Security Directory

V

Verschenkmarkt

verschenkmarkt.info

50

The website 'Verschenkmarkt' is a German-language regional non-profit reuse marketplace platform that facilitates gifting, swapping, sharing, lending, repairing, and second-hand transactions. It targets a general audience interested in sustainability and waste reduction. The platform is actively moderated and provides user notifications for listing approvals or rejections. Technically, it is built on the Osclass CMS with common web technologies such as jQuery, Bootstrap, and FineUploader, and includes a chatbot for user assistance. The site is mobile responsive with good navigation and content quality. Security-wise, HTTPS is enforced and Matomo analytics is used with cookies disabled, but the site lacks security headers and a cookie consent mechanism. WHOIS data is not publicly available, indicating privacy protection, which is reasonable for this non-commercial entity. Overall, the site is trustworthy and functional but could improve security and privacy compliance aspects.

R

rku.it GmbH

rku-it.de

72

rku.it GmbH is a medium-sized German IT service provider specializing in tailored IT solutions for the energy, public transport, and municipal sectors. The company positions itself as a knowledgeable partner combining market expertise with IT competence to deliver digital transformation and managed services. Their website reflects a professional and modern digital presence powered by TYPO3 CMS, featuring comprehensive service descriptions, customer references, and partner networks. Technically, the site uses modern JavaScript libraries and includes bot protection on contact forms. Security posture is solid with HTTPS and CAPTCHA, though security headers and explicit incident response policies are absent. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website and domain data indicate a legitimate, established business with a strong market position and credible digital infrastructure.

L

Landesvermessung und Geobasisinformation Brandenburg

geobasis-bb.de

58

The Landesvermessung und Geobasisinformation Brandenburg (LGB) operates as the official geospatial data and mapping authority for the Brandenburg region in Germany. The website serves as a comprehensive portal offering a wide range of geodata products, including 3D models, aerial imagery, cadastral data, and thematic maps. It targets government agencies, geospatial professionals, and the general public interested in regional geoinformation. The business model is that of a public sector service provider, delivering authoritative geospatial data and digital services to support regional planning and administration. Technically, the website is built on a modern stack utilizing HTML5, CSS3 with the Foundation 5 framework, JavaScript, and jQuery UI. It is powered by the SixCMS content management system and hosted likely by Deutsche Telekom, ensuring reliable infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Privacy is well-managed through a GDPR-compliant cookie consent mechanism and the use of Matomo analytics activated only upon user consent. From a security perspective, the site enforces HTTPS and employs a clear cookie consent opt-in mechanism. While explicit security headers are not visible in the provided data, the overall posture is good with no exposed sensitive data or vulnerabilities detected. However, the site could improve by publishing explicit security policies and incident response information and implementing additional security headers. Overall, the website presents a professional, trustworthy, and privacy-conscious digital presence for a government entity. It effectively balances user experience, compliance, and security, making it a reliable source for geospatial information in Brandenburg.

B

BEST Tausch- und Verschenkmarkt

bottroper-verschenkmarkt.de

45

The website www.bottroper-verschenkmarkt.de operates as a local classified ads platform primarily serving the Bottrop region in Germany. It facilitates community-driven exchange, gifting, and barter of goods, targeting local residents interested in sustainable and cost-free transactions. The platform leverages the Osclass CMS with a frontend built on Bootstrap 5 and jQuery, supplemented by a chatbot for user assistance. The site structure is clear, with categorized listings and user-friendly navigation, supporting a positive user experience for its target audience. From a technical perspective, the website employs modern web technologies and is mobile-optimized, though performance is moderate. The absence of advanced security headers and cookie consent mechanisms indicates room for improvement in security and privacy compliance. The site uses HTTPS, ensuring encrypted communications, but lacks explicit incident response or vulnerability disclosure information. Contact options are limited to a web form, with no direct emails or phone numbers provided. Security posture is adequate but not robust; the site would benefit from implementing security best practices such as security headers and cookie consent to enhance GDPR compliance. No adult or explicit content is present, making the site safe for general audiences. WHOIS data is minimal but does not raise immediate concerns, though the lack of detailed registrant information limits full trust evaluation. Overall, the site is a functional, community-focused marketplace with good content quality and usability but requires enhancements in security and privacy practices to strengthen trust and compliance.

F

Förderverein für regionale Entwicklung e.V.

mobile-ansichten.de

57

The website www.mobile-ansichten.de represents a service initiative by the Förderverein für regionale Entwicklung e.V., focused on providing mobile-optimized web views tailored for smartphones and tablets. The service targets municipalities and organizations seeking to improve mobile user experience and Google search rankings without additional costs or complex app installations. The business model is non-profit oriented, offering free creation and reduced licensing fees for project partners, supported by personalized telephone assistance and continuous updates. Technically, the website employs a custom CMS platform with common JavaScript libraries such as jQuery, jQuery UI, and parallax effects. It integrates cookie consent management and basic analytics cookies, ensuring GDPR compliance. The site is moderately optimized for mobile devices and SEO, with a clear navigation structure and good content quality. Hosting appears to be managed via domaincontrol.com DNS services, typical for small organizations. From a security perspective, the site lacks explicit HTTP security headers and does not provide a public security policy or incident response contacts. The contact form includes CAPTCHA and GDPR consent, but no vulnerability disclosure or security.txt is present. SSL configuration details are not directly visible in the provided data, and no WAF or blocking mechanisms were detected. Overall, the website demonstrates a solid business credibility and privacy compliance posture, with room for improvement in security best practices and transparency. The domain registration data is minimal but consistent with the business claims. No suspicious or malicious indicators were found, and the content is safe for general audiences.

