Security Directory

F

FreizeitObjekte Gesellschaft Alsdorf mbH

tierpark-alsdorf.de

53

Tierpark Alsdorfer Weiher is a small non-profit zoological park located in Germany, offering free admission to visitors and supported by a local association, FreizeitObjekte Gesellschaft Alsdorf mbH. The website provides comprehensive visitor information, event details, donation options, and contact forms, targeting families and local tourists. The site is built on WordPress with the Avada theme and uses modern web technologies, ensuring a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and incident response policies are absent. Privacy compliance is demonstrated through a cookie consent banner and a privacy policy page. Overall, the website is trustworthy and professionally maintained, serving its community-focused mission effectively.

Meyer Konzerte is a small, regionally focused event management company based in Germany, specializing in organizing concerts, comedy shows, and open-air events. Their website provides comprehensive event calendars, ticket sales, and tour management services, targeting a general audience interested in live entertainment. The company maintains an active social media presence and complies with GDPR and cookie consent regulations, reflecting a mature digital presence. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Borlabs Cookie for privacy compliance. It uses Facebook Pixel for marketing and tracking, integrates Google Maps, and employs standard web technologies like jQuery. Hosting appears to be with a reputable provider, and the site is mobile-optimized with good SEO practices. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms but lacks some advanced security headers. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website content, indicating legitimacy and no privacy protection masking registrant details. Overall, Meyer Konzerte's website demonstrates a good balance of business functionality, technical implementation, and privacy compliance, with room for improvement in security hardening and accessibility features.

O

Ontavio GmbH

ontavio.de

56

Ontavio GmbH operates a suite of award-winning job and training portals aimed at addressing the skilled labor shortage in Germany. Their business model focuses on connecting top talents with companies through digital recruitment platforms and regional news portals. The company is positioned as a regional leader with a strong brand presence and a clear focus on digital innovation combined with local relevance. Technically, the website is built on WordPress using modern tools such as Bricks Builder and Real Cookie Banner Pro, ensuring GDPR compliance and a good user experience across devices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be explicitly implemented for enhanced protection. Overall, the site reflects a mature digital infrastructure with good privacy compliance and professional business credibility.

S

Salz & Pfeffer

internetagentur-stuttgart.de

40

Salz & Pfeffer is a specialized online marketing agency based in Stuttgart, Germany, focusing on Google Ads, SEO, social media marketing, and web design. As a Google Partner, they provide tailored digital marketing solutions to businesses aiming to improve their online presence and growth. Their website reflects a professional and modern digital agency with a clear service portfolio and strong local market focus. The technical infrastructure is built on WordPress with common industry plugins and frameworks, ensuring a good user experience and mobile optimization. Security measures include HTTPS, reCAPTCHA on forms, and GDPR-compliant cookie consent, although some security headers could be enhanced. Overall, the site demonstrates a solid security posture with no critical vulnerabilities detected. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

Meteocentrum.sk is a Slovak weather information website providing real-time meteorological data and weather station information primarily for Slovakia. The site features interactive maps powered by Google Maps API and displays current weather conditions from various stations. The business operates as a regional weather data provider with a focus on delivering accurate and timely weather updates to the general public. The website is built using modern web technologies including Bootstrap, jQuery, and integrates Google services for mapping and analytics. Hosting is provided by Exohosting, a regional hosting provider, consistent with the domain's Slovak origin. Security posture is moderate with HTTPS enabled but lacks important security headers and privacy compliance documentation. Advertising and tracking are implemented via Google Ads and Google Analytics, indicating moderate user tracking. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security hardening to improve trust and regulatory adherence.

A

Altmarkkreis Salzwedel

altmarkkreis-salzwedel.de

56

Altmarkkreis Salzwedel operates an official regional government website serving the citizens and businesses of the Altmarkkreis Salzwedel district in Germany. The site provides extensive information and e-government services across multiple sectors including citizen services, culture, tourism, economy, education, and social affairs. The website is built on a mature ASP.NET WebForms platform using the contentXXL CMS, integrating modern JavaScript libraries and analytics tools. The technical infrastructure is stable and moderately performant with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enforced and no exposed sensitive data, but lacks advanced security headers and explicit privacy or cookie policies. The domain and hosting align with German providers, supporting legitimacy and trustworthiness. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

S

So Much Stuff

somuchstuff.com.au

60

So Much Stuff is an Australian-owned retail business operating both an e-commerce platform and a physical store located in Smeaton Grange, Sydney. The company offers a wide range of products including collectibles, lawn mowers, trampolines, outdoor play equipment, BBQs, furniture, camping gear, and clothing. The website is built on the Squarespace platform, leveraging modern web technologies and standard marketing tools such as Google Analytics and Facebook Pixel. The business maintains clear contact information and comprehensive privacy and return policies, supporting customer trust and compliance. Technically, the website is well-structured with good mobile optimization and SEO practices, though some security headers could be enhanced. The domain WHOIS data is privacy protected but registered through a reputable Australian registrar, consistent with the business's Australian presence. Overall, the site demonstrates a solid digital presence with a good security posture and privacy compliance.

