Security Directory

Č

Český hydrometeorologický ústav

chmi.cz

61

The Český hydrometeorologický ústav (ČHMÚ) is the Czech Republic's national meteorological and environmental authority, providing comprehensive weather forecasts, hydrological data, and air quality monitoring. The website serves a broad audience including the general public, government bodies, media, and business partners, offering detailed environmental data, news, and specialized services such as mobile applications. The organization holds ISO 9001 certification, reinforcing its credibility and commitment to quality. Technically, the website employs traditional web technologies including jQuery and JavaScript, with a moderate performance profile and basic mobile optimization. The site implements a robust cookie consent mechanism aligned with GDPR requirements, denying marketing and analytics cookies by default. While HTTPS is used, explicit security headers are not detected in the provided data, suggesting room for improvement in security hardening. Security posture is solid with no visible vulnerabilities or exposed sensitive data, but the absence of detailed incident response contacts and security headers indicates potential gaps. Privacy compliance is strong, supported by comprehensive privacy and cookie policies. The domain WHOIS data is unavailable due to CZ.NIC policies, but the domain usage and content strongly indicate legitimacy as a government entity. Overall, the website is professional, trustworthy, and content-rich, with recommendations to enhance security headers, mobile responsiveness, and incident response transparency to further strengthen its security and user trust.

V

Volkswagen Užitkové vozy

vw-uzitkove.cz

59

Volkswagen Užitkové vozy is the official Czech Republic website for Volkswagen commercial vehicles, offering a comprehensive portfolio of new vehicle models, configurators, financing options, and after-sales services including servicing and accessories. The site targets both business customers and individual buyers interested in commercial vehicles, positioning itself as a key player in the Czech automotive transportation sector. The website demonstrates strong brand consistency with official Volkswagen branding and links to related Volkswagen services and partners. Technically, the site is built on modern frameworks such as Next.js and React, providing a responsive and accessible user experience with good SEO practices. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure, though some security headers are not detected and no explicit security or incident response policies are published. Privacy compliance is well addressed with visible cookie consent and privacy policy pages. The absence of WHOIS data reduces domain trustworthiness, but the overall professional presentation and official branding mitigate concerns. Strategic recommendations include improving security header implementation, publishing a security policy, and enhancing transparency around incident response.

T

Tino Digital Agency

tino.design

67

Tino Digital Agency is a professional UI/UX design and web/mobile development agency primarily serving clients in the USA market, with a focus on fintech, healthcare, energy, and crypto sectors. The company offers comprehensive services including research and strategy, UX/UI design, and full-cycle development. Their portfolio includes notable clients and projects, supported by multiple industry awards and high client satisfaction ratings. Technically, the website is built on modern frameworks such as Next.js and React, hosted by Hosting Ukraine LLC, and optimized for performance and mobile devices. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy and cookie policies, which are areas for improvement. Overall, the business demonstrates strong credibility and professionalism, though privacy compliance and security transparency could be enhanced.

nivia.de is a German technology company specializing in avalanche transceiver devices featuring advanced 3D technology for faster and more precise search capabilities. The website presents a professional and focused product offering targeting skiers, mountaineers, and rescue professionals. The company positions itself as an innovator in avalanche safety technology with a small business footprint. Technically, the site uses modern web technologies including JavaScript ES modules, SVG graphics, and the UIkit framework, hosted on kasserver.com. The site is mobile optimized with good SEO and accessibility basics. Security posture is moderate with HTTPS implied but lacking explicit security headers and cookie consent mechanisms. No direct contact emails or phone numbers are visible, with contact likely via forms. Overall, the site is trustworthy and professional but could improve in privacy compliance and security transparency.

K

Kohlbrat & Bunz GmbH

kohlbratbunz.com

57

Kohlbrat & Bunz GmbH is a small, family-owned Austrian company established in 1930 specializing in manufacturing medical, transport, and rescue equipment such as vacuum mattresses and rescue stretchers. Their products serve medical professionals, rescue teams, and animal healthcare sectors worldwide. The website is hosted on WordPress.com, leveraging modern CMS and Gutenberg blocks, providing a professional and mobile-optimized user experience. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the site is trustworthy but would benefit from improved security and compliance disclosures.

G

Galileo Corporation s.r.o.

smart-info.cz

39

Galileo Smart Info is a Czech Republic based service operated by Galileo Corporation s.r.o. that enables municipalities to communicate important announcements to their citizens via SMS and email. The platform targets local government officials and citizens, offering a free service with features such as message category selection and a mobile application for enhanced user experience. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the website uses modern web technologies including JavaScript and CSS, and integrates Google Analytics with IP anonymization to monitor traffic. Hosting is provided by Forpsi, a Czech hosting provider, which aligns with the local focus of the service. The website is mobile optimized and performs moderately well, though there is room for improvement in accessibility and SEO. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not provide a cookie consent mechanism, which are areas for improvement to enhance compliance and security posture. No vulnerability disclosure or incident response information is available, which could be added to improve transparency and trust. Overall, the website and service appear legitimate and trustworthy with a solid foundation. Strategic improvements in security headers, privacy compliance, and incident response transparency would further strengthen the platform's security and compliance standing.

M

Město Mikulov

mikulov.cz

41

Město Mikulov operates as the official municipal government website for the city of Mikulov in the Czech Republic. It provides comprehensive information and services for both citizens and tourists, including municipal office details, cultural events, tourism highlights, and e-services. The website is well-branded and targets local residents and visitors, emphasizing the city's rich history and wine culture. Technically, the site employs modern web technologies, including JavaScript and Google Analytics, and is mobile-optimized with good accessibility and SEO practices. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks some advanced security headers and explicit security policies. The absence of WHOIS data reduces domain registration transparency, but the website content and official branding strongly support its legitimacy. Overall, the site presents a professional and trustworthy digital presence for the city government.