V

Verschenkmarkt Gelsenkirchen

verschenkmarkt-gelsenkirchen.de

43

Verschenkmarkt Gelsenkirchen operates a regional non-profit online marketplace focused on facilitating the free exchange of goods to reduce waste and promote sustainability within the Gelsenkirchen area and surrounding regions. The platform offers users the ability to publish, edit, and delete listings without requiring registration or displaying advertisements, emphasizing community engagement and environmental responsibility. The website is built on the Osclass CMS platform with a technology stack including jQuery, Bootstrap, and FineUploader, providing a functional and moderately performant user experience with good mobile optimization. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data or vulnerable libraries. However, it lacks important security headers and a cookie consent mechanism, which are recommended for enhanced protection and regulatory compliance. The absence of explicit contact emails or phone numbers limits direct communication channels, relying solely on a contact form. No vulnerability disclosure or security policy pages are present, indicating room for improvement in transparency and incident response readiness. Overall, the website presents a trustworthy and professional image consistent with its non-profit mission, supported by clear navigation, relevant content, and GDPR-compliant privacy and terms pages. The lack of advertising and tracking scripts further strengthens its privacy posture. Strategic enhancements in security headers, cookie consent, and contact information would elevate its compliance and security maturity.

CreativWerkstatt Herten is a local educational and creative workshop provider based in Herten, Germany. The organization offers a variety of courses spanning creative arts, environmental education, dance, theater, science, and media, targeting a broad audience including schools and the general public. The website is professionally designed using WordPress and modern web technologies, providing a good user experience with clear navigation and mobile optimization. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and incident response information are absent. Overall, the website and domain registration details are consistent and legitimate, reflecting a trustworthy and credible educational service provider.

The website nastavsitlak.cz is a Czech-language application designed to assist professionals in correctly setting the pressure of driving gas (Biogon®) used in beverage dispensing systems. It is branded under Linde Gas a.s., a well-known industrial gases supplier, indicating a strong business presence in the energy sector. The site provides interactive sliders for input parameters and displays calculated pressure values, targeting business users involved in beverage dispensing operations. Technically, the site uses a modern but basic tech stack including jQuery, Bootstrap, and Google Analytics for tracking. The site is mobile optimized and has basic SEO and accessibility features. Privacy and cookie policies are present and implemented with OneTrust consent mechanisms, reflecting compliance with GDPR requirements. However, no contact information or terms of service pages are provided, limiting direct user engagement and transparency. From a security perspective, the site uses HTTPS and cookie consent but lacks visible security headers and explicit security policies. The absence of WHOIS data for the domain reduces trustworthiness from a domain registration perspective, though the website content and branding strongly suggest legitimate business use. No critical vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is functional and professional for its niche purpose but would benefit from enhanced security headers, clearer contact information, and domain registration transparency to improve trust and compliance posture.

U

UniCredit Factoring Czech Republic and Slovakia, a. s.

unicreditfactoring.cz

72

UniCredit Factoring Czech Republic and Slovakia, a. s. is a financial services company specializing in factoring and financing solutions for businesses primarily in the Czech Republic and Slovakia. The website presents a professional image with clear branding and structured data confirming company identity and contact information. The business targets companies needing receivables financing and supplier financing services. Technically, the site uses modern JavaScript libraries including jQuery and Google reCAPTCHA, and implements a cookie consent mechanism via Cookiebot, indicating awareness of privacy compliance requirements. However, the absence of a visible privacy policy and terms of service pages limits full compliance transparency. Security posture is moderate with HTTPS enforced but lacking explicit security headers. WHOIS data is unavailable, which raises some concerns about domain registration transparency but does not detract significantly from the site's legitimacy given the professional content and branding. Overall, the site is functional, secure, and business-appropriate but could improve in privacy and security documentation.

S

Stadt Castrop-Rauxel

castrop-rauxel.de

61

The website www.castrop-rauxel.de is the official municipal portal for the city of Castrop-Rauxel in Germany. It provides comprehensive information and services for residents, businesses, and visitors, including citizen services, event news, city planning, and digital applications. The site is built on Drupal 10 with modern frontend technologies and includes accessibility and mobile optimization features. The presence of a cookie consent mechanism via Klaro and the use of Matomo analytics with DoNotTrack respected indicate a privacy-conscious approach. However, explicit privacy policy and terms of service pages were not detected in the provided content. Security posture is moderate with HTTPS implied but lacking visible security headers or published security policies. The domain WHOIS data is consistent with a legitimate government entity, and no suspicious patterns were found. Overall, the site is professional, trustworthy, and serves as a key digital interface for the city government.

D

DVGW (Deutscher Verein des Gas- und Wasserfaches e.V.)

dvgw-regelwerk.de

58

The DVGW-Regelwerk Plus website serves as an authoritative platform for technical rules and standards in the gas and water sectors in Germany. Operated by the Deutscher Verein des Gas- und Wasserfaches e.V. (DVGW), a well-established organization founded in 1859, the site provides subscription-based access to regulatory documents and supports professionals in the energy industry. The business model centers on membership and paid access to technical standards, positioning DVGW as a key player in ensuring safety and compliance in the gas and water supply industry. Technically, the website is built on TYPO3 CMS with legacy JavaScript libraries such as jQuery 1.10.2 and Handlebars.js. The site is hosted on INWX nameservers and employs HTTPS with a cookie consent mechanism, reflecting a moderate level of digital maturity. Performance and mobile optimization are adequate but could benefit from modernization, particularly updating JavaScript libraries and enhancing accessibility features. From a security perspective, the site enforces HTTPS and uses cookie consent tools, but lacks explicit security headers and visible incident response policies. The login form uses POST method, and no sensitive data is exposed in the HTML. Analytics are handled via Matomo with moderate user tracking, aligned with privacy compliance. Overall, the security posture is good but could be improved by updating libraries, adding security headers, and publishing security policies. The overall risk assessment is low, with no signs of malicious content or suspicious domain registration. Strategic recommendations include modernizing the tech stack, enhancing security headers, publishing incident response and vulnerability disclosure information, and improving mobile and accessibility features to strengthen trust and compliance.

