Security Directory

Dethleffs.co.uk is the UK portal for Dethleffs, a well-established manufacturer of leisure vehicles including motorhomes and camper vans with over 90 years of heritage. The website targets families and travel enthusiasts, offering detailed product information, dealer search, and vehicle configurator tools. Technically, the site uses modern web technologies including Pimcore CMS and UIkit framework, with good mobile optimization and moderate performance. Security posture is strong with HTTPS and DNSSEC enabled, though explicit security headers and privacy policies are missing. Analytics is implemented via Google Tag Manager, but privacy compliance needs improvement. Overall, the site is professional and trustworthy, reflecting the brand's market position.

D

Dethleffs

dethleffs.fr

68

Dethleffs is a well-established European company specializing in caravaning products including camping-cars, campervans, and urban campers, targeting families and travel enthusiasts. The website reflects a professional and consistent brand presence with multi-language support and a comprehensive cookie consent mechanism, indicating a mature digital presence. Technically, the site uses modern technologies such as Pimcore CMS, Matomo analytics, Google Tag Manager, and Cookiebot for privacy compliance, demonstrating a good level of digital maturity. Security posture is strong with HTTPS enforced and privacy-respecting analytics, though some security headers and explicit security policies are not detected. Overall, the website is trustworthy and professionally maintained, with no signs of blocking or WAF interference.

D

Dethleffs

dethleffs.at

66

Dethleffs is a well-established European company specializing in caravaning products including motorhomes, campervans, and urban campers, targeting families and outdoor enthusiasts. The website reflects a professional brand presence with consistent branding and a focus on user experience. The technical infrastructure leverages modern technologies such as Pimcore CMS, Google Tag Manager, Matomo analytics, and Cookiebot for privacy compliance, indicating a mature digital setup. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers are not detected and no public security or incident response policies are found. The absence of WHOIS data due to privacy protection is common and does not detract significantly from legitimacy. Overall, the website is trustworthy, compliant with GDPR, and provides a good user experience.

P

Pražský fotbalový svaz

fotbalpraha.cz

48

Pražský fotbalový svaz operates as a regional football association dedicated to organizing, promoting, and reporting on football activities in Prague. The website serves as a comprehensive portal for football news, match schedules, competitions, player and club profiles, and community projects. It targets a broad audience including players, coaches, referees, officials, parents, and fans within the Prague football ecosystem. The business model is non-profit and community-focused, emphasizing information dissemination and event coordination. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and popular libraries such as jQuery and Slick Carousel. It integrates Google Analytics for visitor tracking and Facebook SDK for social media engagement. The site is mobile-optimized with responsive design and includes SEO best practices such as meta tags and Open Graph data. Cookie consent mechanisms are implemented to comply with privacy regulations. From a security perspective, the site enforces HTTPS and provides cookie consent with granular user controls. However, it lacks explicit security headers and a published security policy or vulnerability disclosure program. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain registration trust assessment, but the website's content and partner affiliations suggest legitimacy. Overall, the website presents a professional and trustworthy digital presence for the Prague football community. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance trust and compliance.

L'Echo is a well-established Belgian francophone media organization specializing in economic, political, financial, and cultural news. Founded in 1881 and operating under the parent company Mediafin, it holds a leading position in the Belgian media landscape. The website offers a broad range of services including real-time news, market data, podcasts, and subscription-based content, targeting a general audience interested in business and finance. The presence of subsidiaries like Mon Argent and Sabato further diversifies its media offerings. Technically, the website employs modern web technologies such as React, Google Tag Manager, and Adobe Experience Manager CMS, ensuring a responsive and accessible user experience. The site integrates advanced consent management via Didomi and uses multiple advertising and analytics platforms, reflecting a mature digital infrastructure. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS and uses monitoring tools like Dynatrace. Consent management and privacy policies are comprehensive and GDPR compliant. However, explicit security headers and incident response information are not publicly detailed, suggesting room for improvement in transparency and security posture. Overall, L'Echo presents a trustworthy and professional online presence with strong business credibility and compliance. Strategic recommendations include enhancing security header implementation, publishing a security policy, and establishing a vulnerability disclosure program to further strengthen its security maturity.

O

OK REAL ESTATE s.r.o.

okrealestate.cz

48

OK REAL ESTATE s.r.o. is a Czech Republic based real estate agency offering a comprehensive range of services including property sales, rentals, financial services, insurance, and virtual tours. The company is part of the larger OK HOLDING group, which enhances its market position and service capabilities. The website is professionally designed with clear navigation, multiple client engagement forms, and GDPR-compliant privacy and cookie policies. Technically, the site uses modern web technologies including Google Analytics and Seznam Map API, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and form validations, though some security headers could be improved. The absence of WHOIS data is a concern for domain legitimacy verification but does not detract from the professional presentation and trust signals on the site. Overall, the site is a reliable digital presence for a medium-sized real estate business in the Czech market.

