Security Directory

Č

ČESMAD BOHEMIA, z.s.

prodopravce.cz

61

ČESMAD BOHEMIA, z.s. is the largest association of road transport carriers in the Czech Republic, representing over 1,700 companies and nearly 25,000 vehicles. The organization provides a broad range of services including information dissemination, professional training, consulting, and operational support such as ferry reservations and toll payments. It holds a significant position in shaping transport legislation and industry standards in the region. The website reflects a mature digital presence with good content quality, clear navigation, and mobile optimization. Technically, it employs modern tracking tools like Google Tag Manager and Facebook Pixel with privacy-conscious consent settings. Security posture is solid with HTTPS and some security best practices, though there is room for improvement in security headers and published policies. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

M

Město Pelhřimov

mupe.cz

44

The website mestopelhrimov.cz serves as the official online portal for the city of Pelhřimov in the Czech Republic. It provides comprehensive information about city administration, cultural institutions, sports facilities, educational establishments, and public services. The site targets residents, tourists, and local stakeholders seeking municipal information and services. The business model is that of a government entity providing public information and services, positioning itself as the authoritative source for city-related content. Technically, the website employs a modern tech stack including HTML5, CSS3, JavaScript, Google Analytics, Google Tag Manager, and Google reCAPTCHA for security. It uses the VismoWeb5 CMS platform and integrates translation services and a chatbot for enhanced user experience. The site is mobile optimized, accessible, and SEO friendly, though performance is moderate. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to mitigate bot traffic. It implements a GDPR-compliant cookie consent mechanism with granular user controls. However, it lacks visible security headers and does not publish explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website is trustworthy and professional, suitable for its government function. The absence of WHOIS data limits domain registration trust analysis but does not detract from the site's legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and providing clear contact information for incident response to further strengthen trust and compliance.

The website harry.cz is currently a parked domain page primarily used to advertise the domain for sale. It lacks any substantive business content, contact information, or user engagement features. The technical infrastructure is minimal, relying on basic HTML, CSS, and JavaScript with external scripts for advertising and tracking. There is no evidence of a content management system or active business operations. Security posture is weak due to absence of HTTPS confirmation, security headers, and privacy compliance mechanisms. The domain is registered since 2008 but is currently inactive, reducing its credibility as a business site. Overall, the site presents low risk but also low trustworthiness and professionalism.

M

Město Lipnice nad Sázavou

lipnicens.cz

43

The website lipnicens.cz serves as the official online presence for the town of Lipnice nad Sázavou, Czech Republic. It provides municipal information, news updates, event calendars, and contact details for local government offices. The site targets residents and visitors seeking official information about the town and its services. The business model is that of a government information portal, with a focus on transparency and community engagement. The domain has been active since 2005, reflecting a stable and established municipal web presence. Technically, the website is built on the vismo CMS platform and uses standard web technologies including HTML5, CSS, and JavaScript. It incorporates Google Translate for multilingual support. The site is moderately optimized for mobile devices and accessibility, with a clear navigation structure. Hosting and domain registration are consistent with Czech regional providers, ensuring local relevance and reliability. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, it lacks advanced security headers and explicit security or incident response policies. Forms use GET methods which could be improved for security. Privacy and cookie policies exist but lack active consent mechanisms. No vulnerability disclosure or data protection officer information is present, indicating room for compliance enhancements. Overall, the website is trustworthy, safe, and professionally maintained, suitable for general audiences. Strategic recommendations include improving security headers, implementing cookie consent, and publishing detailed security policies to enhance compliance and user trust.

M

Městský úřad Světlá nad Sázavou

svetlans.cz

48

The website svetlans.cz serves as the official online presence of the municipal government of Světlá nad Sázavou, Czech Republic. It provides residents and visitors with comprehensive information about local administration, public services, events, and official documents. The site is well-structured with clear navigation and includes essential contact information, event calendars, and online reservation systems for municipal services. The target audience is primarily local citizens and stakeholders interested in municipal affairs. Technically, the website is built on the Vismo CMS platform, utilizing standard web technologies such as HTML5, CSS3, and JavaScript. It integrates Google services like reCAPTCHA for form security and Google Translate for language accessibility. The site is hosted by Wedos, a reputable Czech hosting provider, and employs HTTPS for secure communications. Mobile optimization and accessibility are adequately addressed, though some improvements in SEO and security headers could enhance the overall digital maturity. From a security perspective, the site demonstrates good practices including HTTPS enforcement and use of CAPTCHA to prevent spam. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is basic, with a privacy policy and cookie information present but no active consent mechanism. The domain WHOIS data is consistent with the municipal nature of the site, showing a long registration history and no privacy protection, which aligns with transparency expectations for government entities. Overall, svetlans.cz is a trustworthy and professionally maintained municipal website with a solid foundation in content quality and business credibility. Enhancements in security policies, privacy mechanisms, and technical SEO could further strengthen its posture and user trust.

M

Město Kamenice nad Lipou

kamenicenl.cz

46

Město Kamenice nad Lipou operates an official municipal website serving residents and visitors with information about local government, culture, events, and public services. The site is well-branded with official city emblems and provides comprehensive contact details and event calendars. The target audience is primarily local citizens and tourists interested in the town's offerings. The business model is public service oriented, focusing on transparency and community engagement. Technically, the website uses a traditional HTML/CSS/JavaScript stack powered by the Vismo CMS platform. It integrates Google services such as reCAPTCHA for form security and Google Translate for language accessibility. The site is hosted under a Czech registrar and uses HTTPS, ensuring secure communications. Mobile optimization and basic accessibility features are present, though there is room for improvement in SEO and accessibility compliance. From a security perspective, the website enforces HTTPS and uses reCAPTCHA to protect forms from abuse. However, it lacks explicit security headers and a dedicated security policy or incident response page. Privacy compliance is basic, with privacy and cookie policies present but no active cookie consent mechanism. No vulnerabilities or exposed sensitive data were detected. Overall, the website is a trustworthy and professional municipal portal with a solid business credibility score. Recommendations include enhancing security headers, implementing cookie consent, and adding explicit terms of service and security policies to improve compliance and user trust.