U

UniCredit Leasing

ucleshop.cz

69

UniCredit Leasing operates an e-commerce platform focused on selling used vehicles from leasing contracts and providing leasing services, primarily targeting individuals and businesses in the Czech Republic. The website is professionally designed with consistent branding and clear navigation, reflecting a mature digital presence aligned with the parent company UniCredit. The technical infrastructure leverages modern JavaScript libraries, Google reCAPTCHA for bot protection, and Cookiebot for consent management, indicating a commitment to user experience and privacy compliance. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response policies are not publicly visible. The absence of WHOIS data limits domain trust verification but the overall site content and branding suggest legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and improving contact information visibility to strengthen trust and compliance.

U

UniCredit Fleet Management

unicreditfleet.cz

74

UniCredit Fleet Management CZ operates as a specialized leasing and fleet management service provider under the UniCredit Group umbrella, targeting business clients in the Czech Republic. The company offers operational leasing, fleet management, and sales of nearly new and used vehicles, positioning itself as a reliable and flexible partner in the fleet management sector. The website content is professionally presented in Czech, with clear navigation and consistent branding aligned with the parent group. Technically, the site uses modern JavaScript libraries such as jQuery and integrates Google reCAPTCHA and Cookiebot for security and privacy compliance. However, the absence of a visible privacy policy and WHOIS registrant data slightly reduces trustworthiness. Security posture is moderate with HTTPS enforced but lacks visible security headers and published incident response information. Overall, the website is functional and business-appropriate but would benefit from enhanced transparency and security best practices.

U

UniCredit Pojišťovací makléřská, spol. s. r. o.

unicreditbroker.cz

73

UniCredit Pojišťovací makléřská, spol. s. r. o. operates as an insurance brokerage service primarily serving the Czech and Slovak markets. The company offers insurance products related to financed items and other insurance services, targeting both individual and corporate clients. The website reflects a professional and consistent brand image aligned with the UniCredit group, indicating a stable market position within the finance sector. The digital presence is supported by modern web technologies and compliance with privacy regulations, including GDPR. Technically, the site uses contemporary JavaScript libraries and cookie consent management tools, ensuring a user-friendly and compliant experience. Security posture is adequate with HTTPS enforcement and use of reCAPTCHA, though there is room for improvement in security headers and explicit security policies. Overall, the website is trustworthy, well-structured, and compliant with relevant privacy standards, though direct contact information is not prominently displayed. The absence of WHOIS data is likely due to privacy protection, which is justified for this business type.

The website www.luxusni-bydleni-praha.com presents a professional online presence focused on luxury real estate sales, design, and development in Prague. It targets affluent buyers and investors interested in premium properties in prime locations. The site is built on Drupal 7 CMS and integrates modern marketing and tracking tools such as Google Tag Manager and Facebook Pixel. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. The site implements cookie consent mechanisms but lacks explicit privacy policy and terms of service pages, indicating partial privacy compliance. Security posture is moderate with HTTPS usage but no visible security headers or advanced protections. Overall, the website is functional and well-designed but would benefit from improved security practices and clearer compliance documentation.

1

Galerie 100 dřevostaveb, které se vám líbí

100drevostaveb.cz

43

The website www.100drevostaveb.cz serves as an interactive catalog showcasing wooden houses favored by Czech users. It allows visitors to view various wooden house projects, vote on them, and engage with the content via social media plugins. The business model revolves around community engagement and providing inspiration for wooden house construction enthusiasts in the Czech Republic. The site targets a general audience interested in architecture and wooden homes. Technically, the site employs a range of JavaScript libraries including jQuery, Facebook SDK, Google Analytics, and advertising scripts from Google Adsense and Gemius. The site is served over HTTPS with no visible SSL issues, but lacks advanced security headers and formal privacy or cookie policies. No WHOIS data is available, which reduces trustworthiness from a domain registration perspective. Overall, the site is functional, moderately optimized for mobile, and provides a good user experience, but would benefit from improved privacy compliance and security transparency.

P

Pro-idea s.r.o.

koloshop.cz

64

Koloshop.cz is a professional e-commerce retailer specializing in bicycles, bicycle components, and related services such as servicing and rentals. The website targets cycling enthusiasts and general consumers primarily in the Czech Republic and neighboring countries, offering a wide range of products including mountain, road, trekking, and children's bikes. The company behind the site is Pro-idea s.r.o., a medium-sized retail entity with a consistent brand presence and a well-structured online platform. Technically, the website employs modern JavaScript frameworks and libraries, integrates Google Tag Manager for analytics, and uses several third-party services for recommendations, chat support, and user verification. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content.

U

UniCredit Leasing

unicreditleasing.cz

73

UniCredit Leasing is a financial services company operating in the Czech Republic, specializing in vehicle and equipment financing through leasing and loans. The website presents a professional image with clear branding consistent with the UniCredit Group, offering services such as operativní leasing, finanční leasing, and insurance brokerage. The target audience includes both individual and corporate clients seeking financing solutions. Technically, the website uses modern JavaScript libraries including jQuery, Modernizr, and Google reCAPTCHA, and implements GDPR-compliant cookie consent via Cookiebot. However, the absence of WHOIS data and registrant information reduces trustworthiness from a domain registration perspective. Security posture is generally good with HTTPS and reCAPTCHA, but lacks explicit security headers and published security policies. Contact information and privacy policy pages are not found in the provided content, which are areas for improvement.

W

World Media Partners, s.r.o.

navstevnik.cz

58

Návštěvník.cz is a regional tourism portal focused on the Chrudimsko-Hlinecko region in the Czech Republic, operated by World Media Partners, s.r.o. The website provides comprehensive event listings, tourist programs, virtual tours, and local service information aimed at tourists and visitors interested in cultural and recreational activities in the region. The site is professionally designed with good navigation and content relevance, supporting a positive user experience. Technically, the site uses a mix of legacy and modern JavaScript libraries including jQuery, Leaflet.js for mapping, and VideoJS for media playback, alongside Matomo analytics for privacy-conscious user tracking. Security posture is adequate with HTTPS enforced, but lacks some recommended security headers and explicit privacy and cookie policies. The WHOIS data is not publicly available, indicating privacy protection, which is reasonable for this type of small regional portal. Overall, the site is legitimate, safe, and serves its target audience well, though improvements in privacy compliance and security best practices are recommended.