Unna Marketing Gesellschaft für Veranstaltungen und Stadtmarketing mbH is a small local company specializing in event organization, city marketing, tourism, and economic promotion for the city of Unna, Germany. Their website provides comprehensive information about local events, fairs, markets, and the Stadthalle venue, targeting residents, visitors, and local businesses. The company maintains partnerships with local businesses and institutions, enhancing its community presence. Technically, the website is built on the Contao Open Source CMS platform and utilizes common JavaScript libraries and Google APIs for charts and maps. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. The presence of a cookie consent mechanism and privacy policy indicates attention to GDPR compliance, although terms of service and security policies are absent. From a security perspective, the site uses HTTPS and includes some privacy-focused tools but lacks explicit security headers and incident response information. No critical vulnerabilities or suspicious content were detected. The WHOIS data is limited but consistent with the business focus, supporting legitimacy. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic recommendations include enhancing security headers, adding detailed security and incident response policies, improving mobile optimization, and expanding analytics and marketing transparency to strengthen digital maturity and compliance.

G

Grafschaft Hauenstein

grafschaft-hauenstein.info

42

Grafschaft Hauenstein is a regional community website focused on providing information about the Grafschaft Hauenstein area in Germany. The site appears to serve local residents and visitors with regional content but lacks detailed business or commercial services. Technically, the site uses the Laravel framework and integrates Google Maps API, hosted under a domain registered in 2022 with Mesh Digital Limited. Security posture is moderate with HTTPS enabled and domain status protections, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms. Contact information and business certifications are not provided, limiting business credibility. Overall, the site is accessible, safe, and functional but would benefit from enhanced privacy, security, and contact transparency.

Z

ZnanyLekarz

znanylekarz.pl

68

ZnanyLekarz.pl is a leading Polish online healthcare platform that enables patients to find doctors, read verified reviews, and book medical appointments online. It is part of the Docplanner group, a recognized international healthcare technology company. The website offers a comprehensive database of over 146,000 doctors and supports online consultations, reflecting a mature digital healthcare service. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, Visual Website Optimizer, and OneTrust for cookie consent, ensuring good performance, SEO, and privacy compliance. Security posture is strong with HTTPS enforcement, security headers, and GDPR-aligned consent mechanisms, although explicit security policies and incident response contacts are not publicly disclosed. Overall, ZnanyLekarz.pl demonstrates a professional, trustworthy, and user-friendly platform with a strong market position in Poland's healthcare sector.

L

Landesarbeitsgemeinschaft Autonomer Frauenhäuser NRW e.V.

frauen-info-netz.de

45

The Frauen-Info-Netz gegen Gewalt website is a regional non-profit platform operated by the Landesarbeitsgemeinschaft Autonomer Frauenhäuser NRW e.V., providing critical information and support services for women affected by violence in North Rhine-Westphalia, Germany. The site offers real-time data on available women’s shelter places, links to related organizations, and practical safety tips. It targets women in need and professionals seeking resources, positioning itself as a trusted regional support network. Technically, the website is built on TYPO3 CMS and integrates Google Maps API for interactive shelter location services. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. No major analytics or tracking tools are present, reflecting a privacy-conscious approach. Security is adequate with HTTPS enforced and secure form handling, but lacks advanced security headers and explicit security policies. From a security perspective, the site shows a solid baseline with no detected vulnerabilities or exposed sensitive data. However, improvements could be made by implementing security headers and publishing a vulnerability disclosure policy. Privacy compliance is supported by a clear privacy policy, though cookie consent mechanisms are absent. WHOIS data is minimal but domain status is active and consistent with the business purpose. Overall, the website is a well-maintained, trustworthy resource for its target audience, with room for technical and security enhancements to strengthen compliance and resilience.

Z

ZIF - Zentrale Informationsstelle Autonomer Frauenhäuser

frauenhaus-suche.de

51

The website www.frauenhaus-suche.de serves as a centralized information portal for autonomous women's shelters across Germany, providing a nationwide search for women’s shelters and protection apartments. It targets women seeking shelter and support from domestic violence, offering multilingual content and a map-based search interface. The site is operated by the ZIF (Zentrale Informationsstelle Autonomer Frauenhäuser), a non-profit entity dedicated to supporting women in need. The business model focuses on providing free, accessible information rather than commercial services. Technically, the website is built on TYPO3 CMS with Bootstrap for responsive design, enhanced by jQuery and Google Maps API for interactive map features. It employs Matomo analytics for privacy-conscious user tracking and is hosted on German servers associated with kasserver.com. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms with opt-in for statistics, reflecting a commitment to privacy compliance. However, it lacks explicit privacy policies, terms of service, and security headers, which are recommended for enhanced security posture. No direct contact information or incident response channels are provided, limiting transparency in security management. Overall, the website is trustworthy and professional, with a clear mission and consistent branding. The absence of critical security issues and adult content supports a safe user experience. Strategic improvements include publishing comprehensive privacy and security policies, enhancing security headers, and providing clear contact channels for security incidents to strengthen compliance and user trust.

S

Služby občanom mesta Levice, s. r. o., r. s. p. (SOM Levice)

somlevice.sk

53

SOM Levice is a Slovak social enterprise operating under the principles of social economy, providing essential municipal services such as cemetery maintenance, city camera system operation, and an information agency for the city of Levice. The organization focuses on employing disadvantaged and vulnerable individuals to generate positive social impact. The website is professionally designed using WordPress with modern plugins and integrates Google Maps for location services. Contact information is transparent and includes multiple company representatives with official emails and phone numbers. Security posture is good with HTTPS and reCAPTCHA implemented, though some security headers and policies could be improved. Privacy compliance is basic with a privacy policy present but lacking a cookie consent mechanism. Overall, the website reflects a legitimate, trustworthy local government-affiliated social enterprise with a clear mission and good digital maturity.

