Security Directory

The BKC-Spendenportal website serves as an online donation platform operated by the Bank für Kirche und Caritas eG, targeting charitable organizations primarily within the church and caritas sectors in Germany. It facilitates the connection between donors and charitable projects, providing a streamlined platform for online donations. The website is professionally designed with clear navigation and content relevant to its audience, emphasizing transparency and trust through visible contact information and testimonials. Technically, the site is built on the Contao Open Source CMS and leverages common JavaScript libraries such as jQuery, Colorbox, and Isotope for enhanced user experience. Hosting is provided by Schlundtech, a reputable German hosting provider. The site demonstrates good mobile optimization and SEO practices, although performance is moderate rather than fast. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism aligned with GDPR requirements. However, it lacks explicit security policies, incident response contacts, and advanced security headers, which are recommended for improved security posture. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the site maintains a good security baseline appropriate for its business model. The overall risk assessment is low, with the site presenting a trustworthy and professional front for its niche market. Strategic recommendations include formalizing security policies, adding vulnerability disclosure mechanisms, and enhancing security headers to further strengthen trust and compliance.

N

Naděje

kurzy-nadeje.cz

43

Naděje is a Czech non-profit organization specializing in accredited educational courses for social service providers, social workers, and caregivers. Established in 1996, the organization offers a range of training programs accredited by the Ministry of Labour and Social Affairs (MPSV). Their website presents a professional and well-structured platform showcasing their courses, testimonials, and newsletter subscription, targeting professionals in the social services sector. Technically, the site uses a custom CMS built on the Yii PHP framework, enhanced with jQuery and modern web fonts, delivering a moderate performance and good mobile responsiveness. Security-wise, the site uses HTTPS and secure form submissions but lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in compliance and security posture. Overall, the domain registration data aligns well with the business profile, supporting the site's legitimacy.

The website tcu.sk represents a Slovak non-profit educational initiative organizing the 'Týždeň celoživotného učenia' (Lifelong Learning Week), an event aimed at promoting lifelong learning across Slovakia. It targets a broad audience including individuals of all ages and educational institutions, providing lectures, workshops, and discussions to foster educational engagement. The event has a long-standing tradition with 25 years of history, positioning it as a recognized educational awareness platform in Slovakia. Technically, the website is built on a modern stack likely involving Ruby on Rails with Turbolinks, and integrates Google Analytics and Tag Manager for tracking. Hosting is provided by a Slovak hosting provider (websupport.sk), and the site uses HTTPS with DNSSEC enabled, indicating a secure baseline. The site is mobile optimized with good navigation and content quality, although some accessibility and SEO improvements could be made. From a security perspective, the site implements HTTPS and CSRF protections but lacks several recommended HTTP security headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial; while a cookie consent banner is present, no privacy policy or terms of service were found, which is a notable compliance gap. Contact information is clearly provided, enhancing business credibility. Overall, the website is legitimate, secure, and professionally presented, with minor areas for improvement in privacy disclosures and security hardening. The domain registration data aligns well with the website's purpose and geographic focus, supporting trustworthiness.

M

Městský úřad Lanškroun

lanskroun.eu

47

The website www.lanskroun.eu serves as the official municipal portal for the city of Lanškroun in the Czech Republic. It provides comprehensive information about the city administration, local news, cultural events, tourism, and public services. The site targets residents, visitors, and businesses in the Lanškroun region, offering multilingual support and various e-government services. The business model is focused on public service and community engagement, positioning itself as a trusted local government resource. Technically, the website is built on the Vismo CMS platform, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google Analytics and Google Tag Manager for visitor tracking and employs Google reCAPTCHA v2 to protect forms from spam. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some improvements in security headers could be made. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for form protection. However, no explicit security policies or incident response contacts are published, and security headers appear to be missing or not detected in the provided content. The WHOIS data is not publicly available due to EURid privacy policies, which is typical for .eu domains and does not raise immediate concerns. Overall, the security posture is moderate with room for enhancement. The overall risk assessment indicates a well-maintained official government website with no signs of malicious activity or content safety issues. Strategic recommendations include implementing HTTP security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to enhance trust and security maturity.

C

Chrudim

chrudim.eu

54

The website www.chrudim.eu serves as the official municipal portal for the city of Chrudim in the Czech Republic. It provides comprehensive information and services to residents and visitors, including citizen services, online reservations, public notices, tourism information, and contact details for various municipal departments. The site is well-branded with consistent city imagery and offers multilingual support via Google Translate. Technically, it is built on WordPress with common plugins such as Gravity Forms and Tiny Slider, and integrates Google Analytics and Tag Manager for analytics and marketing purposes. The site is secured with HTTPS and implements cookie consent mechanisms, reflecting good privacy compliance. However, WHOIS data is unavailable due to EURid privacy policies, which is typical for .eu domains. Overall, the site demonstrates a mature digital presence for a municipal government entity.

