High-risk security reports

S

SCHWING Stetter Ostrava s.r.o.

schwing.sk

41

SCHWING Stetter Ostrava s.r.o. is a medium-sized manufacturing company specializing in concrete pumps, mixers, and related machinery, serving primarily the construction and industrial sectors in the Czech Republic and Slovakia. The company offers a comprehensive product range, including auto pumps, mixers, stationary pumps, and recycling equipment, supported by after-sales services such as spare parts, consulting, and training. Their market position is that of an established regional player with a strong brand presence and certifications. The website is built on WordPress using the Enfold theme and Avia framework, incorporating modern web technologies such as jQuery and Google reCAPTCHA for security. The site is mobile-optimized, SEO-friendly, and provides clear navigation and professional content. Security posture is good with HTTPS enforced, security headers present, and secure forms, though it lacks explicit vulnerability disclosure and incident response information. Overall, the website is trustworthy, professional, and compliant with GDPR and cookie regulations, making it a reliable digital presence for the company.

F

FREUDENBERGER - Agentur für Kommunikation

agentur-freudenberger.de

45

FREUDENBERGER - Agentur für Kommunikation is a specialized communication agency serving the energy sector, including energy suppliers, municipal utilities, and companies. The agency offers tailored services such as sales communication, marketing, press relations, internet, and social media solutions. The company positions itself as a niche player with a solid client base of over 40 municipal utilities, indicating a focused market presence. The website is professionally designed, consistent in branding, and provides clear contact information and service descriptions. Technically, the site is built on WordPress using modern plugins and frameworks like Elementor and Qi Addons, ensuring a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though it lacks some security headers and incident response information. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site reflects a credible small agency with room for improvement in security and privacy practices.

E

ebsygon GmbH

netzanschluss-digital.de

47

The website netzanschluss-digital.de serves as a digital network connection portal targeted at distribution network operators in Germany. It is operated by ebsygon GmbH, a small company specializing in providing flexible and cost-effective digital solutions for energy distribution networks. The site acts primarily as an informational landing page linking to the parent company's main website for more detailed information. Technically, the site uses modern frontend technologies such as SvelteKit and integrates Cloudflare Turnstile for bot protection, indicating a moderate level of digital maturity. However, the site lacks visible security headers and cookie consent mechanisms, which are important for compliance and security best practices. The security posture is adequate but could be improved by implementing additional security policies and transparency measures. Overall, the site is professional and trustworthy but minimalistic in content and features, reflecting a focused B2B service offering.

E

Energieversorgung Lohr-Karlstadt und Umgebung GmbH & Co. KG

die-energie.de

48

Energieversorgung Lohr-Karlstadt und Umgebung GmbH & Co. KG is a regional municipal energy provider based in Karlstadt, Germany, serving over 90,000 customers with electricity, natural gas, water, and heating services. The company emphasizes sustainability and innovation, actively promoting renewable energy solutions such as photovoltaic systems and electric mobility infrastructure. Their market position is that of a trusted regional supplier with a strong community focus and comprehensive service offerings for both private and business customers. Technically, the website is built on TYPO3 CMS with modern frameworks and integrates multiple analytics and marketing tools while maintaining GDPR compliance through Usercentrics consent management. Security posture is solid with HTTPS, reCAPTCHA, and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the website is professional, well-structured, and trustworthy, reflecting a mature digital presence aligned with the company's business goals.

The website at vgem-zellingen.info currently presents no accessible content, metadata, or business information, indicating it may be blocked, under construction, or abandoned. The lack of WHOIS data due to unsupported TLD and privacy protection further complicates trust and legitimacy assessments. The absence of HTTPS and security headers exposes the site to potential risks if content were to be added. Overall, the digital maturity is very low with no visible compliance or security measures in place.

G

Grundschule Thüngen

grundschule-thuengen.de

39

Grundschule Thüngen is a local primary school in Germany focused on providing foundational education with a bilingual emphasis. The website serves as an information portal for parents and the community, highlighting the school's values, services, and contact details. Technically, the site is built on WordPress using the Avada theme and several popular plugins, indicating a moderate level of digital maturity. The presence of a PWA plugin suggests some modern web capabilities. Security posture is adequate with HTTPS enforced and GDPR compliance evident, though minor issues such as visible debug notices and lack of security headers reduce the overall security score. No WAF or blocking mechanisms interfere with content access. Overall, the site is professional, trustworthy, and well-suited for its educational purpose.

The website ffw-thuengen.de currently serves as a placeholder page with a simple message in German indicating that a new website is under construction. There is no substantive business information, services, or contact details provided. The domain is hosted with netcup as indicated by the nameservers, suggesting a German hosting provider. The digital maturity of the site is minimal, lacking any modern web technologies, SEO, or accessibility features. Security posture is weak or unknown due to absence of HTTPS confirmation and security headers. No privacy or cookie policies are present, indicating non-compliance with GDPR requirements. Overall, the site presents a low trust profile and minimal business credibility.