The website www.erzgebirge.de/regionen/vogtland serves as a regional tourism and cultural information portal for the Vogtland area in Germany. It is operated by Verlag Anzeigenblätter GmbH Chemnitz, part of the Freie Presse Mediengruppe, a reputable media group. The site offers comprehensive content including regional news, event information, cultural highlights, and leisure activities targeting tourists, families, and culture enthusiasts. The business model focuses on regional tourism promotion and media publishing, positioning itself as a key information source in the Vogtland and Erzgebirge regions. Technically, the website employs modern web technologies such as jQuery, Google Maps API, and a GDPR-compliant consent management platform. It uses Cloudflare for DNS and CDN services, enhancing performance and security. The site is mobile-optimized with good SEO practices and moderate performance. Advertising and analytics are managed with user consent, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS with strong SSL configuration and employs security headers likely managed via Cloudflare. The presence of a consent management platform indicates compliance with GDPR cookie regulations. However, explicit security policies and incident response contacts are not published, representing an area for improvement. No vulnerabilities or suspicious content were detected. Overall, the website is trustworthy, professionally managed, and compliant with privacy regulations. It provides valuable regional content with a good user experience. Strategic recommendations include publishing detailed security and incident response policies, implementing a security.txt file, and enhancing accessibility features to further strengthen the site's security posture and user trust.

E

European Travel Commission

visiteurope.com

63

Visiteurope.com is the official travel portal of Europe, operated under the auspices of the European Travel Commission. It provides comprehensive travel inspiration, destination guides, experiences, events, and essential travel information to tourists interested in exploring Europe. The website targets a broad audience of travelers and tourists, offering multilingual support and rich content to facilitate trip planning. The business model appears to be informational and promotional, supported by EU co-funding and partnerships with tourism bodies. The site holds a strong market position as an authoritative source for European travel information. Technically, the website is built on WordPress with modern technologies including React, jQuery, and various SEO and multilingual plugins. It leverages Cloudflare for DNS and uses Google Fonts and Google Maps APIs. The site is well-optimized for SEO, mobile-friendly, and accessible, with good performance metrics. Structured data and Open Graph tags are properly implemented to enhance search engine visibility and social media sharing. From a security perspective, the site enforces HTTPS, uses clientTransferProhibited domain status, and implements cookie consent via Cookiebot. However, DNSSEC is not enabled, and there is no visible security policy or incident response information published. The site uses multiple third-party marketing and tracking tools, but with consent mechanisms in place. No critical vulnerabilities or exposed sensitive data were detected. Overall, visiteurope.com is a professional, trustworthy, and well-maintained website with strong content quality and business credibility. Minor improvements in DNS security and transparency around security policies could further enhance its security posture and user trust.

G

GEWOGE Duisburg-Ruhrort eG

gewoge-duisburg.de

46

GEWOGE Duisburg-Ruhrort eG is a well-established housing cooperative founded in 1896, managing over 1,000 apartments and garages in the Ruhr region of Germany. The cooperative focuses on providing affordable, secure housing with no deposit requirements, including specialized senior living facilities such as Wohndorf Laar. The website serves as an information portal for current rental offers, services, and contact details, targeting local residents and seniors seeking assisted living options. Technically, the website is built on WordPress with the Enfold theme and uses common plugins for forms, maps, and news tickers. It demonstrates good digital maturity with mobile optimization and GDPR-compliant cookie consent mechanisms. Security posture is adequate with HTTPS and cookie management but lacks explicit security headers and incident response information. Overall, the site is professional, trustworthy, and compliant with privacy regulations, supporting the cooperative's community-focused business model.

B

Bates Wells

bateswells.co.uk

68

Bates Wells is a well-established UK-based law firm specializing in legal services for charities, social enterprises, and impact investors. The firm positions itself as a City law firm with a difference, emphasizing positive impact and sustainability, evidenced by its status as the highest scoring B Corp globally in the legal activities category. The website reflects a professional and comprehensive digital presence, targeting businesses and organizations seeking expert legal advice in various sectors including charity, corporate, data privacy, and employment law. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Swiper.js for enhanced user experience. It employs HTTPS with good SSL configuration and includes cookie consent mechanisms compliant with GDPR. The site is mobile-optimized, accessible, and SEO-friendly, though it could improve by implementing additional security headers and publishing a formal security policy. From a security standpoint, the site demonstrates good practices such as secure forms and no visible vulnerabilities or exposed sensitive data. However, there is room for improvement in incident response transparency and vulnerability disclosure. The domain registration data is consistent with the firm's business history, enhancing trustworthiness. Overall, Bates Wells presents a low-risk profile with strong business credibility and a mature digital infrastructure. Strategic recommendations include enhancing security headers, publishing security policies, and adding a security.txt file to further improve security posture and compliance.

B

BEST AöR – Bottroper Entsorgung und Stadtreinigung Anstalt des öffentlichen Rechts

best-bottrop.de

62

BEST AöR is a municipal public service provider specializing in waste disposal and city cleaning services for the city of Bottrop, Germany. The organization offers a comprehensive range of services including waste collection, recycling yard management, street cleaning, winter services, container rental, and customer support. The website reflects a well-established entity celebrating 25 years of service, targeting local residents and businesses with a strong emphasis on sustainability and community engagement through workshops and digital tools such as a dedicated mobile app. Technically, the website employs modern web technologies including jQuery, Vue.js, Google Fonts, and Google Maps API, hosted on a CMS platform called FLYcms. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. Privacy and cookie compliance are well implemented with a detailed cookie consent mechanism and a comprehensive privacy policy. Analytics are conducted via Matomo with anonymized data collection, aligning with GDPR requirements. From a security perspective, the site uses HTTPS and secure forms with CAPTCHA protections. However, explicit HTTP security headers are not detected, and no public security or incident response policies are published. No vulnerabilities or suspicious activities were identified in the content or WHOIS data. The domain and DNS setup are consistent with a legitimate municipal entity. Overall, BEST AöR demonstrates a strong digital presence with good security and privacy practices suitable for a public service organization. Strategic improvements could include enhancing HTTP security headers and publishing formal security policies to further strengthen trust and compliance.