O

OK GRANT s.r.o.

okgrant.cz

9

OK GRANT s.r.o. is a Czech-based consulting company specializing in grant advisory services for businesses. Positioned as a member of the OK HOLDING group, it targets companies seeking professional assistance with grants and funding opportunities. The website reflects a small-sized, professional business with clear contact information and a consistent brand presence. The business model focuses on consulting services within the financial support sector for enterprises. Technically, the website is built on simploCMS and employs modern web technologies including Google Tag Manager and Google Analytics for tracking. The site is mobile-optimized with good SEO practices and moderate performance. However, some accessibility features could be improved. The website uses HTTPS, ensuring secure communication. From a security perspective, the site demonstrates a good baseline with HTTPS and no visible vulnerabilities or exposed sensitive data. However, it lacks published privacy and terms of service policies, which are important for GDPR compliance and user trust. The absence of WHOIS data reduces domain trustworthiness, though the site content and contact details appear legitimate. Overall, the website presents a professional and trustworthy business front with room for improvement in privacy compliance and security transparency. Strategic recommendations include publishing privacy and terms policies, enhancing security headers, and improving accessibility to strengthen compliance and user trust.

O

OK BROKERS s.r.o.

okbrokers.cz

10

OK BROKERS s.r.o. operates as a partnership network for independent insurance intermediaries in the Czech Republic, providing a range of services including software tools, legislative support, and benefits to its partners. The company is part of the larger OK HOLDING group, which strengthens its market position and credibility. The website is professionally designed, targeting insurance brokers and partners with clear navigation and relevant content in Czech language. Technically, the website uses modern technologies such as simploCMS, Google Tag Manager, and Google Analytics, ensuring a moderate to good performance and mobile optimization. However, some technical improvements are recommended, including the implementation of security headers and changing login forms to use POST methods to enhance security. From a security perspective, the site enforces HTTPS and uses secure login portals, but lacks explicit security policies and incident response information. No critical vulnerabilities were detected, but improvements in security headers and form handling would strengthen the security posture. Privacy compliance is partially addressed with a privacy policy and cookie consent mechanism, but terms of service and vulnerability disclosure are missing. Overall, the website presents a trustworthy and professional image with a solid business foundation. Strategic recommendations include enhancing security headers, improving form security, adding comprehensive security and incident response policies, and maintaining transparency in privacy and terms of service to improve compliance and user trust.

B

Brightwall

brightwall.be

58

Brightwall is a Belgium-based digital performance agency specializing in SEO, paid advertising, web development, and data-driven web analytics. Founded in 2017, the company targets businesses seeking to improve their online presence and sales through professional web services. The website reflects a modern, professional design with clear navigation and comprehensive service offerings. Technically, the site uses a modern JavaScript framework (Nuxt.js), integrates multiple marketing and analytics tools, and is hosted by OVH, a reputable provider. Security posture is adequate with HTTPS enforced, but lacks explicit security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but should improve privacy and security transparency.

The domain aneventapart.com is currently a parked domain managed by GoDaddy.com, LLC, a major domain registrar and parking service provider. The website content is minimal, serving primarily as a placeholder with an option to purchase the domain. The site includes GoDaddy branding and a Trustpilot widget to provide some trust signals but lacks any active business content or services. The target audience is domain buyers or investors interested in acquiring the domain. Technically, the site uses a basic JavaScript framework likely React-based for rendering the parking page, with external scripts from Google Adsense, Trustpilot, and Truste for advertising and consent management. The hosting and domain registration are consistent with GoDaddy's infrastructure. The site is mobile optimized and loads quickly but lacks SEO and accessibility features. From a security perspective, the site does not present advanced security headers or HTTPS confirmation in the provided data. DNSSEC is not enabled, which is a recommended improvement. No forms or user input fields are present, reducing attack surface but also limiting user engagement. Privacy compliance is limited to GoDaddy's general privacy policy and cookie consent mechanisms. No incident response or security policies are disclosed. Overall, the site poses low risk but also offers limited business value or user engagement. Strategic recommendations include enabling DNSSEC, improving security headers, confirming HTTPS usage, and providing clearer business or contact information if the domain is to be developed further.

A

Avenue Restaurace

avenuejihlava.cz

65

Avenue Restaurace is a newly established hospitality business located in Jihlava, Czech Republic, offering international cuisine with a focus on fresh ingredients and a unique dining experience in a two-story glass space. The restaurant caters to a broad audience including local residents, tourists, and event organizers, providing services such as dine-in, catering, private event hosting, takeaway, and wedding receptions. The business leverages a modern digital presence with multilingual support and integrated reservation systems to enhance customer engagement. Technically, the website is built on the Dish.co platform, utilizing modern web technologies including HTML5, CSS3, JavaScript, Google Tag Manager, and Adobe Dynamic Tag Management for analytics and marketing. The site is mobile-optimized with good SEO practices and accessibility features, although some improvements in security headers and performance optimization could be made. From a security perspective, the website employs HTTPS and cookie consent mechanisms, with no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response information are absent, suggesting room for improvement in formal security governance. The WHOIS data aligns well with the business claims, indicating a legitimate and consistent registration. Overall, Avenue Restaurace presents a professional and trustworthy online presence suitable for its hospitality market segment. Strategic enhancements in security policy transparency and technical hardening would further strengthen its risk posture and customer trust.

G

Glanbia Nutritionals

glanbianutritionals.com

68

Glanbia Nutritionals is a science-led, quality-focused provider of innovative nutritional ingredient solutions serving global food, beverage, and supplement brands. The company positions itself as a leading manufacturer with a broad portfolio including proteins, bioactive ingredients, micronutrients, and premix solutions. Their website reflects a mature digital presence built on Drupal 10, featuring rich content, structured data, and a professional design that targets B2B customers. The technical infrastructure includes modern analytics and consent management tools, supporting GDPR compliance. Security posture is solid with HTTPS and cookie consent, though explicit security headers and policies are absent. WHOIS data is missing, which slightly impacts trust but the overall business credibility remains high based on website content and branding.