The website somas.lv currently hosts an extremely minimal web page with only a simple heading 'It's Jason' and a page title referencing 'Jason Davis - Buffalo, New York'. There is no substantive business information, contact details, or service descriptions available. The domain is active and uses Cloudflare nameservers, but no SSL or security headers are detected from the provided data. The lack of privacy, cookie, or terms of service policies, combined with no contact or legal information, indicates the site is either a placeholder or under development. This severely limits the ability to assess the business or security posture meaningfully. From a technical perspective, the site lacks modern SEO, accessibility, and performance optimizations. No analytics, tracking, or advertising technologies are detected. Security posture is weak due to missing HTTPS and security headers, and no incident response or vulnerability disclosure mechanisms are present. Overall, the site presents a low trust profile with minimal content and no compliance indicators. The domain registration appears consistent but provides no additional legitimacy signals. Strategic recommendations include implementing HTTPS, publishing privacy and cookie policies, adding contact and business information, and improving content quality to enhance trust and security. Given the current state, the risk is moderate due to lack of information and security controls, but no explicit vulnerabilities or malicious indicators are found.

D

das agnes is under construction

das-agnes.de

35

The website das-agnes.de is currently under construction and displays a placeholder page indicating ongoing work. There is no business description, contact information, or legal policies available, which limits the ability to assess the company's market position or services. The site uses WordPress with an under construction plugin and includes standard web fonts and CSS frameworks such as Bootstrap and Font Awesome. No advanced technical or security features are evident. Security posture is minimal with no detected security headers or incident response information. The lack of privacy and cookie policies indicates non-compliance with GDPR and related regulations. Overall, the site presents a low trust profile and limited business credibility due to the absence of meaningful content and contact details.

K

Katholische Kirchengemeinde Heilig Kreuz

heilig-kreuz-ffo.de

47

The website represents the Katholische Kirchengemeinde Heilig Kreuz, a Catholic church community located in Frankfurt (Oder), Germany. It serves as an information and communication platform for parishioners and the local community, offering details on religious services, community events, youth programs, and kindergarten services. The site is positioned as a trusted local religious institution with a clear focus on community engagement and spiritual care. Technically, the website is built on TYPO3 CMS, utilizing jQuery and other JavaScript libraries for enhanced user experience. It features a responsive design with good accessibility and SEO practices. Privacy is respected through a comprehensive cookie consent mechanism that blocks third-party content like YouTube videos until user consent is given, aligning with GDPR requirements. From a security perspective, the site enforces HTTPS and employs cookie consent controls to manage user data privacy. However, it lacks explicit security headers and formal security or incident response policies. No vulnerabilities or suspicious activities were detected in the content or domain registration data, which aligns well with the church's legitimate and transparent operations. Overall, the website demonstrates a solid balance of content quality, technical implementation, privacy compliance, and business credibility, making it a reliable and professional digital presence for the church community.

K

Katholische Studierendengemeinde Edith Stein

ksg-berlin.de

44

KSG Edith Stein Berlin is a Catholic student community organization based in Berlin, Germany, focused on providing spiritual guidance, social events, and advisory services to students. The website serves as a hub for community engagement, event announcements, and contact information, targeting students and university communities in Berlin. The organization operates as a non-profit entity with a clear mission to support student life through faith-based and social activities. Technically, the website is built on WordPress using the Enfold theme, incorporating modern web technologies such as jQuery and Google Fonts. It is hosted on NSHost2 name servers and employs HTTPS for secure communication. The site demonstrates good digital maturity with mobile optimization, clear navigation, and integration of social media channels. Security posture is solid with HTTPS and secure form handling, though it lacks advanced security headers and explicit security policies. Privacy compliance is evident with a privacy policy and cookie consent mechanism in place, aligning with GDPR requirements. Overall, the website is professional, trustworthy, and well-maintained, serving its community effectively.

The domain iregister.net is registered since 2002 with Dynadot Inc and is currently active with no privacy protection. However, the website content is completely empty with no metadata, no visible text, no forms, no contact information, and no security or privacy policies. This indicates the website is either inactive, under construction, or blocked. The lack of HTTPS and security headers further reduces the security posture. There are no indications of business operations or services offered on the site. Overall, the digital maturity is very low, and the site does not provide any trust or compliance signals.

D

Demeter CS

zivezemedelstvi.cz

44

Živé zemědělství is a Czech language specialized online magazine focused on sustainable, ecological, biodynamic, permaculture, and regenerative agriculture. It serves as an information hub providing articles, event calendars, and symposium information targeting farmers, ecological practitioners, and the broader agricultural community interested in sustainable practices. The website is professionally designed with consistent branding and clear navigation, supported by a small but focused team or organization linked to Demeter CS. Technically, the site is built on WordPress with modern plugins including GDPR compliance tools and reCAPTCHA for security. The hosting appears to be Czech-based, aligning with the target audience. Security posture is good with HTTPS and spam protection, though some HTTP security headers could be improved. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, the site is trustworthy, well-maintained, and serves a niche market effectively.