M

Město Hlinsko

hlinsko.cz

48

Město Hlinsko operates an official municipal website serving residents and visitors of the city of Hlinsko, Czech Republic. The site provides comprehensive information about municipal offices, citizen services, local news, social and cultural activities, and crisis management. It targets local citizens and stakeholders seeking official information and services. The website is well-structured and content-rich, reflecting a public sector information portal model with a focus on transparency and accessibility. Technically, the website uses a combination of jQuery, Bootstrap 4.4.1, Swiper, PhotoSwipe, and mmenu libraries, indicating a moderately modern front-end stack. The site appears mobile-optimized and provides a cookie consent mechanism, demonstrating awareness of privacy compliance. However, no major CMS or hosting provider details are evident, suggesting a custom or proprietary municipal CMS. From a security perspective, the site enforces HTTPS and includes cookie consent but lacks visible security headers and explicit security policies or incident response information. The absence of WHOIS data for the domain reduces trust signals, although the website content and domain usage appear legitimate. No vulnerabilities or tracking scripts were detected, indicating a low-risk profile but with room for security improvements. Overall, the website is a functional and professional municipal portal with good content quality and user experience. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and investigating the missing WHOIS data to improve domain trustworthiness.

M

Město Holice

holice.eu

56

The website www.holice.eu serves as the official municipal portal for the city of Holice in the Czech Republic. It provides residents and visitors with comprehensive information about city administration, local news, events, public notices, and tourist information. The site is well-branded with consistent city logos and offers multiple channels for citizen engagement including social media and a chatbot. The business model is focused on public service and community engagement, positioning the city as accessible and transparent to its constituents. Technically, the website employs a modern frontend stack including Bootstrap, jQuery, and integrates third-party services such as Google Analytics and a chatbot platform. The site is mobile-optimized and includes a cookie consent mechanism compliant with GDPR, reflecting a moderate level of digital maturity. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS with a strong SSL configuration and implements cookie consent for privacy compliance. However, it lacks visible security headers and does not publish security policies or incident response information. The WHOIS data is privacy protected, which is common for .eu domains, and does not raise immediate concerns given the official nature of the site. Overall, the website is trustworthy and professional, serving its purpose as a municipal information portal. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility features to meet higher compliance standards.

M

Město Litomyšl

litomysl.cz

54

Město Litomyšl is the official municipal government website for the city of Litomyšl in the Czech Republic. It provides comprehensive information and services for both citizens and tourists, including municipal services, cultural events, education, and tourism information. The site targets local residents and visitors, positioning itself as a key resource for public administration and community engagement. The website demonstrates consistent branding and professional content quality, supporting its role as a trusted government portal. Technically, the website employs standard web technologies such as jQuery, Google Custom Search Engine, and Fancybox for enhanced user experience. The site is mobile-optimized and features good navigation and SEO practices. However, there is room for improvement in accessibility and security headers implementation. Performance is moderate, with external dependencies on Google services. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. No critical vulnerabilities or outdated libraries were detected. The presence of a comprehensive GDPR privacy policy indicates attention to compliance, though the absence of a cookie consent mechanism is a gap. The lack of WHOIS data for the domain raises concerns about domain registration transparency, though the official nature of the content mitigates some risk. Overall, the website is a well-structured and professional municipal portal with good content and usability. Strategic improvements in security headers, cookie consent, and domain registration transparency would enhance trust and compliance.

M

Město Polička

policka.org

47

Město Polička operates an official municipal website serving residents and visitors with comprehensive city information, including news, events, official documents, and public services. The website is well-established with a domain age since 2003, reflecting a stable digital presence for the local government of Polička, Czech Republic. The site targets local citizens and visitors seeking municipal updates and services. Technically, the website uses ASP.NET Web Forms with Bootstrap and FontAwesome, providing a responsive and user-friendly interface, though performance is moderate and accessibility is basic. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC, indicating room for improvement. Privacy compliance is basic with privacy and cookie policies present but no active consent mechanism. Contact information is clearly provided, including emails, phone numbers, and physical address, enhancing business credibility. Overall, the website is trustworthy and professionally maintained, suitable for its government function.

M

Městský úřad Svitavy

svitavy.cz

61

The website www.svitavy.cz serves as the official municipal portal for the city of Svitavy in the Czech Republic. It provides comprehensive information about the city administration, public services, cultural events, and citizen resources. The site targets residents and visitors, offering a well-structured navigation system and multiple language options via external translation links. The business model is that of a government service portal, with a medium-sized organizational footprint and a focus on transparency and public engagement. Technically, the site is built on Drupal 10, leveraging modern web technologies including Bootstrap for responsive design, Google Analytics for traffic monitoring, and various JavaScript libraries for enhanced user experience. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured navigation. Performance is moderate, with no critical errors or broken elements detected. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with EU GDPR regulations. However, it lacks visible security headers such as Content-Security-Policy and X-Frame-Options, which are recommended to enhance security posture. No vulnerabilities or exposed sensitive data were found in the HTML content. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the official branding and content strongly support authenticity. Overall, the website presents a trustworthy and professional digital presence for the city government, with room for security enhancements and improved transparency in incident response and vulnerability disclosure policies. The risk level is low, and the site is safe for general audiences.

M

Město Skuteč

skutec.cz

45

The website skutec.cz serves as the official digital presence of the town of Skuteč, Czech Republic. It provides comprehensive municipal information including news, cultural events, public services, and contact details aimed at residents and visitors. The site is well-structured with clear navigation and a professional design consistent with government standards. It leverages modern web technologies such as jQuery, Bootstrap, and Swiper.js to deliver a responsive and accessible user experience. The presence of GDPR compliance and cookie consent mechanisms demonstrates attention to privacy regulations. Security posture is solid with HTTPS enforced and no evident vulnerabilities, though some HTTP security headers could be improved. The absence of WHOIS data is a notable gap, limiting domain legitimacy verification, but the official nature and content quality support trust in the site. Overall, the site is a reliable municipal resource with good technical and security practices.