P

Panský pivovar Vlachovo Březí s.r.o.

brezikoza.cz

42

Březí Koza is a small craft brewery based in Vlachovo Březí, Czech Republic, reviving a historic brewing tradition with a focus on traditional brewing methods and quality. The website presents the brewery's products, history, and contact information clearly, targeting a mature audience interested in craft beer. The company operates with a clear local identity and maintains active social media channels to engage customers. Technically, the website uses a modern but common technology stack including jQuery, Bootstrap, and Google Analytics, hosted by a Czech registrar WEDOS, ensuring regional consistency. Security posture is moderate with HTTPS implied and reCAPTCHA implemented, but lacks explicit security headers and published security policies. Privacy compliance is partial with a cookie consent banner but no visible privacy or terms of service policies. Overall, the site is professional and trustworthy but could improve compliance and security transparency.

M

MUDr. Marie Ládová

internacb.cz

38

The website represents a small specialized medical clinic in České Budějovice, Czech Republic, focusing on internal medicine and hematology services. It offers patient consultations, blood testing, and online appointment booking. The business is positioned locally with contractual relationships with major Czech health insurance companies, indicating a stable client base and professional service offering. The website content is clear, professionally presented, and targeted at local patients seeking specialized medical care. Technically, the website uses legacy JavaScript libraries such as jQuery 1.8.6 and jQuery UI, with Google Analytics for visitor tracking. The site lacks modern CMS indicators and does not display advanced frameworks or hosting details. Performance and mobile optimization are basic but functional. There is no evidence of advanced accessibility or SEO optimization beyond basic meta tags. From a security perspective, the site lacks visible security headers and privacy or cookie policies, which are critical for GDPR compliance given the use of Google Analytics. The WHOIS data is missing, which reduces domain trustworthiness and raises concerns about domain registration transparency. The email address is obfuscated via JavaScript, indicating some attention to spam protection. No incident response or security policy information is published. Overall, the website is functional and professional but requires improvements in security posture, privacy compliance, and domain registration transparency to enhance trust and regulatory adherence.

DATA JOBS CZ is a Czech Republic based personnel agency specializing in job placement and recruitment services within the Czech Republic and the broader EU region. The company operates a professionally designed website offering job listings, consulting, and CV submission services targeting job seekers and employers. The business is small-sized, founded in 2017, and maintains a consistent brand presence with partner logos and active social media channels. Technically, the website leverages modern web technologies including Bootstrap 4, jQuery, and Google Analytics, hosted by WEDOS, a Czech hosting provider. The site is mobile optimized and SEO friendly, providing a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure; however, the absence of security headers and cookie consent mechanisms indicates room for improvement in compliance and security best practices. No signs of WAF or content blocking were detected, allowing full content accessibility. WHOIS data aligns well with the business profile, supporting legitimacy. Overall, the website scores a solid 78 out of 100, reflecting good content quality, technical implementation, and business credibility, with moderate privacy compliance and security posture.

A

Adelhelm Unternehmensgruppe

adelhelm.de

50

Adelhelm Unternehmensgruppe is a medium-sized German company specializing in functional surface coatings for a wide range of industries worldwide. The company operates multiple subsidiaries and offers a broad portfolio of coating technologies including non-stick, chemical protection, and custom tailored solutions. Their market position is that of an established global supplier with a strong industrial B2B focus. The website is built on the Contao CMS platform and uses modern web technologies such as jQuery and Matomo analytics, hosted on Schlundtech infrastructure. Security posture is solid with HTTPS enforced and anti-spam measures in place, though visible cookie consent and explicit security policies are lacking. Overall, the site is professional, well-structured, and trustworthy, supporting the company’s business credibility effectively.

The website www.minipos.cz represents QUITEC s.r.o., a small technology company focused on providing a simple and effective point of sale software solution named miniPOS. The business targets small and medium-sized enterprises, particularly in the Czech Republic, offering a niche product in the retail and service sectors. The website content is professionally presented with consistent branding and good quality, supporting the company's market positioning as a specialized software provider. Technically, the site is built on WordPress using the Thrive Theme and leverages jQuery libraries and the Yoast SEO plugin, indicating a moderate level of digital maturity. Mobile optimization and SEO practices are adequately implemented, though accessibility features are basic. Security posture is limited based on the available data; no security headers were detected, and SSL configuration details are not provided. The absence of privacy, cookie, and terms of service policies suggests compliance gaps, particularly regarding GDPR. WHOIS data is unavailable, which reduces domain trustworthiness and complicates legitimacy verification. Overall, the site is functional and business-focused but would benefit from enhanced security and compliance measures.

M

MIDOCAR Logistic, s.r.o

dopravomat.cz

49

Dopravomat.cz is a Czech-based platform operated by MIDOCAR Logistic, s.r.o, founded in 2020, specializing in group transportation services. The website enables users to submit transportation requests for groups and receive competitive offers from a network of verified transport providers across the Czech Republic. The business model focuses on transparency, no hidden fees, and payment only after service completion, positioning itself as a trusted intermediary in the transportation sector. The platform targets groups needing various transport sizes, from personal cars to large buses, emphasizing convenience and cost-effectiveness. Technically, the website employs a custom-built infrastructure leveraging modern web technologies including Google Maps API for location autocomplete, jQuery and jQuery UI for UI components, and integrates multiple analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized with good navigation and user experience, though some accessibility features are basic. Performance is moderate with room for optimization. From a security perspective, the site enforces HTTPS and uses secure form inputs but lacks visible security headers and published security policies. There is no cookie consent mechanism, which may impact privacy compliance. No incident response or vulnerability disclosure information is available. The WHOIS data is consistent with the business identity, indicating legitimacy. Overall, the security posture is adequate but could be improved with additional best practices. The overall risk is moderate with no critical vulnerabilities detected. Strategic improvements in privacy compliance, security headers, and transparency around security policies would enhance trust and reduce risk. The platform is well-positioned in its niche with a clear value proposition and solid business credibility.