S

Software AG – Stiftung

sagst.de

49

The Software AG – Stiftung is a large, well-established non-profit foundation based in Germany, focused on funding social, educational, and ecological projects primarily in Germany and Europe. The website is professionally designed using TYPO3 CMS, with a clear structure, multilingual support, and strong privacy compliance including GDPR-aligned cookie consent via Klaro and Matomo analytics. The foundation's significant capital and project portfolio position it as a key player in the German non-profit sector. Technically, the site uses mature technologies and demonstrates good mobile optimization and accessibility, though security headers and explicit security policies are not publicly visible. No blocking or WAF mechanisms interfere with content access, and no suspicious or malicious content is detected.

S

Error

sofarm.cz

47

The domain sofarm.cz is registered since late 2020 and currently resolves to a Wix-hosted error page indicating the domain is not connected to any active website. No business content, contact information, or policies are present on the page, which limits the ability to assess the company's operations or market position. The website uses AngularJS and jQuery libraries served by Wix's infrastructure, indicating a standard Wix platform deployment. Security posture is minimal with no visible security headers or advanced configurations, and no analytics or tracking scripts are detected. The domain registration data is consistent with a Czech registrar and hosting provider, but the lack of an active website reduces trust and credibility. Overall, the site is effectively inaccessible for meaningful analysis and scores low on content quality, privacy compliance, and business credibility.

N

Netzwerk Biodynamische Bildung gGmbH

netzwerk-biodynamische-bildung.de

41

Netzwerk Biodynamische Bildung gGmbH is a German non-profit organization that unites Demeter training initiatives to promote biodynamic agricultural education. The website serves as an information hub and fundraising platform, operating the Demeter Ausbildungsfonds to support new organic farmers. The organization targets aspiring biolandwirte, educational institutions, and supporters of sustainable agriculture. Technically, the website is built on WordPress with common plugins such as Yoast SEO and Borlabs Cookie, hosted on kasserver.com. The site is moderately performant, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS and cookie consent but lacks advanced security headers and explicit security policies. No critical vulnerabilities or blocking mechanisms were detected. Overall, the site is professional, trustworthy, and aligned with its non-profit mission.

A

Asociace místních potravinových iniciativ, o.p.s.

asociaceampi.cz

44

Asociace místních potravinových iniciativ, o.p.s. is a Czech non-profit organization dedicated to fostering a close relationship between people and the land that sustains them. The organization focuses on educational programs for schools and communities about food, agriculture, and sustainable land use. It also supports community-supported agriculture and local food systems, positioning itself as a niche leader in ecological and community food initiatives within the Czech Republic. The website is professionally designed, content-rich, and targets educators, schools, and local communities. Technically, the site is built on WordPress with common plugins and tracking tools such as Google Analytics and Facebook Pixel, showing moderate digital maturity. Security posture is good with HTTPS enforced, but lacks some security headers and visible privacy compliance documentation. Overall, the site is safe, trustworthy, and well-maintained, though improvements in privacy policy visibility and security headers are recommended.

The BKC-Spendenportal website serves as an online donation platform operated by the Bank für Kirche und Caritas eG, targeting charitable organizations primarily within the church and caritas sectors in Germany. It facilitates the connection between donors and charitable projects, providing a streamlined platform for online donations. The website is professionally designed with clear navigation and content relevant to its audience, emphasizing transparency and trust through visible contact information and testimonials. Technically, the site is built on the Contao Open Source CMS and leverages common JavaScript libraries such as jQuery, Colorbox, and Isotope for enhanced user experience. Hosting is provided by Schlundtech, a reputable German hosting provider. The site demonstrates good mobile optimization and SEO practices, although performance is moderate rather than fast. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism aligned with GDPR requirements. However, it lacks explicit security policies, incident response contacts, and advanced security headers, which are recommended for improved security posture. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the site maintains a good security baseline appropriate for its business model. The overall risk assessment is low, with the site presenting a trustworthy and professional front for its niche market. Strategic recommendations include formalizing security policies, adding vulnerability disclosure mechanisms, and enhancing security headers to further strengthen trust and compliance.

N

Naděje

kurzy-nadeje.cz

43

Naděje is a Czech non-profit organization specializing in accredited educational courses for social service providers, social workers, and caregivers. Established in 1996, the organization offers a range of training programs accredited by the Ministry of Labour and Social Affairs (MPSV). Their website presents a professional and well-structured platform showcasing their courses, testimonials, and newsletter subscription, targeting professionals in the social services sector. Technically, the site uses a custom CMS built on the Yii PHP framework, enhanced with jQuery and modern web fonts, delivering a moderate performance and good mobile responsiveness. Security-wise, the site uses HTTPS and secure form submissions but lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in compliance and security posture. Overall, the domain registration data aligns well with the business profile, supporting the site's legitimacy.