DBtune is a technology company specializing in AI-powered automated tuning of PostgreSQL databases. Their platform dynamically optimizes database server parameters to improve performance, reduce costs, and increase productivity for a wide range of workloads and machine sizes. The company targets enterprises and database professionals seeking to enhance PostgreSQL efficiency without manual tuning effort. Their market position is supported by reputable clients and positive testimonials, positioning DBtune as a leading innovator in database performance optimization. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Google Cloud infrastructure with DNS managed by Google Domains. The site employs advanced analytics tools including Microsoft Clarity, HubSpot, and Google Analytics, indicating a mature digital marketing and user tracking strategy. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a high level of technical maturity. From a security perspective, the site enforces HTTPS with domain status locks to prevent unauthorized domain transfers or deletions. However, DNSSEC is not enabled, which is a recommended improvement. No explicit security policies or incident response information are published, and no vulnerability disclosure program or security.txt file is found. Overall, the security posture is solid but could be enhanced with additional transparency and DNS security. The overall risk assessment is low, with no signs of malicious activity or content safety concerns. The domain registration is consistent with the business profile, showing a stable and legitimate presence since 2018. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and establishing a vulnerability disclosure program to further strengthen trust and compliance.

C

ServiceNow Development Consultant | ServiceNow Platform Solutions

casknx.com

69

The website casknx.com appears to be a business-oriented site utilizing HubSpot CMS and marketing tools. The domain is registered since 2018 with GoDaddy.com, LLC and has standard domain protection statuses enabled, indicating a legitimate and stable registration. The site employs multiple external scripts for analytics and marketing, including HubSpot Analytics, Facebook Pixel, and Microsoft Clarity, reflecting a moderate level of digital maturity. However, the website content is minimal and lacks explicit business descriptions, contact information, or detailed policies, which limits the overall user experience and trustworthiness. Security posture is moderate with HTTPS implied but no visible security headers or published security policies. Privacy compliance is basic with a cookie consent banner but no privacy or terms of service pages detected. Overall, the site is accessible without WAF or blocking mechanisms, but improvements in transparency, security headers, and content richness are recommended.

De Tijd is a leading Flemish financial newspaper and digital media platform based in Belgium, providing comprehensive news coverage in finance, economy, politics, and business. Established in 1968 and owned by Mediafin, it serves a professional audience with subscription-based content and advertising revenue. The website demonstrates a mature digital infrastructure leveraging modern technologies such as React, Adobe Experience Manager CMS, and advanced ad management tools. It employs robust GDPR-compliant consent management and integrates multiple analytics and marketing platforms. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. WHOIS data is restricted due to .be domain policies but aligns with a legitimate, privacy-conscious media entity. Overall, the site is professional, trustworthy, and well-optimized for performance and user experience.

Ami.e.s des Parcs naturels de Wallonie is a small community or non-profit organization dedicated to promoting and supporting natural parks in the Wallonia region of Belgium. The website serves as an informational platform targeting local nature enthusiasts and environmental supporters. The business model appears to focus on community engagement and environmental awareness without commercial activities. Technically, the website is built using One.com Web Editor and hosted by One.com A/S, featuring basic HTML, CSS, and JavaScript with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS enabled but lacking important security headers and privacy compliance mechanisms such as privacy and cookie policies. No contact information or incident response details are published, which limits user trust and compliance. Overall, the site is functional but requires improvements in privacy, security, and contact transparency to enhance trust and compliance.

S

Spolek Luka na dlani

vlukach.cz

46

The website vlukach.cz serves as a local community portal for Luka nad Jihlavou, providing residents and visitors with timely information such as local news, weather updates, event calendars, public notices, and local business listings. It positions itself as a community-driven informational resource with a focus on accessibility and local engagement. The site is relatively new, with domain registration in December 2023, and is hosted by Active24, a known hosting provider. Technically, the site uses standard web technologies (HTML, CSS, JavaScript) and is mobile responsive, though the design is basic and lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled but missing important security headers and no visible incident response or security policies. Privacy compliance is minimal, with no privacy or terms of service pages, and a cookie policy that states no cookies are used, thus no consent mechanism is implemented. Overall, the site is safe for general audiences and does not contain any adult or explicit content.

I

Informační centrum Polná

infocentrumpolna.cz

43

The website infocentrumpolna.cz serves as the official information center for the town of Polná in the Czech Republic. It provides residents and visitors with local news, event listings, tourist information, and contact services. The site is positioned as a local government portal, focusing on community engagement and public service. The business model is non-commercial, aimed at supporting local administration and tourism. The website content is well-structured, regularly updated, and presented primarily in Czech with multilingual support via Google Translate.

The website www.sportli.cz is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block that denies access based on the visitor's ASN. This results in a lack of any accessible content, metadata, or business information, preventing a thorough analysis of the site's offerings or market position. The domain WHOIS data is unavailable, which raises concerns about domain registration transparency and legitimacy. Technically, the site uses Cloudflare for security and performance, but no further technology stack details or CMS information can be determined due to the block. Security posture cannot be properly evaluated, and no privacy or cookie policies are detectable. Overall, the site appears to be poorly accessible and lacks publicly available trust or compliance indicators.