M

Město Žirovnice

zirovnice.cz

46

The website represents the official online presence of Město Žirovnice, a municipal government entity in the Czech Republic. It provides comprehensive information about local administration, cultural events, tourism, and public services, targeting residents and visitors alike. The site is well-structured with clear navigation and includes social media integration to enhance community engagement. The business model is focused on public service and information dissemination, positioning it as a trusted local government resource. Technically, the website is built on the vismo CMS platform, utilizing standard web technologies such as HTML5, CSS3, and JavaScript. It incorporates Google reCAPTCHA for form security and Google Translate for multilingual support. The site is mobile-optimized and accessible, with moderate performance. However, there is room for improvement in implementing advanced security headers and cookie consent mechanisms. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, indicating a baseline security posture. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies, incident response information, and vulnerability disclosure mechanisms suggests opportunities to enhance transparency and compliance. Overall, the site maintains a good security standard suitable for its public service role. The overall risk assessment is low, with the site demonstrating legitimacy, trustworthiness, and compliance with basic privacy regulations. Strategic recommendations include implementing security headers, adding clear security and incident response policies, enabling cookie consent banners, and maintaining regular security audits to strengthen the security posture and user trust.

M

Město Habry

habry.cz

44

The website www.habry.cz serves as the official municipal portal for the town of Habry in the Czech Republic. It provides residents and visitors with essential information including municipal news, official documents, event calendars, and contact details. The site targets local citizens and stakeholders interested in town governance and community activities. The business model is that of a government service portal, focusing on transparency and public communication. Technically, the website is built on the Vismo CMS platform, utilizing standard web technologies such as HTML5, CSS3, and JavaScript. It integrates Google services like reCAPTCHA for form security and Google Translate for multilingual support. The site is mobile-optimized and accessible, with a moderate performance profile. However, some modern security headers appear to be missing, and no advanced analytics or tracking services are detected. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, indicating a baseline security posture. There is no evidence of exposed sensitive data or vulnerabilities in the visible content. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in compliance and transparency. Overall, the website is a trustworthy and professional municipal portal with good content quality and user experience. The lack of WHOIS data reduces domain trust slightly but does not detract significantly from the site's legitimacy. Strategic recommendations include enhancing security headers, publishing detailed security and privacy policies, and maintaining regular audits of third-party scripts to strengthen the security posture.

M

Město Pelhřimov

mestopelhrimov.cz

44

The website mestopelhrimov.cz serves as the official digital presence for the city of Pelhřimov in the Czech Republic. It provides comprehensive information about municipal offices, cultural institutions, event calendars, tourist information, and various public services. The site targets residents, tourists, and local businesses, positioning itself as a key government portal for the region. The business model is typical for a municipal government, focusing on information dissemination and public service facilitation. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with integrations such as Google Analytics, Google Tag Manager, and Google reCAPTCHA v3 for security and analytics. The CMS appears to be a custom solution (VismoWeb5) developed by WEBHOUSE, s.r.o. The site is mobile optimized, accessible, and includes a GDPR-compliant cookie consent mechanism. Performance is moderate, with room for improvement in security headers and technical optimizations. From a security perspective, the site uses HTTPS and integrates reCAPTCHA to mitigate automated abuse. However, no explicit HTTP security headers were detected, and no security.txt or incident response policies are published. The WHOIS data is unavailable, likely due to privacy protection, which is common for municipal domains. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the security posture is good but could be enhanced with additional headers and transparency. The overall risk assessment is low, with the site appearing legitimate and professionally maintained. Strategic recommendations include implementing security headers, publishing security and incident response policies, improving WHOIS transparency if possible, and continuing regular audits of third-party scripts. These steps will enhance trust, compliance, and security resilience.

M

Metropolitan University Prague

imup.cz

60

The website iMUP.cz is an academic and cultural portal affiliated with Metropolitan University Prague, providing news, events, and scholarly content primarily targeting students, researchers, and the academic community. The site reflects a medium-sized educational institution with a consistent brand presence and active engagement in academic discourse and cultural events. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager, and social media integrations, delivering a good user experience with mobile optimization and moderate performance. Security posture is adequate with HTTPS enforced and cookie consent implemented, though the absence of security headers and explicit incident response information suggests room for improvement. Privacy compliance is basic, with privacy information available in Czech but lacking comprehensive multilingual policies. Overall, the domain appears legitimate and trustworthy, supported by its university affiliation and professional content.

Z

Zigpoll

zigpoll.com

53

Zigpoll is a technology company offering a SaaS survey and feedback platform designed primarily for e-commerce, SaaS, and media businesses. The platform enables collection of zero-party data through post-purchase surveys, email capture campaigns, and interactive polls with no-code integration for Shopify, BigCommerce, and WordPress. The company positions itself as a trusted feedback partner for over 20,000 companies, supported by strong customer reviews and multiple integrations with popular marketing and e-commerce tools. Technically, the website employs a modern JavaScript stack including React, D3.js, and various analytics and tracking services such as Google Analytics, Microsoft Clarity, Facebook Pixel, and LinkedIn Insight Tag. The site is well-optimized for mobile and SEO, with excellent design and user experience. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and cookie consent mechanisms could be improved. Privacy and terms policies are present and GDPR compliant. However, WHOIS data is missing or unavailable, raising concerns about domain registration legitimacy. Overall, the website is professional and trustworthy but would benefit from clearer domain registration transparency and enhanced privacy consent features.

S

Spacebring

spacebring.com

70

Spacebring is a specialized SaaS provider focused on coworking space management, offering automation for booking, invoicing, resource management, and member engagement primarily targeting the German market. The platform emphasizes efficiency gains, saving operators significant administrative time and enhancing member retention through a seamless web and mobile app experience. The company positions itself as a fast, reliable, and comprehensive solution with integrations to popular payment gateways, accounting software, and access control systems.