The website www.tpcr-turnov.cz serves as an informational portal focused on promoting local landmarks and tourism in Turnov, Czech Republic. It provides links to partner sites such as the Valdštejn Castle, Synagogue Turnov, and the local information center. The site uses the Public4u CMS platform and relies on traditional web technologies like jQuery and CSS. The content is primarily in Czech with language options for English, German, and Polish, targeting a general audience interested in cultural and historical tourism. The site lacks detailed business information and contact data, which limits its business credibility.

J

Jazyky-online.info

jazyky-online.info

45

Jazyky-online.info is a Czech language educational portal offering free online language learning resources primarily targeting self-learners including adults and children. The website provides modules for learning English and other major world languages such as German, French, Spanish, Russian, Chinese, and Japanese. It operates as a small-scale educational platform with a long history dating back to at least 2007, emphasizing free access to language education. Technically, the site is built with basic HTML and CSS, includes legacy Google Analytics tracking, and lacks modern CMS or frameworks. The site is accessible without WAF or blocking mechanisms, but it does not enforce HTTPS or implement modern security headers, indicating a basic security posture. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism. Contact is available only via an external contact form on a partner domain. Overall, the site is safe for general audiences and maintains moderate trustworthiness despite limited transparency in WHOIS data due to privacy protection.

Č

Český statistický úřad

volby.cz

61

The website volby.cz serves as the official platform for the Czech Statistical Office (Český statistický úřad) to publish election and referendum results. It is a government-operated site providing authoritative statistical data related to various elections in the Czech Republic. The site targets voters, election commissions, and government officials, offering comprehensive election results and related information. The branding and content strongly indicate a trusted government source, although WHOIS data is unavailable, which slightly impacts transparency. Technically, the site uses modern web technologies including JavaScript, CSS, SVG, and web components within the gov-design framework. The site is mobile-optimized and accessible, with good SEO practices evident. However, there is no evidence of advanced analytics or tracking, and no visible security headers were detected in the provided HTML content. The site lacks explicit privacy, cookie, and terms of service policies, which is a gap in compliance and user transparency. From a security perspective, the site uses HTTPS (implied by the URL), but no security headers or incident response contacts are visible. The absence of WHOIS data is unusual but may be due to CZ NIC policies or privacy protections. No vulnerabilities or malicious content were detected. Overall, the site demonstrates a moderate security posture but would benefit from enhanced transparency and security best practices. The overall risk assessment is moderate with a recommendation to improve privacy disclosures, implement security headers, and provide clear contact information for security incidents. These steps would enhance user trust and compliance with data protection regulations.

S

SmartEnvi

smartenvi.eu

55

SmartEnvi is a specialized environmental monitoring platform focused on measuring air quality and meteorological data primarily in the Czech Republic. The website provides interactive maps and data visualization for various monitoring stations, serving governmental bodies, researchers, and environmental agencies. The platform leverages modern web technologies such as Leaflet.js and OpenStreetMap for geospatial data presentation. While the website content is professionally structured and relevant to its niche, it lacks visible privacy and cookie policies, contact information, and security best practices such as security headers. The absence of WHOIS registrant data is consistent with EURid's privacy policies for .eu domains and does not raise immediate concerns. Overall, the site demonstrates moderate digital maturity but requires improvements in security and compliance to enhance trust and user confidence.

K

Kulturní centrum Turnov, s.r.o.

kcturnov.cz

41

Kulturní centrum Turnov, s.r.o. operates as a regional cultural center in Turnov, Czech Republic, providing a variety of cultural events including theater, music concerts, and film screenings. The website serves as a portal for event programming, ticketing, and cultural information targeting a general audience interested in arts and culture. The business model focuses on event organization and venue management, positioning itself as a key cultural hub in the region. Technically, the website employs modern web technologies such as JavaScript ES modules, CSS, and HTML5, with asynchronous data loading via Fetch API. The site is mobile-optimized and includes SEO best practices like meta descriptions and keywords. However, no CMS or hosting provider details are evident, and some accessibility features could be improved. From a security perspective, the site uses HTTPS as implied by the base URL, includes a cookie consent mechanism, and integrates Google Analytics for visitor tracking. There is a lack of explicit security headers and no visible incident response or security policy pages. The absence of WHOIS domain registration data reduces trustworthiness and raises concerns about domain legitimacy. Overall, the website is professional and content-rich but would benefit from enhanced security practices, clearer business contact information, and verified domain registration details to improve trust and compliance.

M

Městská Policie Brno

dopravnihristebrno.cz

42

Dopravní hřiště Riviéra Brno is a municipal traffic education facility operated by the Municipal Police of Brno, Czech Republic. It provides traffic safety education primarily targeting children, schools, and the general public through interactive projects, tests, and bicycle registration services. The website reflects a well-established public service with a clear focus on traffic education and safety, supported by EU funding and local government partnerships. The content is professionally presented in Czech and targets local audiences including schools and families. Technically, the website is built on TYPO3 CMS with modern web technologies including responsive design, external fonts, and icon libraries. The site demonstrates moderate performance and good mobile optimization but lacks some advanced accessibility features. SEO practices are adequate with proper meta tags and structured navigation. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and does not provide explicit security policies or incident response information. Cookie consent mechanisms are absent despite GDPR relevance, which is a compliance gap. The WHOIS data aligns well with the municipal police entity, confirming legitimacy and trustworthiness. Overall, the website is a credible, well-maintained public service platform with good content quality and business credibility. Security and privacy compliance can be improved by adding cookie consent, security headers, and publishing security policies. These enhancements would strengthen user trust and regulatory compliance.