M

Město Chotěboř

chotebor.cz

55

The website chotebor.cz serves as the official online presence for the town of Chotěboř in the Czech Republic. It provides residents and visitors with comprehensive information about municipal services, local government officials, news updates, public tenders, and community events. The site targets local citizens and stakeholders seeking official information and services related to the town. The business model is that of a government service portal, focusing on transparency and public communication. The domain's long registration history since 1998 supports its legitimacy and established presence. Technically, the website employs a modern tech stack including HTML5, CSS3, JavaScript frameworks like Vue.js, and server-side CMS technology (Vismo). It integrates Google reCAPTCHA v3 for form security and Google Translate for accessibility. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Security practices include HTTPS enforcement and CSRF protection, but lack some advanced HTTP security headers and a published security policy. From a security perspective, the site demonstrates good baseline protections with no visible vulnerabilities or exposed sensitive data. However, it lacks explicit incident response contacts and vulnerability disclosure mechanisms. Privacy compliance is partially met with privacy and cookie policies present, but no active cookie consent mechanism is implemented. Contact information is clearly provided, enhancing trust and credibility. Overall, chotebor.cz is a trustworthy, well-maintained municipal website with good content quality and technical implementation. Strategic improvements could focus on enhancing security headers, publishing security policies, and implementing cookie consent to strengthen GDPR compliance and user trust.

The website at sitebuilderhostqa.net is currently inaccessible due to a 403 Access Forbidden error page, likely enforced by Cloudflare's security mechanisms. This prevents any meaningful content or business information from being analyzed. The domain is registered since 2015 with SafeNames Ltd. and uses Cloudflare DNS, indicating a legitimate registration and hosting setup. However, the lack of accessible content, privacy policies, contact information, and security headers severely limits the ability to assess the business or security posture. The technical infrastructure shows minimal implementation beyond basic JavaScript and Google Fonts usage, with no CMS or analytics detected. Overall, the site appears to be either under maintenance, restricted, or misconfigured, resulting in a poor user and security experience.

A

aufsiemitgebrüll

aufsiemitgebruell.de

63

aufsiemitgebrüll is a small communication and design studio based in Berlin, Germany, focusing on societal awareness and creative services. The website is built on the Squarespace platform, leveraging modern web technologies and integrated cookie consent management via Cookiebot to comply with GDPR requirements. The business presents clear contact information and a professional online presence, targeting a German-speaking audience. Technically, the site is well-structured with good mobile optimization and performance, hosted on Cloudpit infrastructure. Security posture is strong with HTTPS and HSTS enabled, though explicit privacy and terms of service policies are missing, representing compliance gaps. Overall, the site is trustworthy and professionally maintained, with room for improvement in privacy disclosures and incident response readiness.

P

Philipp Veller

vellip.berlin

57

Philipp Veller operates a professional web development portfolio website based in Berlin, targeting clients seeking frontend and backend web development services. The site showcases a variety of projects including web apps for NGOs, government platforms, and AI tools, positioning Philipp as a skilled freelance developer in the technology sector. The technical infrastructure leverages modern frameworks such as React and Gatsby, with content managed via Sanity.io, ensuring a performant and mobile-optimized user experience. Security posture is adequate with HTTPS enabled and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is partial, lacking cookie consent mechanisms and explicit GDPR indicators. Overall, the website is trustworthy, professional, and well-structured, suitable for attracting clients in the German market.

B

Berliner Süden

berlinersueden.de

62

Berliner Süden is a small, Germany-based web development company specializing in accessible, user-centered, and design-focused websites. Their portfolio includes projects for cultural institutions and architectural firms, indicating a niche market focus. The website is built on WordPress and hosted with Gandi, reflecting a modern and reliable technical infrastructure. The site is well-structured, mobile-optimized, and provides clear contact information, enhancing user experience and trust. From a security perspective, the website uses HTTPS with an excellent SSL configuration, but lacks security headers and formal security policies. No incident response or vulnerability disclosure information is provided, which could be improved to enhance security posture. Privacy compliance is adequate with a GDPR-compliant privacy policy, though no cookie consent mechanism is present. Overall, the website presents a professional and trustworthy image with good technical implementation and business credibility. The absence of tracking and advertising scripts suggests a privacy-conscious approach. Strategic improvements in security headers, cookie consent, and security policies would further strengthen the site's security and compliance standing.

Y

Yola

yola.com

69

Yola is a technology company providing a free website builder platform aimed at small businesses and individuals seeking to establish an online presence. The website offers free hosting, SEO tools, and easy website creation services, positioning itself as a practical solution for entrepreneurs and small enterprises. The platform is moderately mature with a consistent brand presence and a user-friendly interface. Technically, the site employs modern web technologies including Google Tag Manager for analytics and tracking, WebFontLoader for fonts, and a proprietary CMS indicated by script references. The hosting appears to be managed by a specialized hosting provider. The site is mobile optimized and SEO friendly, though accessibility features are basic. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism aligned with GDPR requirements. However, explicit security headers are missing, and no dedicated security or incident response policies are published. The absence of WHOIS data reduces domain trustworthiness, though the website content and technical setup suggest a legitimate business operation. Overall, the site presents a moderate risk profile with room for improvement in transparency, security policy publication, and contact information availability. Strategic enhancements in these areas would strengthen trust and compliance posture.