D

DRONTE s.r.o.

dronte.cz

45

DRONTE s.r.o. operates a specialized boat rental and water sports service primarily in the Czech Republic, focusing on rivers such as Berounka, Hron, Ohře, Otava, Sázava, Lužnice, Vltava, and Malý Dunaj. The company offers rentals of kayaks, rafts, and canoes, organizes water sports events, and provides accredited courses through its water sports school. The business also engages in boat manufacturing and sales, targeting outdoor enthusiasts and tourists interested in water activities. The website reflects a small but established regional player with a clear focus on water recreation and tourism. Technically, the website employs a moderately modern tech stack including jQuery, Nette Framework, and various UI libraries. It integrates multiple third-party analytics and advertising tools such as Google Analytics, Google Tag Manager, Google Ads, and Seznam Retargeting. The site is mobile-optimized with good navigation and content quality, though accessibility features are basic. Performance is moderate, and SEO practices are adequately implemented. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit security policies. Cookie consent is implemented, indicating some privacy compliance. No incident response or vulnerability disclosure information is publicly available. The absence of WHOIS data limits domain trust verification, though the website content and business information appear consistent and legitimate. Overall, the security posture is average with room for improvement in headers, policies, and transparency. The overall risk assessment is moderate. The business appears credible and operational, but the lack of WHOIS transparency and limited security policies suggest caution. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, auditing third-party scripts, and improving accessibility and privacy compliance to strengthen trust and security culture.

M

MUDr. Marie Ládová

osteoambulance.cz

39

The website www.osteoambulance.cz represents a small healthcare provider specializing in osteology and densitometry services located in České Budějovice, Czech Republic. The business is led by MUDr. Marie Ládová and offers medical consultations and diagnostic services with an online appointment booking feature. The site content is professional and targeted at local patients seeking specialized bone health care. Technically, the site uses legacy JavaScript libraries such as jQuery 1.8.6 and jQuery UI, with Google Analytics integrated for visitor tracking. The site is accessible over HTTPS but lacks modern security headers and privacy disclosures, which are important for compliance and trust. No WHOIS data was retrievable, which limits domain legitimacy verification but does not necessarily indicate malicious intent given the professional nature of the site content. Overall, the site is functional and informative but would benefit from technical and compliance improvements.

D

Dřevo UM s.r.o.

drevoum.cz

39

Dřevo UM s.r.o. is a traditional Czech manufacturer specializing in wooden doors, euro-windows, staircases, and solid wood furniture. With over 25 years of experience, the company operates two workshops in České Budějovice and Heřmaň, serving both local and national markets. Their product range includes entrance and interior doors, wooden gates, windows, staircases, and custom furniture, complemented by services such as tool sharpening, wood drying, and impregnation. The company targets carpenters, construction firms, and end customers seeking quality wooden products. Technically, the website employs common JavaScript libraries like jQuery and Google Analytics for tracking, but lacks modern CMS or advanced frameworks. The site is moderately optimized for mobile and SEO, with a professional design and clear navigation. Security posture is average, with no visible security headers and unknown SSL status, and no privacy or cookie policies are published, indicating compliance gaps. WHOIS data confirms domain legitimacy and consistency with the business history. Overall, the website is functional and professional but would benefit from enhanced security and privacy compliance measures.

E

Elifin s.r.o.

elifin.cz

39

Elifin s.r.o. is a Czech Republic based small professional services firm specializing in comprehensive consulting services including legal, tax, accounting, and financial controlling. Established in 2006, the company offers a broad range of services such as mergers and acquisitions advisory, crisis management, corporate consulting, asset management, and company liquidation. The firm maintains partnerships with recognized organizations like KODAP and the international ETL group, enhancing its market credibility and reach. Technically, the website employs a custom or legacy CMS with JavaScript libraries such as jQuery and carouFredSel for UI components. Google Tag Manager and Google Analytics are used for tracking, although no explicit cookie consent mechanism or privacy policies are present. The site is moderately optimized for mobile and SEO, with a consistent and professional design. From a security perspective, the site uses HTTPS URLs but lacks visible security headers and published security policies. No vulnerability disclosure or incident response information is provided, which could be improved to enhance trust and compliance. The contact information is clearly presented, supporting business credibility. Overall, the website is safe, professional, and well-aligned with its business purpose. However, it would benefit from enhanced privacy compliance, security best practices, and transparency regarding data protection and incident handling.

V

Vlasový ateliér BONA FIDE

bona-fide.cz

29

Vlasový ateliér BONA FIDE is a small, local hairdressing and beauty service provider based in České Budějovice, Czech Republic. The website serves primarily as an informational platform showcasing the business, its services such as hairdressing and permanent make-up, and contact details. The business appears to have an established local presence since 2010, supported by consistent domain registration data and social media presence on Facebook and Foursquare. Technically, the website uses common JavaScript libraries including jQuery and Google Analytics for visitor tracking, but lacks modern security implementations such as HTTPS and security headers. Privacy and cookie policies are absent, indicating compliance gaps with GDPR and related regulations. The site design and content quality are basic, with limited mobile optimization and accessibility features.

The website www.venkov21stoleti.cz/venkov21/ serves as a regional tourism information portal for three local action groups in the Czech Republic: MAS Pošumaví, MAS Železnohorský region, and MAS Region Kunětické hory. It provides visitors with information about these regions, targeting tourists, families, and cyclists interested in exploring these areas. The site is professionally designed with clear navigation and multilingual support, enhancing user experience. Technically, it employs common JavaScript libraries such as jQuery, Flexslider, and Fancybox, and integrates Google Analytics for visitor tracking. However, the site lacks explicit privacy and cookie policies, which is a notable compliance gap. Security-wise, HTTPS usage is implied but not fully confirmed, and no advanced security headers are detected, indicating room for improvement in security posture. Overall, the website is functional and credible but would benefit from enhanced privacy compliance and security hardening.