C

Coworkies Ltd.

coworkies.com

66

Coworkies Ltd. operates a specialized online platform serving the coworking industry by providing a job board, directory, and networking services tailored to freelancers, startups, and coworking space operators. The company has positioned itself as a niche leader in coworking-related employment and community engagement, offering additional services such as recruitment, training, and salary surveys. The website is professionally designed with consistent branding and a clear focus on its target audience. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with integrations such as Google Tag Manager and Cloudflare Insights for analytics and performance monitoring. The site is hosted behind Cloudflare, ensuring good performance and security. Mobile optimization and SEO practices are well implemented, though accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS domain registration data is a notable concern, impacting trustworthiness despite the professional web presence. Overall, Coworkies presents a credible and functional platform with moderate risk due to domain registration opacity. Strategic improvements in security transparency and domain legitimacy verification are recommended to enhance trust and compliance.

D

DigitalPA

affidamentiegare.it

68

Affidamenti e Gare is a specialized e-procurement platform developed by DigitalPA, targeting Italian public administrations to streamline procurement processes below EU thresholds. The platform offers comprehensive services including CIG requests, automated ANAC form management, and compliance with transparency obligations. Positioned as a leading solution in Italy, it benefits from DigitalPA's over 20 years of experience and ISO certifications, reinforcing its credibility and reliability. Technically, the website is built on WordPress with a modern theme and integrates advanced tools like Google reCAPTCHA Enterprise and Matomo analytics, reflecting a mature digital infrastructure. Security practices are solid, with HTTPS enforced and certifications in place, though some HTTP security headers could be improved. Privacy compliance is an area for enhancement, as explicit privacy and cookie policies are not evident. Overall, the website presents a professional, trustworthy, and user-friendly interface tailored to its niche audience.

DigitalPA operates the website www.centraliunichedicommittenza.it, offering a comprehensive, AGID-certified e-procurement software suite tailored for Centrali Uniche di Committenza (CUC) and qualified contracting authorities in Italy. The platform supports supplier registers, electronic tenders, and centralized procurement management, targeting public sector entities seeking compliance and efficiency in procurement processes. The website positions DigitalPA as a leading provider in the Italian public procurement software market, emphasizing regulatory adherence and integration with national systems such as ANAC and DURC. Technically, the site is built on WordPress with the Avada theme, leveraging modern web technologies and privacy-respecting analytics (Matomo). Security posture is strong with HTTPS, security headers, and reCAPTCHA Enterprise, though explicit security policies and incident response contacts are not published. Overall, the site is professional, well-structured, and trustworthy, with a clear focus on government clients and compliance.

Community Jameel is a well-established global non-profit organization focused on advancing science, education, and community development. Founded in 2003, it continues the philanthropic legacy of the Jameel family of Saudi Arabia. The organization operates various programs in partnership with academic institutions such as MIT and J-PAL, targeting social impact through scholarships, research, arts, health, and climate initiatives. The website reflects a professional and comprehensive digital presence with clear navigation and rich content tailored to a global audience interested in philanthropy and social development. Technically, the website is built on modern frameworks like Next.js and React, ensuring fast performance and excellent mobile optimization. It employs best practices in web development, including the use of security headers and HTTPS, contributing to a strong security posture. Privacy and cookie policies are clearly stated with consent mechanisms, indicating good compliance with GDPR and related regulations. Security-wise, the site demonstrates a mature posture with no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policy pages and incident response contacts, which could enhance trust and preparedness. The absence of WHOIS data due to privacy protection is typical for non-profits and does not detract from the site's legitimacy given its affiliations and professional presentation. Overall, Community Jameel's website is a trustworthy, well-maintained platform that effectively communicates its mission and programs while adhering to modern technical and privacy standards. Strategic improvements in security transparency and contact information could further strengthen its credibility and user trust.

O

Obec Želiv

obeczeliv.cz

44

Obec Želiv operates an official municipal website serving the residents and visitors of the Želiv municipality in the Czech Republic. The website provides comprehensive local government information, including news, official documents, event calendars, and contact details. It targets local citizens and stakeholders seeking municipal services and updates. The business model is public service oriented, focusing on transparency and community engagement. The website is well-positioned as the authoritative source for municipal information in the region.

M

Memory Computers s.r.o.

vysocinawest.cz

54

Vysočina West is a regional tourism promotion website focused on the Vysočina West area in the Czech Republic. It provides comprehensive information about tourist attractions, activities, accommodation, gastronomy, and cultural events, targeting tourists and visitors interested in exploring this region. The website is supported by local municipalities and government programs, indicating a strong regional partnership and official backing. The business model centers on destination marketing and tourism promotion, with a small company size and recent domain registration in 2021. Technically, the website uses a modern JavaScript stack including jQuery, Swiper, Google Tag Manager, and Google Translate for multilingual support. The hosting is provided by Wedos, a Czech hosting provider consistent with the domain registrar. The site demonstrates good mobile optimization and basic accessibility, with moderate performance. SEO optimization is basic but present. From a security perspective, the site uses HTTPS and integrates Google services securely. However, it lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance. No vulnerabilities or exposed sensitive data were detected in the HTML content. Incident response and vulnerability disclosure mechanisms are absent. Overall, the website is professional, trustworthy, and safe for general audiences. It effectively serves its purpose as a regional tourism portal but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

A

Alsico

alsico.com

69

Alsico is a large European manufacturer specializing in workwear, cleanroom clothing, and protective clothing, with a global production footprint. The company positions itself as a leader in the workwear industry, emphasizing design innovation and sustainability. Their website reflects a professional digital presence with clear branding, comprehensive privacy and cookie policies, and active engagement on social media platforms. Technically, the site uses modern frameworks such as Astro, integrates multiple analytics and marketing tools, and implements strong security practices including HTTPS and security headers. However, the absence of WHOIS data and lack of published security policies or incident response contacts represent areas for improvement in transparency and trust. Overall, Alsico demonstrates a mature digital infrastructure suitable for its market position but should enhance its security communication and domain registration transparency.