VABANQUE, spol. s r.o. is a Czech Republic based full-service advertising and communication agency with over 15 years of experience. The company offers a broad range of marketing and branding services including 3D modeling, packaging design, web development, video production, and event promotion. Their client portfolio includes notable brands and they emphasize tailored marketing solutions to strengthen client market positions. The website is professionally designed with clear navigation and contact information, reflecting a stable and credible business presence. Technically, the site uses common web technologies such as jQuery, Google Analytics, and Google Tag Manager, with moderate performance and basic mobile optimization. Security posture is average with HTTPS usage but lacks visible security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy but could improve in privacy and security transparency.

G

Gentlemen Brothers Brno

rezerver.cz

48

Gentlemen Brothers Brno operates an online reservation system for a local barbershop in Brno, Czech Republic, offering a variety of grooming and haircut services. The website is designed to facilitate easy booking of services such as classic cuts, beard styling, and traditional shaving. The business targets male customers seeking professional barber services in the region. The platform is functional and integrates modern web technologies including Bootstrap, jQuery, Google Analytics, and Facebook Pixel for tracking and marketing purposes. However, the absence of WHOIS registration data limits the ability to fully verify domain legitimacy and trustworthiness. Security posture is moderate with HTTPS enforced but lacking important security headers and cookie consent mechanisms. Privacy policy is present and appears GDPR compliant, but no explicit cookie or terms of service policies were found. Overall, the website provides a good user experience with clear navigation and relevant content but could improve in security and privacy compliance areas.

T

TESTCAR s.r.o.

testcar.cz

46

TESTCAR s.r.o. operates a network of vehicle technical inspection stations across the Czech Republic, providing services such as regular technical inspections for road vehicles, ADR inspections, individual vehicle imports, and sales of ecological stickers. The company is well-established since 2007 and maintains multiple branch locations, indicating a solid market presence in the transportation sector. The website is built on WordPress using Elementor and JetEngine, with integration of Google Maps API for branch location display, although the map currently has an API key issue preventing proper loading. Security posture is moderate with HTTPS enabled but lacking security headers and formal security or privacy policies. Contact information is comprehensive and clearly presented, enhancing business credibility. However, the absence of privacy and cookie policies indicates compliance gaps that should be addressed.

N

Nikey s.r.o.

nikey.cz

52

Nikey s.r.o. is a Czech company operating a network of 11 vehicle washing centers and 18 fuel stations specialized in serving truck and bus transportation across the Czech Republic. The company offers personalized fuel dispensing systems, flexible washing programs, parking solutions, and vehicle interior disinfection services. Their market position is that of a medium-sized regional player with over 200 corporate clients and a strong focus on quality and customer satisfaction. Technically, the website employs a modern but somewhat dated technology stack including Bootstrap 3, jQuery, and Google Maps API, with good mobile optimization and SEO practices. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though lacking explicit security policies and advanced HTTP headers. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, with room for improvement in security transparency and accessibility.

K

KAR

kar.cz

45

KAR is a well-established Czech company founded in 2011, specializing in comprehensive service solutions for truck and bus transportation. The company operates multiple modern service centers across Czech regions and acts as a dealer for IVECO BUS, offering sales, maintenance, and custom manufacturing services. Their website reflects a mature digital presence built on WordPress with Elementor, optimized for performance and SEO. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, the company demonstrates high business credibility and trustworthiness with clear contact information and certifications.

Č

ČSAD Ostrava a.s.

cova.cz

40

ČSAD Ostrava a.s. is a well-established transportation and logistics company in the Czech Republic with a history dating back to 1992 and roots from 1949. The company offers a broad range of services including international truck transport, spedition, logistics, vehicle servicing, and management of bus stations and real estate. The website reflects a professional and consistent brand presence targeting business clients and job seekers in the transport sector. Technically, the site uses modern web technologies such as Bootstrap, jQuery, Google Maps API, and includes privacy and cookie consent mechanisms. Security posture is adequate with HTTPS and reCAPTCHA usage, though security headers and explicit policies could be improved. The domain WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the site is functional, secure, and compliant with GDPR, providing a trustworthy digital presence for the company.

V

Vimec France Accessibilite sarl

vimecfrance.fr

50

Vimec France Accessibilite sarl is a well-established French company specializing in custom private home elevators and accessibility solutions. With over 40 years in the industry and more than 15,000 installations across France, Vimec holds a leading market position. Their product range includes private elevators, platform lifts, stairlifts, and mobility aids tailored for residential use. The website reflects a professional and consistent brand image targeting individuals and professionals seeking home mobility solutions. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and integrates analytics tools like Google Analytics and Facebook Pixel, indicating a mature digital presence. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and incident response disclosures are recommended. Privacy compliance is well addressed with clear cookie and privacy policies aligned with GDPR. Overall, the site is trustworthy, user-friendly, and provides comprehensive business information.

S

SOVA NET, s.r.o.

sovanet.cz

46

SOVA NET, s.r.o. is a well-established Czech digital agency specializing in comprehensive IT business solutions, online marketing, and custom web development, including e-shops and internal communication portals. With over 20 years of experience, the company holds a strong market position in Brno and serves notable clients such as Hyundai and ESSOX. The website reflects a mature digital presence with professional design, clear navigation, and extensive client references. Technically, the site uses modern tools like Google Tag Manager, Google Maps API, and Nette Framework for form validation, ensuring a solid digital infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though improvements in HTTP security headers and incident response disclosures are recommended. Overall, the site is trustworthy and business credible, though the absence of WHOIS data slightly reduces domain trustworthiness.