Š

Šumavaprodukt s.r.o.

regionalnispeciality.cz

42

Šumavaprodukt s.r.o. operates an e-commerce platform specializing in regional specialty food products from the Šumava region and surrounding areas in the Czech Republic. The website offers a variety of local products including meats, dairy, bakery items, beverages, and other traditional foods, targeting consumers interested in authentic regional specialties. The business model focuses on online retail with a curated selection of local producers and suppliers, positioning itself as a niche regional food retailer. Technically, the website is built on the PrestaShop CMS platform, utilizing common web technologies such as jQuery, Google Analytics, and Facebook Pixel for analytics and marketing. The site is mobile-optimized with good navigation and SEO practices, although some accessibility features could be improved. Performance is moderate, and the site uses HTTPS to secure communications. From a security perspective, the site implements basic best practices including HTTPS and cookie consent mechanisms compliant with GDPR. However, no advanced security headers were detected, and there is no visible security policy or incident response contact information. The absence of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness, although the website content and business information appear professional and consistent. Overall, the website presents a trustworthy and functional e-commerce platform for regional specialty foods but would benefit from enhanced security measures, clearer contact information, and domain registration transparency to improve trust and compliance.

M

Městské kulturní středisko Klatovy

klatovskyzpravodaj.cz

59

The website www.klatovskyzpravodaj.cz serves as a local cultural news and event calendar platform for the city of Klatovy, Czech Republic. Operated by Městské kulturní středisko Klatovy, it provides residents and visitors with timely information about cultural events, cinema screenings, and community news. The site targets a general audience interested in local culture and entertainment. The business model focuses on community engagement and information dissemination rather than commercial transactions. Technically, the website employs a traditional web stack with jQuery 2.1.4, jQuery UI, Masonry layout, and other JavaScript libraries. It integrates Google Analytics for visitor tracking and implements a cookie consent banner, indicating some level of privacy compliance. The site appears moderately optimized for mobile devices and SEO, with a clear navigation structure and relevant meta tags. From a security perspective, the site lacks visible security headers and uses an outdated jQuery version, which could pose vulnerabilities. The absence of WHOIS data reduces domain trustworthiness, although the website content and contact information suggest a legitimate local cultural institution. No forms collecting personal data were detected on the homepage, and no explicit security or incident response policies are published. Overall, the website is functional and serves its community purpose well but would benefit from enhanced security measures, updated technology, and improved transparency regarding domain registration and security policies.

M

Město Klatovy

vetrovna.cz

46

The website www.vetrovna.cz represents a municipal real estate development project by the city of Klatovy, Czech Republic. It aims to attract investors and architects to collaborate on an innovative and sustainable residential complex called Větrovna. The site provides detailed project information, schedules, contact details, and downloadable documentation to support stakeholder engagement. The project is positioned as a significant urban development initiative within the region, leveraging the city's historical and natural assets. Technically, the website employs common web technologies including jQuery, Flexslider, and Fancybox, with Google Fonts and Font Awesome for styling. It integrates tracking tools such as Google Analytics and Facebook SDK, indicating moderate digital maturity. The site is responsive and offers a good user experience, though some accessibility and SEO optimizations could be improved. From a security perspective, HTTPS usage is implied but not explicitly confirmed in the data. No security headers were detected, and no privacy or cookie policies are present, which are compliance gaps especially under GDPR. The WHOIS data is unavailable, limiting domain legitimacy verification, but the presence of official contact information and city branding supports trustworthiness. Overall, the website is a professional municipal project portal with good content quality and business credibility but requires enhancements in privacy compliance and security best practices to strengthen its risk posture.

G

G-Notes / Tiskárna GRASPO

gnotes.cz

55

G-Notes, operated by Tiskárna GRASPO, is a Czech-based manufacturer and retailer specializing in diaries, notebooks, and calendars with a strong emphasis on eco-friendly materials and custom printing services. The company targets both corporate clients and individual consumers, offering bespoke branding options and a wide product range accessible via their e-commerce platform. Their market position is that of a niche, quality-focused stationery provider with a commitment to sustainability. Technically, the website is built on the Shoptet e-commerce platform, utilizing common web technologies such as jQuery, Bootstrap, and Google Analytics, ensuring a modern and responsive user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is well addressed with clear policies and GDPR adherence. Overall, the site presents a professional and trustworthy front, though the lack of WHOIS transparency slightly reduces domain trust. Strategic recommendations include enhancing security headers, updating legacy libraries, and publishing explicit security policies to further strengthen trust and compliance.

Pošumavská odpadová, s.r.o. is a regional waste management company operating primarily in the Czech Republic, serving over 48 municipalities and more than 53,000 residents. The company provides comprehensive waste services including mixed municipal waste, sorted waste, hazardous waste, bulk waste, and bio waste management. They operate multiple collection yards across several towns including Klatovy, Sušice, Kašperské Hory, and Kolinec. The website reflects a regional service provider with a focus on public and municipal waste management needs. Technically, the website uses legacy HTML with windows-1250 charset and includes common JavaScript libraries such as jQuery and Google Analytics for tracking. The site lacks modern CMS indicators and advanced frameworks, suggesting a basic but functional technical infrastructure. Performance and mobile optimization are moderate to basic, with room for improvement in accessibility and SEO. From a security perspective, the site uses HTTPS and includes Google site verification, but lacks visible security headers and privacy or cookie policies, indicating gaps in compliance and security best practices. No WHOIS data is available, which reduces transparency and trustworthiness. The site does not appear to be blocked or protected by a WAF, and no forms collecting sensitive data are present. Overall, the website is functional and provides relevant business information but requires improvements in privacy compliance, security posture, and technical modernization to enhance trust and user experience.

European Business School SE is an established educational institution based in Prague, Czech Republic, specializing in business and law management programs such as MBA, LL.M., DBA, BBA, MSc., and MPA. With over 15 years of tradition and more than 1000 graduates, the school holds accreditation from EADL and offers both on-site and online study options. The website reflects a professional and consistent brand image targeting prospective students seeking advanced management education. Technically, the site employs a modern tech stack including jQuery, Bootstrap, and various tracking and analytics tools, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and reCAPTCHA integration, though some security headers are missing and no explicit incident response or security policy pages were found. The absence of WHOIS data reduces transparency and trust slightly but does not detract significantly from the overall legitimacy. The site uses multiple marketing and retargeting tools with GDPR compliance evident through privacy and cookie policies. Overall, the website is professional, trustworthy, and well-positioned in the education sector.