D

DS Stříbrné Terasy o. p. s

stribrneterasy.cz

57

DS Stříbrné Terasy o. p. s is a Czech non-profit social service provider focused on senior care and meal provision, primarily serving individuals aged 55 and above in the Jihlava region. The website offers detailed information about meal services, registration, and contact details, positioning itself as a trusted local community resource. The presence of virtual tours and regular news updates indicates active engagement with its audience. Technically, the website employs modern JavaScript frameworks including Vue.js and Mustache.js, and is built on the Vismo CMS platform, hosted by Active24. It uses HTTPS and Google reCAPTCHA v3 to secure user interactions, particularly form submissions. However, there is room for improvement in security headers and comprehensive privacy and security policies. Overall, the site is well-structured, accessible, and professionally presented, with a clear focus on its target audience.

M

MANN+HUMMEL

mann-hummel.cz

68

MANN+HUMMEL is a global leader in filtration technology, specializing in air and water filtration solutions since 1941. The company targets industrial sectors including automotive, environmental, and life sciences, providing innovative filtration products and services. Their website reflects a mature digital presence with comprehensive corporate information and product offerings, primarily in Czech language for the regional audience. The site is built on Adobe Experience Manager, indicating a robust technical infrastructure with modern content management and analytics capabilities. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not publicly available. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trustworthiness but does not detract from the professional presentation and established market position. Overall, the website is well-designed, accessible, and compliant with GDPR, supporting the company's credibility and business operations.

M

Město Třešť

trest.cz

48

Město Třešť operates an official municipal website serving as the primary digital portal for residents, visitors, and stakeholders. The site provides comprehensive information about the town, local government services, social and educational offerings, cultural events, and tourism. It targets local citizens and tourists, supporting community engagement and public service delivery. The business model is typical for a government entity, focusing on transparency and accessibility rather than commercial revenue. The domain's long-standing registration since 1999 supports its legitimacy and established presence. Technically, the website uses a traditional HTML/CSS/JavaScript stack with the Vismo CMS platform. It integrates Google services such as reCAPTCHA for form security and Google Translate for multilingual support. The site demonstrates moderate performance and good mobile optimization but could improve accessibility and SEO features. Hosting and domain registration are consistent with a Czech municipal entity. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, which is positive. However, it lacks advanced security headers and explicit incident response or vulnerability disclosure policies. Privacy compliance is basic, with a privacy policy and cookie information present but no active consent mechanism. No critical vulnerabilities or suspicious content were detected, and the site is accessible without WAF blocking. Overall, the website is a trustworthy, well-maintained municipal portal with good business credibility and moderate technical sophistication. Strategic improvements in security headers, privacy consent, and accessibility would enhance its posture. The risk level is low, but ongoing attention to security best practices is recommended.

M

Město Žďár nad Sázavou

zdarns.cz

61

The website www.zdarns.cz serves as the official municipal portal for the city of Žďár nad Sázavou in the Czech Republic. It provides comprehensive information and services for citizens, local businesses, and visitors, including city news, administrative contacts, tourism guides, cultural events, and online public services. The site is well-structured with clear navigation tailored to different user groups such as citizens, entrepreneurs, and visitors. The business model is that of a government service portal aimed at transparency and community engagement. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and Bootstrap for responsive design. It integrates Google Fonts and Google Analytics for typography and traffic analysis respectively. The site is served over HTTPS, ensuring encrypted communication. The cookie consent mechanism is implemented inline, allowing users to manage cookie preferences, which indicates a basic level of privacy compliance. From a security perspective, the site enforces HTTPS and uses cookie consent banners but lacks visible security headers such as Content-Security-Policy or X-Frame-Options. No security.txt or explicit incident response contacts are found. The WHOIS data for the domain is unavailable, which slightly reduces trust from a domain registration standpoint, but the presence of official contact information and consistent branding supports legitimacy. Overall, the website is professional, trustworthy, and serves its purpose effectively. Recommendations include publishing a privacy policy and terms of service, implementing security headers, and improving transparency around data protection and incident response to enhance security posture and compliance.

M

Městys Stonařov

stonarov.cz

50

Městys Stonařov operates an official municipal website serving the local community in the Czech Republic. The site provides comprehensive information including government notices, local news, event calendars, and contact channels for residents and visitors. It positions itself as a trusted source for local governance and community engagement. Technically, the website is built on the Vismo CMS platform, leveraging standard web technologies such as HTML5, CSS3, and JavaScript, with integrations like Google reCAPTCHA for form security and Google Translate for accessibility. The site is secured with HTTPS and shows moderate performance and basic mobile optimization. Security posture is adequate with encrypted connections and anti-bot measures, though it lacks advanced security headers and explicit incident response or security policies. Privacy compliance is partially addressed with linked privacy and cookie policies but lacks active consent mechanisms. Overall, the website demonstrates a solid business credibility and trustworthy presence consistent with a small government entity.

M

Městys Luka nad Jihlavou

lukanadjihlavou.cz

51

Městys Luka nad Jihlavou operates an official municipal website serving the local community and visitors by providing essential information about local governance, services, events, and contact details. The website is well-structured, primarily in Czech, and includes official social media channels, public notices, and an event calendar. The business model is focused on government transparency and citizen engagement, positioning it as a trusted local government portal. Technically, the site uses a CMS platform (Vismo), modern web standards, and integrates Google services such as reCAPTCHA and Translate to enhance usability and security. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and spam protection on forms, though some security headers are missing and no explicit incident response contacts are provided. Overall, the site is legitimate, trustworthy, and serves its intended audience effectively.

