High-risk security reports

M

MOBILBOARD s.r.o.

mobilboard.cz

45

MOBILBOARD s.r.o. operates as the largest provider of mobile advertising on public transport vehicles across the Czech Republic and Slovakia. Their services encompass exterior and interior advertising on buses, trolleybuses, trams, metro, and long-distance transport, including digital formats such as LCD monitors and Wi-Fi advertising. The company targets advertisers and marketing agencies seeking impactful outdoor advertising solutions with regional and nationwide reach. Technically, the website is built on WordPress with modern SEO and tracking tools, offering a good user experience and mobile optimization. Security posture is solid with HTTPS and consent mechanisms, though improvements in security headers are recommended. The absence of WHOIS data introduces some uncertainty regarding domain registration legitimacy, but the professional presentation and comprehensive policies support business credibility. Overall, the website is well-structured, content-rich, and trustworthy for its intended audience.

A

ABIRAIL CZ s.r.o.

abirail.cz

45

ABIRAIL CZ s.r.o. is a Czech Republic based company specializing in information systems for public transport and industrial automation solutions. Established since 2013, the company offers custom software development, consulting, technical project supervision, and 24/7 support services. Their client base spans across Europe, with a focus on transportation companies and industrial manufacturing sectors. The website demonstrates a professional digital presence built on WordPress with Elementor, featuring clear navigation, client case studies, and GDPR-compliant privacy and cookie policies. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy. Security posture is good with HTTPS and security headers in place, but lacks explicit security policy and incident response information.

M

MOLPIR, s.r.o.

molpir.com

43

MOLPIR, s.r.o. is a Slovak private company founded in 1993 specializing in the design, development, manufacturing, import, distribution, and servicing of a broad range of vehicle accessories for cars, trucks, buses, and trains. The company operates primarily in Slovakia and the Czech Republic with a presence across Europe through partners. Their key services include manufacturing and supplying components to vehicle and seat manufacturers, positioning them as a significant regional player in the transportation accessories sector. The website reflects a mature digital presence built on WordPress with modern frameworks and SEO optimizations, supporting their business model effectively. Security-wise, the site uses HTTPS and Google reCAPTCHA but lacks some advanced security headers and explicit security policies, which could be improved. The absence of WHOIS data for the domain is a notable concern, impacting domain trustworthiness despite the professional business presentation. Overall, MOLPIR demonstrates a solid business and technical foundation with room for enhanced security and privacy compliance.

B

Busplan – Městské autobusy a minibusi na zakázku

busplan.cz

40

Busplan.cz is a Czech Republic-based small business specializing in the sale and servicing of city buses and minibuses, featuring well-known brands such as Mercedes-Benz, Iveco, Temsa, and BMC. The website presents a professional and well-structured digital presence using WordPress and Elementor, offering detailed product information and clear navigation aimed at transport companies and municipal clients. However, the absence of WHOIS registrant data and privacy policies limits transparency and trustworthiness. Technically, the site employs modern web technologies and is mobile-optimized, but lacks advanced security headers and privacy compliance mechanisms. Overall, the security posture is moderate with room for improvement in compliance and incident response readiness.

M

Miteral

miteral.cz

42

Miteral is a Czech Republic-based company specializing in professional automotive service equipment, including autoservis and pneuservis tools and machinery. Operating since 1990, it serves a B2B market across the Czech Republic, offering a broad product range through a dedicated e-shop and direct sales. The website reflects a mature business with a clear market position as a trusted supplier of automotive workshop equipment. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, and Google Analytics, providing a responsive and user-friendly experience. Privacy compliance is addressed with cookie consent and a basic GDPR-aligned privacy policy. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Security posture is moderate with standard best practices but lacks advanced security headers and explicit security policies. Overall, the website is professional and trustworthy but would benefit from improved domain registration transparency and enhanced security measures.

K

KHMC

khmc.cz

40

KHMC s.r.o. is a Czech manufacturer specializing in the production and custom conversion of minibuses, luxury buses, and special vehicles since 1995. The company operates primarily in the transportation sector, serving customers seeking tailored bus solutions. Their website reflects a mature digital presence built on WordPress and WooCommerce, featuring modern technologies such as Google Analytics, Google Tag Manager, and reCAPTCHA for security. The site is well-structured, mobile-optimized, and includes comprehensive contact information and GDPR-compliant privacy and cookie policies. However, the absence of WHOIS data for the domain raises some concerns about domain registration transparency. Overall, KHMC demonstrates a solid market position with professional branding and a clear business model focused on vehicle manufacturing and after-sales services.