H

HELP UKRAINE ROMANIA

helpukraineromania.org

46

HELP UKRAINE ROMANIA is a small non-profit humanitarian aid organization focused on providing medical and humanitarian assistance to Ukraine, primarily through a logistics hub in Chernivtsi. The organization collaborates with Ukrainian government bodies, local authorities, and volunteer business initiatives to coordinate aid transport and delivery. Their services include receiving aid requests, organizing logistics from Europe and worldwide, and partnering with major Ukrainian logistics companies for targeted aid distribution. The website is multilingual and targets donors, volunteers, and aid recipients. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and integrates Google Analytics and Google Tag Manager for tracking. Hosting is provided by Mirohost, and the site is mobile-optimized with good SEO practices. However, there is no detected CMS or advanced frameworks. Performance is moderate, and accessibility is basic. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and security headers. There are no visible privacy or cookie policies, which is a compliance gap. No vulnerability disclosure or security.txt file is present. The WHOIS data is consistent with the organization's founding date and shows no suspicious patterns, supporting legitimacy. Overall, the website is trustworthy and professional but would benefit from improved privacy compliance and enhanced security practices to better protect users and build trust.

Č

Česká unie cestovního ruchu, z.s

ceskauniecr.cz

55

Česká unie cestovního ruchu, z.s is the largest independent professional association in the Czech Republic dedicated to coordinating and representing the interests of tourism entrepreneurs. The organization plays a key role in supporting and developing the tourism sector to enhance competitiveness and sustainable growth. Their website reflects a professional and modern digital presence built on the SvelteKit framework with Firebase backend services, indicating a good level of technical maturity. The site is well-structured, mobile-optimized, and provides clear contact information and social media links, supporting effective stakeholder engagement. Security posture is adequate with HTTPS enforced, but lacks some security headers and formal privacy and cookie policies, which are important for compliance and trust. Overall, the website is trustworthy and serves its target audience effectively, though improvements in privacy compliance and security best practices are recommended.

A

Asociace turistických informačních center České republiky

aticcr.cz

44

Asociace turistických informačních center České republiky is a well-established non-profit association founded in 2006, dedicated to supporting and certifying tourist information centers across the Czech Republic. The website serves as a comprehensive resource for certification, education, and promotional activities targeting tourist centers and regional tourism stakeholders. The association holds recognized ISO certifications and maintains a strong presence in the Czech tourism sector. Technically, the website uses a legacy CMS (Vismo) with standard web technologies including jQuery and Google Analytics, and implements GDPR-compliant cookie consent mechanisms. Security posture is moderate with room for improvement in security headers and updating legacy libraries. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

I

Investitionsbank Schleswig-Holstein

ib-sh.de

67

The Investitionsbank Schleswig-Holstein (IB.SH) is a government-affiliated promotional bank serving the Schleswig-Holstein region in Germany. It provides advisory, funding, and financing services to a broad audience including private individuals, companies, municipalities, and public institutions. The bank holds a strong market position, evidenced by its AAA credit rating from Fitch Ratings, and emphasizes sustainability and digital transparency in its operations. The website reflects a professional and comprehensive digital presence with multiple customer-focused services and extensive content in German, targeting diverse customer groups. Technically, the site is built on TYPO3 CMS, with good mobile optimization and accessibility features, and employs modern web technologies. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response details are not publicly disclosed. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements.

E

Evangelisch-Lutherische Kirche in Norddeutschland

nordkirche.de

61

The Evangelisch-Lutherische Kirche in Norddeutschland (Nordkirche) operates as a large non-profit religious organization serving the regions of Hamburg, Schleswig-Holstein, and Mecklenburg-Vorpommern in Germany. The website provides comprehensive information about their religious services, community engagement, pastoral care, and digital initiatives. It targets Christians and residents in Northern Germany, positioning itself as a leading regional Protestant church organization. The content is well-structured, professionally designed, and consistent with the organization's mission and audience. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including JavaScript and CSS, with good mobile optimization and accessibility features. SEO practices are well implemented, including meta tags, Open Graph, and JSON-LD structured data. The site uses Piwik (Matomo) for analytics, indicating moderate user tracking with basic privacy compliance. No blocking or WAF challenges were detected, and the site is fully accessible. From a security perspective, HTTPS is implied though explicit security headers are not detected in the provided data. No exposed sensitive data or vulnerabilities were found in the HTML content. However, the site lacks explicit security policies and incident response information. Privacy compliance is good with a detailed privacy policy but lacks a cookie consent mechanism. Contact information is clearly provided, enhancing trust and credibility. Overall, the website demonstrates a solid digital presence with good content quality, technical implementation, and business credibility. Security posture is adequate but could be improved with enhanced headers and documented policies. Privacy compliance is mostly met but would benefit from explicit cookie consent. The domain registration data aligns well with the organization's identity, supporting legitimacy and trustworthiness.

F

FiftyFifty kreativní agentura s.r.o.

fifty-50.cz

58

FiftyFifty kreativní agentura s.r.o. is a Czech-based creative marketing agency specializing in design, communication, and strategic marketing services. Established in 2012, the company has positioned itself as a leading regional marketing agency in the Královéhradecký region, offering a comprehensive portfolio including branding, online marketing, and audio/video production. The website reflects a professional and consistent brand image supported by multiple industry awards and recognitions. Technically, the website employs modern web technologies such as JavaScript with StimulusJS controllers and deferred script loading to optimize performance. The presence of Google Tag Manager indicates a mature approach to analytics and marketing tracking. Mobile optimization and SEO practices are well implemented, although accessibility features are basic. Hosting is managed by REG-ACTIVE24, a Czech registrar, consistent with the business location. From a security perspective, the site uses HTTPS and implements a GDPR-compliant cookie consent mechanism. However, no explicit security headers were detected, and no incident response or security policy information is provided. No vulnerabilities or exposed sensitive data were found in the analysis. The WHOIS data confirms domain legitimacy with consistent registration details and appropriate domain age. Overall, the website demonstrates a solid business credibility and privacy compliance posture with room for improvement in security best practices. The content is safe for general audiences, and the site is fully accessible without WAF or blocking mechanisms.