E

EGLV - Emschergenossenschaft Lippeverband

eglv.de

45

EGLV - Emschergenossenschaft Lippeverband is a major public water management organization in Germany, operating as one of the largest wastewater disposal and sewage treatment entities. The organization focuses on ecological, technical, and design solutions for the Emscher and Lippe river regions, serving a broad audience including residents, local governments, and environmental stakeholders. Their business model is centered on public service and environmental stewardship with a strong regional presence. Technically, the website is built on WordPress with modern optimizations such as lazy loading and responsive design, supported by SEO tools like Yoast and analytics via Etracker. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements can be made by adding security headers and formal incident response policies. Overall, the site is professional, trustworthy, and content-rich, reflecting the organization's credibility and commitment to sustainability.

D

Die Länderbahn CZ s.r.o.

laenderbahn.cz

46

Die Länderbahn CZ s.r.o. is a private regional railway operator active in the Czech Republic since 2010, with a Czech subsidiary founded in 2019. The company operates under the parent Die Länderbahn GmbH DLB and is part of the NETINERA group, itself linked to Ferrovie dello Stato Italiane. The website targets regional travelers in Liberec, Českolipsko, and Lounsko areas, offering train schedules, tariffs, and tourist information. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google services, providing a responsive and user-friendly experience. Security posture is generally good with HTTPS and reCAPTCHA usage, but lacks some security headers and cookie consent mechanisms. WHOIS data is unavailable, which reduces domain trust but the website content and business information appear consistent and professional. Overall, the site is a reliable source for regional rail transport information with room for security and privacy improvements.

P

Počítáme s vodou

pocitamesvodou.cz

45

Počítáme s vodou is an environmental project focused on educating government representatives, public administration, and citizens about sustainable and nature-based rainwater management practices in the Czech Republic. The website serves as an information hub offering publications, case studies, event archives, and a database of practical examples related to decentralized rainwater utilization and management. The project positions itself as a trusted resource in the environmental and governmental sector with a clear focus on sustainability and water conservation. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Maps API, and SEO plugins. It uses HTTPS and integrates social media channels for outreach. The site is moderately optimized for performance and mobile devices, with good SEO practices and structured data for enhanced search visibility. From a security perspective, the site enforces HTTPS but lacks several important security headers such as Content-Security-Policy and HSTS, which could improve its security posture. No signs of WAF or blocking mechanisms were detected, and no sensitive data exposure was found. However, the absence of privacy and cookie policies indicates compliance gaps, especially regarding GDPR. Overall, the site is a credible and professionally maintained resource with strong content quality and user experience. The main risk lies in the missing WHOIS data, which reduces domain trustworthiness, and the lack of explicit privacy compliance documentation. Strategic improvements in security headers and privacy transparency are recommended to enhance trust and compliance.

CzechMobility.Info is a Czech government-affiliated information portal dedicated to supporting international artistic cooperation. It provides practical guidance on mobility issues such as taxation, visas, insurance, and copyright for cultural professionals and artists. The portal is bilingual (Czech and English) and serves both domestic and international users collaborating with the Czech cultural scene. The project is supported by the National Institute for Culture and partners including the Ministry of Culture and international cultural networks. Technically, the website employs modern tracking tools like Google Tag Manager and Microsoft Clarity, with a cookie consent mechanism ensuring GDPR compliance. The site is well-structured, mobile-optimized, and professionally designed, though some security headers and explicit SSL configuration details are not evident from the data provided. No WHOIS data was retrievable, likely due to privacy protection, but the website's content and partner affiliations strongly indicate legitimacy. Overall, the site presents a trustworthy and valuable resource for its target audience.

SoundCzech is a Czech cultural institution dedicated to supporting and promoting the Czech music scene both locally and internationally. It operates under the Institut umění – Divadelní ústav, which is transitioning to the Národní institut pro kulturu (NIK). The website provides news, event calendars, artist directories, workshops, and funding challenges, targeting music professionals and enthusiasts. The organization is positioned as a key player in the Czech cultural sector with a non-profit business model focused on cultural promotion and education. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, and Typekit fonts, with good mobile optimization and moderate performance. The site uses HTTPS and implements a cookie consent mechanism compliant with GDPR, reflecting a mature digital presence. However, the absence of WHOIS data and lack of explicit security headers indicate areas for improvement in transparency and security hardening. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent with granular controls. No vulnerabilities or exposed sensitive data were detected. The lack of a published security policy or vulnerability disclosure mechanism suggests room for enhancing incident response readiness. Overall, the security posture is solid but could benefit from additional security headers and formal policies. The overall risk assessment is moderate with a good trust level based on content and institutional affiliation, but the missing WHOIS data and limited direct contact information slightly reduce credibility. Strategic recommendations include improving domain registration transparency, enhancing security headers, publishing security policies, and expanding contact options to strengthen trust and compliance.

N

Národní institut pro kulturu

idu.cz

57

Národní institut pro kulturu (NIK) operates as a Czech national cultural institution focusing on arts disciplines such as theater, music, dance, literature, and visual arts. The website serves as a comprehensive portal offering research resources, databases, publications, and professional development services targeted at cultural professionals, researchers, and the general public interested in Czech culture. The institute maintains a strong online presence with multiple partner portals and active social media channels. Technically, the website is built on the Pimcore CMS platform, uses modern web technologies including Google Analytics and Tag Manager, and provides a responsive, accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit incident response information are absent. The lack of WHOIS data for the domain is a notable gap in trust verification but does not detract from the professional presentation and content quality of the site.