M

Městský úřad Lanškroun

lanskroun.eu

47

The website www.lanskroun.eu serves as the official municipal portal for the city of Lanškroun in the Czech Republic. It provides comprehensive information about the city administration, local news, cultural events, tourism, and public services. The site targets residents, visitors, and businesses in the Lanškroun region, offering multilingual support and various e-government services. The business model is focused on public service and community engagement, positioning itself as a trusted local government resource. Technically, the website is built on the Vismo CMS platform, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google Analytics and Google Tag Manager for visitor tracking and employs Google reCAPTCHA v2 to protect forms from spam. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some improvements in security headers could be made. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for form protection. However, no explicit security policies or incident response contacts are published, and security headers appear to be missing or not detected in the provided content. The WHOIS data is not publicly available due to EURid privacy policies, which is typical for .eu domains and does not raise immediate concerns. Overall, the security posture is moderate with room for enhancement. The overall risk assessment indicates a well-maintained official government website with no signs of malicious activity or content safety issues. Strategic recommendations include implementing HTTP security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to enhance trust and security maturity.

M

Město Hlinsko

hlinsko.cz

48

Město Hlinsko operates an official municipal website serving residents and visitors of the city of Hlinsko, Czech Republic. The site provides comprehensive information about municipal offices, citizen services, local news, social and cultural activities, and crisis management. It targets local citizens and stakeholders seeking official information and services. The website is well-structured and content-rich, reflecting a public sector information portal model with a focus on transparency and accessibility. Technically, the website uses a combination of jQuery, Bootstrap 4.4.1, Swiper, PhotoSwipe, and mmenu libraries, indicating a moderately modern front-end stack. The site appears mobile-optimized and provides a cookie consent mechanism, demonstrating awareness of privacy compliance. However, no major CMS or hosting provider details are evident, suggesting a custom or proprietary municipal CMS. From a security perspective, the site enforces HTTPS and includes cookie consent but lacks visible security headers and explicit security policies or incident response information. The absence of WHOIS data for the domain reduces trust signals, although the website content and domain usage appear legitimate. No vulnerabilities or tracking scripts were detected, indicating a low-risk profile but with room for security improvements. Overall, the website is a functional and professional municipal portal with good content quality and user experience. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and investigating the missing WHOIS data to improve domain trustworthiness.

M

Město Polička

policka.org

47

Město Polička operates an official municipal website serving residents and visitors with comprehensive city information, including news, events, official documents, and public services. The website is well-established with a domain age since 2003, reflecting a stable digital presence for the local government of Polička, Czech Republic. The site targets local citizens and visitors seeking municipal updates and services. Technically, the website uses ASP.NET Web Forms with Bootstrap and FontAwesome, providing a responsive and user-friendly interface, though performance is moderate and accessibility is basic. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC, indicating room for improvement. Privacy compliance is basic with privacy and cookie policies present but no active consent mechanism. Contact information is clearly provided, including emails, phone numbers, and physical address, enhancing business credibility. Overall, the website is trustworthy and professionally maintained, suitable for its government function.

M

Město Skuteč

skutec.cz

45

The website skutec.cz serves as the official digital presence of the town of Skuteč, Czech Republic. It provides comprehensive municipal information including news, cultural events, public services, and contact details aimed at residents and visitors. The site is well-structured with clear navigation and a professional design consistent with government standards. It leverages modern web technologies such as jQuery, Bootstrap, and Swiper.js to deliver a responsive and accessible user experience. The presence of GDPR compliance and cookie consent mechanisms demonstrates attention to privacy regulations. Security posture is solid with HTTPS enforced and no evident vulnerabilities, though some HTTP security headers could be improved. The absence of WHOIS data is a notable gap, limiting domain legitimacy verification, but the official nature and content quality support trust in the site. Overall, the site is a reliable municipal resource with good technical and security practices.

Česká správa sociálního zabezpečení (ČSSZ) is the official Czech government agency responsible for administering social security programs including pensions, sickness benefits, maternity support, and social insurance contributions. The website serves as a comprehensive portal providing information, online services, and resources for citizens, employers, self-employed persons, and foreigners with temporary protection. It holds a strong market position as the primary social security institution in the Czech Republic. Technically, the website is built on the Liferay CMS platform, utilizing modern web technologies such as Bootstrap and jQuery, and integrates Matomo for analytics. The site is mobile-optimized, accessible, and demonstrates good SEO practices. Security measures include HTTPS enforcement and standard security headers, contributing to a solid security posture. While the WHOIS data is unavailable due to registry policies, the website's official domain, consistent branding, and government affiliation indicate legitimacy. Privacy and cookie policies are present and GDPR compliant, though explicit terms of service and vulnerability disclosure mechanisms are not found. Contact information includes phone numbers and contact forms, with no exposed sensitive data detected. Overall, the website presents a professional, secure, and user-friendly platform for social security services in the Czech Republic, with recommendations to enhance transparency around security policies and incident response capabilities.

Ekumenická rada církví is a non-profit religious organization representing a community of Christian churches in the Czech Republic. The website serves as an informational portal providing news, event announcements, and resources related to ecumenical activities. It targets a general audience interested in religious and community matters within the Czech Republic. The organization appears well-established with a domain age dating back to 2000, reflecting a stable presence in its sector. Technically, the website is built on the Yii PHP framework with jQuery and Nivo Slider for interactive elements. The site demonstrates moderate performance and basic mobile optimization. SEO and accessibility features are present but could be improved. The absence of advanced analytics or tracking tools indicates a minimal user tracking approach. From a security perspective, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure mechanisms are evident. The newsletter form collects emails but does not show explicit consent mechanisms. Overall, the security posture is moderate but requires enhancements to meet modern standards. The overall risk is low given the non-commercial nature and content safety of the site. Strategic recommendations include implementing privacy and cookie policies, adding security headers, improving mobile and accessibility features, and establishing clear incident response contacts to enhance trust and compliance.

