and web security hardening. No critical vulnerabilities or suspicious activities were found, and the domain registration details align well with the official entity, supporting a high legitimacy score. Overall, erasmusplus.schule is a professionally maintained, secure, and privacy-conscious government portal that effectively serves its educational mission. Strategic recommendations include enabling DNSSEC, implementing comprehensive security headers, and ongoing monitoring of third-party scripts to maintain and enhance security posture.

L

Livesport s.r.o.

livesport.cz

61

Livesport s.r.o. operates www.livesport.cz, a leading Czech Republic-based online platform providing live sports results, livescore updates, and sports news primarily focused on football. The website targets sports enthusiasts and bettors, offering real-time updates for over 1000 football competitions worldwide. The business model includes affiliate partnerships with major bookmakers, enhancing monetization through betting referrals. Technically, the site employs modern web technologies including JavaScript frameworks, SVG graphics, and integrates Google Tag Manager and OneTrust for analytics and consent management. The platform is mobile optimized and demonstrates good SEO and accessibility practices. Security posture is solid with HTTPS enforcement and standard security headers, though explicit privacy and terms pages are not found in the provided content. Overall, the site is professional, trustworthy, and compliant with basic GDPR requirements, though improvements in transparency and contact information are recommended.

The website represents the official online presence of the Bundesministerium für Bildung und Forschung (Federal Ministry of Education and Research) in Germany. It serves as a government portal providing information related to education and research initiatives. Currently, the site is under maintenance, limiting content availability. The business model is that of a government entity focused on public communication and information dissemination. The target audience includes the general public, researchers, and policymakers. The site uses HTTPS and basic web technologies but lacks advanced security headers and privacy policies, indicating room for improvement in compliance and security posture. Contact information is clearly provided, enhancing trust and credibility.

P

Pädagogischer Austauschdienst (PAD)

kmk-pad.org

62

The Pädagogischer Austauschdienst (PAD) is a German governmental agency under the Kultusministerkonferenz that promotes European and international school exchange programs. The website serves as an authoritative portal for educational institutions, teachers, and students interested in exchange programs, offering detailed program information, events, and testimonials. The site is built on TYPO3 CMS, demonstrating a mature technical infrastructure with good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and explicit privacy and security policies. Overall, the website is professional, trustworthy, and well-positioned in its niche, but could improve transparency and security documentation.

N

NextPage Media, s.r.o.

dobyvameevropu.cz

53

DobývámeEvropu.cz is a Czech online media project specializing in European football competitions, particularly focusing on Czech clubs' participation in UEFA tournaments. It offers detailed analyses, statistics, podcasts, and interviews, targeting football fans, sports analysts, and bettors. The site is part of the NextPage Media group and maintains partnerships with several notable brands and media outlets. Technically, the website employs modern JavaScript frameworks, Google Tag Manager, Microsoft Clarity, and a consent management platform to ensure GDPR compliance. The site is well-structured, mobile-optimized, and provides rich content, although explicit privacy and terms of service pages are not clearly linked. Security posture is good with HTTPS enforced, but lacks some security headers and explicit incident response information. WHOIS data is unavailable, which limits domain trust assessment but the professional presentation and partner ecosystem suggest legitimacy. Overall, the site is a credible specialized media outlet with moderate technical maturity and good privacy compliance mechanisms.

S

Social Maturity Score

socialmaturityscore.com

54

Social Maturity Score is a niche marketing transformation guide focused on social media maturity, providing businesses and marketing professionals with a common understanding and survey tools related to social media. The website is relatively new, founded in 2020, and uses a modern Angular-based frontend technology stack. The content is minimal but relevant to its target audience, with basic design and mobile optimization. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. No privacy or cookie policies are published, and no contact or incident response information is available, which limits compliance and trust. Overall, the site is accessible without WAF or blocking mechanisms, but improvements in privacy, security policies, and contact transparency are recommended.