The website nitrasmart.sk currently serves as a minimal placeholder or integration page with very limited content. It primarily loads an external JavaScript from Microsoft Azure Blob Storage, indicating a possible chatbot or webchat integration. There is no visible business description, contact information, or user-facing content to provide insight into the company's operations or services. The domain is registered since 2017 with a valid registration until 2026, consistent with a legitimate small business presence in Slovakia. However, the lack of content and policies suggests the site is either under development or used for a very narrow technical purpose. From a technical perspective, the site uses basic HTML with JavaScript and is hosted on Azure Blob Storage. There is no evidence of a CMS or advanced frameworks. The site lacks SEO optimization, accessibility features, and mobile responsiveness. Security headers are not detected, and no privacy or cookie policies are present, which impacts compliance and trust. Security posture is minimal but not alarming; HTTPS is assumed but not confirmed from the data. DNSSEC is enabled on the domain, which is a positive security indicator. No vulnerabilities or exposed sensitive data were found in the limited content. Overall, the site scores low on content quality, privacy compliance, and business credibility due to the absence of meaningful content and policies. The overall risk is low in terms of malicious content but high in terms of trust and compliance due to missing policies and contact information. Strategic recommendations include adding comprehensive privacy and cookie policies, improving website content and structure, implementing security headers, and providing clear contact and business information to enhance credibility and compliance.

A

ARRIVA na Slovensku

arriva.sk

43

ARRIVA na Slovensku operates as a regional public transportation provider specializing in bus services and bikesharing across multiple Slovak cities including Bratislava, Nitra, Michalovce, Nové Zámky, and Trnava. The company has an established market presence since 2006, supported by a domain age consistent with its business history. The website is built on WordPress with modern SEO and analytics tools, indicating a moderate level of digital maturity. The technical infrastructure includes HTTPS with DNSSEC enabled, hosted by websupport.sk, ensuring a secure and reliable user experience. However, the site lacks visible privacy and cookie policies, incident response information, and explicit contact details, which are critical for compliance and user trust. Overall, the security posture is good but could be improved by adding comprehensive privacy and security documentation. Strategic recommendations include implementing GDPR-compliant privacy and cookie policies, publishing security and incident response policies, and enhancing accessibility and contact transparency to strengthen user trust and compliance.

D

Dopravný podnik mesta Košice, a.s.

dpmk.sk

49

Dopravný podnik mesta Košice, a.s. is the primary public transportation operator in Košice, Slovakia, providing bus, trolleybus, and tram services. The company offers a range of services including electronic ticketing, mobile tickets, and advertising on public transport infrastructure. The website reflects a well-established organization with clear market positioning and a focus on serving the general public and commuters in the region. The presence of ISO 9001 certification and EU project funding logos further supports its credibility and operational quality. Technically, the website is built on Drupal 11, utilizing modern JavaScript libraries and frameworks to deliver a responsive and accessible user experience. The site is well-structured with clear navigation and good SEO practices. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms, and shows no signs of exposed sensitive data or vulnerabilities. However, it lacks some advanced security headers and an incident response disclosure. Overall, the website demonstrates a strong security posture and compliance with GDPR, making it trustworthy for users. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a vulnerability disclosure policy to further strengthen security and trust.

S

Svet motocyklov

motofan.sk

41

Motofan.sk is a well-established Slovak online media portal dedicated to motorcycles, motorcycle events, news, and related content. Founded in 2009, it serves a niche audience of motorcycle enthusiasts in Slovakia, offering news articles, event calendars, a bazaar for used motorcycles, and an e-shop. The website is monetized primarily through advertising, as evidenced by multiple ad banners and the use of Revive Adserver and Facebook Pixel tracking. The site uses modern frontend technologies including Bootstrap and jQuery, and is hosted on Slovak-based servers consistent with its target audience. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content.