Obec Bedřichov is the official municipal government website serving the village of Bedřichov in the Czech Republic. It provides comprehensive local government information, including public notices, official documents, community events, and tourism resources. The site targets local residents and tourists, offering services such as waste management, local fee payments, and contact information for municipal offices. The website is built on the Public4u CMS platform and uses common web technologies like jQuery and JavaScript. It features a clear navigation structure and is mobile optimized, providing a good user experience. From a security perspective, the website uses HTTPS and implements GDPR-compliant privacy policies and cookie consent mechanisms. However, no explicit security headers were detected in the provided data, and no incident response or vulnerability disclosure information is available. The absence of WHOIS registration data is a notable gap, reducing the ability to fully verify domain legitimacy. Despite this, the presence of official contact details and consistent branding supports the site's authenticity. Overall, the website demonstrates a moderate to good level of technical maturity and security posture, with room for improvement in security headers, incident response transparency, and SEO optimization. The site is safe for general audiences, with no adult or questionable content detected. Strategic recommendations include enhancing security headers, updating libraries, and adding incident response contacts to strengthen trust and compliance.

M

Městský úřad Šumperk

sumperk.cz

63

The website www.sumperk.cz serves as the official municipal portal for the city of Šumperk in the Czech Republic. It provides comprehensive information including municipal news, event calendars, public notices, and citizen services. The site targets residents and visitors, offering easy access to government contacts, forms, and local updates. The business model is that of a government service portal, positioning itself as a trusted source for local governance and community engagement. The site is well-branded and consistent with municipal identity. Technically, the website is built on the Public4u CMS platform and utilizes common web technologies such as jQuery and JavaScript. It is served over HTTPS, ensuring secure communication. The site demonstrates good mobile optimization and accessibility features, with a moderate performance profile. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS and uses secure form submissions. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, representing an area for improvement. No vulnerabilities or exposed sensitive data were detected in the content. Privacy and cookie policies are present with consent mechanisms, indicating compliance with GDPR requirements. No incident response or vulnerability disclosure information is available, which could be enhanced to improve security posture. Overall, the website is a reliable and professional municipal portal with good content quality and user experience. The absence of WHOIS data for the domain is a concern that slightly impacts trustworthiness, suggesting the need for external verification of domain registration. Strategic recommendations include implementing additional security headers, publishing security policies, and verifying domain registration details to strengthen legitimacy and trust.

M

Městský úřad Moravská Třebová

moravskatrebova.cz

57

Moravská Třebová's official municipal website serves as a comprehensive portal for residents, tourists, and citizens, providing timely news, event calendars, public notices, and essential contact information. The site is positioned as a local government authority platform, focusing on public service delivery and community engagement. It offers multilingual support with Czech as the primary language and English and German alternatives, enhancing accessibility for international visitors. The business model is centered on government service provision without commercial intent. Technically, the website is built on the Public4u CMS platform, utilizing jQuery and JavaScript libraries for interactive features. While the site employs HTTPS and includes a cookie consent mechanism, it lacks advanced security headers and comprehensive privacy documentation. Performance and mobile optimization are moderate, indicating room for technical enhancements to improve user experience and accessibility. From a security perspective, the site demonstrates basic best practices such as HTTPS and cookie consent but misses critical security headers and explicit privacy policies. No vulnerabilities or malicious content were detected, and the site maintains a trustworthy presence with official contact details and social media links. The absence of WHOIS data is typical for Czech domains and does not detract from the site's legitimacy. Overall, the website presents a solid foundation for municipal digital presence but would benefit from enhanced security measures, privacy transparency, and technical modernization to align with best practices and regulatory compliance.

Cestovatelský fotodeník is a Czech travel photo diary platform focused on historical landmarks and monuments, primarily serving travel enthusiasts and cultural tourists interested in Czech heritage. The website is operated by as4u.cz, s.r.o., a small company specializing in publishing and editorial systems. The platform offers user registration, photo uploads, and competitions, supported by an interactive map and categorized listings of monuments. Technically, the site uses the Public4u CMS, jQuery libraries, and Leaflet.js for mapping, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent, but lacks explicit security headers and a published privacy policy, which are areas for improvement. WHOIS data is unavailable, likely due to privacy protection, which reduces transparency and trustworthiness. Overall, the site is functional, professionally presented, and safe for general audiences, but could enhance compliance and security practices.

Wetter.de is a prominent German weather information website providing current weather forecasts, radar maps, weather news, and travel weather information primarily targeting the German-speaking audience. The site leverages modern web technologies such as Next.js and React to deliver a responsive and content-rich user experience. It integrates advertising and tracking services including Outbrain and Google Tag Manager to monetize and analyze user interactions. However, the site lacks visible privacy and cookie policies, which is a compliance gap in the context of GDPR. Security posture is moderate with no explicit security headers detected and no visible incident response or vulnerability disclosure information. Overall, the website is professional and content-rich but would benefit from enhanced privacy compliance and security transparency.

F

FAVI.cz - Vyhledávač nábytku a dekorací

favi.cz

64

FAVI.cz is a Czech Republic-based online furniture and decoration product search engine aggregating over 650 e-shops and physical stores. The website offers a broad range of product categories including furniture, textiles, lighting, and home renovation items, targeting consumers seeking home decor and furniture solutions. Established in 2012, the platform appears to be a significant player in the local retail and e-commerce market, providing users with comprehensive product listings and discount offers. Technically, the website employs modern web technologies including asynchronous JavaScript, web fonts, and Cloudflare CDN services, ensuring moderate performance and good mobile optimization. Security-wise, the site enforces HTTPS and leverages Cloudflare for DNS and CDN, but lacks explicit security headers and publicly available security policies. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security transparency.