Nadace LANDEK Ostrava is a Czech non-profit foundation dedicated to preserving mining heritage and cultural traditions primarily in the Ostrava-Karviná and Moravian-Silesian regions. The foundation operates a grant program supporting projects related to mining monuments, cultural preservation, and education about mining history. The website reflects a small, regionally focused organization with a history dating back to 2007 and supported by regional government grants. Technically, the website is built with basic HTML, CSS, and JavaScript, hosted on Forpsi servers. It lacks advanced CMS or frameworks and shows basic mobile and accessibility features. There are no detected analytics or tracking technologies, indicating minimal user tracking. From a security perspective, the site uses HTTPS (assumed from domain but not explicitly confirmed in content), but lacks security headers and published security or privacy policies. No contact information or incident response channels are provided, which limits transparency and user trust. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website is functional and serves its informational purpose but requires improvements in privacy compliance, security best practices, and contact transparency to enhance trust and compliance with modern standards.

C

CYLINDERS HOLDING a.s

zamek-vitkovice.cz

43

Zámek Vítkovice operates as a modern event venue located in the center of Ostrava, Czech Republic, offering rental spaces for weddings, conferences, concerts, and other events. The business is owned by CYLINDERS HOLDING a.s and targets local customers seeking unique and artistic event spaces. The website reflects a professional and consistent brand image with clear contact details and multilingual support (Czech and English). Technically, the site uses Bootstrap for responsive design, integrates Google Analytics for visitor tracking, and Google Maps for location display, indicating a moderate level of digital maturity. Security-wise, the site implements a cookie consent mechanism but lacks visible security headers and explicit privacy or terms of service pages, which are areas for improvement. The absence of WHOIS data reduces domain trustworthiness, but the website content and contact information appear legitimate and consistent with a small hospitality business. Overall, the site is functional and user-friendly but would benefit from enhanced security and compliance documentation.

K

Kontura Design

kontura.cz

44

Kontura Design is a small Czech Republic-based design service provider specializing in graphic design, consultation, typesetting and printing, packaging design, and internet services. The company has a long-established domain since 2000, indicating stable business operations. The website presents basic information with minimal content and lacks modern digital maturity features such as structured data, privacy policies, or contact details. Technically, the site uses outdated JavaScript libraries loaded over HTTP, which poses security risks and indicates a need for modernization. Security posture is weak due to lack of HTTPS enforcement and missing security headers. No privacy or cookie policies are present, which impacts compliance with GDPR and other regulations. Overall, the website is functional but basic, with room for significant improvements in security, privacy, and user experience.

D

DŮM U PARKU, s.r.o.

dumuparku.cz

45

DŮM U PARKU, s.r.o. operates a historic building in Olomouc, Czech Republic, offering modern office spaces, a ballroom, conference rooms, and cultural event hosting. The company positions itself as a unique venue blending historical ambiance with modern functionality, targeting businesses and event organizers. The website is professionally designed with clear navigation and good content relevance, supporting its market presence. Technically, the site uses standard web technologies including Google Analytics and jQuery plugins, with moderate performance and mobile optimization. However, the absence of privacy and cookie policies, lack of security headers, and missing WHOIS registration data present compliance and trust concerns. The security posture is moderate but could be improved by implementing best practices and transparency measures. Overall, the site is functional and business credible but requires enhancements in privacy compliance and security to strengthen trust and regulatory adherence.

1

1. Web IT

1webit.cz

58

1. Web IT is a Czech Republic-based IT service provider specializing in professional custom development of systems, web applications, and e-shops. Founded in 2011, the company serves a medium-sized team of over 20 experienced developers, designers, and IT experts. Their market position is supported by a strong portfolio of clients including notable brands and public institutions. The company offers a broad range of services including programming capacities, custom system development, ready-made solutions, graphic design, and ongoing application support. Their business model focuses on long-term client partnerships and continuous project modernization. Technically, the website reflects a mature digital infrastructure utilizing a diverse technology stack including PHP, MySQL, Java, Python, Ruby, React, and various database systems. The site is built likely on the Nette Framework, with Cloudflare providing hosting and security services. The website is mobile-optimized, accessible, and SEO-friendly, with modern meta tags and structured navigation. From a security perspective, the site enforces HTTPS, employs Cloudflare Turnstile CAPTCHA for form protection, and includes cookie consent mechanisms aligned with GDPR. While explicit security headers are not fully confirmed, the site demonstrates good security hygiene with no visible vulnerabilities or exposed sensitive data. Privacy policies and cookie policies are comprehensive and clearly presented. Overall, the website presents a low-risk profile with strong business credibility, professional design, and adequate security measures. Recommendations include enhancing security headers, maintaining dependency updates, and adding explicit incident response and security policy information to further strengthen trust and compliance.