E

EAPN ČR, z. s.

eapncr.org

43

EAPN ČR, z.s. is a Czech non-profit organization dedicated to advocating for the rights of people dependent on social services and combating poverty and social exclusion. It is part of the European Anti Poverty Network, positioning itself as a national member focused on social advocacy and public awareness. The website provides information about their activities, news, projects, and partner organizations, targeting stakeholders involved in social issues in the Czech Republic and Europe. Technically, the website is built on Drupal 7 with legacy jQuery and TinyMCE, indicating a somewhat dated but functional infrastructure. The site is accessible, with basic mobile optimization and SEO features, but lacks modern performance and accessibility enhancements. Security posture is moderate; HTTPS is used but no security headers were detected, and outdated libraries pose potential risks. Privacy and cookie policies are absent, which is a compliance gap. Contact information is clearly provided, enhancing business credibility. WHOIS data is incomplete, limiting domain trust assessment, but the website content and external links suggest legitimacy. Overall, the site is functional and serves its advocacy purpose but would benefit from technical and compliance improvements.

S

Síť aktérů pro domov, z.s.

sad-cr.cz

48

Síť aktérů pro domov, z.s. is a small non-profit organization based in the Czech Republic focused on homelessness and housing issues. The website serves as a platform for expert discussions and advocacy in this social domain. The organization appears to be a recognized thematic leader in its field, founded in 2017, with a clear mission to address homelessness through professional discourse. Technically, the website is built on WordPress using the Divi theme, incorporating Google Analytics and Tag Manager for visitor tracking. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features and comprehensive SEO optimization. Security posture is minimal with no detected security headers or explicit security policies, and privacy compliance is poor due to the absence of privacy and cookie policies. Overall, the site is functional and professional but would benefit from enhanced security and compliance measures.

K

koalice Za snadné dárcovství

snadnedarcovstvi.cz

42

The website 'koalice Za snadné dárcovství' represents a Czech non-profit coalition focused on advancing individual fundraising through relationship-based donor engagement. It serves as a platform for non-profit organizations to collaborate, educate, and overcome obstacles in the donation process. The site positions itself as a key player in the Czech fundraising ecosystem, targeting non-profit organizations and fundraising professionals. Technically, the website is built on WordPress using Elementor and several common plugins, delivering a modern and responsive user experience with moderate performance. Security posture is adequate with HTTPS enabled, but lacks important security headers and privacy compliance documentation, which are areas for improvement. Overall, the site appears legitimate and trustworthy, though the absence of WHOIS data limits domain registration transparency.

C

Cerebra s.r.o.

cerebra.cz

45

Cerebra s.r.o. is a Czech consulting firm established in 2008, specializing in organizational design, agile project management, and human relations consulting primarily for automotive, energy, transport, public sector, and startup clients. The company emphasizes modern management methods, employee motivation, and corporate culture development. Their website is professionally designed, mobile-optimized, and provides clear contact information and social media presence. Technically, the site uses common JavaScript libraries and a custom CMS but lacks advanced security headers and explicit privacy policies. The absence of WHOIS data reduces domain trust verification, though the website content and contact details support legitimacy. The company integrates Facebook Pixel for marketing and has a cookie consent mechanism, indicating some privacy compliance efforts.

M

MAS Bohdanečsko

mas-bohdanecsko.cz

39

MAS Bohdanečsko is a regional non-profit organization based in the Czech Republic, focused on local community development through the LEADER method, supported by EU and national funding. The organization aims to improve quality of life and the environment by managing and distributing grant funds and implementing local development strategies. Their website reflects a community-oriented approach with detailed information on organizational structure, strategies, and projects. Technically, the website uses modern responsive design with Bootstrap 5 and SVG graphics, but lacks explicit CMS identification and advanced technical optimizations. Security posture is weak due to absence of security headers, privacy policies, and incident response information, which are critical for compliance and trust. Overall, the website is accessible and informative but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

L

Luther-Verlag

lutherverlag.de

48

Luther-Verlag operates a German-language e-commerce platform specializing in evangelical books, calendars, and religious materials. With a history dating back to 1911, the company targets German-speaking customers interested in faith-based literature and related products. The website presents a professional and consistent brand image with clear navigation and a focused product catalog. Technically, the site runs on the modified eCommerce Shopsoftware platform, leveraging modern JavaScript libraries such as jQuery and bxSlider, and employs HTTPS with cookie consent mechanisms to comply with GDPR. Analytics are handled via Matomo, emphasizing privacy-conscious tracking. Security posture is solid with no evident vulnerabilities or exposed sensitive data, though the absence of explicit security headers and incident response information suggests room for improvement. Overall, the site is trustworthy, well-maintained, and serves its niche effectively.