M

Ministerstvo školství, mládeže a tělovýchovy

redop.cz

72

The website redop.cz serves as the official Czech government information system for the Registry of Associate Professors, Professors, and Extraordinary Professors at higher education institutions. It is managed by the Ministry of Education, Youth and Sports of the Czech Republic and provides a centralized platform for managing academic personnel data, supporting accreditation processes, and statistical reporting. The site targets academic institutions, government bodies, and educational providers, offering essential services for compliance with Czech higher education laws. Technically, the site is built on a legacy ASP.NET WebForms platform using DevExpress controls, hosted likely by Active24. The infrastructure is functional but shows signs of aging with basic mobile optimization and limited modern web practices. Performance is moderate, and SEO and accessibility features are basic. The site does not employ common modern tracking or advertising technologies, reflecting its government service nature. From a security perspective, the site uses HTTPS and standard ASP.NET security features but lacks modern HTTP security headers and cookie consent mechanisms. Password inputs are properly masked, and no sensitive data is exposed in the HTML. The privacy policy is comprehensive and GDPR compliant, with a named Data Protection Officer and clear data handling practices. No WAF or blocking mechanisms were detected, and the WHOIS data aligns well with the official nature of the site. Overall, the site is trustworthy and professionally maintained for its purpose but would benefit from modernization of its technical stack and enhanced security headers and privacy features to improve user trust and compliance with evolving standards.

A

as4u.cz, s.r.o.

as4u.cz

69

as4u.cz, s.r.o. is a Czech software company specializing in modular content management systems and business applications tailored for municipalities, government bodies, companies, and cultural institutions. With over 20 years of market presence, the company offers products such as the Public4u editorial system, Shop4u e-commerce platform, and various intranet and reservation systems. Their solutions emphasize compliance with legislative requirements, user-friendliness, and scalability, serving a broad client base including cities, towns, and organizations. The website reflects a mature business with a solid client portfolio and a focus on digital transformation in public and private sectors. Technically, the website is built on a proprietary CMS named Public4u, utilizing jQuery and JavaScript libraries. The site is mobile-optimized and structured with good SEO practices. While performance is moderate, the site is accessible and well-organized. Security-wise, HTTPS is enforced, and cookie consent mechanisms are implemented, but there is room for improvement in security headers and explicit security policies. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain registration transparency, which slightly impacts trustworthiness. However, the extensive references to reputable municipal and cultural clients, clear contact information, and comprehensive privacy and cookie policies support the company's legitimacy. Overall, the site demonstrates a professional digital presence aligned with its business objectives. Strategic recommendations include enhancing security headers, publishing detailed security and incident response policies, and verifying domain registration details to improve trust and compliance.

Geopark Český ráj is a nonprofit organization managing the UNESCO Global Geopark Český ráj, located in the Czech Republic. The website provides extensive educational and tourism-related content about the geological, natural, and cultural heritage of the region. It targets tourists, researchers, educators, and local communities interested in sustainable tourism and conservation. The organization is uniquely positioned as the only UNESCO Global Geopark in the Czech Republic, offering a rich portfolio of services including educational programs, research facilitation, and tourism promotion. Technically, the website uses the Public4u CMS platform with jQuery and Mapy.cz API for interactive maps. The site is moderately optimized for performance and mobile devices, with a clear navigation structure and good content quality. However, it lacks advanced SEO and accessibility features. Security posture is moderate with no visible security headers or incident response policies, and the SSL configuration status is unknown. Privacy compliance is weak due to the absence of privacy and cookie policies. The WHOIS data is unavailable, which limits domain legitimacy verification and reduces trustworthiness from a registration perspective. Despite this, the website content and official UNESCO affiliation strongly indicate a legitimate and professional operation. No adult or explicit content is present, making the site safe for general audiences. Overall, the website is functional and informative but would benefit from improved security practices, privacy compliance, and transparency regarding domain registration and incident response.

The website www.cyklohk.cz serves as the official regional tourism portal for cycling in the Královéhradecký region of the Czech Republic. It provides detailed cycling tips, routes, trail information, and seasonal cycling bus services aimed at tourists, cycling enthusiasts, and families. The site is managed by the Královéhradecká krajská centrála cestovního ruchu, a regional tourism organization, and is supported by the Czech Ministry for Regional Development. The content is primarily in Czech with multilingual support for English, German, and Polish, enhancing accessibility for international visitors. Technically, the website is built on the Public4u CMS platform and utilizes jQuery and JavaScript libraries for interactive features. It employs HTTPS for secure communication and integrates Google Analytics for visitor tracking. The site is moderately optimized for mobile devices and has a good SEO foundation, although accessibility features could be improved. The cookie policy and consent mechanism are implemented, but explicit privacy and terms of service pages are missing. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks certain security headers that could enhance protection against common web vulnerabilities. The absence of WHOIS data for the domain is a notable concern, reducing trust in domain legitimacy despite the official nature of the organization and the professional presentation of the website. Overall, the website is a reliable and professional resource for cycling tourism in the region, but it would benefit from improved transparency regarding privacy policies, enhanced security headers, and resolution of WHOIS data availability to strengthen trust and compliance.