G

Germany Trade & Invest (GTAI)

gtai-exportguide.de

66

The GTAI-Exportguide website serves as an official German government initiative aimed at supporting businesses, especially export beginners, in their international trade endeavors. It provides comprehensive information, partner networks, event listings, and news updates to facilitate foreign market entry. The platform is backed by the Federal Ministry for Economic Affairs and Climate Action, ensuring authoritative and trustworthy content. The website's design is professional, with clear navigation and mobile optimization, catering well to its target audience. Technically, the site employs modern web technologies including JavaScript, CSS, and HTML5, with analytics powered by etracker and consent management via Usercentrics. While no explicit CMS was detected, the site appears to be custom-built or uses a proprietary system. Performance is moderate with good mobile responsiveness and accessibility features. Security is enforced through HTTPS, but could benefit from additional security headers and explicit security policies. From a security perspective, the site shows a solid posture with no detected vulnerabilities or exposed sensitive data. However, the absence of explicit privacy and cookie policies, as well as terms of service, indicates room for improvement in compliance and transparency. No incident response or vulnerability disclosure information is provided, which could be enhanced to build further trust. Overall, the website is a credible and professional government resource with a strong business focus and a well-established partner network. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and providing clear contact channels for security incidents to improve compliance and user trust.

The domain screechingstove.com currently serves as a 404 Not Found error page and is used by Admiral, a service provider specializing in copyright access control and privacy consent management for digital publishers. The domain content is minimal and primarily informational about Admiral's services, with no direct business or marketing content. The technical infrastructure is hosted on Google Cloud Platform, indicating a modern and scalable environment, but the site lacks SEO metadata, structured data, and interactive elements. Security posture is adequate with encryption and certificate rotation mentioned, but DNSSEC is not enabled and security headers are not visible. Privacy compliance is addressed in text but lacks active consent mechanisms. Overall, the site is not a functional business website but a service domain with limited public-facing content.

The website tymphany.cz represents a small business entity based in the Czech Republic, with a domain registered since 2017. The site appears to be built using the WebSupport SiteBuilder platform and features basic content primarily in Czech language. The business description and detailed company information are not explicitly provided on the site, limiting insights into its market position and services. Technically, the website uses standard web technologies including HTML5, CSS, and JavaScript, with external font loading via WebFontLoader. Performance and mobile optimization are moderate to good, but accessibility and SEO features are basic. Security posture is weak due to lack of visible security headers, absence of HTTPS verification in the provided data, and no published privacy or security policies. Cookie consent is implemented, indicating some compliance awareness. Overall, the site is functional but lacks comprehensive business and security information, which may impact trust and user confidence.

H

Henkel

pattex.dk

67

Pattex.dk is the Danish website for the Pattex brand, a part of Henkel, specializing in adhesives and DIY solutions. The site provides product information, news, and strong solutions targeting the Danish market. The website is built on Adobe Experience Manager and uses modern technologies including Adobe Analytics and OneTrust for cookie consent, indicating a mature digital infrastructure. The site is well-optimized for performance, mobile responsiveness, and accessibility, with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and a published security policy are absent. WHOIS data is missing, which slightly reduces trustworthiness but the brand association with Henkel supports legitimacy. Overall, the site is professional and trustworthy with room for improvement in transparency and security disclosures.