I

Institut St. Bonifatius

institut-st-bonifatius.de

44

Institut St. Bonifatius is a small, non-profit religious institute founded in 1949, operating internationally with a focus on spiritual formation, mission projects, and community service primarily in Europe, Africa, and Latin America. The website reflects a well-structured and content-rich platform targeting religious individuals and those interested in mission work and spiritual life. Technically, the site uses common JavaScript libraries such as jQuery and Slick Carousel, hosted on a domain managed via GoDaddy nameservers. The site is mobile optimized and provides a good user experience with clear navigation and consistent branding. Security posture is moderate with HTTPS assumed but lacking explicit security headers and formal security policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility.

E

Evangelischer Kirchenkreis an Lahn und Dill

evangelisch-an-lahn-und-dill.de

49

The Evangelischer Kirchenkreis an Lahn und Dill is a regional church district within the Evangelical Church in the Rhineland, serving the communities of Wetzlar and Braunfels in Germany. The website provides comprehensive information about religious services, community support, counseling, events, and educational resources. It targets church members, affiliates, and the general public interested in the church's activities. The organization operates as a non-profit entity focused on spiritual and social services. Technically, the website is built on WordPress using the Avada theme and several plugins including Yoast SEO and Mailin for newsletter management. It is hosted on rzone.de servers and employs HTTPS for secure communication. The site is moderately optimized for performance and mobile devices, with good SEO practices and structured data implementation enhancing discoverability. From a security perspective, the site uses HTTPS and some security best practices but lacks advanced security headers and a public security or privacy policy. Cookie consent is implemented, indicating some GDPR awareness. No critical vulnerabilities or suspicious content were detected. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, trustworthy, and serves its community well. Recommendations include adding a privacy policy, enhancing security headers, and publishing a vulnerability disclosure policy to improve compliance and security posture further.

G

Gemeinschaft Immanuel

immanuel-online.de

48

Gemeinschaft Immanuel is a small German Catholic charismatic lay community focused on promoting Christian unity, evangelization, and renewal of church and society. Their website serves as a hub for community information, events, and outreach to various age groups including families, youth, and seniors. The organization operates as a non-profit with a clear mission and active event calendar. Technically, the site is built on WordPress with common plugins such as Events Manager and Slider Revolution, hosted likely by Your-Server.de. The site is mobile optimized and well structured, though some improvements in accessibility and SEO could be made. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks security headers and formal policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional for its community purpose.

K

Kompostářská asociace

kompostarska-asociace.cz

47

Kompostářská asociace is a Czech Republic based non-profit organization dedicated to advocating for the composting industry. Founded in 2020, it serves as a collective voice for stakeholders in the composting sector, providing industry representation and information dissemination. The website is built on WordPress using the Divi theme, indicating a moderate level of digital maturity with standard CMS capabilities. The site includes cookie consent mechanisms via Cookiebot and uses Google Tag Manager configured to limit ad personalization and analytics storage, reflecting a basic privacy-conscious approach. However, the absence of a published privacy policy, terms of service, and explicit contact information limits transparency and compliance. Security posture is moderate with no detected security headers or incident response information, suggesting room for improvement in security best practices. Overall, the website is professional and relevant to its target audience but would benefit from enhanced privacy and security disclosures to improve trust and compliance.

F

Farmářská škola

farmarskaskola.cz

45

Farmářská škola is a specialized higher vocational school in the Czech Republic focused on ecological and biodynamic agriculture education. Established in 2020, it offers practical and theoretical training on ecological farms domestically and internationally. The institution targets students and individuals interested in sustainable farming practices and rural development. The website reflects a well-structured educational platform with clear navigation, modern design, and compliance with GDPR and cookie regulations. Technically, the website is built on WordPress using a modern theme and plugins, including jQuery, Swiper Slider, and nanogallery2 for enhanced user experience. It integrates marketing and analytics tools such as Google Analytics, Facebook Pixel, and TikTok Pixel, managed via Google Tag Manager. The site is mobile-optimized and performs moderately well, with room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers like Content-Security-Policy. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's claims, showing consistent registration details and appropriate domain age. Overall, Farmářská škola presents a credible, professional, and secure online presence suitable for its educational mission, with recommendations to enhance security headers and maintain regular updates to plugins and CMS.

K

Keminet

keminet.net

48

Keminet is a technology service provider specializing in domain registration, dedicated servers, VPS hosting, web and business hosting, SSL certificates, and IT consultancy. Established in 2006, the company has a solid market presence servicing over 5,000 websites. The website is built on a modern WordPress platform using Elementor and Astra theme, indicating a good level of digital maturity. The technical infrastructure includes PWA capabilities and WhatsApp chat integration, enhancing user engagement and accessibility. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced compliance and security transparency.