D

Diakonie Hospiz Wannsee

diakonie-hospiz-wannsee.de

47

Diakonie Hospiz Wannsee is a small, established non-profit hospice care provider based in Berlin, Germany, offering both inpatient and outpatient hospice and palliative services. The organization is part of a larger diaconal healthcare network affiliated with Immanuel Albertinen Diakonie, providing comprehensive end-of-life care, counseling, and support services. The website reflects a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on TYPO3 CMS, is mobile-optimized, and accessible, though performance is moderate. Security posture is adequate with HTTPS enforced but lacks advanced security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and safe for general audiences.

W

Web Commerce GmbH

konradsblatt.de

47

Konradsblatt is a German regional Catholic weekly newspaper serving the Archdiocese of Freiburg. The website provides news, commentary, subscription services, and an online shop for related publications. The business is positioned as a trusted religious media outlet with a clear target audience in the Catholic community. The website is professionally designed, mobile-optimized, and uses Edith CMS as its content management system. It integrates Matomo analytics with some privacy considerations. Security posture is good with HTTPS and basic security headers, but lacks explicit privacy and cookie policies as well as incident response information. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

A

AŽD Praha s.r.o.

svestkovadraha.cz

49

The website svestkovadraha.cz represents AŽD Praha s.r.o., a significant Czech company specializing in railway and road transportation technologies, including telecommunication and automation. The site serves as an information and service portal for the Švestková dráha U10 railway line, offering trip planning, ticket purchasing, and tourism promotion. It positions itself as an important regional transportation provider with a focus on customer service and integrated ticketing systems. The presence of multiple related railway lines and fan shop links indicates a well-established ecosystem around the company’s transport services. Technically, the website employs modern web technologies such as Google Tag Manager, Google reCAPTCHA for form security, and custom JavaScript for user interaction. The site is mobile-optimized with good navigation and content structure, although accessibility features could be improved. The use of HTTPS and cookie consent mechanisms reflects a commitment to security and privacy compliance, although explicit security headers are not evident in the HTML content. From a security perspective, the site demonstrates good practices including HTTPS enforcement and spam protection on forms. However, the absence of visible security headers and lack of published incident response or vulnerability disclosure policies suggest areas for enhancement. The WHOIS data is unavailable, which slightly reduces trustworthiness, but the website’s professional presentation and consistent contact information mitigate concerns. Overall, the site is a well-maintained, professional platform supporting a medium-sized transportation business with a strong regional presence. Strategic improvements in security headers, accessibility, and transparency around security policies would further strengthen its posture.

Jesenické návraty is a regional tourism promotion website focused on the Jeseníky region in the Czech Republic. It serves as a platform to showcase local partners, tourist attractions, and routes, targeting tourists and visitors interested in outdoor and cultural experiences in the region. The website features multiple partner logos and external links to local businesses, hotels, and tourism organizations, indicating a collaborative business model centered on regional tourism promotion. Technically, the website uses modern frontend technologies such as Bootstrap 4.1.3, FontAwesome, and Google Analytics for tracking. It is hosted with Active24, a known Czech hosting provider, and uses HTTPS to secure communications. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, it lacks some advanced SEO and accessibility features and does not implement security headers or privacy and cookie policies. From a security perspective, the website has a basic but adequate posture with HTTPS enabled and no visible exposed sensitive data. The absence of security headers and lack of privacy and cookie policies indicate areas for improvement. No forms or direct contact information were found, limiting data collection risks but also reducing user engagement options. The site does not appear to be blocked or protected by a WAF, allowing full content access. Overall, Jesenické návraty is a legitimate and consistent regional tourism website with moderate technical maturity and some compliance gaps, particularly in privacy and security best practices. Strategic improvements in privacy policy implementation, security headers, and contact information transparency would enhance trust and compliance.

J

Jeseníky - Sdružení cestovního ruchu

jesenikytourism.cz

44

Jeseníky - Sdružení cestovního ruchu is a regional non-profit tourism organization established in 1999, dedicated to promoting and developing the tourism potential of the Jeseníky region in the Czech Republic. The organization focuses on enhancing the quality of tourism services and increasing the region's attractiveness to both domestic and international visitors. Their website serves as an information hub and promotional platform, featuring voucher programs, news, projects, and member services. Technically, the website is built on the Noteo Engine CMS, utilizing modern web technologies such as HTML5, CSS, JavaScript, jQuery, and integrates multimedia content via YouTube and Vimeo APIs. The site is mobile-optimized and includes standard SEO and accessibility features, though some improvements are possible. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, but lacks advanced security headers and explicit incident response information, indicating room for enhancement in security posture. Overall, the website is professional, trustworthy, and compliant with GDPR, but the absence of WHOIS data limits domain registration trust assessment.