P

PSN s.r.o.

ahojvanguard.cz

47

The website www.ahojvanguard.cz represents a residential real estate project named Ahoj, Vanguard, developed by PSN s.r.o. It offers apartments in Prague's Modřany district, emphasizing quality living spaces, community areas, and a modern lifestyle. The site targets potential home buyers and investors interested in this emerging neighborhood. Technically, the website uses modern web technologies including JavaScript frameworks, Google Tag Manager, and Typekit fonts, delivering a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent implemented, though it lacks some security headers and a published privacy policy. The absence of WHOIS data reduces domain trustworthiness, but the website content and contact information appear legitimate and professional. Overall, the site scores well in business credibility and technical implementation but could improve privacy compliance and security transparency.

G

Germany Trade & Invest (GTAI)

ixpos.de

66

The GTAI-Exportguide website serves as an official German government initiative aimed at supporting export beginners and businesses interested in international trade. It provides comprehensive information, partner networks, market exploration tools, events, and news updates to facilitate foreign trade. The platform is backed by the Federal Ministry for Economic Affairs and Climate Action, enhancing its credibility and trustworthiness. The website's content is well-structured, professionally designed, and targeted primarily at German businesses seeking export guidance. Technically, the website employs modern web technologies including responsive images, SVG icons, JavaScript libraries, and cookie consent management via Usercentrics. Analytics are conducted through eTracker, indicating moderate user tracking. The site is served over HTTPS with no detected blocking or WAF interference, ensuring secure access. However, explicit security headers and incident response policies are not evident in the provided content. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent mechanisms. No vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or vulnerability disclosure program suggests room for improvement in transparency and incident readiness. Overall, the website presents a low-risk profile with strong business credibility and a solid technical foundation. Strategic recommendations include enhancing security headers, publishing clear privacy and security policies, and providing explicit contact information for incident response to further strengthen trust and compliance.

V

Valuo

valuo.sk

42

Valuo is a Slovak-based innovative online platform specializing in precise real estate price estimation tools for various property types. It serves a broad audience including banks, real estate agencies, appraisers, and individual buyers and sellers. The platform is well-positioned in the Slovak real estate market with a strong user base and professional endorsements. Technically, the website is built using modern frameworks like Astro, delivering fast performance and excellent mobile optimization. Security posture is adequate with HTTPS usage and secure form handling, though improvements in security headers and incident response transparency are recommended. Privacy compliance is mostly addressed with GDPR documentation available, but cookie consent mechanisms are missing. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility.

P

People For Net a.s.

realbonus.cz

54

RealBonus.cz is a Czech real estate listing platform established in 2012, operated by People For Net a.s. The website offers a broad range of property listings including apartments, houses, commercial properties, and land for sale and rent. It targets individuals and businesses seeking real estate in the Czech Republic, providing categorized search options and a directory of real estate agencies. The site is professionally designed with consistent branding and clear navigation, though it uses some outdated technologies such as jQuery 1.7.2. The technical infrastructure includes standard web technologies and Google Analytics for tracking. Security measures are basic, with cookie consent implemented but lacking advanced security headers or explicit security policies. No blocking or WAF mechanisms are detected, and the site is fully accessible. Overall, the website is functional and trustworthy but could benefit from modernizing its tech stack and enhancing security and compliance documentation.

Apple's iTunes website serves as a comprehensive digital media platform offering music, movies, TV shows, podcasts, and audiobooks. As a globally recognized technology leader, Apple maintains a strong market position with a broad consumer base and a robust e-commerce model. The website reflects Apple's commitment to quality, user experience, and brand consistency. Technically, the site employs modern web technologies, optimized performance, and responsive design, ensuring accessibility across devices. Security measures are robust, including HTTPS enforcement and security headers, with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates a mature digital infrastructure aligned with Apple's enterprise stature.