WebyLevně.cz is a Czech-based small business specializing in affordable website creation services primarily using WordPress CMS. The site targets individuals and small businesses seeking low-cost informational and presentation websites. The business has been established since 2006, as supported by domain registration data. The website content is basic but functional, providing guidance on pricing, examples of websites, and a contact email for inquiries. Technically, the site runs on WordPress 5.1.1 with several common JavaScript libraries including an outdated jQuery version, which poses a security risk. The site uses HTTPS but lacks modern security headers and visible privacy or cookie policies, indicating limited privacy compliance. No forms or extensive data collection mechanisms are present, reducing privacy risks but also limiting user engagement. Overall, the website demonstrates moderate professionalism and trustworthiness but would benefit from improved security and privacy practices.

W

World Dredgers GmbH & Co. KG

world-dredgers.de

49

World Dredgers GmbH & Co. KG is a specialized engineering company focused on the design, construction, and servicing of suction dredgers and related equipment for efficient gravel and sand extraction. The company emphasizes innovation, notably with its autonomous GPS-based movement control system for dredgers, enhancing operational efficiency and automation. Their market position is that of a niche specialist serving B2B clients in the energy and transportation sectors related to raw material extraction. Technically, the website is built on the Contao CMS platform, utilizing modern JavaScript libraries and frameworks, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacking explicit security headers and incident response policies. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, reflecting a credible small-sized enterprise with a clear business focus and parent company affiliation.

I

it's owl

its-owl.de

45

it's OWL is a well-established competence network based in OstWestfalenLippe, Germany, focusing on digital and sustainable transformation for the industrial mid-sized sector. With over 230 members including world market leaders and hidden champions, it acts as a catalyst for innovation, research collaboration, and technology transfer. The website is professionally designed, multilingual, and rich in content, showcasing projects, events, and member companies. Technically, it is built on WordPress with modern frameworks and plugins, optimized for mobile and SEO. Security posture is good with HTTPS and no visible vulnerabilities, but lacks explicit privacy and cookie policies as well as security headers. Overall, the domain and business information are consistent and trustworthy, though privacy compliance needs improvement.

T

Tourism Development Association Pardubicko – Czech Gingerbread Heart

topardubicko.cz

36

The website represents the Tourism Development Association Pardubicko – Czech Gingerbread Heart, a regional tourism promotion entity focused on the Pardubicko area in the Czech Republic. It offers tourist information, downloadable promotional materials, and collaborates with CzechTourism to provide travel inspiration. The site targets tourists interested in cultural heritage, local cuisine, and family-friendly activities. Technically, the website uses modern front-end technologies such as Bootstrap, jQuery, and Google Fonts, and includes a cookie consent mechanism and Google Analytics for tracking. The site is mobile responsive and well-structured, though accessibility features are basic. Security posture is moderate with HTTPS implied but lacking explicit security headers and privacy policies. WHOIS data is unavailable, which reduces domain trust but the website content and business information appear legitimate. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security hardening.

A

Asociace regionálních značek, z.s.

regionalni-znacky.cz

44

Asociace regionálních značek, z.s. is a Czech non-profit association dedicated to certifying and promoting regional products, services, and experiences with guaranteed quality and origin. Operating since 2005, it manages 32 regional quality brands across 31 Czech regions, serving both consumers interested in authentic regional goods and producers seeking certification and cooperation. The website offers rich content including product categories, regional information, news, and event calendars, supported by an e-shop partner site. Technically, the site uses modern frontend technologies such as Bootstrap, Swiper.js, Leaflet.js, and Google Analytics, providing a responsive and user-friendly experience. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacking some advanced security headers and explicit security policies. The absence of WHOIS data reduces domain registration trust but does not detract from the legitimacy of the business itself. Overall, the site is professional, trustworthy, and well-positioned in its niche.

M

Miroslav Mrázek

joomla-webdesign.cz

42

Joomla Webdesign is a Czech Republic-based small business specializing in Joomla CMS web design, development, SEO, and maintenance services. With over 10 years of experience, the company targets small to medium enterprises seeking tailored Joomla-based web solutions. The website demonstrates a professional digital presence with a modern tech stack including Joomla, Bootstrap, and Google Analytics integration. Security posture is solid with HTTPS and CSRF protections, though it lacks some security headers and formal privacy policies. The absence of WHOIS data reduces domain trust but is partially offset by clear business contact information and a portfolio of projects. Overall, the site is functional, user-friendly, and business-focused.

A

Asociácia inštitúcií vzdelávania dospelých v Slovenskej republike

aivd.sk

42

Asociácia inštitúcií vzdelávania dospelých (AIVD) is a Slovak non-profit association dedicated to adult education. Established in 1991, it represents institutions involved in adult learning, providing certification, organizing events, and fostering international partnerships. The organization is well-established with a domain registered since 2003 and recognized certifications such as EduQua. The website serves as a professional platform to communicate its activities, membership opportunities, and sector news. Technically, the site is built on WordPress with Bootstrap and jQuery, hosted likely by Websupport, and is mobile optimized with moderate performance. Security posture is good with HTTPS and DNSSEC enabled, though it lacks some security headers and formal privacy and cookie policies. Contact information is comprehensive, supporting business credibility. Overall, the site is trustworthy and serves its target audience effectively.