N

Newberg s.r.o.

cyklobrani.cz

47

The website cyklobrani.cz represents Newberg s.r.o., organizing the Author Valtické Cyklobraní, a popular mountain bike race event held annually in Valtice, Czech Republic. The event targets cycling enthusiasts, families, and local community members, offering race participation, children's activities, and social events centered around cycling and local wine culture. The business is small-sized, established in 2013, and maintains a consistent brand presence with active social media channels and partner collaborations. Technically, the website is built on Joomla CMS with Yootheme Pro and UIkit frameworks, providing a responsive and visually appealing user experience. The site includes optimized images and a cookie consent mechanism, but lacks advanced security headers and visible analytics or tracking tools. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site uses HTTPS but does not display security headers or incident response contacts, which lowers its security posture score. Privacy compliance is addressed through a GDPR information page and cookie consent banner. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and legitimate online presence. Overall, the website scores well in business credibility and content quality but could improve in technical security and privacy transparency. Strategic recommendations include enhancing security headers, publishing terms of service and incident response policies, and implementing analytics with privacy considerations.

M

Město Vyšší Brod

mestovyssibrod.cz

46

Město Vyšší Brod operates an official municipal website serving the local community and visitors with comprehensive information about the town, its governance, public services, and local organizations. The site targets residents and stakeholders interested in municipal affairs and community projects. Technically, the website uses a custom CMS platform with modern JavaScript libraries such as jQuery, Bootstrap 5, and Swiper for UI components, ensuring a responsive and user-friendly experience. Security-wise, the site enforces HTTPS and includes a cookie consent mechanism, but lacks visible security headers and explicit privacy or terms of service pages, which are areas for improvement. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and official contact details support its authenticity. Overall, the site presents a professional and trustworthy front for the local government but would benefit from enhanced transparency and security practices.

Š

Špacírek s dětmi

spacireksdetmi.cz

44

Špacírek s dětmi is a Czech family travel blog established in 2018, focusing on providing curated travel tips and outing guides for families with children. The website offers detailed articles, photo galleries, and trip maps primarily covering regions in the Czech Republic and some international destinations. The blog targets parents seeking ready-made travel ideas without the need to extensively plan or search. Technically, the site is built on WordPress with common plugins such as Yoast SEO and Photo Gallery, hosted by Wedos. It uses modern web technologies including jQuery, Google Fonts, and FontAwesome, and integrates Google Analytics for visitor tracking. Security posture is moderate with HTTPS implied but lacks visible security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is accessible, well-structured, and content-rich, but could improve in privacy and security practices.

S

Slovenské centrum digitálnych inovácií (SCDI)

scdi.tech

47

Slovenské centrum digitálnych inovácií (SCDI) is a Slovak organization dedicated to supporting small and medium enterprises in their digital transformation journey. The website presents SCDI as a key national player in digital innovation, offering a broad catalog of services including Industry 4.0 consulting, AI, cybersecurity, and workforce adaptation. The organization benefits from EU funding and is part of the European Digital Innovation Hubs network, enhancing its credibility and reach. The site targets Slovak SMEs, providing free services under specific EU schemes and detailed service pricing for others. Technically, the website is built on WordPress with modern JavaScript libraries and integrates Google Analytics and Tag Manager with privacy-conscious configurations. Security posture is strong with HTTPS and security headers, though no explicit security policy or incident response information is published. Privacy compliance is well addressed with a comprehensive privacy and cookie policy and consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, serving as a credible digital innovation hub for its target audience.