H

HPI-CZ spol. s r.o.

hpishop.sk

60

HPIshop.sk is an established e-commerce platform specializing in the distribution and sale of building accessories, particularly roofing materials, insulation systems, and related construction products. The company operates primarily in Slovakia and the Czech Republic, leveraging its parent company HPI-CZ spol. s r.o., which has been active since 1995. The website presents a professional and comprehensive catalog of products targeting construction professionals and retail customers. Technically, the site is built on the PrestaShop platform, utilizing modern web technologies including jQuery UI and Google Tag Manager for analytics and marketing. Security measures include HTTPS enforcement, cookie consent with GDPR compliance, and Google reCAPTCHA integration for form protection. However, security headers could be enhanced for improved protection. Overall, the site is well-maintained, trustworthy, and compliant with relevant privacy regulations.

K

KONZULTA Brno, a.s.

infokanal.cz

59

InfoKanál is a Czech Republic-based communication platform designed to provide municipalities and citizens with targeted and current information. The platform targets local governments, mayors, and citizens, offering a comprehensive communication channel that integrates modern communication methods. The website reflects a professional presence with clear branding and contact information, including mobile app availability on official app stores, indicating a focus on accessibility and user engagement. Technically, the website employs common frontend technologies such as jQuery, Bootstrap, Modernizr, and jQuery UI, supporting responsive design and moderate performance. While the site uses HTTPS, no explicit security headers were detected in the provided data, and no advanced security policies or incident response information are publicly available. The site respects user privacy by avoiding tracking cookies and providing a clear cookie consent mechanism. From a security perspective, the absence of WHOIS data raises concerns about domain registration legitimacy, although the website itself appears trustworthy and professionally maintained. No vulnerabilities or security issues were identified in the content or scripts. Privacy compliance is well addressed with a privacy policy and cookie consent banner. Overall, the site demonstrates a moderate security posture but would benefit from enhanced security headers and transparency around incident response. The overall risk assessment is moderate with recommendations to verify domain registration status, implement security headers, and publish security policies to improve trust and compliance.

M

Městské muzeum Horažďovice

muzeumhd.cz

60

Městské muzeum Horažďovice is a municipal cultural institution providing exhibitions, events, and visitor services focused on the local history and culture of Horažďovice, Czech Republic. The website serves as an information portal for visitors, featuring event calendars, exhibition details, and contact information. The museum is affiliated with the local municipality, enhancing its credibility and community role. Technically, the website uses a traditional tech stack including jQuery, jQuery UI, and Unite Gallery, with Google Tag Manager for analytics and marketing. The site is mobile optimized and offers a cookie consent mechanism, indicating some level of privacy compliance. Security posture is moderate with no visible critical vulnerabilities but lacks advanced security headers and explicit security policies. WHOIS data is missing, which reduces domain trustworthiness from a registration perspective but does not necessarily indicate malicious intent given the municipal nature of the site. Overall, the website is functional, informative, and trustworthy for its intended audience.

T

Town of Písek

pisek.eu

46

The website www.pisek.eu serves as the official tourism portal for the Town of Písek, Czech Republic. It provides comprehensive information about the town's historical landmarks, cultural heritage, natural surroundings, and tourist services. The site targets tourists and visitors seeking cultural and outdoor experiences, including families. The business model is government-supported tourism promotion, positioning the site as a trusted regional resource. Technically, the site uses modern web technologies including Bootstrap 5 and jQuery, with a responsive design and cookie consent mechanisms in place. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and privacy policies are lacking. Overall, the site is professional, trustworthy, and well-structured, but could improve compliance and security transparency.

O

Otava.fun z. s.

otava.fun

43

Otava.fun is a regional tourism portal operated as a joint project by the towns of Sušice, Horažďovice, Strakonice, and Písek in the Czech Republic. The website provides comprehensive information about tourist destinations, cultural sites, cycling and water routes, and local events around the Otava river region. It targets tourists and outdoor enthusiasts seeking to explore this area. The business model is non-profit and supported by local municipalities and regional partners. Technically, the website uses a custom CMS with a modern frontend stack including Bootstrap 5, jQuery, Select2, and Fancybox. The site is mobile-optimized and includes a cookie consent mechanism compliant with GDPR principles. However, it uses an outdated jQuery version which could pose security risks. SEO and accessibility are basic but functional. From a security perspective, the site enforces HTTPS and implements cookie consent with granular categories. No critical vulnerabilities or exposed sensitive data were detected. Security headers are not explicitly confirmed and could be improved. The WHOIS data is consistent and transparent, supporting the legitimacy of the site. Overall, Otava.fun presents a trustworthy and professional regional tourism portal with good content quality and technical implementation. Improvements are recommended in privacy policy availability, security headers, and updating legacy libraries to enhance security and compliance.

N

N/A

videacesky.cz

48

Videacesky.cz is a Czech media platform specializing in curating and presenting YouTube videos with Czech subtitles, including talk shows, web series, documentaries, and educational content. The site targets Czech-speaking audiences interested in accessible video content with subtitles. Founded in 2010, it operates as a niche content aggregator monetized primarily through advertising. Technically, the website employs a traditional web stack with jQuery, Bootstrap, and integrates multiple advertising and analytics services such as Google AdSense, Facebook Pixel, and Gemius Analytics. The site is mobile-optimized and uses HTTPS, but relies on an outdated jQuery version and lacks visible security headers, indicating areas for improvement in security posture. Privacy and cookie policies are present and GDPR compliant, but no explicit security or incident response policies are publicly available. Overall, the website is functional, professionally designed, and trustworthy, but could enhance security and compliance transparency.