H

HERMLE organizační složka

hermle.cz

55

HERMLE organizační složka is the Czech and Slovak branch of Maschinenfabrik Berthold HERMLE AG, a leading German manufacturer of CNC milling machines and automation solutions. The website presents a professional and content-rich platform targeting customers, potential clients, and investors interested in high-precision machining centers. The company emphasizes quality, precision, and service, with nearly 90 years of parent company experience and a local presence since 2004. Technically, the site is built on TYPO3 CMS, uses modern JavaScript libraries, and integrates tracking and consent management tools to comply with GDPR. Security posture is adequate with HTTPS and cookie consent but lacks explicit security headers and detailed security policies. WHOIS data is unavailable, which slightly impacts trust but the overall digital footprint and business information support legitimacy. The site is well-optimized for mobile and SEO, with clear navigation and professional branding.

A

Agentura Inforpres, s.r.o.

infotherma.cz

60

Infotherma.cz is the official website for INFOTHERMA, a well-established international exhibition focused on heating, energy savings, and renewable energy sources. The event is organized by Agentura Inforpres, s.r.o., a Czech company with a long history dating back to 2000. The website serves as a comprehensive portal for visitors and exhibitors, providing registration, event information, media resources, and partner details. The site is professionally designed with clear navigation and a focus on the energy sector, targeting industry professionals and stakeholders interested in energy efficiency and sustainable technologies. Technically, the website uses modern web technologies including Google Tag Manager and Google Analytics for tracking, served via a reputable Czech hosting provider REG-ZONER. The site is mobile-optimized and loads quickly, with a cookie consent mechanism compliant with GDPR requirements. The CMS platform is ISSA CMS, a specialized content management system. While security headers are not explicitly detected, HTTPS is enforced, and no critical vulnerabilities or exposed sensitive data were found. From a security perspective, the site demonstrates good practices such as cookie consent and HTTPS usage but lacks publicly available security policies or incident response contacts. No vulnerability disclosure or security.txt files are present, indicating room for improvement in transparency and security maturity. The WHOIS data confirms the domain's legitimacy and long-term registration consistent with the business's history. Overall, Infotherma.cz is a credible, professional website supporting a niche energy exhibition business. It maintains good privacy compliance and technical standards but could enhance its security posture by publishing formal security policies and improving security headers. The site is safe for general audiences with no adult or questionable content.

C

CEE Automotive Supply Chain

ceeautomotive.eu

65

CEE Automotive Supply Chain 2025 is a professional event platform focused on the automotive industry in Central and Eastern Europe, particularly the V4 countries and Austria. It organizes conferences, networking evenings, and B2B matchmaking meetings to connect automotive professionals and companies. The platform leverages the b2match event system and integrates Google Analytics and Tag Manager for visitor insights with GDPR-compliant consent mechanisms. The website is well-structured, mobile-optimized, and provides comprehensive event information and partner details. Security posture is solid with HTTPS and cookie consent, though explicit security policies and incident response details are absent. WHOIS data is not publicly available due to EURid privacy policies, which is typical for EU domains and does not detract from legitimacy. Overall, the site presents a trustworthy and professional digital presence for the event.

C

czech-raildays.cz

czech-raildays.cz

48

czech-raildays.cz is a Czech language online magazine dedicated to providing comprehensive information about railway transport in the Czech Republic, including news, history, technology, and societal topics. The site targets railway enthusiasts and the general public interested in transportation and related fields. It operates primarily as a content publishing platform monetized through advertising, notably Google Adsense. The website demonstrates a moderate level of digital maturity with a clean design, good navigation, and mobile optimization. It uses modern web technologies including Google Fonts and Matomo analytics for user tracking and performance measurement. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is well addressed with a clear privacy policy, cookie consent mechanism, and GDPR adherence. However, no explicit security or incident response policies are published. The domain WHOIS data shows a recent or future creation date, which is unusual but likely a data anomaly. Overall, the website is professional, trustworthy, and serves a niche media market effectively.

V

Veletrhy Brno, a.s.

amper.cz

66

Veletrhy Brno, a.s. operates the AMPER trade fair, a leading international event in the fields of electrotechnics, electronics, and energy in the Czech Republic and Slovakia. The website showcases a professional and comprehensive platform for exhibitors and visitors, featuring detailed event information, multimedia galleries, and active social media engagement. The technical infrastructure employs modern web technologies and tracking tools, ensuring a responsive and user-friendly experience. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data slightly reduces trust but does not detract from the overall legitimacy and professionalism of the site.

B

BVH Bitumen Vertrieb und Handel GmbH

bvh-bitumen.de

41

BVH Bitumen Vertrieb und Handel GmbH is a specialized German company founded in 2001 that focuses on the distribution and trading of bitumen products for road construction and industrial applications. Their website reflects a niche business model targeting B2B customers in the energy and construction sectors, offering products such as oxidized and modified bitumen. The company positions itself as an experienced supplier adhering to industry standards. Technically, the website is built on the namRED CMS, an older open-source framework, with basic JavaScript and CSS usage. The site lacks modern mobile optimization and advanced SEO features, indicating a moderate level of digital maturity. Security posture is minimal with no detected HTTPS enforcement or security headers, and no visible incident response or security policies. Privacy compliance is limited, with a basic privacy policy but no cookie consent mechanism. Overall, the site is functional but could benefit from modernization and enhanced security and privacy practices.

S

Saferoad Services Danmark

saferoad-services.dk

54

Saferoad Services Danmark is a medium-sized company specializing in road safety and infrastructure solutions in Denmark. The company offers a range of products including road markings, traffic safety equipment, and consulting services aimed at improving traffic safety and infrastructure robustness. The website reflects a professional and consistent brand presence targeting businesses and public sector entities involved in road infrastructure. Technically, the site uses modern JavaScript frameworks, Tailwind CSS, and integrates analytics tools such as Piwik PRO and Microsoft Application Insights. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit privacy policies are missing. The absence of WHOIS data limits domain trust assessment, but the overall digital footprint suggests a legitimate and professional business. Recommendations include adding privacy and cookie policies, security headers, and vulnerability disclosure information to enhance compliance and trust.