B

Berufe der Kirche Freiburg

berufe-der-kirche-freiburg-shop.de

49

Berufe der Kirche Freiburg operates a specialized e-commerce platform focused on church professions and related educational and devotional materials. The website targets individuals involved in church work, youth education, and religious communities primarily in Germany. The business model combines product sales with informational content, positioning itself as a niche provider in the non-profit and educational sectors. The platform uses Shopware CMS and modern web technologies to deliver a responsive and user-friendly experience. Security posture is adequate with HTTPS enforced, but lacks some advanced security headers and explicit cookie consent mechanisms. Contact information is clearly provided, enhancing trust, though no direct email contacts or social media presence are visible. Overall, the site is professional and trustworthy with room for improvement in privacy compliance and security best practices.

F

Freiburger Orientierungsjahr

freiburger-orientierungsjahr.de

45

The Freiburger Orientierungsjahr website represents a small, regionally focused educational and faith-based orientation year program affiliated with the Archdiocese of Freiburg. It offers young adults a structured year for personal development, study and career orientation, and faith strengthening. The website is professionally designed with clear navigation and consistent branding, targeting primarily German-speaking youth seeking guidance after high school. Technically, the site uses Edith CMS, jQuery, Bootstrap, and Matomo analytics, hosted on professional infrastructure with HTTPS and cookie consent mechanisms in place. Security posture is solid with no critical vulnerabilities detected, though some security best practices like security headers and incident response policies could be improved. Overall, the site is trustworthy, GDPR compliant, and safe for general audiences.

V

VDI Technologiezentrum GmbH

vditz.de

41

VDI Technologiezentrum GmbH is a well-established innovation agency and project management organization with over 50 years of experience. The company focuses on implementing innovative funding programs in key future-oriented sectors such as digitalization, sustainability, mobility, security, education, and health. Positioned as a leading project carrier in Germany, VDI TZ serves a broad audience including businesses, research institutions, and public clients across Germany and Europe. Their business model revolves around fostering research, shaping innovations, organizing networks, and communicating scientific knowledge.

S

SJF Bank

sjfbank.dk

49

SJF Bank is a well-established regional bank in Denmark, founded in 1825, offering a broad range of financial services including private banking, business banking, loans, investments, insurance, and pension products. The bank emphasizes personalized advisory services and maintaining close relationships with its customers. The website reflects a mature digital presence with modern technologies such as Next.js and React, ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly detailed. The absence of WHOIS data limits domain trust verification, but the overall business information and online presence indicate legitimacy and professionalism. Strategic recommendations include publishing detailed security policies, vulnerability disclosure mechanisms, and enhancing transparency around data protection officers to further strengthen trust and compliance.

S

SAPI

galaenergia.sk

47

GalaEnergia is a Slovak event organized by SAPI and enmon.app, focused on hosting a charity ball that combines professional networking within the energy sector with social impact by supporting families facing energy poverty. The website presents a well-structured and professionally designed platform targeting energy professionals and socially conscious attendees, aiming to establish an annual tradition. Technically, the site uses a mix of legacy and modern web technologies including jQuery 1.10.2, bxSlider, and Featherlight lightbox, hosted likely on Websupport infrastructure with DNSSEC enabled and HTTPS enforced. Security posture is moderate with good SSL configuration but usage of outdated jQuery introduces potential vulnerabilities. Privacy compliance is partial with a privacy policy and terms of service available but lacking cookie consent mechanisms. WHOIS data shows inconsistencies with a future domain creation date, which may be a data error or placeholder, slightly impacting trust. Overall, the site is functional, professional, and safe, but improvements in security and privacy compliance are recommended.

S

SAPI - Slovenská asociácia fotovoltického priemyslu a OZE

podpormevietor.sk

41

The website represents SAPI, a Slovak non-profit association dedicated to promoting renewable energy sources, particularly photovoltaic and wind energy. It serves as an information hub and advocacy platform targeting Slovak citizens, industry stakeholders, and policymakers. The site provides educational content, news updates, and links to related events and organizations, positioning itself as a credible voice in the Slovak renewable energy sector. Technically, the website employs a range of established JavaScript libraries including jQuery, Facebook SDK, and Google Analytics for tracking. The design is professional and mobile-optimized, though some libraries like jQuery are outdated, which could pose security risks. The site lacks a cookie consent mechanism despite GDPR policy presence, indicating partial privacy compliance. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and uses outdated scripts, which lowers its security posture. No explicit security or incident response policies are published, which could be improved to enhance trust and compliance. Overall, the website is functional, informative, and moderately secure, with room for improvement in privacy compliance and security best practices. Strategic enhancements in these areas would strengthen the site's credibility and user trust.