S

SUDOP GROUP a.s.

sudop-group.cz

65

SUDOP GROUP a.s. is a large, well-established company based in the Czech Republic specializing in design, consulting, and IT services primarily for the construction, transportation, energy, and water management sectors. The company positions itself as the largest group of such companies in Central Europe, offering services including Construction and BIM, Consulting & IT, and Research & Development. Their business model focuses on digitalizing construction processes and providing engineering preparation for infrastructure projects. The website content is professional and targeted at business clients in relevant industries. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, and Google Maps API. It is mobile-optimized with good SEO and accessibility features, though some accessibility improvements could be made. Performance is moderate with efficient use of scripts and stylesheets. The site uses HTTPS with an excellent SSL configuration but lacks explicit security headers such as CSP or HSTS. From a security perspective, the site demonstrates good practices including HTTPS enforcement and a comprehensive cookie consent mechanism with granular user controls. No exposed sensitive data or vulnerable libraries were detected. However, the absence of WHOIS data and security.txt or incident response contacts slightly reduces trust. There are no visible forms collecting user data on the homepage, reducing attack surface. Overall, the security posture is solid but could be enhanced with additional headers and published incident response policies. The domain WHOIS data is unavailable, which is a concern for trust but may be due to privacy protection or registry issues. The website content and business information appear legitimate and professional, mitigating some concerns. The overall risk is moderate with recommendations to improve transparency and security headers to enhance trust and compliance.

S

SmartHead Co.

besmarthead.com

72

SmartHead Co. operates an advanced ESG reporting platform accessible via explore.besmarthead.com, targeting companies needing to comply with CSRD and related sustainability regulations. The platform offers comprehensive ESG data management, CO2 emissions calculation, stakeholder engagement, and reporting aligned with European standards. The company maintains strong partnerships with major consulting firms and holds recognized certifications such as ISO 27001 and GRI, positioning itself as a trusted solution in the ESG reporting market. Technically, the website is built on the Solidpixels CMS platform, leveraging modern JavaScript libraries and APIs including Google Fonts, Leaflet maps, and Swiper sliders. The site is mobile-optimized, accessible, and performs moderately well with good SEO practices. Security is robust with HTTPS enforced, CAPTCHA on forms, and cookie consent mechanisms, though some security headers could be improved. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent, and GDPR alignment. The WHOIS data for the subdomain is unavailable, which is typical, but the overall domain and website content support legitimacy and trustworthiness. Overall, SmartHead presents a professional, secure, and user-friendly platform for ESG reporting, with strategic partnerships and certifications enhancing its market credibility.

Vodní hospodářství is a specialized scientific-technical journal focused on water management and related environmental fields, operating since 1998. The website serves as a platform for publishing articles, providing archives, and offering advertising opportunities. It targets a global audience interested in water management science and planning. The business model revolves around publishing and information dissemination within a niche scientific community. The website is built on WordPress with WooCommerce and several plugins, including Yoast SEO and BuddyPress, indicating a moderate level of digital maturity. The technical infrastructure is functional but uses outdated software versions, which may pose security risks. The site is mobile-optimized and SEO-friendly but lacks some modern accessibility features.

The Landespolizei des Fürstentums Liechtenstein is the official national police authority of Liechtenstein, providing comprehensive law enforcement and public safety services. Their website serves as a central hub for citizens and visitors to access police news, digital reporting services, prevention campaigns, and contact information. The site targets the general public and government stakeholders, positioning itself as a trusted government entity with a clear mission to ensure safety and security within the principality. Technically, the website employs a modern technology stack including Vue.js, Axios, and the concrete5 CMS platform, ensuring a responsive and user-friendly experience. The site is mobile optimized and includes accessibility features, although some improvements could be made. Performance is moderate, with good SEO and structured navigation. From a security perspective, the site enforces HTTPS and uses obfuscated email addresses to protect contact information. However, it lacks some security headers and a cookie consent mechanism, which are recommended for enhanced security and privacy compliance. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the legitimacy of the domain as a government entity with consistent registration details. Overall, the website demonstrates a strong security posture and professional presentation suitable for a government institution. Strategic improvements in privacy compliance and security headers would further enhance trust and regulatory adherence.

B

Bad Flash Bar Karlín

badflash-karlin.cz

64

Bad Flash Bar Karlín is a small hospitality business specializing in craft beers from its own brewery and partner breweries, located in Karlín, Czechia. The website provides a comprehensive digital presence with detailed information about the bar, its offerings, and reservation services. The technical infrastructure is modern, leveraging Next.js and React frameworks, hosted likely by Active24, with integrations for payment and mapping services. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although no explicit security or incident response policies are published. Privacy and cookie policies are present and GDPR compliant, with user consent mechanisms implemented. Overall, the website is professional, user-friendly, and trustworthy, targeting mature audiences interested in craft beer and bar experiences.

S

Spolek Most České Budějovice

mountkasperk.cz

54

Mount Kašperk is a small-scale Christian music festival based in Kašperské Hory, Czech Republic, organized by Spolek Most České Budějovice. The festival has a history dating back to 2002 and features gospel, folk, and Christian music performances. The website is built on WordPress using the Bricks theme and JetEngine plugin, integrating Google Fonts and Google Maps for location display. The 2023 event has been postponed indefinitely, reflecting current operational status. Technically, the site is well-structured with good mobile optimization and SEO practices but lacks privacy and cookie policies, which are critical for compliance. Security posture is decent with HTTPS enabled but missing security headers and vulnerability disclosures. Overall, the site is trustworthy and serves its community audience effectively.