S

SPVI

spvi.dk

51

SPVI is a Danish engineering consultancy specializing in traffic management, road marking, traffic planning, project design, and occupational health and safety. The company targets professional clients in the transportation and infrastructure sectors. The website is built on the Wix platform, leveraging standard Wix technologies and polyfills, and is optimized for mobile devices with a moderate performance profile. Security measures include HTTPS usage and JavaScript-based hardening of fetch and XHR requests, but lack comprehensive security headers and explicit privacy or cookie policies. The absence of WHOIS data limits domain trust verification. Overall, the website presents a professional image but would benefit from enhanced privacy compliance and clearer contact information.

N

Nynas

nynas.com

61

Nynas is a well-established specialty chemicals company founded in 1996, focusing on providing bitumen and naphthenic solutions that support sustainable infrastructure and electrification. The company targets industrial and infrastructure sectors with a B2B business model and positions itself as a leader in sustainable specialty chemicals within the energy sector. The website reflects a professional and consistent brand image with good content quality and clear business messaging. Technically, the website employs modern technologies including JavaScript, Google Tag Manager, and Cookiebot for analytics and cookie consent management. The site is hosted with domainnetwork.se DNS servers and uses HTTPS with a good SSL configuration. Performance and mobile optimization are rated as moderate to good, with accessibility and SEO features well implemented. From a security perspective, the website demonstrates good practices such as HTTPS enforcement, cookie consent with granular controls, and domain transfer/update protections. However, DNSSEC is not enabled, and no explicit security policy or incident response contact information is published. Security headers are not explicitly detected, and no vulnerability disclosure mechanism is found. Overall, the security posture is solid but could be improved with additional transparency and technical controls. The overall risk assessment is low, with no signs of malicious or suspicious activity. Strategic recommendations include enabling DNSSEC, publishing a security.txt file, adding security headers, and providing clear incident response contacts to enhance trust and compliance. The website is suitable for general audiences and contains no adult or questionable content.

D

DTL - Danske Vognmænd

dtl.eu

64

DTL - Danske Vognmænd is a Danish transport association providing news, political advocacy, member benefits, consulting, and training services to transport companies and truck owners in Denmark. The website is professionally designed with clear navigation and is targeted at transport professionals and companies. The technical infrastructure includes modern web technologies such as HTML5, CSS3, JavaScript, FontAwesome icons, and tracking tools like Google Analytics and Facebook Pixel. Cookie consent is managed via CookieHub, indicating attention to privacy compliance, although no explicit privacy policy or terms of service pages were found in the provided content. Security posture is moderate with HTTPS enabled and no visible security headers, suggesting room for improvement in security best practices. Overall, the website is trustworthy and serves its business purpose effectively, but could enhance compliance and security transparency.

Geveko Markings Denmark A/S is a well-established company specializing in the development, production, and distribution of road marking materials and traffic safety solutions. With over 100 years of experience, the company serves a broad range of sectors including public traffic, parking, decorative surfaces, and accessibility. Their market position is strong within Denmark and internationally, supported by a consistent brand presence and comprehensive product offerings. The website reflects a professional and mature digital presence with clear navigation and relevant content tailored to business customers and public sector clients. Technically, the website is built on a modern CMS platform (Swift CMS) and employs contemporary web technologies such as Bootstrap, Swiffy Slider, and Google Tag Manager. The site is mobile-optimized, accessible, and SEO-friendly, indicating a good level of digital maturity. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, includes important security headers, and manages cookie consent appropriately. However, it lacks explicit security policy documentation and incident response contact details, which are recommended for enhanced trust and compliance. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the website and business demonstrate a solid security posture and compliance with privacy regulations such as GDPR. The absence of WHOIS data limits domain trust analysis, but the professional presentation and certifications like ISO9001 support legitimacy. Strategic recommendations include publishing a security policy, incident response information, and a vulnerability disclosure policy to further strengthen security and trust.

M

Městský úřad Lovosice

meulovo.cz

52

The website meulovo.cz is the official municipal portal for the town of Lovosice in the Czech Republic. It serves as a comprehensive information hub for residents and visitors, offering news updates, event calendars, public notices, and various citizen services such as waste management, social services, education, and business-related information. The site is positioned as a local government authority platform, providing essential public services and community engagement tools. The domain has been registered since 1999, reflecting a well-established presence in the region. Technically, the website employs a modern technology stack including JavaScript frameworks like Vue.js and Mustache.js, integrates Google services such as reCAPTCHA v3 and Analytics, and uses the Vismo CMS platform. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. It uses HTTPS and includes consent mechanisms for cookies and analytics, demonstrating a good level of digital maturity. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect forms, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR considerations. The business credibility is strong, supported by official contact details, consistent branding, and a trustworthy domain registration. Overall, meulovo.cz is a professionally maintained municipal website with a solid technical foundation and good privacy practices. To enhance security posture, it is recommended to implement security headers, publish a security policy, and consider a vulnerability disclosure mechanism. These steps will further strengthen trust and resilience against potential threats.

N

N+N – Konstrukce a dopravní stavby Litoměřice, s.r.o.

nanlitomerice.cz

44

N+N – Konstrukce a dopravní stavby Litoměřice, s.r.o. is a Czech Republic-based medium-sized company specializing in construction and infrastructure projects, particularly railway construction, bridge and wall structures, and civil engineering works. Established in 2001, the company has a solid market presence and offers comprehensive project documentation and construction services. The website reflects a professional and consistent brand image, targeting construction industry clients and infrastructure developers. Technically, the website is built on WordPress with common plugins such as WPBakery Page Builder, Slider Revolution, and Complianz GDPR for compliance. It integrates Google Tag Manager and Google reCAPTCHA for analytics and security. The hosting is provided by cesky-hosting.eu, and the site shows moderate performance with good mobile optimization. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but it lacks explicit security headers and uses an outdated jQuery version, which could pose risks. No exposed sensitive data or vulnerabilities were detected in the HTML content. Privacy compliance is strong with a comprehensive GDPR policy and cookie management. Overall, the website is trustworthy and professionally maintained, with recommendations to update JavaScript libraries and enhance security headers to improve the security posture further.