S

SAPI - Slovenská asociácia fotovoltického priemyslu a OZE

sapiconference.sk

42

SAPI - Slovenská asociácia fotovoltického priemyslu a OZE operates a professional website focused on organizing the annual SAPI Energy Conference and related events in Slovakia. The organization targets energy professionals and stakeholders interested in renewable energy and sustainable energy solutions. The website demonstrates a mature digital presence with a good technical stack including jQuery, bxSlider, and integration with Google Analytics and social media platforms. The content is well-structured, professionally presented, and includes testimonials and references that enhance trust and credibility. Security posture is adequate with HTTPS enforced and secure form handling, though improvements are recommended in security headers and incident response transparency. Privacy compliance is partially addressed with GDPR documentation but lacks cookie consent mechanisms. Overall, the website is trustworthy, well-maintained, and serves its business purpose effectively.

SoliNet Rheinland-Pfalz operates as a non-profit advisory service dedicated to supporting individuals affected by digital violence within the Rheinland-Pfalz region of Germany. The website offers confidential, free, and multilingual online counseling services, focusing on emotional support, evidence preservation, content removal, legal guidance, and online safety education. The organization positions itself as a central resource for victims of digital violence, aiming to empower and protect users in digital spaces. Technically, the website is built on WordPress with Elementor, hosted likely by netcup GmbH, and employs modern web technologies such as jQuery. The site is accessible, mobile-optimized, and presents a professional design with consistent branding. Security-wise, HTTPS is enforced, but the absence of security headers and explicit privacy or cookie policies indicates room for improvement. No analytics or tracking scripts were detected, suggesting a privacy-conscious approach. Overall, the site is trustworthy and safe for general audiences, with no adult or questionable content. However, the lack of direct contact details and formal privacy documentation slightly reduces compliance confidence.

S

Stiftung MedienKompetenz Forum Südwest

silver-tipps.de

47

Silver Tipps is a German non-profit educational platform dedicated to empowering older adults with digital literacy and safe internet usage skills. The website offers a variety of content including articles, videos, online lectures, and quizzes, supported by reputable media and governmental partners. The target audience is primarily seniors seeking to overcome digital barriers and gain confidence in using modern technologies. The project is backed by the Stiftung MedienKompetenz Forum Südwest and other regional media authorities, positioning it as a trusted resource in the digital education sector for older populations. Technically, the website is built on WordPress with a modern tech stack including jQuery and privacy-focused Matomo analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. The use of privacy-respecting analytics and absence of commercial advertising reflect a strong commitment to user privacy and non-commercial educational goals. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks some security headers and a visible cookie consent mechanism, which are areas for improvement to enhance compliance with EU regulations. No critical vulnerabilities or suspicious elements were detected, and the WHOIS data indicates a legitimate domain registration consistent with the project's nature. Overall, Silver Tipps presents a professional, trustworthy, and well-structured platform with a clear mission. Strategic recommendations include implementing a cookie consent banner, adding security headers, publishing a security policy, and providing direct contact information to further strengthen trust and compliance.

M

Medienförderung RLP GmbH

mf-rlp.de

46

Medienförderung RLP GmbH is a regional media funding agency based in Rheinland-Pfalz, Germany, operating as a subsidiary of the Medienanstalt Rheinland-Pfalz. Supported by the state government and major broadcasters such as SWR and ZDF, the organization aims to support creative and innovative media professionals in digital media sectors including audio-visual works, games, and online series. The website serves as an information and application portal for funding opportunities, providing clear guidance on application processes and showcasing funded projects. The target audience is media creators and producers within or connected to Rheinland-Pfalz. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Gutentor, leveraging Bootstrap 5 for responsive design. The site is hosted by SchlundTech, a reputable German hosting provider, and uses HTTPS with a good SSL configuration. The site is mobile-optimized and SEO-friendly, with structured data and Open Graph tags enhancing discoverability. However, some accessibility features are basic, and no cookie consent mechanism was detected, which is a GDPR compliance gap. From a security perspective, the site enforces HTTPS and uses secure forms for search and login. No security headers were detected in the provided data, and no explicit security or incident response policies are published. There are no visible vulnerabilities or exposed sensitive data. The absence of a cookie consent banner and security.txt or vulnerability disclosure policy are areas for improvement. Overall, the website is professional, trustworthy, and well-aligned with its public funding mission. The risk profile is low, but compliance with privacy regulations could be enhanced by implementing cookie consent and publishing security policies. Strategic recommendations include improving privacy compliance, adding security headers, and publishing incident response contacts to strengthen trust and security posture.