K

Krajská hospodářská komora Pardubického kraje

khkpce.cz

53

The website represents the Krajská hospodářská komora Pardubického kraje, a regional chamber of commerce serving the Pardubice region in the Czech Republic. It provides a variety of business support services including certification, training, legal services, and networking opportunities for local entrepreneurs and companies. The site targets regional businesses and operates as a membership-based non-profit organization with multiple local offices. Technically, the website uses a moderate technology stack including jQuery and Google services such as Analytics and Tag Manager. The site is mobile optimized with good navigation and content quality, though accessibility features are basic. Performance is moderate with no critical technical issues detected. From a security perspective, the site uses HTTPS and includes no visible exposed sensitive data. However, it lacks security headers and visible privacy or cookie policies, which are important for compliance and user trust. The WHOIS data is unavailable or privacy protected, which reduces transparency but is not uncommon for this type of organization. Overall, the website is professional and trustworthy with a good business credibility score. The main risks relate to privacy compliance and security best practices, which should be addressed to improve user trust and regulatory adherence.

P

Pardubický podnikatelský inkubátor

p-pink.cz

65

P-PINK is a small business incubator based in Pardubice, Czech Republic, dedicated to supporting aspiring entrepreneurs and startups. The website presents a clear business focus on coworking and consulting services to help new businesses succeed. The company appears to be well-established since 2016, with a localized market position. Technically, the website is built on the Bitrix24 platform, leveraging Cloudflare for DNS and CDN services, and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, Hotjar, and Cookiebot for GDPR compliance. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. The site lacks explicit terms of service and security policies, which are recommended for enhanced trust and compliance. Overall, the website is professional, trustworthy, and safe for general audiences.

N

Nemocnice Pardubického kraje, a.s.

nempk.cz

66

Nemocnice Pardubického kraje, a.s. is a regional healthcare provider operating five hospitals in the Pardubice region of the Czech Republic. The organization offers comprehensive hospital care services, including online appointment booking and pharmacy services, targeting patients, healthcare professionals, and partners. The website reflects a strong market position as a leading healthcare institution in the region, with clear branding and consistent messaging. Technically, the website is built using PHP and the Nette Framework, incorporating modern web technologies such as Google Analytics and Facebook SDK for analytics and social engagement. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, demonstrating compliance with GDPR. However, the absence of explicit security headers and lack of visible incident response or vulnerability disclosure information indicate areas for improvement. The missing WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given the professional presentation. Overall, the website is a well-maintained digital asset supporting the hospital's business goals, with a solid security posture and compliance framework. Strategic enhancements in security headers, incident response visibility, and domain registration transparency would further strengthen trust and resilience.

Česká správa sociálního zabezpečení (ČSSZ) is the official Czech government agency responsible for administering social security programs including pensions, sickness benefits, maternity support, and social insurance contributions. The website serves as a comprehensive portal providing information, online services, and resources for citizens, employers, self-employed persons, and foreigners with temporary protection. It holds a strong market position as the primary social security institution in the Czech Republic. Technically, the website is built on the Liferay CMS platform, utilizing modern web technologies such as Bootstrap and jQuery, and integrates Matomo for analytics. The site is mobile-optimized, accessible, and demonstrates good SEO practices. Security measures include HTTPS enforcement and standard security headers, contributing to a solid security posture. While the WHOIS data is unavailable due to registry policies, the website's official domain, consistent branding, and government affiliation indicate legitimacy. Privacy and cookie policies are present and GDPR compliant, though explicit terms of service and vulnerability disclosure mechanisms are not found. Contact information includes phone numbers and contact forms, with no exposed sensitive data detected. Overall, the website presents a professional, secure, and user-friendly platform for social security services in the Czech Republic, with recommendations to enhance transparency around security policies and incident response capabilities.

Ekumenická rada církví is a non-profit religious organization representing a community of Christian churches in the Czech Republic. The website serves as an informational portal providing news, event announcements, and resources related to ecumenical activities. It targets a general audience interested in religious and community matters within the Czech Republic. The organization appears well-established with a domain age dating back to 2000, reflecting a stable presence in its sector. Technically, the website is built on the Yii PHP framework with jQuery and Nivo Slider for interactive elements. The site demonstrates moderate performance and basic mobile optimization. SEO and accessibility features are present but could be improved. The absence of advanced analytics or tracking tools indicates a minimal user tracking approach. From a security perspective, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure mechanisms are evident. The newsletter form collects emails but does not show explicit consent mechanisms. Overall, the security posture is moderate but requires enhancements to meet modern standards. The overall risk is low given the non-commercial nature and content safety of the site. Strategic recommendations include implementing privacy and cookie policies, adding security headers, improving mobile and accessibility features, and establishing clear incident response contacts to enhance trust and compliance.