K

KPŽ - Knoflíkářský průmysl Žirovnice

kpzas.cz

47

KPŽ - Knoflíkářský průmysl Žirovnice is a well-established Czech manufacturing company specializing in plastic components for the automotive industry, particularly lighting technology. With a history spanning over 161 years, the company serves numerous global automotive brands and maintains a medium-sized workforce. Their website reflects a professional and consistent brand image, targeting automotive clients and partners. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, and integrates Google Tag Manager and CookieScript for analytics and compliance. The site is mobile-optimized and provides clear navigation and relevant content. Security-wise, the website enforces HTTPS and includes a cookie consent mechanism, but lacks some advanced security headers which could be improved. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy of the company. Contact information is clearly presented, facilitating communication. No critical security or compliance issues were detected.

O

Obec Suchá

obecsucha.cz

51

The website obecsucha.cz serves as the official online presence for the municipality of Suchá in the Jihlava district of the Czech Republic. It provides residents and visitors with access to local government information, public notices, contact details, event calendars, and community updates. The site is clearly targeted at local citizens and government officials, offering essential municipal services and information in Czech language with some translation support via Google Translate. The business model is that of a government information portal, with no commercial activities. The domain age and WHOIS data confirm legitimacy and consistency with the municipal nature of the site. Technically, the website is built on the vismo CMS platform, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google reCAPTCHA for form security and Google Translate for language accessibility. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. However, there is room for improvement in modern security practices, including the implementation of security headers and enhanced cookie consent mechanisms. From a security perspective, the site benefits from HTTPS encryption and uses reCAPTCHA to protect its contact form from spam and abuse. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies, incident response information, and security headers suggests a moderate security posture. Privacy compliance is basic but present, with GDPR-related information available. Overall, the site demonstrates a reasonable level of security for a small municipal website but could enhance its posture with additional measures. The overall risk assessment is low, given the nature of the site and its content. Strategic recommendations include implementing security headers, enhancing privacy and cookie consent mechanisms, publishing clear security and incident response policies, and maintaining regular audits of third-party scripts. These steps will improve trust, compliance, and resilience against potential threats.

M

Město Polná

mesto-polna.cz

44

The website mesto-polna.cz serves as the official online portal for the town of Polná, Czech Republic. It provides residents and visitors with municipal news, official documents, event calendars, and contact information. The site is positioned as a local government service platform, targeting the community and stakeholders of Polná. The business model is governmental, focusing on public service and information dissemination. The website content is well-structured, professionally presented, and consistent with the town's branding and identity. Technically, the site uses a specialized CMS (Vismo) tailored for municipal websites, leveraging standard web technologies such as HTML5, CSS3, and JavaScript. It integrates Google services like reCAPTCHA for form security and Google Translate for multilingual support. The site is mobile-optimized and accessible, with good SEO practices. Performance is moderate, with no significant technical debt or outdated components detected. From a security perspective, the website enforces HTTPS and uses reCAPTCHA to protect forms from abuse. However, it lacks explicit security headers such as Content Security Policy or HSTS, and does not provide a dedicated security policy or incident response contact. Privacy and cookie policies are present but lack active consent mechanisms. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the website is trustworthy, safe, and professionally maintained, suitable for its governmental purpose. Strategic improvements in security headers, privacy consent, and incident response transparency would enhance its security posture and compliance. The domain registration data aligns well with the website's official nature, supporting its legitimacy and long-standing presence since 2001.

M

MANN+HUMMEL

mann-hummel.com

73

MANN+HUMMEL is a global leader in filtration technology, providing advanced solutions for clean air, water, and mobility. Established in 1941, the company serves diverse sectors including automotive, pharmaceuticals, agriculture, and building infrastructure. Their website reflects a mature digital presence with comprehensive product and corporate information, emphasizing sustainability and innovation. Technically, the site is built on Adobe Experience Manager, leveraging Adobe Analytics and OneTrust for privacy compliance and tracking. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit incident response and vulnerability disclosure information are absent. The WHOIS data for the domain is missing, which raises some concerns but is mitigated by the professional and consistent branding and content. Overall, the website demonstrates a high level of professionalism and trustworthiness, suitable for an enterprise-grade business.

K

Karen McGrane & Ethan Marcotte

responsivewebdesign.com

53

ResponsiveWebDesign.com is a niche educational website focused on responsive web design, originally defined by Ethan Marcotte. The site offers resources such as articles, books, workshops, newsletters, and a podcast aimed at web designers and developers interested in responsive design. The business operates as a small entity with a clear focus on education and community engagement in the web development sector. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and the Modernizr library, hosted on DigitalOcean. The website is mobile optimized and accessible with good SEO practices, though performance is moderate. Security posture is adequate but could be improved by enabling DNSSEC and adding security headers. Privacy and cookie policies are absent, which impacts compliance and user trust. No contact information or incident response details are provided, limiting transparency. Overall, the domain is legitimate with a long registration history and no suspicious indicators.