B

bringe Informationstechnik GmbH

bringe.net

59

bringe Informationstechnik GmbH is a small, owner-managed IT service provider based in Karlsruhe, Germany, founded in 2000. The company specializes in comprehensive IT solutions including managed hosting, IT support tailored for small and medium-sized enterprises (KMU), and custom web development. Their market position is strengthened by an ISO 27001/2022 certification and a clear focus on B2B clients, emphasizing quality and data protection compliance. The website reflects a professional and consistent brand image with detailed business and contact information, targeting German-speaking SME customers. Technically, the website employs modern web technologies such as PHP frameworks (Laravel, Symfony) and JavaScript frameworks (Vue.js). The site is moderately performant with good mobile optimization and basic accessibility features. Hosting is managed by InterNetX GmbH, a reputable registrar. However, some security best practices like DNSSEC and HTTP security headers are not enabled, which could be improved to enhance security posture. From a security perspective, the company demonstrates maturity through ISO 27001 certification and appointing a dedicated data protection officer. The privacy policy is comprehensive and GDPR compliant, though the site lacks an explicit cookie consent mechanism and a vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the security posture is solid but could benefit from additional technical controls and transparency. The overall risk assessment is low, with the company showing strong legitimacy and trustworthiness. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent mechanisms, publishing a vulnerability disclosure policy, and enhancing accessibility. These steps will further strengthen the company's security, compliance, and user trust, supporting sustainable business growth.

I

IT-Planungsrat

it-planungsrat.de

62

The IT-Planungsrat website represents a central political steering committee for the digitalization of public administration in Germany. It serves as a coordination and governance body for federal, state, and municipal digital initiatives, targeting government entities, institutions, businesses, and society at large. The website provides comprehensive information about its mission, organizational structure, projects, and current news, reflecting a well-established government entity with a clear mandate. Technically, the website is built on TYPO3 CMS, a robust open-source content management system widely used in government and enterprise environments. It employs modern web technologies including JavaScript and CSS, and integrates Matomo analytics hosted on its own server, ensuring privacy-conscious data collection. The site is mobile-optimized, accessible, and SEO-friendly, with clear navigation and consistent branding. From a security perspective, the site enforces HTTPS, uses session cookies securely, and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policy documentation and incident response contact details. No vulnerabilities or exposed sensitive data were detected in the content. The domain registration data aligns with the website's governmental purpose, indicating legitimacy and trustworthiness. Overall, the IT-Planungsrat website demonstrates a strong digital presence with good security and privacy practices appropriate for a government institution. Strategic improvements could include publishing dedicated security policies and incident response contacts to enhance transparency and trust.

H

Heureka Group

heureka.group

65

Heureka Group is a technology and e-commerce service provider focused on supporting e-shops and partners with solutions to enhance online sales and customer experience. The website presents a professional image with clear navigation and business-oriented content targeting B2B clients in the Czech Republic and surrounding regions. The technical infrastructure includes modern analytics and A/B testing tools such as Google Analytics, Google Tag Manager, and Visual Website Optimizer, indicating a mature digital marketing approach. The website is accessible without any WAF or security blocking, uses HTTPS, and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers and incident response policies are not publicly visible, suggesting room for improvement in security transparency. Overall, the site demonstrates a solid security posture with no apparent vulnerabilities or suspicious content, supporting a trustworthy business presence.

J

Juizi

juizi.com

54

Juizi is a small technology service provider specializing in website building, hosting, and maintenance, primarily targeting businesses and non-profits. Established in 1999, the company leverages the Plone CMS platform combined with a React frontend to deliver secure and maintainable websites. Their market position is strengthened by long-term client relationships and a reputation for professionalism and technical expertise. The website content is well-structured, professional, and includes client testimonials that enhance trust. Technically, the site uses modern frameworks and is moderately optimized for performance and mobile devices, though accessibility could be improved. Security posture is good with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and explicit security policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, Juizi presents a credible and trustworthy business with room for improvement in security and privacy transparency.

K

kitconcept GmbH

kitconcept.com

65

kitconcept GmbH is a specialized service provider focused on delivering high-quality open source web and intranet solutions, primarily leveraging the Plone CMS platform. Their market position is that of a niche expert and active contributor to the Plone community, serving research institutions, universities, government agencies, and public organizations. The company offers services including website development, intranet solutions, open source contributions, and consulting. Founded in 2014 and based in Germany, kitconcept GmbH maintains a professional and content-rich website that reflects their expertise and client base. Technically, the website is built on modern technologies including Plone 6 and React-based Volto frontend, hosted by Hetzner Online GmbH with DNS managed via Cloudflare. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Security posture is solid with HTTPS enforced and no exposed sensitive data, but could be improved by enabling DNSSEC and adding explicit security headers. Privacy compliance is generally good with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the security posture is mature with no critical vulnerabilities detected. The website shows strong business credibility through client logos, testimonials, and detailed project case studies. Recommendations include enhancing DNS security, implementing security headers, and adding cookie consent to improve GDPR compliance. The site is safe for general audiences with no adult or questionable content detected.

S

Simples Consultoria

simplesconsultoria.com.br

56

Simples Consultoria is a Brazilian technology consulting company specializing in Plone CMS solutions, offering services such as technical consulting, hosting, development, and specialized training. The company targets organizations and professionals seeking expertise in Plone, positioning itself as an experienced and trusted provider with over 20 years in the market. The website reflects a professional digital presence with clear navigation and relevant content for its audience. Technically, the site is built on Plone 6 with React and uses Cloudflare for DNS and CDN services, ensuring good performance and security through HTTPS. However, the site lacks explicit privacy and cookie policies, security headers, and incident response information, which are areas for improvement. Analytics tools like Google Tag Manager and Cloudflare Insights are used for user tracking, with moderate tracking levels and limited privacy compliance indicators. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

M

Monteurzimmer.at

monteurzimmer.at

71

Monteurzimmer.at is a well-established online platform specializing in affordable accommodation listings for workers and travelers in Austria. The website offers over 1,000 budget-friendly lodging options with direct contact to landlords and free mediation services, positioning itself as a key player in the hospitality sector targeting a niche audience of monteurs and budget travelers. The platform supports multiple languages, enhancing accessibility for diverse users. Technically, the site employs modern web technologies including Google Maps API and Google Tag Manager, ensuring functional and analytical capabilities. Security measures such as HTTPS and multiple security headers are implemented, reflecting a good security posture. Privacy and cookie policies are comprehensive and GDPR compliant, indicating strong privacy awareness. However, the absence of WHOIS data due to privacy protection slightly reduces trustworthiness but is common for this business type. Overall, Monteurzimmer.at demonstrates a professional, secure, and user-friendly online presence with moderate to good technical maturity.