Č

Česká evangelikální aliance

ea.cz

52

Česká evangelikální aliance is a Czech non-profit evangelical alliance established in 2000, focused on fostering cooperation, prayer, and mission-oriented activities among evangelical churches and organizations in the Czech Republic. The organization provides networking, support for church planting and revitalization, and represents evangelical perspectives in public discourse. Their website is professionally designed using WordPress with modern plugins and themes, offering clear navigation and multilingual support. Contact information and GDPR compliance documentation are provided, though cookie consent mechanisms are absent. Security posture is moderate with HTTPS and reCAPTCHA implemented, but lacks some security headers and vulnerability disclosure mechanisms. Overall, the website is trustworthy and serves its community effectively.

E

EAPN ČR, z. s.

eapncr.org

43

EAPN ČR, z.s. is a Czech non-profit organization dedicated to advocating for the rights of people dependent on social services and combating poverty and social exclusion. It is part of the European Anti Poverty Network, positioning itself as a national member focused on social advocacy and public awareness. The website provides information about their activities, news, projects, and partner organizations, targeting stakeholders involved in social issues in the Czech Republic and Europe. Technically, the website is built on Drupal 7 with legacy jQuery and TinyMCE, indicating a somewhat dated but functional infrastructure. The site is accessible, with basic mobile optimization and SEO features, but lacks modern performance and accessibility enhancements. Security posture is moderate; HTTPS is used but no security headers were detected, and outdated libraries pose potential risks. Privacy and cookie policies are absent, which is a compliance gap. Contact information is clearly provided, enhancing business credibility. WHOIS data is incomplete, limiting domain trust assessment, but the website content and external links suggest legitimacy. Overall, the site is functional and serves its advocacy purpose but would benefit from technical and compliance improvements.

S

Síť aktérů pro domov, z.s.

sad-cr.cz

48

Síť aktérů pro domov, z.s. is a small non-profit organization based in the Czech Republic focused on homelessness and housing issues. The website serves as a platform for expert discussions and advocacy in this social domain. The organization appears to be a recognized thematic leader in its field, founded in 2017, with a clear mission to address homelessness through professional discourse. Technically, the website is built on WordPress using the Divi theme, incorporating Google Analytics and Tag Manager for visitor tracking. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features and comprehensive SEO optimization. Security posture is minimal with no detected security headers or explicit security policies, and privacy compliance is poor due to the absence of privacy and cookie policies. Overall, the site is functional and professional but would benefit from enhanced security and compliance measures.

K

koalice Za snadné dárcovství

snadnedarcovstvi.cz

42

The website 'koalice Za snadné dárcovství' represents a Czech non-profit coalition focused on advancing individual fundraising through relationship-based donor engagement. It serves as a platform for non-profit organizations to collaborate, educate, and overcome obstacles in the donation process. The site positions itself as a key player in the Czech fundraising ecosystem, targeting non-profit organizations and fundraising professionals. Technically, the website is built on WordPress using Elementor and several common plugins, delivering a modern and responsive user experience with moderate performance. Security posture is adequate with HTTPS enabled, but lacks important security headers and privacy compliance documentation, which are areas for improvement. Overall, the site appears legitimate and trustworthy, though the absence of WHOIS data limits domain registration transparency.

N

Netherlands-Czech Chamber of Commerce

nlchamber.cz

64

The Netherlands-Czech Chamber of Commerce (NCCC) operates as a bilateral non-profit organization fostering sustainable business relations between the Netherlands and the Czech Republic. Their core activities include organizing events, active matchmaking, and providing a community platform to connect businesses and individuals focused on sustainability, innovation, and prosperity. The chamber has a well-established presence since 1999, supported by a professional website with comprehensive content and clear membership offerings. Technically, the website is built on WordPress with modern plugins and tracking tools, ensuring good SEO and user experience. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the domain registration and website content are consistent and trustworthy, reflecting a legitimate and credible organization.

C

Cerebra s.r.o.

cerebra.cz

45

Cerebra s.r.o. is a Czech consulting firm established in 2008, specializing in organizational design, agile project management, and human relations consulting primarily for automotive, energy, transport, public sector, and startup clients. The company emphasizes modern management methods, employee motivation, and corporate culture development. Their website is professionally designed, mobile-optimized, and provides clear contact information and social media presence. Technically, the site uses common JavaScript libraries and a custom CMS but lacks advanced security headers and explicit privacy policies. The absence of WHOIS data reduces domain trust verification, though the website content and contact details support legitimacy. The company integrates Facebook Pixel for marketing and has a cookie consent mechanism, indicating some privacy compliance efforts.

W

Wavemaker Global

wavemakerglobal.com

73

Wavemaker Global is a professional global media agency focused on reinventing media and creativity to drive growth for its clients worldwide. The company operates as an enterprise-level media agency offering services such as media planning and creative media solutions. The website reflects a mature digital presence with consistent branding and a clear business focus on media and advertising sectors. Technically, the site is built on WordPress with modern marketing and analytics tools including Google Tag Manager, Microsoft Clarity, and OneTrust for cookie consent, indicating a good level of digital maturity and compliance with cookie regulations. Security posture is solid with HTTPS enabled and domain transfer protections in place, though improvements are recommended in DNSSEC adoption and security headers implementation. Privacy compliance is partial due to the absence of explicit privacy and terms of service pages. Contact information is primarily available through embedded forms and social media channels, with no direct emails or phone numbers found. Overall, the website is professional, trustworthy, and safe for general audiences.