S

Spolek Most – České Budějovice

spolekmost.cz

43

Spolek Most – České Budějovice is a Czech non-profit organization dedicated to the spiritual, moral, and cultural development of individuals across various demographics. Established originally in 1993, it operates educational programs, spiritual seminars, social services, and community activities supported by local government entities. The organization maintains a clear structure with named officials and publishes annual reports for transparency. Their digital presence is built on WordPress using the Salient theme and WPBakery Page Builder, with a focus on accessibility and mobile responsiveness. However, the website lacks formal privacy and cookie policies, which are important for compliance with data protection regulations. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and a vulnerability disclosure policy.

The website danubegeotour.eu is a geo-tourism platform providing information about geoparks, points of interest, trails, and geo-products in the Danube region. It targets tourists, families, groups, schools, and experts interested in geo-tourism activities. The platform allows users to explore geo-related content and submit ideas for new geo-products, positioning itself as a niche informational resource in the geo-tourism sector. Technically, the website leverages Google Maps API for interactive mapping, uses modern fonts and icons, and appears to be built with a SPA framework such as Vue.js. Hosting is provided by WebSupport s.r.o. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. From a security perspective, the site uses HTTPS and includes a CSRF token, but lacks visible security headers and published privacy or cookie policies. There is no contact information for incident response or data protection officers, which limits transparency and compliance. No analytics or tracking beyond Google Maps is detected, indicating minimal user tracking. Overall, the website is functional and serves its informational purpose but requires improvements in privacy compliance, security headers, and contact transparency to enhance trust and security posture. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and providing clear contact channels for security incidents.

F

Fenetra

fenetra.cz

43

Fenetra is a small craft brewery based in the Czech Republic, specializing in beers inspired by traditional and modern brewing techniques, particularly focusing on barrel-aged and spontaneously fermented beers. Their product portfolio is diverse, targeting craft beer enthusiasts who appreciate complex and rustic beer styles. The website reflects a well-branded and consistent digital presence with detailed product information and active social media engagement. Technically, the site uses modern frontend technologies including Bootstrap, jQuery, and Google services, hosted on Czech infrastructure. Security posture is adequate with HTTPS and CSRF protections, but lacks explicit security headers and formal privacy or cookie policies. The absence of vulnerability disclosure and incident response information suggests room for improvement in security transparency. Overall, the domain registration and website content are consistent and legitimate, supporting a trustworthy business profile.

N

Nebezpečné jezy v ČR

nebezpecnejezy.cz

34

The website 'Nebezpecnejezy.cz' is a specialized informational platform focused on providing a comprehensive database and safety information about dangerous river weirs in the Czech Republic. It serves primarily water sports enthusiasts, local authorities, and the general public interested in water safety. The site is well-established, with a domain age of over 13 years, and collaborates with recognized partners in the water sports and water management sectors. Technically, the site is built on ASP.NET Web Forms and integrates common tracking tools such as Google Analytics and Google Tag Manager. While the site offers good content quality and user experience, it lacks formal privacy and cookie policies, which is a compliance gap. Security-wise, HTTPS is used, but security headers and advanced protections are missing, indicating room for improvement. Overall, the site is trustworthy and functional but would benefit from enhanced privacy compliance and security hardening.

S

Suché jezy v ČR

suchejezy.cz

38

The website suchejezy.cz is an informational and environmental project focused on documenting and raising awareness about dry weirs in Czech rivers that negatively impact ecology and recreational use. It serves a niche audience including water sports enthusiasts, environmentalists, and local communities. The site provides a searchable database, map integration, news articles, and partner collaborations to support its mission. Technically, the site is built on ASP.NET Web Forms with integration of Google Maps API and Google Analytics for tracking. While functional, the site shows some legacy technology usage and basic mobile and accessibility features. Security posture is moderate with HTTPS usage but lacks security headers and exposes a Google Maps API key without restrictions. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is legitimate and stable with a domain age consistent with its history. Strategic improvements in security and privacy compliance would enhance trust and user protection.

N

NAHUALES, Alebrijes From Oaxaca

nahualesfromoaxaca.com.mx

41

The website 'NAHUALES, Alebrijes From Oaxaca' serves as a cultural and artistic platform promoting traditional Mexican folk art, specifically Alebrijes from Oaxaca. It targets art enthusiasts and cultural tourists interested in artisan crafts. The business model appears to focus on showcasing artists, cultural tours, and possibly sales of handcrafted pieces, positioning itself within a niche artisan market. The website content is basic but relevant to its cultural theme. Technically, the site employs a variety of front-end libraries and plugins such as Bootstrap, jQuery, Slider Revolution, and Owl Carousel to enhance user experience. However, there is no evidence of a CMS or advanced backend frameworks. Performance and mobile optimization are moderate, with room for improvement in accessibility and SEO practices. The site lacks structured data and meta tags that could improve search engine visibility. From a security perspective, the site does not demonstrate strong security posture. There is no visible HTTPS confirmation or security headers in the provided data, and no privacy or cookie policies are present, which raises compliance concerns. No contact information or incident response channels are provided, limiting transparency and trust. The domain uses privacy protection for WHOIS data, which is reasonable for a small cultural business. No suspicious patterns or vulnerabilities were detected. Overall, the website is functional and serves its cultural promotion purpose but requires improvements in security, privacy compliance, and contact transparency to enhance trustworthiness and user confidence.