PREOL, a.s. is a leading Czech company specializing in the processing of rapeseed seed and production of related products such as biofuels, animal feed, and food products. It operates as part of the AGROFERT group, a major player in the Czech agricultural and energy sectors. The website presents a professional image with clear branding, multilingual support, and comprehensive information about its business activities and compliance with GDPR regulations. The company targets both general consumers and business partners in the energy and agricultural industries. Technically, the website uses a custom CMS (Poski), JavaScript libraries such as jQuery, and includes responsive design features for mobile optimization. While the site performs moderately well, there is room for improvement in accessibility and security headers. The cookie consent mechanism and GDPR information demonstrate a commitment to privacy compliance. From a security perspective, the site lacks visible security headers and explicit incident response or security policy pages, which could be enhanced to improve trust and resilience. The absence of WHOIS data is a concern for domain legitimacy, although the website content and business information align with a reputable corporate entity. Overall, the site is secure enough for general use but would benefit from strengthened security practices and transparency. The overall risk assessment is moderate with recommendations to improve security headers, SSL configuration, and incident response transparency. These steps will enhance user trust and regulatory compliance, supporting the company’s strong market position in the Czech energy and agricultural sectors.

D

Das Bundesministerium für Verkehr

bmv.de

65

The Bundesministerium für Verkehr (BMV) website serves as the official portal for the German Federal Ministry of Transport, providing comprehensive information on transportation and mobility topics. The site targets the general public and stakeholders in the transport sector, offering policy updates, infrastructure information, and mobility initiatives. The website is positioned as a key government authority in Germany's transportation domain, reflecting an enterprise-level operation with consistent branding and good content quality. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript, with some use of local storage and XMLHttpRequest for dynamic content loading. While the site is accessible over HTTPS and includes structured metadata and Open Graph tags, it lacks explicit privacy and cookie policies, and no advanced frameworks or CMS were detected. Mobile optimization and accessibility are basic but functional. From a security perspective, the site benefits from HTTPS and absence of exposed sensitive data, but lacks visible security headers and formal security policies. Tracking via etracker scripts indicates moderate user tracking without clear consent mechanisms, suggesting room for improvement in privacy compliance. WHOIS data aligns with a legitimate government entity, reinforcing trustworthiness. Overall, the site presents a professional and trustworthy front for the ministry but should enhance privacy disclosures, cookie consent, and security headers to improve compliance and user trust. Strategic recommendations include implementing comprehensive privacy and cookie policies, deploying security headers, and enhancing mobile and accessibility features.

N

Nikodémova noc - Pokyny

nikodemovanoc.sk

41

Nikodémova noc is a Slovak non-profit pastoral project affiliated with the Catholic Church, focused on organizing night adoration events to facilitate spiritual encounters with Jesus Christ. The website serves as an informational and organizational platform for local parishes to participate and promote these events. The project targets church attendees and the broader public interested in spiritual activities, operating primarily within Slovakia and neighboring countries. The domain is well-established since 2012 with consistent registration data and DNSSEC enabled, indicating a legitimate and stable online presence. Technically, the website uses basic web technologies including HTML, CSS, and older versions of JavaScript libraries such as jQuery 1.4.1 and Fancybox 1.3.0. Hosting appears to be provided by Websupport.cz. The site shows moderate performance and basic mobile optimization but lacks modern frameworks or CMS platforms. SEO and accessibility features are minimal but functional. Security posture is moderate with DNSSEC enabled but lacks visible security headers and uses outdated JavaScript libraries that may expose vulnerabilities. The login form for program management lacks visible advanced security features. Privacy and compliance are weak, with no privacy policy, cookie policy, or GDPR compliance indicators present on the site. No contact emails or phone numbers are provided, only a login form for authorized users. No incident response or security policy information is available. The site content is safe, religious in nature, and suitable for general audiences without any adult or questionable content. Overall, the website is functional and serves its niche purpose but requires improvements in security, privacy compliance, and modernization of technical components to enhance trust and resilience against vulnerabilities.

Mouser.cz is a small Czech IT service provider specializing in custom development and management of enterprise information systems, web applications, and network infrastructure. The company offers services including domain registration, web hosting management, LAN network construction, and computer repairs. The website clearly states it is not affiliated with the global Mouser Electronics company, reducing brand confusion. The technical infrastructure is based on PHP, MySQL, HTML5, and JavaScript, hosted likely with WEDOS, a Czech hosting provider. The website is basic in design and content, with minimal SEO and accessibility features. Security posture is weak, with no detected HTTPS or security headers, and no published privacy or cookie policies, indicating compliance gaps. Contact information is clearly provided, but no forms or social media presence is evident. Overall, the site is functional but lacks modern security and privacy best practices.

S

Společnost katolického apoštolátu (Pallotini)

pallotini.cz

47

The website represents the Society of the Catholic Apostolate (Pallotini), a religious non-profit organization founded in 1835. It provides information about the organization's mission, global presence, and apostolic activities including parish work, education, healthcare, and social outreach. The site targets Catholic faithful and those interested in religious apostolate work. Technically, the site uses a custom PHP-based CMS with legacy JavaScript libraries such as jQuery 1.4.1 and basic CSS styling. Hosting is likely provided by Active24, consistent with the domain registrar data. Security posture is moderate with no visible HTTPS confirmation or security headers in the provided data, and outdated JavaScript libraries present potential vulnerabilities. Privacy and cookie policies are absent, indicating compliance gaps with GDPR. Contact information is clearly provided with physical addresses, phone numbers, and a company email. Overall, the site is functional and informative but would benefit from technical modernization and improved security and privacy compliance.