W

WPP Media

wppmedia.com

72

WPP Media is a global media collective under the WPP umbrella, focused on leveraging AI to reshape media and marketing services. The website presents a professional and modern digital presence, utilizing advanced web technologies such as Next.js and React, and integrates privacy compliance tools like OneTrust. The site is well-optimized for performance, mobile responsiveness, and SEO, providing a high-quality user experience. Security posture is strong with HTTPS and security headers in place, though explicit security policies and incident response contacts are not publicly available. The WHOIS data is missing or unavailable, which slightly impacts trust but is mitigated by the professional branding and content. Overall, the site is credible and well-maintained, serving a global business audience.

B

Bella Mia - domácí mýdlárna

domacimydlarna.cz

56

Bella Mia - domácí mýdlárna is a small Czech artisanal e-commerce business specializing in handmade natural soaps, solid shampoos, soy candles, concrete decorations, and gift sets. The company emphasizes ecological and sustainable production methods, targeting general consumers interested in natural and eco-friendly personal care and gift products. The website is built on the Shoptet platform, integrating common marketing and analytics tools such as Google Analytics, Hotjar, Pinterest, and Facebook SDKs. The site is well-structured with clear navigation and product presentation, supporting a positive user experience and good SEO practices. However, the absence of WHOIS registration data limits the ability to fully verify domain legitimacy and business credentials.

Nadace JABLOTRON is a Czech non-profit foundation established in 2015 by JABLOTRON GROUP a.s. The foundation focuses on supporting public-benefit activities including environmental protection, regional development, education, and aid for people in need. It has a strong regional presence and is backed by a reputable technology group, positioning it as a trusted charitable organization in the Czech Republic. The website provides clear organizational information, contact details, and foundational documents, supporting transparency and trust. Technically, the website uses a traditional tech stack including jQuery 1.9.1, Bootstrap 3, and fancybox, with Google Analytics for visitor tracking. While the site is functional and moderately optimized for mobile, it lacks modern security headers and uses an outdated jQuery version, which could pose security risks. No CMS or hosting provider details are evident, and SEO and accessibility are basic. From a security perspective, the site uses HTTPS and does not expose sensitive data or forms, but it lacks explicit privacy and cookie policies and does not implement a cookie consent mechanism, which are compliance gaps under GDPR. No incident response or vulnerability disclosure information is provided. The WHOIS data is consistent with the foundation's claims, supporting legitimacy. Overall, the site is trustworthy and professional but would benefit from improved privacy compliance, updated security practices, and modernized technical components to enhance security posture and user trust.

M

MAS Bohdanečsko

mas-bohdanecsko.cz

39

MAS Bohdanečsko is a regional non-profit organization based in the Czech Republic, focused on local community development through the LEADER method, supported by EU and national funding. The organization aims to improve quality of life and the environment by managing and distributing grant funds and implementing local development strategies. Their website reflects a community-oriented approach with detailed information on organizational structure, strategies, and projects. Technically, the website uses modern responsive design with Bootstrap 5 and SVG graphics, but lacks explicit CMS identification and advanced technical optimizations. Security posture is weak due to absence of security headers, privacy policies, and incident response information, which are critical for compliance and trust. Overall, the website is accessible and informative but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

A

Aibility

aibility.org

58

Aibility is a Czech-based AI consulting and education company founded in 2024, offering tailored AI opportunity analysis, training streams, webinars, and workshops to help businesses leverage AI technologies for growth. The website is professionally designed using WordPress and the Avada theme, with modern analytics and tracking tools integrated, including Google Tag Manager, Microsoft Clarity, and Facebook Pixel. Security posture is strong with HTTPS and reCAPTCHA v3 implemented, though explicit security headers and policies are not published. Privacy compliance is evident with GDPR-aligned privacy and cookie policies. The domain registration data is consistent with the business profile, indicating legitimacy. Overall, the website presents a trustworthy, professional digital presence with good technical and security practices.

S

SCM Bundes-Verlag

bundesverlag.de

55

SCM Bundes-Verlag operates the bundes-verlag.net website, offering a range of Christian magazines and media products targeting children, teenagers, adults, and church community workers. Established in 2004, the company holds a solid market position in the niche Christian media retail and subscription sector in Germany. The website provides e-commerce capabilities for subscriptions, digital reading, and gift bundles, supported by a professional and consistent brand presence. Technically, the site uses a custom CMS with modern web technologies, including Matomo analytics for privacy-conscious user tracking. Mobile optimization and accessibility are well addressed, contributing to a good user experience. Security posture is adequate with HTTPS enforced and CSRF protections, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the domain registration data aligns well with the business history, supporting legitimacy and trustworthiness.

K

Komm Shop

komm-webshop.de

56

Komm Shop operates as a specialized e-commerce platform offering Christian promotional materials and gifts primarily targeting religious communities and individuals in Germany. The website presents a professional and consistent brand image with a broad product range including books, cards, gifts, and religious items. The business model focuses on online retail with personal consultation and fast shipping as key service differentiators. Technically, the site is built on the Shopware CMS platform, utilizing modern JavaScript libraries and standard web technologies, delivering a good user experience with mobile optimization and accessibility features. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though it lacks explicit security headers and published security policies. Privacy compliance is limited due to the absence of a privacy policy and terms of service pages. Overall, the website is trustworthy and functional but could improve compliance and security transparency.