L

LASER-TECH, spol. s r.o.

laser-tech.cz

43

LASER-TECH, spol. s r.o. is a Czech Republic-based manufacturing company specializing in comprehensive sheet metal processing services including laser cutting, CNC bending, welding, surface finishing, and laser marking. The company targets industrial clients requiring precision metal fabrication and operates with certifications such as ISO 9001 and ISO 14001, indicating a commitment to quality and environmental management. The website reflects a professional B2B service provider with EU co-financed modernization projects enhancing its technological capabilities. Technically, the website employs common web technologies such as jQuery, Fancybox, Google Tag Manager, and Google Analytics. The site is accessible and moderately optimized for performance and mobile devices, though improvements in accessibility and security headers are recommended. The presence of a cookie consent mechanism shows awareness of privacy regulations, but the absence of a privacy policy and terms of service pages indicates compliance gaps. From a security perspective, the site uses HTTPS but lacks visible security headers and detailed security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The missing WHOIS data reduces domain trustworthiness, though the website content and business information appear legitimate and professional. Overall, the website scores moderately well in content quality, technical implementation, and business credibility but should address privacy compliance and security best practices to improve trust and reduce risk.

Č

Česká komora architektů

cka.cz

63

Česká komora architektů is a legally established self-governing professional organization in the Czech Republic that unites authorized architects, landscape architects, and urban planners. The website serves as a comprehensive portal offering information about membership, professional services, architectural competitions, education, and legislative matters relevant to the architectural profession. It targets professionals in architecture and related fields, as well as public administration and clients seeking architectural services. The organization holds a strong national position as the official chamber for architects in the Czech Republic. Technically, the website is built using modern JavaScript frameworks such as Vue.js and Nuxt.js, providing a responsive and accessible user experience. The site is well-structured with good SEO practices and mobile optimization. Performance is moderate with no significant technical debt observed. However, there is no detected CMS or hosting provider information. From a security perspective, the site enforces HTTPS and uses secure forms, but lacks several recommended security headers and explicit privacy and cookie policies. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces domain trustworthiness, and no incident response or vulnerability disclosure information is published, which are areas for improvement. Overall, the website is professional, trustworthy, and content-rich, but would benefit from enhanced transparency in domain registration, improved privacy compliance, and stronger security header implementation to elevate its security posture and user trust.

F

Flatino

flatino.cz

53

Flatino is a Czech Republic based real estate agency positioning itself as a modern and innovative player in the property sales market. The company emphasizes a 21st-century approach by integrating real estate services with marketing and technology to achieve the highest possible sale prices for clients. The website reflects a professional and consistent brand image built on the Wix platform, offering a responsive and user-friendly experience. However, the absence of detailed WHOIS data limits verification of domain ownership and registration details. Technically, the website leverages Wix's Thunderbolt framework and standard web technologies such as JavaScript, CSS, and HTML5. The site is hosted on Wix infrastructure with HTTPS enabled, ensuring secure communication. Despite this, the site lacks important security headers and visible privacy or cookie policies, which are critical for compliance and user trust. No explicit contact information or incident response channels are provided, which could hinder user engagement and security transparency. From a security perspective, the site benefits from HTTPS but misses several best practices such as security headers and documented privacy compliance. No vulnerabilities or malicious scripts were detected in the provided content. The lack of WHOIS data and registrant information suggests privacy protection, which is common for small businesses but reduces transparency. Overall, the security posture is moderate but could be improved with better policy disclosures and technical hardening. The overall risk assessment indicates a legitimate small business with a professional web presence but with gaps in privacy compliance and security best practices. Strategic recommendations include adding privacy and cookie policies, publishing contact and incident response information, implementing security headers, and enhancing accessibility and SEO features to improve trust and compliance.

C

CENTURY 21

century21.cz

59

CENTURY 21 Czech Republic operates as a real estate brokerage and property listing service, offering a wide range of residential and commercial properties. The website presents a professional and modern interface targeting buyers, sellers, and real estate agents within the Czech market. The company emphasizes trust and partnership, with multiple property categories and career/franchise opportunities. Technically, the site leverages modern frameworks such as Next.js and React, and integrates analytics tools like Microsoft Clarity and Hotjar for user behavior insights. Security posture is strong with HTTPS and security headers implemented, though explicit privacy and cookie policies are not clearly found in the provided content. WHOIS data is unavailable, which reduces domain trust but the website content and branding suggest a legitimate business. Overall, the site is well-structured and user-friendly, but could improve transparency on privacy and contact information.