A

Acord, z.s.

acord-spolek.cz

57

Acord, z.s. is a small Czech non-profit organization focused on cultural activities including theater and music, primarily serving the local community of Slatiňany. The organization engages both children and adults in theatrical performances, family events, and charitable concerts, emphasizing community involvement and cultural enrichment. Their business model relies on sponsorships and donations, with transparent public donation accounts and a clear contact presence on their website. Technically, the website is built on the Webnode CMS platform and utilizes Amazon Cloudfront CDN for content delivery. The site is moderately optimized for performance and mobile devices, with basic SEO and accessibility features. The presence of Google Tag Manager indicates moderate user tracking and analytics capabilities. However, the site lacks advanced security headers and comprehensive privacy documentation. From a security perspective, the website enforces HTTPS and implements a cookie consent banner, which are positive indicators. However, the absence of security headers and privacy policies represents compliance gaps, particularly under GDPR. The missing WHOIS data reduces domain trustworthiness, though the website content and contact details suggest a legitimate small non-profit entity. Overall, the security posture is moderate but could be improved with better policy transparency and technical safeguards. The overall risk is moderate with no critical vulnerabilities detected. Strategic improvements in privacy compliance, security headers, and WHOIS transparency would enhance trust and security posture. The website is safe for general audiences and does not contain any adult or questionable content.

S

Schwäneshop - der offizielle Fanshop des FSV Zwickau

schwaeneshop.de

62

Schwäneshop.de is the official online fan merchandise store for the German football club FSV Zwickau. The website offers a range of club-related products targeting fans and supporters, operating on the Shopify e-commerce platform. The site is well-branded, with clear affiliation to the club, and provides a user-friendly shopping experience in German. Technically, the website leverages modern e-commerce technologies including Shopify's infrastructure, Google Maps API, and various third-party apps to enhance functionality and user engagement. Security-wise, the site enforces HTTPS, uses standard security headers, and integrates error monitoring via Rollbar, though explicit security policies and incident response contacts are not published. Privacy compliance is strong, with comprehensive privacy and cookie policies and consent mechanisms in place. Overall, the website presents a professional and trustworthy online retail presence with moderate to good technical and security maturity.

B

Bonifatius Verlag

bonifatius-verlag.de

60

Bonifatius Verlag is a German publishing company specializing in socially relevant, spiritual, and biographical literature. Their website offers an e-commerce platform for book sales, targeting readers interested in life guidance, social sciences, and spirituality. The company positions itself as a niche publisher with a focus on positive and warm-hearted content. Technically, the website is built on WordPress with WooCommerce and German Market plugins, providing a solid e-commerce infrastructure. The site is mobile-optimized and features a professional design with clear navigation. Security-wise, the site uses HTTPS and some security best practices but lacks comprehensive security headers and visible security policies. Privacy compliance is minimal with no explicit privacy or cookie policies found. Overall, the website is trustworthy and professional but could improve in privacy and security transparency.

D

Der Dom

derdom.de

71

Der Dom is a German-language regional religious news magazine operated under the Bonifatius GmbH publishing group. It provides independent, high-quality journalism focused on the Erzbistum Paderborn community, offering subscription-based print and digital content, newsletters, and event information. The website demonstrates a mature digital infrastructure built on WordPress with modern SEO and accessibility features. Security posture is solid with HTTPS, cookie consent management, and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

A

AdvertServe

advertserve.com

64

AdvertServe is a mature, cloud-hosted ad management platform targeting B2B and niche publishers with direct sales teams. The company offers a comprehensive suite of ad serving, targeting, tracking, and real-time reporting services, including video streaming and VAST/VPAID support. With a claimed 25+ years of experience and a customer base exceeding 30,000 sites globally, AdvertServe positions itself as a reliable and feature-rich solution in the ad tech industry. The platform emphasizes uptime reliability, AI-powered monitoring, and free technical support to differentiate itself in a competitive market. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript, Bootstrap, and integrates Google Fonts and Font Awesome for styling. It uses Google Tag Manager and Pingdom for analytics and performance monitoring. The site is mobile-optimized with good SEO practices and a clear navigation structure, providing an excellent user experience. However, some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and uses secure asynchronous ad tags. The contact form includes validation and anti-spam measures. Despite these strengths, the absence of WHOIS data for the domain is a notable concern, as it conflicts with the company's claimed long operational history. Additionally, the site lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for trust and compliance. Overall, AdvertServe presents as a professional and trustworthy business with a strong technical foundation and good privacy compliance. The main risk lies in the domain registration opacity, which should be investigated further to ensure legitimacy. Strategic improvements in security transparency and WHOIS data clarity would enhance trust and reduce potential risks.

E

Event Engine CMS Ltd

eventengine.tv

66

Event Engine CMS Ltd is a specialized web development company focused on delivering custom web applications and software solutions for the events industry. Founded in 2016 and based in Great Britain, the company offers a range of products including a CMS platform (Rondayvoo CMS), live streaming and networking solutions (Rondayvoo Live), and AI-powered content assistants (Rondayvoo AI). Their market position is that of a niche provider trusted by notable event brands and professional conference organizers. The website reflects a professional and consistent brand image with excellent content quality and clear service offerings. Technically, the website is built on WordPress using modern frameworks such as the Bricks theme builder and The SEO Framework plugin. It employs standard web technologies including JavaScript, jQuery, and integrates Google Analytics and Google Tag Manager for analytics. The site is mobile-optimized and SEO-friendly, though performance is moderate. Hosting appears to be via NameCheap, consistent with the registrar information. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protections enabled. However, the contact form's Google reCAPTCHA implementation is broken due to an invalid site key, which poses a risk of spam. Additionally, security headers are not detected, and there is no visible incident response or vulnerability disclosure information. Privacy and cookie policies are present and appear GDPR compliant. Overall, the website demonstrates a solid business credibility and technical maturity with minor security and compliance gaps. Strategic improvements in security controls and transparency would enhance trust and reduce risk.

I

INRAE

inra.fr

64

INRAE is a prominent French public research institute focused on agriculture, food, and environmental sciences. The website reflects a well-established institution with a broad range of scientific research themes and public engagement through events, publications, and social media. The site is built on Drupal 10, indicating a modern CMS platform with good mobile optimization and accessibility. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks visible security headers and explicit privacy policies. WHOIS data is unavailable, which limits domain trust assessment, but the institutional branding and content strongly support legitimacy. Overall, the website is professional, content-rich, and serves a diverse audience including researchers, students, and policymakers.