FUNKE Wärmeaustauscher Apparatebau GmbH is a German-based specialist company focused on the development and production of industrial heat exchangers. The website presents a professional and consistent brand image targeting industrial clients and businesses requiring heat exchanger solutions. The company positions itself as a specialist in manufacturing within the industrial sector. Technically, the website is built on TYPO3 CMS and includes JavaScript tracking from sst.hydac.com, hosted on EuroDNS nameservers. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS implied but no visible security headers or explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Contact information and incident response details are not found, limiting direct communication channels. Overall, the website is safe for general audiences and professionally designed but would benefit from enhanced security and privacy transparency.

I

InWIS – Institut für Wohnungswesen, Immobilienwirtschaft, Stadt- und Regionalentwicklung GmbH

inwis.de

65

InWIS GmbH is a German-based institute specializing in housing, real estate economics, and urban and regional development. The organization combines scientific research with practical consulting services, targeting housing companies, developers, municipalities, and other stakeholders in the real estate sector. Their offerings include market analyses, surveys, sustainability consulting, digital tools, and corporate advisory services. The website reflects a professional and well-established entity with a clear market position and strategic partnerships. Technically, the site is built on TYPO3 CMS, uses modern front-end technologies, and demonstrates good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and privacy compliance including cookie consent mechanisms. However, explicit security policies and incident response information are not publicly available. Overall, the site is trustworthy, well-branded, and compliant with GDPR requirements.

M

Ministerstvo pro místní rozvoj ČR

mmr.cz

62

The website represents the official online presence of the Ministry for Regional Development of the Czech Republic (Ministerstvo pro místní rozvoj ČR). It serves as a central government portal providing information on regional policy, housing, urban planning, construction law, investment policy, tourism, public auctions, real estate activities, and funeral services. The ministry was established in 1996 and plays a significant role in managing public funds and regulatory oversight in these sectors. The site targets Czech citizens, government officials, municipalities, and businesses involved in housing and regional development. Technically, the website is built on ASP.NET WebForms and likely uses Kentico CMS, with modern web technologies such as JavaScript, CSS, and Google Fonts. The site is mobile-optimized and provides a structured navigation experience. However, some security best practices like security headers are missing, and privacy and cookie policies are not explicitly found in the provided content. User tracking is implemented via Facebook Pixels, with Google Analytics scripts present but commented out. From a security perspective, the site uses HTTPS and includes CSRF tokens in forms, indicating basic security hygiene. The absence of WHOIS data is typical for government domains under CZ NIC registry policies and does not detract significantly from trustworthiness. No vulnerabilities or malicious content were detected. Overall, the site is professional, trustworthy, and serves its governmental function effectively. Recommendations include implementing explicit privacy and cookie policies with consent mechanisms, adding security headers to enhance protection, and regularly auditing third-party scripts and libraries for vulnerabilities.

Střední Čechy filmová kancelář operates as a regional film office providing location and production support services for filmmakers in Central Bohemia, Czech Republic. The website serves as an informational and contact portal, offering news, location listings, filmographies, and contact details for film production inquiries. The organization targets film producers and related professionals seeking filming locations and support in the region. The business model is service-oriented, facilitating film production logistics and location scouting. Technically, the website is built on the Public4u CMS platform and utilizes common JavaScript libraries such as jQuery and jQuery UI. The site demonstrates moderate performance and basic mobile optimization. SEO and accessibility features are present but could be enhanced. The site lacks advanced analytics or tracking scripts, indicating a minimal user tracking approach. From a security perspective, the site uses HTTPS and includes anti-spam measures on its contact form. However, no security headers were detected, and there is no visible privacy or cookie policy, which are compliance gaps. The absence of WHOIS data reduces transparency and trustworthiness. Overall, the security posture is moderate but could benefit from improvements in headers, policies, and vulnerability disclosures. The overall risk is moderate with no critical security issues detected. Strategic improvements in privacy compliance, security headers, and WHOIS transparency would enhance trust and reduce risk. The website is professionally presented with clear contact information and active social media presence, supporting business credibility.

O

Operátor ICT, a.s.

pidlitacka.cz

60

Operátor ICT, a.s. operates the Lítačka e-shop and smart card system for public transportation in Prague and the Central-Bohemian Region. The website serves as a comprehensive platform for purchasing tickets, ordering smart cards, and accessing travel information. It is well integrated with official city and regional transport authorities, reflecting a strong market position in the regional transportation sector. The target audience includes residents, students, seniors, and tourists who use public transport services. Technically, the website is built on modern frameworks such as Next.js and React, with a backend CMS powered by Strapi, and assets served via Azure CDN. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved and a public security policy is absent. Privacy compliance is generally good with a clear privacy policy and terms of service, but lacks an explicit cookie consent mechanism. Overall, the website is professional, trustworthy, and well-maintained, supporting the business's credibility and operational needs.

H

High Five GmbH

iamstudent.ch

58

Iamstudent.ch is a well-established online platform operated by High Five GmbH, focused on providing exclusive student discounts and vouchers in Switzerland. The website targets students and young adults, offering a wide range of deals across categories such as fashion, technology, food, and lifestyle. It holds a strong market position in the DACH region with sister sites in Austria and Germany, supported by a robust user base and positive reviews. The platform integrates modern web technologies including AngularJS, Matomo analytics, and a comprehensive consent management platform to ensure GDPR compliance. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates high professionalism, good privacy practices, and a user-friendly experience, making it a trusted resource for its audience.