C

Cummins Czech Republic s.r.o.

fleetguard.cz

44

Fleetguard.cz is the official Czech and Slovak distributor of Fleetguard filtration products, a subsidiary of Cummins Inc., a global leader in diesel engine manufacturing. The website presents a professional and focused business offering a wide range of filtration solutions and cooling fluids for industrial, agricultural, and transportation machinery. The site targets industrial and commercial customers in the Czech Republic and Slovakia, emphasizing product quality and brand association with Cummins. Technically, the website is built on Joomla CMS with standard JavaScript libraries and custom modules, providing a moderate performance and basic mobile optimization. Security posture is moderate with HTTPS implied but lacking advanced security headers and comprehensive privacy policies. The cookie consent mechanism is present but limited to technical cookies only. Overall, the site is trustworthy and credible but would benefit from enhanced privacy and security compliance measures.

V

Verlag Dashöfer

du.cz

47

The website www.du.cz is a professional Czech online portal operated by Verlag Dashöfer, providing a comprehensive knowledge library and educational resources focused on taxes, accounting, law, labor, and payroll for professionals such as accountants, tax advisors, and economists. The platform offers subscription-based access to legal texts, commentaries, practical examples, and online seminars, positioning itself as a leading resource in the Czech Republic for financial and legal professionals. Technically, the site employs modern web technologies including Bootstrap 4, jQuery, and Font Awesome, with integrated analytics and advertising tools such as Google Tag Manager and Microsoft Clarity. Security posture is good with HTTPS enforced and use of reCAPTCHA on forms, though some security headers could be improved. Privacy compliance is basic, lacking explicit privacy and cookie policies in the analyzed content. The absence of WHOIS data limits domain legitimacy verification, but the professional presentation and consistent branding support a credible business identity.

V

Verlag Dashöfer, nakladatelství, spol. s r. o.

pamprofi.cz

48

PaM profi is a Czech Republic-based professional portal specializing in labor law, payroll accounting, and human resources management. Operated by Verlag Dashöfer, the site offers subscription-based access to legal texts, expert articles, practical tools, and seminars targeted at HR professionals, payroll accountants, and legal experts. The platform demonstrates a mature digital infrastructure leveraging modern web technologies including Bootstrap, jQuery, and Google Tag Manager, ensuring a responsive and user-friendly experience. Security measures such as HTTPS, Google reCAPTCHA, and cookie consent mechanisms are well implemented, reflecting a strong commitment to user privacy and data protection. However, the absence of WHOIS registration data introduces some uncertainty regarding domain transparency, though the business legitimacy is supported by consistent branding and professional content. Overall, the site presents a trustworthy and valuable resource within its niche, with room for improvement in explicit security header implementation and accessibility enhancements.

V

Verlag Dashöfer, nakladatelství, spol. s r. o.

cenikstavebnichpraci.cz

47

The website cenikstavebnichpraci.cz is operated by Verlag Dashöfer, a Czech publishing company specializing in construction pricing software and related services. The site offers software products, online modules, training, and publications targeted at architects, builders, and investors. It holds a solid market position in the Czech Republic with a business history dating back to 1997. The digital infrastructure is modern, leveraging Bootstrap 4, jQuery, Font Awesome, and multiple analytics and tracking tools including Google Analytics 4 and Bing UET. Security measures include HTTPS enforcement and Google reCAPTCHA integration, although some security headers could be improved. Privacy compliance is well addressed with cookie consent mechanisms and GDPR-aligned policies. Contact information is clearly presented, enhancing business credibility.