M

Manger Bouger

mangerbouger.fr

55

MangerBouger.fr is an official French public health website dedicated to promoting healthier eating habits and increased physical activity among the general population. It offers a wide range of resources including recipes, activity ideas, personalized content via quizzes, and educational materials for both the public and professionals. The site is clearly positioned as a government-backed platform, supported by Santé publique France, and targets all age groups from children to seniors. Technically, the site is built on the eZ Platform CMS, uses modern JavaScript and SVG icons, and integrates advanced tag management and analytics tools such as TagCommander and Piano Analytics. The website is mobile-optimized with good SEO and accessibility features, although accessibility compliance is noted as non-conformant. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and published security policies. The WHOIS data is not publicly available, which is typical for French government domains, but the domain and website content strongly indicate legitimacy and trustworthiness. Overall, the site scores highly on content quality, technical implementation, privacy compliance, and business credibility, making it a reliable and professional resource for public health information.

S

Swoogo LLC

swoogo.com

58

Swoogo LLC operates a sophisticated event management software platform designed to support in-person, virtual, and hybrid events. The company targets event professionals and organizers, offering a comprehensive SaaS solution that covers event registration, data insights, logistics, marketing, and mobile applications. Founded in 2015 and based in Los Angeles, Swoogo positions itself as an enterprise-ready platform with a strong market presence and a focus on customer support and user experience. The website reflects a professional brand with consistent messaging and rich content, including testimonials and educational resources. Technically, the website is built on WordPress and leverages modern JavaScript frameworks such as Alpine.js, along with embedded video content via Wistia. It integrates multiple analytics platforms including Google Tag Manager, PostHog, and Fathom, and employs Osano for cookie consent management, indicating a mature digital infrastructure. The site is mobile-optimized, fast-loading, and SEO-friendly, with good accessibility features. From a security perspective, the site enforces HTTPS and uses consent management tools to comply with privacy regulations. While explicit security headers are not fully confirmed, the overall posture is strong with no visible vulnerabilities or exposed sensitive data. WHOIS data is privacy protected but consistent with a legitimate business entity, and no suspicious patterns were detected. Overall, Swoogo demonstrates a high level of professionalism, technical maturity, and security awareness, making it a trustworthy platform in the event management software market.

W

WITRA Service GmbH

witra-wittenberg.de

62

WITRA Service GmbH is a regional property service provider based in Lutherstadt Wittenberg, Germany, specializing in house maintenance, cleaning, green area care, and emergency services. As a wholly owned subsidiary of WIWOG mbH, it leverages strong local partnerships to deliver comprehensive property-related services primarily to residential property owners and housing companies. The website is professionally designed, mobile-optimized, and provides clear contact channels including phone, email, and a contact form. The technical infrastructure is based on the CIDEMOS CMS platform, with modern web technologies and a cookie consent mechanism ensuring GDPR compliance. Security posture is adequate with HTTPS and CSRF protections, though additional security headers could enhance protection. Overall, the site reflects a trustworthy and credible business presence with no signs of malicious activity or content blocking.

G

Gesellschaft für Wohneigentum mbH Wittenberg

wigewe.de

62

Gesellschaft für Wohneigentum mbH Wittenberg (WIGEWE) is a municipally owned medium-sized real estate service provider founded in 1993, specializing in property management, rental, sales, and accounting services primarily in Lutherstadt Wittenberg and surrounding regions. The company manages a significant portfolio including residential, commercial, and special properties, and offers additional services such as measurement and remote reading of consumption data. The website reflects a professional and trustworthy presence with clear contact channels and comprehensive service descriptions. Technically, the site is built on the CIDEMOS CMS platform, employs modern web standards, and integrates third-party services like Google Maps and YouTube. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with GDPR-aligned policies and consent dialogs. Overall, the site demonstrates good digital maturity and business credibility.

W

wittenberg-net GmbH

wittenberg-net.de

57

wittenberg-net GmbH is a regional telecommunications company operating in Germany, focusing on providing high-speed internet and telephony services primarily through fiber optic technology. As part of the Stadtwerke Gruppe, it serves local communities with broadband expansion and reliable connectivity solutions. The website reflects a professional and consistent brand image, targeting residents and businesses in the served regions. Technically, the site is built on TYPO3 CMS with Bootstrap framework, indicating a modern and maintainable infrastructure. Accessibility and mobile optimization are well addressed, with external scripts enhancing user experience and analytics. Security posture is moderate; HTTPS is used, and cookie consent mechanisms are implemented, but explicit privacy policies and security headers are lacking. WHOIS data is limited due to DENIC privacy policies but shows no suspicious indicators, supporting the legitimacy of the domain. Overall, the site is trustworthy and functional but could improve in transparency and security best practices.

S

Studio Kai Bergmann

kai-bergmann.com

62

Studio Kai Bergmann is a small photography business based in Leipzig, Germany, specializing in editorial, corporate, and portrait photography services primarily targeting companies, brands, and agencies in central Germany. The website serves as a professional portfolio showcasing their work and provides clear contact options including email and phone. The business appears well-positioned regionally with a focused service offering and a consistent brand presentation. Technically, the website is built on the Squarespace platform, leveraging modern web technologies such as JavaScript and CSS. It is mobile-optimized and includes basic SEO and accessibility features. Performance is moderate, typical for a Squarespace hosted site. The technical infrastructure is stable but could benefit from enhanced security configurations such as DNSSEC and additional HTTP security headers. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protections enabled. However, it lacks DNSSEC and several recommended security headers, which could improve its resilience against certain attacks. Privacy compliance is addressed with a cookie consent banner and a privacy policy in German, indicating GDPR awareness. No incident response or vulnerability disclosure information is present. Overall, the website presents a low-risk profile with good business credibility and privacy compliance. Strategic improvements in security hardening and adding terms of service or security policies would enhance trust and protection.