C

Corky's BBQ

corkysbbq.com

60

Corky's BBQ is a regional restaurant chain specializing in Memphis-style BBQ and ribs, offering dine-in services across multiple locations, online ordering for delivery and pickup, nationwide shipping of BBQ products, and catering services including private party rooms. The website reflects a well-established business with a consistent brand presence and active social media engagement. Technically, the site uses a modern technology stack including Umbraco CMS, JavaScript libraries, Braintree payment gateway, and analytics tools such as Google Analytics and Microsoft Application Insights. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is generally good with HTTPS enforced and use of reCAPTCHA, but lacks some security headers and explicit security policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. WHOIS data is unavailable, which reduces domain trustworthiness and suggests further verification is needed. Overall, the website is professional and trustworthy but could improve in transparency and security documentation.

N

Netigate

ntgt.de

59

Netigate operates a professional survey and feedback platform targeting businesses seeking employee, customer, and market insights. The website analyzed is a login portal supporting organizational and individual accounts, with accessibility features and links to legal and privacy policies hosted on official Netigate domains. The technical infrastructure is based on ASP.NET Web Forms hosted on Microsoft Azure DNS, using modern JavaScript libraries like jQuery. The site demonstrates moderate digital maturity with basic mobile optimization and accessibility compliance. Security posture is adequate with HTTPS usage and secure form handling, though explicit security headers and cookie consent mechanisms are absent. Overall, the site is trustworthy and business-focused with no signs of malicious activity or suspicious content.

C

CAWaB asbl

cawab.be

53

CAWaB asbl is a Belgian non-profit organization dedicated to advocating for accessibility for persons with reduced mobility in the Wallonia and Brussels regions. The website serves as a platform to promote their 2024 election priorities focused on inclusive society measures, including accessible transport, buildings, and communication. The organization targets both the general public and policymakers to foster legislative and social change. Technically, the website is built on the SPIP CMS with Bootstrap and includes social media integrations such as Facebook SDK and YouTube embeds. The site is hosted by OVH and demonstrates good mobile optimization and accessibility features, aligning with its mission. Security posture is moderate with HTTPS enabled but lacks explicit security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

L

Le Brabant wallon

brabantwallon.be

53

Le Brabant wallon is the official provincial government website for the Brabant Wallon region in Belgium. It provides comprehensive information on local administration, political life, territorial data, public services, news, events, and resources for residents and visitors. The site targets a broad audience including residents, local officials, businesses, and tourists. The business model is focused on public service and information dissemination, positioning itself as a key regional government portal.

P

Home - Plein Publiek

pleinpubliek.be

39

Pleinpubliek.be is a website established since 2015, likely representing a small business or organization. The site uses WordPress CMS with a custom theme and integrates modern web technologies including YouTube Iframe API and Google Tag Manager for analytics and tracking. Cookie consent is managed through Cookiebot, with a default configuration denying ad and analytics storage, indicating a privacy-conscious approach. However, no explicit privacy policy or terms of service were found in the analyzed content, which is a gap in compliance and transparency. The website is accessible without any WAF or security challenge, and no blocking mechanisms were detected. Security headers and advanced security policies are not evident, suggesting room for improvement in security posture. Overall, the site presents a professional design and good SEO practices but lacks visible business contact information and formal security or privacy documentation.

M

Miss Sophie

miss-sophie.be

60

Miss Sophie is a small Belgian e-commerce business specializing in high-quality sandwiches, salads, and homemade desserts, with over 20 years of experience in product selection. The company targets business customers and individuals seeking quality lunch options, offering assortments for business lunches, local delivery, and pickup services. The website is built on the Shopify platform, leveraging modern web technologies and third-party apps to enhance user experience and operational efficiency. Technically, the site is well-structured, mobile-optimized, and integrates lazy loading and analytics tools effectively. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy policies are lacking. WHOIS data is restricted, which limits domain trust verification, but the professional presentation and business consistency support legitimacy. Strategic improvements include adding comprehensive privacy and cookie policies, enhancing security headers, and providing clear contact information for incident response.

The domain aao.org is registered to the American Academy of Ophthalmology, a well-established professional healthcare organization in the United States. However, the website content is currently inaccessible due to an AWS WAF human verification CAPTCHA challenge, preventing direct analysis of the site's content, policies, and contact information. The domain registration data is consistent and indicates a legitimate entity with a long operational history since 1995. The technical infrastructure includes AWS hosting and WAF protection, but no further details on CMS or frameworks are available due to content blocking. Security posture cannot be fully assessed, but the presence of a WAF indicates some level of protection. Privacy and compliance policies are not accessible in the provided content. Overall, the site appears legitimate but currently inaccessible for detailed security and compliance evaluation.

P

Packeta

packeta.sk

69

Packeta.sk is a Slovakian parcel delivery service website offering fast and reliable shipment transportation. The website targets general consumers and businesses needing parcel logistics solutions within Slovakia. The business operates in the transportation sector and appears to be a significant player in the regional market. The website uses modern frontend technologies such as Bootstrap and Google Fonts, providing a basic but functional user experience with mobile optimization. However, the site lacks visible privacy and cookie policies, security headers, and explicit contact information, which are critical for compliance and trust. The security posture is minimal with no evident incident response or vulnerability disclosure mechanisms. Overall, the domain registration data aligns well with the business claims, indicating legitimacy. Strategic improvements in privacy compliance, security best practices, and transparency would enhance trust and reduce risk.