R

Realitní komora České republiky

realitnikomora.cz

49

Realitní komora České republiky is a professional association established in 2009 that serves real estate agents, offices, and related professionals in the Czech Republic. The organization focuses on education, professional development, and providing member benefits such as insurance and discounts. The website reflects a well-established market position with clear business information and active partnerships. Technically, the site uses modern JavaScript libraries and analytics tools, with good mobile optimization and SEO practices. However, it lacks some compliance elements such as a privacy policy and terms of service pages. Security posture is adequate with HTTPS and cookie consent but could be improved by adding security headers and incident response information. Overall, the website is professional, trustworthy, and serves its target audience effectively.

B

Deutschlands Bierliste Nr.1 mit 8138 Bieren aus Deutschland

biermap24.de

39

Biermap24.de is a German-focused online platform dedicated to listing and rating beers, boasting a comprehensive database of over 8,000 beers from Germany. The site targets beer enthusiasts and consumers interested in exploring and reviewing various beer brands and breweries. It offers editorial tips, top 10 lists, and a magazine section to engage its audience. Technically, the website employs standard web technologies including jQuery and SVG fonts, and is hosted on servers associated with kasserver.com. The site is mobile-optimized and includes a cookie consent mechanism via CookieFirst, indicating some level of privacy awareness. Security-wise, the site uses HTTPS and integrates Matomo analytics for user tracking, but lacks advanced security headers and explicit security or privacy policies. WHOIS data is minimal but consistent with the hosting provider, with no signs of privacy protection or suspicious registration patterns. Overall, the site presents a good user experience with moderate technical maturity but would benefit from enhanced security and compliance documentation.

A

Amazon Web Services, Inc.

aws.com

77

Amazon Web Services, Inc. (AWS) is a leading global cloud computing services provider offering a broad set of reliable, scalable, and inexpensive cloud infrastructure services. AWS serves a wide range of customers including developers, enterprises, startups, and government agencies, providing services such as compute, storage, databases, networking, machine learning, and analytics. As a subsidiary of Amazon.com, Inc., AWS holds a dominant market position in the cloud industry with a pay-as-you-go business model and extensive global infrastructure. The website demonstrates a mature technical infrastructure leveraging modern technologies such as React and AWS CloudFront for hosting and content delivery. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a high level of digital maturity. Security is robust with HTTPS enforcement, strong Content Security Policy headers, and adherence to multiple compliance frameworks including ISO 27001, SOC reports, PCI DSS, and FedRAMP. AWS maintains a strong security posture with no detected vulnerabilities or exposed sensitive data. The company provides clear privacy policies, cookie consent mechanisms, and incident response contacts, indicating a commitment to privacy and regulatory compliance. The domain's WHOIS data for the subdomain is unavailable as expected, but the overall trustworthiness is high given the brand reputation and security practices. Overall, AWS's website and digital presence reflect a highly professional, secure, and trustworthy cloud services provider with excellent compliance and security standards.

T

Tourismusverband Mecklenburg-Vorpommern e.V.

auf-nach-mv.de

72

The website www.auf-nach-mv.de is the official tourism portal for Mecklenburg-Vorpommern, Germany, operated by the Tourismusverband Mecklenburg-Vorpommern e.V. It provides comprehensive information on vacation types, activities, destinations, events, and travel services targeting a broad audience including families and nature enthusiasts. The site is well-branded, professionally designed, and offers rich multimedia content including images and videos. It serves as a key digital touchpoint for regional tourism promotion. Technically, the website employs modern web technologies including JavaScript, CSS, and embedded services like Google Tag Manager and YouTube. It appears to be built on a custom or proprietary CMS platform. The site is mobile-optimized, accessible, and SEO-friendly, with good performance characteristics. Security best practices such as HTTPS and CAPTCHA on forms are implemented, though explicit security policies and incident response contacts are not published. From a security perspective, the site has a strong posture with no visible vulnerabilities or blocking mechanisms. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, terms of service and vulnerability disclosure policies are absent. The WHOIS data is limited but does not raise concerns about legitimacy. Overall, the website is a trustworthy, professional, and well-maintained platform supporting regional tourism. Strategic recommendations include enhancing security transparency by publishing security policies and incident response contacts, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.