I

Internationalistische Liste / MLPD

inter-liste.de

47

The Internationalistische Liste / MLPD website serves as the official online presence for a German political alliance and party focused on socialist and environmentalist policies. It provides information about their candidacy in the 2025 Bundestagswahl, their political platform, key figures, and campaign materials. The site targets politically engaged voters and supporters of leftist movements in Germany. Technically, the website is built on WordPress, uses modern web technologies, and is hosted by a reputable German hosting provider. The site is mobile-optimized and presents content in a clear, professional manner. Security-wise, the site uses HTTPS but lacks advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

Z

Zákony pro lidi PLUS

zakonyprolidiplus.cz

61

Zákony pro lidi PLUS is a Czech Republic-based subscription legal information service providing comprehensive access to Czech laws, historical legal documents, international treaties, judicial decisions, and related legal resources. The website targets legal professionals, public administration, educational institutions, and students, offering tools such as note-taking, bookmarking, and English translations of key laws. The platform is positioned as a reliable and cost-effective legal research tool in the Czech market. Technically, the site employs modern web technologies including Bootstrap and Font Awesome, with a responsive design and moderate performance. Security posture is good with HTTPS enabled, but lacks some security headers and explicit privacy and cookie policies, which are recommended for compliance and trust. The WHOIS data is not publicly available, indicating privacy protection, which is common and justified for this type of service. Overall, the website is professional, trustworthy, and safe for general audiences.

A

Autodesk

autodesk.fr

74

Autodesk is a globally recognized leader in design and manufacturing technology, offering a comprehensive suite of software solutions for architecture, engineering, construction, manufacturing, and entertainment industries. The website reflects a mature digital presence with professional design, multilingual support, and extensive use of modern web technologies. The technical infrastructure includes advanced monitoring and analytics tools such as Dynatrace, Tealium, and Qualtrics, indicating a high level of digital maturity and performance optimization. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security and privacy policies are not clearly presented in the provided content. Overall, Autodesk's website demonstrates a high level of professionalism and trustworthiness, consistent with its market position as an enterprise technology provider.

H

High Five GmbH

iamstudent.de

59

iamstudent.de is a German online platform operated by High Five GmbH that provides students with access to exclusive discounts, coupons, and sweepstakes tailored to their needs. The platform is well-positioned in the student discount market in Germany and extends its services to Austria and Switzerland through related domains. The website offers a user-friendly experience with a focus on student engagement and brand partnerships. Technically, the site leverages modern web technologies including AngularJS, consent management platforms, and analytics tools, hosted on Amazon AWS infrastructure. Security posture is solid with HTTPS enforcement and GDPR compliance, though explicit security policies and incident response contacts are not prominently displayed. Overall, the site demonstrates a professional and trustworthy presence with good privacy practices and a clear business focus on education and retail sectors.

booklookerforum.de is a German language community forum dedicated to supporting users and sellers on the booklooker.de marketplace, which specializes in used and antiquarian books as well as related media such as films, music, and games. The forum provides discussion areas for new features, user help, shipping, payment methods, and various book genres, fostering an engaged user base with thousands of topics and posts. The business model centers on community engagement to support and enhance the marketplace experience. Technically, the site runs on the phpBB forum platform with modern JavaScript libraries like jQuery and Font Awesome for UI elements. The hosting appears stable with dedicated nameservers, and the site is accessible via HTTPS, although explicit security headers are not visible in the provided content. Security posture is moderate with secure login forms but lacks published security policies or vulnerability disclosure mechanisms. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and well-maintained, serving a niche e-commerce community effectively.

P

Domain Default page

pm-srv-15.de

32

The analyzed website pm-srv-15.de currently serves as a default placeholder page generated by the Plesk hosting control panel. It contains no active business content, contact information, or privacy and security policies. The page primarily targets IT specialists or website owners managing hosting environments, providing links to Plesk resources. The domain appears to be hosted by Host Europe with DNS partly managed by GoDaddy. The lack of HTTPS enforcement and absence of security headers indicate a low security posture. No analytics or tracking mechanisms are present, and the site does not collect user data. Overall, the website is inactive and does not represent an operational business or service at this time.

ConversionRuler is a specialized SaaS provider offering subscription-based PPC and online marketing campaign tracking and ROI measurement services. Established in 2002, the company targets SEO, SEM, and PPC professionals as well as ecommerce businesses seeking detailed insights into their marketing effectiveness. The website presents a clear business model with transparent pricing and a focus on usability and integration with various online marketing channels. Technically, the site uses standard web technologies with AWS DNS infrastructure, but lacks modern CMS or advanced frameworks. The design is professional though somewhat dated, with basic mobile optimization and accessibility features. Security posture is moderate; while domain registration is stable and protected against unauthorized changes, the absence of DNSSEC and security headers, as well as missing cookie consent mechanisms, indicate areas for improvement. No explicit privacy or incident response policies are published, which may affect compliance with GDPR and other regulations. Overall, the site is functional and trustworthy but would benefit from enhanced security and privacy practices to strengthen user trust and regulatory compliance.

H

Hochschule Bochum

hochschule-bochum.de

64

Hochschule Bochum is a large public University of Applied Sciences in Germany offering a wide range of bachelor and master degree programs across disciplines such as construction, economics, technology, health, computer science, and sustainability. The website is professionally designed, content-rich, and well-structured to serve students, prospective students, and academic stakeholders. Technically, the site is built on TYPO3 CMS with modern web technologies and demonstrates good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled, but lacks explicit security headers and privacy compliance documentation. No signs of blocking or WAF interference were detected, allowing full content access. Overall, the site is trustworthy and credible but would benefit from enhanced privacy and security disclosures.