4

4FITNESS.CZ

4fitness.cz

57

4FITNESS.CZ is an established Czech e-commerce platform specializing in sports nutrition products including proteins, creatine, collagen, amino acids, stimulants, vitamins, and functional foods. The website targets fitness enthusiasts and athletes primarily within the Czech Republic, offering a broad range of health supplements and custom product mixing services. The business operates with a clear online retail model and maintains a professional digital presence with good content quality and consistent branding. Technically, the site leverages modern JavaScript frameworks and integrates multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Bing Ads, indicating a mature digital marketing strategy. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is basic but includes cookie consent and a privacy policy, aligning with GDPR requirements. The absence of WHOIS data limits domain trust verification, but the overall website professionalism and contact transparency support legitimacy. Strategic recommendations include enhancing security headers, auditing third-party scripts, and improving accessibility features to further strengthen the platform's security and compliance stance.

U

UNI HOBBY

unihobby.cz

60

UNI HOBBY is a well-established Czech retailer specializing in DIY and hobby products, offering a wide range of items both online and through physical stores. The website targets Czech DIY enthusiasts and provides services such as online ordering, home delivery, and in-store pickup. The company positions itself as a trusted provider with quality service and a broad product selection. Technically, the website employs modern JavaScript frameworks like Vue.js and integrates multiple marketing and analytics tools, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement and standard security headers, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the site is professional, user-friendly, and compliant with privacy regulations, making it a reliable platform for customers.

E

Efektivní Bydlení, spol. s r. o.

efektivni-bydleni.cz

50

Efektivní Bydlení, spol. s r. o. is a Czech Republic based small company specializing in the design and construction of passive and energy-efficient family homes. With over 15 years of experience and more than 80 successful projects, the company offers comprehensive services from architectural studies, project documentation, construction, financing assistance, to subsidy management. Their market position is that of a trusted local specialist focused on sustainable housing solutions. The website is professionally designed, mobile-optimized, and provides clear navigation and detailed service descriptions. Technically, the site uses modern web technologies including Google Tag Manager and service workers, ensuring good performance and user experience. Security posture is solid with HTTPS enforced and cookie consent implemented, though formal security policies and vulnerability disclosures are absent. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

R

Renot s.r.o.

renot.cz

43

Renot s.r.o. is a Czech-based small manufacturing and retail company specializing in the production and renovation of alternative toner and ink cartridges, as well as providing 3D printing equipment and filament sales. The company holds ISO 9001 and ISO 14001 certifications, indicating a commitment to quality and environmental standards. Their market position is that of a regional player serving both business and consumer segments with a focus on printing supplies and 3D printing solutions. The website is professionally designed with clear navigation and good content relevance, targeting customers interested in printing and 3D printing products and services. Technically, the website is built on the aPilot CMS platform and uses modern technologies including Google Tag Manager, Google Analytics, and Google reCAPTCHA for form security. The site is mobile optimized and performs moderately well, though some accessibility features could be improved. Security posture is good with HTTPS enforced and use of CAPTCHA, but lacks important security headers and published incident response or vulnerability disclosure policies. The WHOIS data is unavailable or privacy protected, which reduces transparency but is not uncommon for small businesses. The site includes a privacy policy in PDF form and terms of service, but lacks a cookie consent mechanism. Overall, the site demonstrates a solid business credibility and moderate privacy compliance, with room for improvement in security best practices and transparency. Strategic recommendations include implementing security headers, adding cookie consent mechanisms, publishing security and incident response policies, and enhancing privacy compliance to build greater trust and security maturity.

Auto Vysočina is a well-established automotive dealership and service provider in the Czech Republic with over 25 years of market presence. The company specializes in sales and servicing of VW, Škoda, DWA, and KIA vehicles, operating multiple physical locations in Jihlava and Loket. The website serves as a brand and informational portal with links to vehicle offers, social media, and partner sites. Technically, the website is built with standard HTML, CSS, and JavaScript, featuring responsive design elements and embedded animations via iframes. However, it lacks modern security headers, privacy and cookie policies, and active analytics tracking, indicating room for improvement in digital maturity and compliance. Security posture is basic with no visible vulnerabilities but missing key security best practices such as HTTPS confirmation and security headers. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security measures to improve trust and regulatory adherence.

T

TRIMA NEWS, s.r.o.

jihlavskadrbna.cz

49

Jihlavská Drbna is a regional news media portal focused on delivering authentic news and stories from Jihlava and the Vysočina region in the Czech Republic. Operated by TRIMA NEWS, s.r.o., the website offers a broad range of news categories including local news, crime, sports, culture, and business, supported by advertising and premium subscription models. The site targets a general audience interested in regional developments and community stories. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager, Facebook Pixel, and multiple advertising networks to monetize content. It is mobile-optimized with responsive design and uses HTTPS for secure communications. The site integrates privacy and cookie policies with consent mechanisms, reflecting basic GDPR compliance. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and secure form handling, though it lacks explicit security headers like Content-Security-Policy and X-Frame-Options. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS registration data raises concerns about domain registration transparency, which should be monitored. Overall, Jihlavská Drbna presents a professional and trustworthy regional news platform with solid technical infrastructure and privacy awareness. Strategic improvements in security headers and domain registration transparency would enhance its security posture and trustworthiness.