L

Luther-Verlag

lutherverlag.de

48

Luther-Verlag operates a German-language e-commerce platform specializing in evangelical books, calendars, and religious materials. With a history dating back to 1911, the company targets German-speaking customers interested in faith-based literature and related products. The website presents a professional and consistent brand image with clear navigation and a focused product catalog. Technically, the site runs on the modified eCommerce Shopsoftware platform, leveraging modern JavaScript libraries such as jQuery and bxSlider, and employs HTTPS with cookie consent mechanisms to comply with GDPR. Analytics are handled via Matomo, emphasizing privacy-conscious tracking. Security posture is solid with no evident vulnerabilities or exposed sensitive data, though the absence of explicit security headers and incident response information suggests room for improvement. Overall, the site is trustworthy, well-maintained, and serves its niche effectively.

E

Evangelische Zeitung

evangelische-zeitung.de

62

Evangelische Zeitung is a German news media organization founded in 2017, delivering news content from a Christian perspective. The website serves a general audience interested in authentic life stories and real news, positioning itself as a niche media outlet within the German media landscape. The business model centers on digital news publishing with a focus on quality content and Christian values. Technically, the website employs modern web technologies including Next.js, AWS hosting, and integrates analytics tools such as Google Analytics and Smartocto Insights, indicating a mature digital infrastructure. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features appear basic. Security posture is solid with HTTPS enforced and no obvious vulnerabilities, but lacks explicit security headers and formal incident response mechanisms. Privacy compliance is weak due to absence of visible privacy and cookie policies or consent mechanisms. Overall, the website is professional and trustworthy but would benefit from enhanced privacy disclosures and security transparency.

E

Evangelisches Medienhaus GmbH

kirchenwahl.de

58

The website www.kirchenwahl.de serves as the official informational platform for the 2025 church elections within the Evangelical Church in Württemberg. It provides comprehensive election details, candidate databases, campaign materials, and voter guidance targeted primarily at church members aged 14 and above. The platform is managed by the Evangelisches Medienhaus GmbH, a non-profit entity, and positions itself as an authoritative source for election-related content within the church community. Technically, the site is built on TYPO3 CMS, a robust and mature content management system, and integrates privacy-conscious analytics via Matomo with cookies disabled. The site demonstrates good mobile optimization, accessibility features, and SEO practices. Embedded content such as YouTube videos uses privacy-enhanced modes, reflecting a commitment to user privacy. From a security perspective, the site enforces HTTPS and implements a consent management system compliant with GDPR and local data protection laws. However, explicit security headers are not evident in the HTML content, and no published security or incident response policies are found. No vulnerabilities or suspicious patterns were detected, and the WHOIS data aligns well with the website's purpose and legitimacy. Overall, the website presents a professional, trustworthy, and privacy-conscious platform for its target audience. It effectively balances content quality, technical implementation, and privacy compliance, with minor recommendations to enhance security headers and incident response transparency.

C

ChurchTools Innovations GmbH

church.tools

58

ChurchTools Innovations GmbH operates a GDPR-compliant all-in-one software platform designed to support churches in administration and communication. The company targets Protestant, Catholic, and Free Churches, providing tools to manage people, groups, events, finances, and communication, positioning itself as a leading church software provider in Germany with over 3000 clients. The website is professionally designed, mobile-optimized, and integrates modern technologies such as WordPress, Elementor, and Matomo analytics. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly documented. Overall, the domain and website present a trustworthy and mature digital presence suitable for their market niche.

M

Medienhaus der Evangelischen Kirche in Hessen und Nassau (EKHN)

indeon.de

66

indeon.de is an evangelical online magazine operated by the Medienhaus der Evangelischen Kirche in Hessen und Nassau (EKHN), targeting German-speaking audiences interested in faith, social issues, culture, and regional news. The website offers editorial content, podcasts, and newsletters, positioning itself as a trusted regional media outlet with a consistent brand and good content quality. Technically, the site is built on TYPO3 CMS, hosted on Hetzner infrastructure, and employs modern web technologies including Matomo analytics and Facebook Pixel for marketing and tracking. Security posture is solid with HTTPS and cookie consent mechanisms, though additional security headers and incident response policies could enhance protection. Privacy compliance is strong, with a comprehensive privacy policy and cookie management. Overall, the site is professional, trustworthy, and safe for general audiences.

K

Katholisches Bildungswerk Lippe e.V.

kbw-lippe.de

70

Katholisches Bildungswerk Lippe e.V. is a regional non-profit educational organization based in Germany, affiliated with the Erzbistum Paderborn. The organization offers courses, workshops, and events aimed at a broad audience interested in educational and cultural enrichment. Their market position is focused on serving the Lippe region with educational services. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Real Cookie Banner Pro, ensuring good SEO and privacy compliance. The site is mobile-optimized and accessible, with moderate performance. Security-wise, the site employs HTTPS and the Wordfence security plugin, providing a solid security posture without detected vulnerabilities. However, it lacks explicit security policies and incident response contact information. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, making it a reliable digital presence for the organization.