D

Dorohlíku - rohlík jak ho neznáte

dorohliku.cz

56

Dorohliku.cz is a Czech-based food service website specializing in traditional Czech dishes served in crispy rohlík bread. Founded in 2020, the business targets general consumers seeking quick, quality Czech comfort food, delivered via modern automated vending machines. The website employs modern web technologies including React and Next.js, with integrations such as Google Tag Manager and Google Maps API to enhance user experience and analytics. The site is mobile-optimized and presents a professional design with clear navigation. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy or terms of service pages. Overall, the domain registration details are consistent with the business claims, indicating legitimacy. Strategic improvements in privacy disclosures, security headers, and contact transparency would enhance trust and compliance.

R

Rodinný pivovar Bukovar s.r.o.

bukovar.cz

32

Rodinný pivovar Bukovar s.r.o. is a small family-owned brewery located in Dolní Bukovsko, Czech Republic, specializing in traditional Czech beers including both bottom-fermented and top-fermented varieties. The brewery emphasizes regional heritage and quality ingredients, including unique spring water from an underground lake. Their product range includes several types of beers such as light lagers, wheat beers, IPAs, and stouts. The website supports direct sales through an onsite pub, self-service sales outside opening hours, and an online ordering form, targeting local customers and beer enthusiasts. Technically, the website is built on WordPress with WooCommerce and uses common plugins and Google Maps integration. The site is mobile optimized with good design and navigation but lacks some advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled and Wordfence plugin detected, but missing security headers and no visible privacy or cookie policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy. The site content is safe but categorized as 'questionable' due to alcohol-related content, targeting a mature audience.

S

Soprema México

soprema.mx

77

Soprema México operates as a regional branch of the international Soprema group, specializing in manufacturing and supplying innovative building envelope solutions including waterproofing, thermal and acoustic insulation, and vegetative roofing. The company targets construction professionals, architects, and installers, positioning itself as a trusted expert in roofing and building envelope technologies within the Mexican market. The website reflects a mature digital presence with a Magento 2 e-commerce platform, integrated advanced search via Algolia, and comprehensive content supporting its B2B business model. Technical infrastructure is robust, leveraging modern JavaScript frameworks and third-party integrations such as Google Tag Manager and New Relic for analytics and performance monitoring. Security posture is solid with HTTPS enforcement, security headers, and CAPTCHA protections on forms, although explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is well addressed with cookie consent mechanisms and a detailed privacy policy in Spanish. Overall, the website demonstrates a professional and trustworthy online presence aligned with the company's market position and business objectives.

M

MIDOCAR Logistic, s.r.o

dopravomat.cz

49

Dopravomat.cz is a Czech-based platform operated by MIDOCAR Logistic, s.r.o, founded in 2020, specializing in group transportation services. The website enables users to submit transportation requests for groups and receive competitive offers from a network of verified transport providers across the Czech Republic. The business model focuses on transparency, no hidden fees, and payment only after service completion, positioning itself as a trusted intermediary in the transportation sector. The platform targets groups needing various transport sizes, from personal cars to large buses, emphasizing convenience and cost-effectiveness. Technically, the website employs a custom-built infrastructure leveraging modern web technologies including Google Maps API for location autocomplete, jQuery and jQuery UI for UI components, and integrates multiple analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized with good navigation and user experience, though some accessibility features are basic. Performance is moderate with room for optimization. From a security perspective, the site enforces HTTPS and uses secure form inputs but lacks visible security headers and published security policies. There is no cookie consent mechanism, which may impact privacy compliance. No incident response or vulnerability disclosure information is available. The WHOIS data is consistent with the business identity, indicating legitimacy. Overall, the security posture is adequate but could be improved with additional best practices. The overall risk is moderate with no critical vulnerabilities detected. Strategic improvements in privacy compliance, security headers, and transparency around security policies would enhance trust and reduce risk. The platform is well-positioned in its niche with a clear value proposition and solid business credibility.

E

Europe Direct

europedirect.cz

48

Europe Direct is a public information service providing comprehensive information about the European Union to all citizens, primarily targeting the Czech Republic audience. The website offers services including general EU information, advisory support, and organizing events, lectures, and discussions. It maintains a professional online presence with clear navigation, social media integration, and a cookie consent mechanism compliant with GDPR. Technically, the site uses modern web technologies such as Google Maps API and CookieYes for consent management, though some performance and security header enhancements are recommended. Security posture is moderate with no critical vulnerabilities detected but lacks explicit security headers and incident response information. Overall, the site is trustworthy and serves as a reliable EU information portal, though the absence of WHOIS data slightly reduces domain trustworthiness.

S

Studio QUIN.cz

quin.cz

39

Studio QUIN.cz is a Czech-based creative digital agency specializing in web design, SEO, marketing, advertising, and media production services. Established in 2000, it serves a diverse client base with a full range of internet and media solutions including custom web applications, video production, and 3D modeling. The company positions itself as an innovative and technology-driven service provider focused on business clients seeking comprehensive digital marketing and creative services. Technically, the website uses legacy technologies such as jQuery 1.10.2 alongside Google Analytics and Google Maps APIs, hosted likely via WEDOS, a Czech hosting provider. The site is moderately optimized for performance and mobile use but lacks advanced accessibility features. Security-wise, the site uses HTTPS and obfuscates email addresses to reduce spam but lacks explicit security headers and uses outdated JavaScript libraries, which could pose risks. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms despite tracking scripts. Overall, the website is professional and trustworthy but would benefit from security and privacy improvements.