P

Pardubický kraj

krajprorodinu.cz

46

The website krajprorodinu.cz serves as an official regional government portal dedicated to family support in the Pardubice region of the Czech Republic. It provides comprehensive information and resources for families with children, seniors, caregivers, and professionals involved in social services. The site is well-positioned as a trusted regional support platform with a clear focus on social welfare and community engagement. The business model is non-commercial, supported by the regional government, and targets local residents and stakeholders. Technically, the website is built on WordPress with a modern plugin ecosystem including Yoast SEO, WPBakery Page Builder, and Events Manager. It uses HTTPS with good SSL configuration and implements GDPR-compliant cookie consent mechanisms. The site demonstrates good SEO practices, moderate performance, and basic accessibility features. Social media integration includes Facebook and Instagram links. From a security perspective, the site enforces HTTPS and uses cookie consent to manage user privacy. No critical vulnerabilities or exposed sensitive data were detected. However, security headers could be improved, and a security.txt file is absent. The domain registration is consistent with the website’s regional government affiliation, with no suspicious patterns detected. Overall, the website presents a low-risk profile with a solid foundation for content delivery and user engagement. Strategic recommendations include enhancing security headers, improving accessibility, and formalizing vulnerability disclosure processes to further strengthen trust and compliance.

N

NADĚJE

nadeje.cz

49

NADĚJE is a well-established Czech non-profit organization focused on providing social services to vulnerable populations including seniors, homeless people, handicapped individuals, families, children, and youth. Founded in 1990, the organization operates multiple branches across the Czech Republic and offers a variety of services including education, spiritual care, and debt counseling. The website serves as an information hub and donation platform, integrating a donation widget and linking to an e-commerce shop and educational sites. Technically, the site is built on WordPress with Elementor, uses modern web technologies, and includes GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS enabled and no obvious vulnerabilities, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

E

ECOTEC Fleet

ecotec-fleet.com

47

ECOTEC Fleet operates a medium-sized vehicle rental business specializing in waste collection and municipal vehicles in Germany. The company offers a large fleet of 400 vehicles including brands like ZOELLER and FAUN, targeting municipalities and commercial waste management clients. The website is professionally designed using WordPress with WooCommerce and Elementor, featuring multilingual support and SEO optimization. Contact details and cookie consent mechanisms are clearly implemented, but privacy and terms of service policies are missing. Security posture is moderate with HTTPS enabled but lacking security headers and incident response information. The WHOIS data is missing or unavailable, which raises concerns about domain legitimacy despite the professional web presence.

D

Designwerk

designwerk.com

49

Designwerk is a medium-sized company specializing in electromobility solutions, including electric vehicle manufacturing, energy storage, and charging infrastructure. The company targets businesses and organizations interested in sustainable energy and transportation solutions, positioning itself as a niche player in the energy and transportation sectors. The website is professionally designed using WordPress and the Avada theme, indicating a moderate level of digital maturity with good mobile optimization and SEO practices. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Security posture is moderate with no visible advanced security headers or policies, and privacy compliance is lacking due to missing privacy and cookie policies. Overall, the website presents a professional business front but requires improvements in security and compliance to enhance trustworthiness.

M

Město Červený Kostelec

cervenykostelec.cz

41

Město Červený Kostelec operates an official municipal website serving residents and visitors with comprehensive information about the town's administration, public services, news, and community events. The website is well-structured, primarily in Czech, and targets local citizens and stakeholders. It provides key services such as contact details, public documents, and updates on municipal activities, positioning itself as a trusted local government resource. Technically, the website employs a modern tech stack including jQuery, Bootstrap, and Swiper.js, running on the Munipolis CMS platform. It is mobile-optimized and offers a moderate performance profile. The site uses HTTPS and implements cookie consent mechanisms, reflecting a reasonable level of digital maturity. From a security perspective, HTTPS is enforced, and no immediate vulnerabilities or exposed sensitive data were detected. However, the absence of security headers and vulnerability disclosure mechanisms suggests room for improvement. Privacy compliance is supported by a dedicated GDPR page and cookie consent, but terms of service and incident response contacts are missing. Overall, the website is a reliable and professional municipal portal with good content quality and user experience. The lack of WHOIS data limits domain trust assessment, but the site itself shows no signs of malicious activity. Strategic recommendations include enhancing security headers, adding terms of service, and publishing a security.txt file to improve transparency and trust.

A

Asociace Hospicu

asociacehospicu.cz

47

Asociace Hospicu is a Czech non-profit association dedicated to supporting, advocating, and improving the quality of hospice and palliative care organizations. Founded in 2005, it serves as a national body promoting dignified end-of-life care and societal awareness. The website is built on WordPress using the Divi theme, featuring a professional design and clear navigation, with active social media channels on Facebook, LinkedIn, and Instagram. Technically, the site uses modern web technologies but lacks advanced security headers and privacy compliance mechanisms. HTTPS is properly configured, ensuring secure connections. However, the absence of privacy and cookie policies, terms of service, and explicit contact information limits its compliance and user trust aspects. Overall, the site reflects a mature organization with a solid digital presence but would benefit from enhanced security and privacy practices.