Y

YOUPAX

youpax.de

62

YOUPAX is a German-language youth faith portal affiliated with the Archdiocese of Paderborn, providing religious content, community resources, and event information targeted at young people interested in Christian faith. The website offers a variety of thematic content including articles, journals, and social media engagement, positioning itself as a niche non-profit media platform within the Catholic Church in Germany. Technically, the site is built on the Weblication CMS, employs modern JavaScript libraries, and integrates analytics tools such as eTracker and Matomo, reflecting a moderate level of digital maturity with good mobile optimization and SEO practices. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks some advanced security headers and formal security policies, indicating room for improvement in security posture. Overall, the site is trustworthy, professionally designed, and compliant with GDPR, though it would benefit from enhanced transparency around security and incident response. The domain WHOIS data is minimal but does not raise immediate concerns, supporting the legitimacy of the site as a non-profit religious portal.

D

Dekanat Bielefeld Lippe

bielefeld-lippe.de

68

Dekanat Bielefeld Lippe is a regional Catholic church deanery serving as an administrative layer between the Erzbischöfliches Generalvikariat and local parishes in the Kreis Lippe, Bad Pyrmont, and Bielefeld areas. The organization provides support and coordination services to church institutions and communities, positioning itself as a key regional religious entity within Germany. The website reflects this mission with clear organizational information, contact details, and service descriptions. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Real Cookie Banner Pro, indicating a mature digital infrastructure. Analytics are handled via Matomo, ensuring privacy-conscious data collection. Security posture is strong with HTTPS enforced and Wordfence plugin active, though some security headers could be improved. Privacy compliance is robust with comprehensive policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-maintained, serving its target audience effectively.

C

Caritasverband für den Kreis Lippe und die Stadt Bad Pyrmont e.V.

caritas-detmold.de

50

The Caritasverband für den Kreis Lippe und die Stadt Bad Pyrmont e.V. is a regional non-profit organization providing a broad range of social services including general social counseling, debt counseling, refugee support, and legal advice. The website serves as an information and contact portal for individuals seeking assistance in the Lippe district and Bad Pyrmont city in Germany. The organization positions itself as a trusted local social service provider with a clear focus on community support and volunteer engagement. Technically, the website is built on WordPress 6.8.3 with common plugins such as Yoast SEO for search optimization and Borlabs Cookie for GDPR-compliant cookie management. The site uses HTTPS with a strong SSL configuration and is hosted on servers associated with rzone.de. The technical infrastructure is modern and supports good mobile responsiveness and accessibility, although some improvements in security headers could be made. From a security perspective, the site demonstrates good practices including HTTPS enforcement and cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies or incident response information suggests room for improvement in transparency and preparedness. The use of Google Analytics is compliant with user consent, reflecting moderate user tracking. Overall, the website is professional, trustworthy, and well-maintained, with a strong focus on privacy compliance and user experience. Strategic recommendations include enhancing security headers, publishing security policies, and considering a vulnerability disclosure mechanism to further strengthen the security posture and trustworthiness.

The website represents the Catholic daycare center St. Marien in Detmold, Germany, providing childcare and family support services. It operates under the umbrella of the Katholische Kindertageseinrichtungen Minden-Ravensberg-Lippe gemeinnützige GmbH, a non-profit organization. The site targets parents and families seeking quality early childhood education with a religious affiliation. The business model is community-focused, emphasizing inclusion, language development, and family partnership. Technically, the website is built on the dialogperfect® CMS platform, hosted via GoDaddy's domain services, and incorporates modern web standards including accessibility tools such as DigiAccess. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are absent. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy, safe, and professionally maintained, suitable for its target audience.

I

Institut St. Bonifatius

institut-st-bonifatius.de

44

Institut St. Bonifatius is a small, non-profit religious institute founded in 1949, operating internationally with a focus on spiritual formation, mission projects, and community service primarily in Europe, Africa, and Latin America. The website reflects a well-structured and content-rich platform targeting religious individuals and those interested in mission work and spiritual life. Technically, the site uses common JavaScript libraries such as jQuery and Slick Carousel, hosted on a domain managed via GoDaddy nameservers. The site is mobile optimized and provides a good user experience with clear navigation and consistent branding. Security posture is moderate with HTTPS assumed but lacking explicit security headers and formal security policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility.

A

ArtStation

artstation.com

67

ArtStation is a leading online platform that showcases portfolios for artists in the games, film, media, and entertainment industries. It serves as a community hub and marketplace for creative professionals to display their work and connect with industry opportunities. The website demonstrates a mature digital infrastructure using modern web technologies such as Angular, and integrates social media and third-party SDKs for enhanced user engagement and marketing. While the site is professionally designed and content-rich, it lacks visible privacy and cookie policies, which are critical for compliance and user trust. The absence of WHOIS data reduces domain trustworthiness slightly, though the overall branding and content quality strongly indicate a legitimate and established business. Security posture is moderate with HTTPS usage but missing explicit security headers and incident response information. Strategic recommendations include improving privacy compliance, adding security headers, and providing clear contact and incident response channels to enhance trust and regulatory adherence.

P

Pastoralverbund Lippe | Detmold

pv-lippe-detmold.de

54

Pastoralverbund Lippe | Detmold is a small non-profit religious organization serving the local community in Detmold, Germany. The website provides information about religious services, community groups, spiritual guidance, and social support initiatives. It targets parishioners and local residents interested in Catholic church activities. The organization maintains a consistent and professional online presence with a clear focus on community engagement and spiritual services. Technically, the website is built on TYPO3 CMS with modern frontend libraries and integrates a GDPR-compliant cookie consent mechanism via Cookiebot. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is good with HTTPS enforced and cookie consent properly managed, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the website is trustworthy and compliant with privacy regulations, reflecting a mature digital infrastructure for a small non-profit entity.