R

Rosteme s knihou

rostemesknihou.cz

54

Rosteme s knihou is a Czech non-profit campaign dedicated to promoting reading and literacy among children and youth. The website serves as a hub for campaign projects, events, book recommendations, and educational resources. It targets parents, educators, and children, aiming to foster a culture of reading through various initiatives and partnerships with cultural and governmental organizations. Technically, the website is built on WordPress 6.8.1, utilizing several plugins for event management, responsive menus, and GDPR compliance. It employs modern JavaScript libraries such as jQuery and integrates Google Tag Manager for analytics. The site is mobile-optimized and accessible, with a moderate performance profile. From a security perspective, the site enforces HTTPS and uses a GDPR-compliant cookie consent mechanism. However, there is a lack of visible security headers and no WHOIS data available, which slightly reduces trustworthiness. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website presents a professional and trustworthy front for the campaign, with good privacy compliance and a clear focus on educational content. The absence of WHOIS data is a concern but does not outweigh the positive indicators from the site's content and partnerships.

S

Svět knihy, s.r.o.

rostik.cz

45

Rostik.cz is an educational and cultural platform dedicated to promoting reading among children, youth, and adults in the Czech Republic. It operates as part of the 'Rosteme s knihou' campaign and offers book recommendations, author information, and a community for readers. The website is managed by Svět knihy, s.r.o., a recognized entity in the Czech book industry. The platform leverages modern web technologies including jQuery, Bootstrap, and Facebook SDK for social login and engagement. The site is well-structured, mobile-optimized, and provides a positive user experience with clear navigation and relevant content. Privacy and cookie policies are present and indicate GDPR compliance, although explicit contact information is not prominently displayed. The absence of WHOIS data limits transparency regarding domain registration details, but the presence of official partner logos and consistent branding supports legitimacy. Security posture is good with HTTPS enforced and secure login forms, though additional security headers and a vulnerability disclosure policy would enhance trust. Overall, Rostik.cz is a credible and well-maintained platform serving its educational mission effectively.

M

Město Horažďovice

mesto-horazdovice.cz

58

Město Horažďovice operates an official municipal website providing comprehensive information about the city, local government services, cultural events, tourism, and social services. The site targets local citizens, tourists, and businesses, serving as a central information hub for the community. The business model is typical for a government entity, focusing on public service and community engagement. The website demonstrates consistent branding and good content quality, with clear navigation and multilingual support via Google Translate.

B

Benoma s.r.o.

benoma.cz

52

Benoma s.r.o. is a small Czech retail company specializing in the sale and installation of flooring and interior doors, operating since 1996 primarily in the Hradec Králové region. The website presents a professional and content-rich platform showcasing their product range including vinyl, laminate, wooden floors, carpets, PVC, and doors. The business emphasizes quality service, free consultation, and local presence. Technically, the website uses a variety of older JavaScript libraries and plugins, with moderate performance and basic mobile optimization. Security posture is average with no visible security headers and outdated libraries, though HTTPS presence is assumed but not confirmed. Privacy and cookie policies are absent, reducing compliance maturity. WHOIS data is missing, which impacts domain trustworthiness despite the professional appearance and clear business information. Overall, the site is functional and informative but would benefit from improved security and privacy practices.

O

Obec Podmokly

podmokly.cz

54

Obec Podmokly is a small municipal government entity serving the village of Podmokly in the Šumava foothills near Sušice, Czech Republic. The website functions as an official portal providing local administrative information, public notices, historical and tourist information, and community services. It targets local citizens and visitors, offering clear contact channels and municipal resources. The site integrates social media and complies with cookie consent regulations, reflecting a moderate level of digital maturity. Technically, the website uses common web technologies including jQuery, Flexslider, Font Awesome, and Google Fonts. It employs Google Analytics and Facebook SDK for tracking and marketing purposes, with a cookie consent mechanism in place. The site is moderately optimized for mobile and accessibility, with a clear navigation structure and professional design. From a security perspective, HTTPS is used, but no explicit security headers were detected in the provided data. The contact form includes basic validation, and no vulnerabilities or exposed sensitive data were found. However, the absence of WHOIS data and lack of explicit privacy and security policies represent gaps in transparency and compliance. Overall, the website is trustworthy and professional for its municipal purpose but would benefit from enhanced security practices, explicit privacy documentation, and domain registration transparency to improve its risk profile and compliance posture.

O

Obec Čímice

cimice.eu

53

Obec Čímice operates an official municipal website serving a small community in the Czech Republic, providing local government information, public notices, and tourist information. The site targets local citizens and visitors, offering essential services such as contact forms and community updates. The business model is typical for a local government entity, focusing on transparency and public service. Technically, the website uses standard web technologies including jQuery, Flexslider, and Font Awesome, with a cookie consent mechanism implemented via CookieScript. While the site is functional and well-structured with good navigation and mobile optimization, it lacks a publicly accessible privacy policy and security headers, which are important for compliance and security posture. The WHOIS data is unavailable due to EURid privacy protection, common for small organizations, but the website content and contact details support legitimacy. Overall, the site is trustworthy but could improve security and compliance documentation.

Obec Běhařov operates as a local government entity serving the municipality of Běhařov and its neighboring village Úborsko in the Czech Republic. The website provides residents and visitors with essential municipal information, news updates, public notices, and contact channels. The site is positioned as a trusted source for local governance and community engagement, reflecting a small-sized government entity with historical roots dating back to 1352. Technically, the website employs standard web technologies including jQuery, Flexslider, and Font Awesome, with Google Analytics integrated for visitor tracking. The site includes a GDPR-compliant cookie consent mechanism, demonstrating awareness of privacy regulations. However, the absence of visible security headers and unknown SSL configuration suggest areas for improvement in security hardening. From a security perspective, the site shows good privacy compliance and no immediate vulnerabilities or suspicious content. The lack of WHOIS data limits domain age and registrant verification, but the consistent branding and official contact details support legitimacy. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website is a functional, professional municipal portal with moderate technical sophistication and good privacy practices. Strategic enhancements in security headers, SSL enforcement, and publication of security policies would strengthen its security posture and trustworthiness.