E

Evangelischer Kirchenkreis an Lahn und Dill

evangelisch-an-lahn-und-dill.de

49

The Evangelischer Kirchenkreis an Lahn und Dill is a regional church district within the Evangelical Church in the Rhineland, serving the communities of Wetzlar and Braunfels in Germany. The website provides comprehensive information about religious services, community support, counseling, events, and educational resources. It targets church members, affiliates, and the general public interested in the church's activities. The organization operates as a non-profit entity focused on spiritual and social services. Technically, the website is built on WordPress using the Avada theme and several plugins including Yoast SEO and Mailin for newsletter management. It is hosted on rzone.de servers and employs HTTPS for secure communication. The site is moderately optimized for performance and mobile devices, with good SEO practices and structured data implementation enhancing discoverability. From a security perspective, the site uses HTTPS and some security best practices but lacks advanced security headers and a public security or privacy policy. Cookie consent is implemented, indicating some GDPR awareness. No critical vulnerabilities or suspicious content were detected. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, trustworthy, and serves its community well. Recommendations include adding a privacy policy, enhancing security headers, and publishing a vulnerability disclosure policy to improve compliance and security posture further.

E

Evangelisches Dekanat an der Dill

ev-dill.de

67

Evangelisches Dekanat an der Dill operates as a regional church deanery within the Evangelical Church in Hessen and Nassau, providing religious services, community support, and cultural events to its local population in Germany. The website serves as an information hub for events, news, and church-related activities, targeting a general audience including church members and the local community. The organization maintains a clear digital presence with contact information, social media links, and a newsletter subscription service. Technically, the website is built on TYPO3 CMS, leveraging PHP and JavaScript, and integrates Matomo analytics with a GDPR-compliant cookie consent mechanism. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Security posture is solid with HTTPS enforced and session management in place, but lacks advanced security headers and explicit security policies. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration is consistent and appropriate for the organization's profile. Privacy compliance is well addressed through detailed cookie policies and consent management. Overall, the site is professional, trustworthy, and suitable for its non-profit religious mission.

K

Kreissparkasse Göppingen

ksk-gp.de

69

Kreissparkasse Göppingen is a regional bank serving private and corporate customers in the Göppingen district of Germany. The website offers a comprehensive range of financial services including online banking, accounts, loans, investments, insurance, and real estate services. The bank positions itself as a trusted local financial institution with a strong focus on customer service and sustainability. Technically, the website is built on Adobe Experience Manager, uses modern web technologies, and is optimized for mobile and accessibility. Security posture is strong with HTTPS enforced and secure login mechanisms, though some security headers could be improved. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Overall, the site is professional, trustworthy, and well-maintained.

E

Evangelischer Kirchenbezirk Geislingen-Göppingen

kirchenbezirk-geislingen-goeppingen.de

57

The Evangelischer Kirchenbezirk Geislingen-Göppingen website serves as an informational and community portal for one of the largest church districts within the Evangelische Landeskirche in Württemberg, Germany. It provides comprehensive details on worship services, events, pastoral care, church governance, and volunteer opportunities, targeting church members and the local community. The site is well-branded and consistent with official church identity, reflecting a medium-sized non-profit religious organization. Technically, the site is built on TYPO3 CMS with integrations such as Matomo analytics, Google Maps, and YouTube, indicating a modern and functional digital infrastructure. The website demonstrates good mobile optimization, accessibility, and SEO practices. Security-wise, HTTPS is enforced, cookie consent is managed properly, and no critical vulnerabilities are evident, though some security headers could be improved. Privacy compliance is strong with clear GDPR-aligned policies and consent mechanisms. Overall, the site is trustworthy, professional, and safe for general audiences.

D

Diözese Rottenburg-Stuttgart

drs.de

57

The website www.drs.de serves as the official online portal for the Diocese Rottenburg-Stuttgart, a large regional religious organization in Germany. It provides news, event information, church locations, and counseling services to its target audience of approximately 1.6 million Catholics in Württemberg. The site is built on the TYPO3 CMS platform and integrates modern web technologies including jQuery, Matomo analytics, and Cookiebot for consent management. The technical infrastructure is solid, hosted by a reputable TYPO3 hosting provider, and employs HTTPS with good SSL configuration. Security posture is strong with privacy-conscious analytics and cookie consent mechanisms, though explicit security headers and policies could be improved. The site lacks a visible privacy policy and terms of service in the provided HTML, which is a compliance gap. No contact emails or phone numbers were found in the analyzed content, which may affect user support accessibility. Overall, the website is professional, trustworthy, and well-branded, serving its community effectively with good content quality and user experience.

G

Gemeinschaft Immanuel

immanuel-online.de

48

Gemeinschaft Immanuel is a small German Catholic charismatic lay community focused on promoting Christian unity, evangelization, and renewal of church and society. Their website serves as a hub for community information, events, and outreach to various age groups including families, youth, and seniors. The organization operates as a non-profit with a clear mission and active event calendar. Technically, the site is built on WordPress with common plugins such as Events Manager and Slider Revolution, hosted likely by Your-Server.de. The site is mobile optimized and well structured, though some improvements in accessibility and SEO could be made. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks security headers and formal policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional for its community purpose.