V

Vysočina Education

vys-edu.cz

46

Vysočina Education is a regional educational service provider based in the Vysočina region of the Czech Republic, established in 2008. The organization focuses on offering professional development, qualification studies, educational events, and projects primarily targeting educators and school staff. The website reflects a well-structured and professionally maintained digital presence with clear navigation and relevant content tailored to its audience. Technically, the site uses a proprietary CMS (Vismo) and incorporates modern web technologies including responsive design and accessibility features. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although explicit security policies and incident response information are not published. Privacy compliance is adequate with privacy and cookie policies present, but lacks an explicit cookie consent mechanism. Overall, the website demonstrates high trustworthiness and legitimacy consistent with a public educational institution.

N

Národní knihovna ČR

caslin.cz

49

The website www.caslin.cz serves as the portal for the Union Catalogue of the Czech Republic, a project managed by the National Library of the Czech Republic. It aggregates bibliographic data from cooperating Czech libraries and institutions, offering approximately 7.6 million records including monographs, serials, and articles. The site targets library users, researchers, and public institutions seeking bibliographic information. The business model is a public service initiative, positioning itself as a key national resource in the Czech government and non-profit sector. Technically, the site employs legacy technologies such as jQuery 1.11.3 and integrates Google Analytics and FontAwesome for UI and tracking. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. The lack of modern frameworks or CMS indicates a relatively simple technical infrastructure. From a security perspective, the site uses HTTPS for external resources but lacks visible security headers and uses an outdated jQuery version, which could expose it to vulnerabilities. No sensitive data exposure or critical security flaws were detected, but improvements are recommended in updating libraries and implementing security headers. Privacy compliance is minimal, with a privacy statement present but no cookie consent mechanism. Overall, the site is trustworthy and serves a legitimate government function, but the absence of WHOIS data and some technical shortcomings reduce its security and compliance posture. Strategic improvements in security practices and privacy compliance would enhance its risk profile and user trust.

S

Sokol.Cz Team

sokol.cz

41

Sokol.Cz is an independent, non-profit information portal dedicated to the activities of the Czech Sokol community, providing event listings, news articles, and multimedia content related to sports and cultural events. The website serves as a community hub for members and supporters of the Czech Sokol organization, offering a platform for sharing information about local units, events, and educational resources. Technically, the site uses a Bootstrap-based responsive design with jQuery and integrates Google Custom Search and Facebook SDK for enhanced user interaction. While HTTPS is enforced, the site lacks advanced security headers and a cookie consent mechanism, which are areas for improvement. The absence of WHOIS data limits domain trust assessment, but the site's long operational history and consistent branding support its legitimacy. Overall, the site is well-positioned as a trusted community resource with good content quality and user experience.

T

Truck1 Sp.z.o.o.

truck1.ro

48

Truck1 Sp.z.o.o. operates www.truck1.ro, a large online marketplace specializing in used trucks, construction, and agricultural machinery primarily targeting the Romanian market but with international reach. Founded in 2003, the company offers a comprehensive catalog of over 300,000 listings, serving businesses and individuals seeking commercial vehicles and heavy equipment. The platform supports multiple languages and currencies, reflecting its broad audience. Technically, the website employs modern tracking and marketing technologies including Google Tag Manager, Facebook Pixel, TikTok Analytics, and others, indicating a mature digital marketing strategy. Security posture is solid with HTTPS enforced and basic security headers, though improvements are recommended in header coverage and explicit privacy disclosures. The WHOIS data is privacy protected under ROTLD, which is typical for domains in this registry and does not raise immediate concerns. Overall, the site is professional, content-rich, and trustworthy, though it would benefit from enhanced privacy and security transparency.

T

Truck1 Sp.z.o.o.

truck1-pl.com

49

Truck1 Sp.z.o.o. operates a large, professional online marketplace specializing in the sale and purchase of commercial vehicles including trucks, trailers, buses, construction and agricultural machinery. Founded in 2003 and based in Poland, the company serves a global audience with localized versions of its platform. The website is well-branded and offers extensive listings and dealer services, positioning itself as a key player in the transportation sector. Technically, the site employs a modern technology stack with multiple analytics and advertising integrations, ensuring robust marketing and user tracking capabilities. Security posture is generally good with HTTPS enforced, though the absence of security headers and explicit privacy policies indicates room for improvement. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency but does not detract from the site's professional appearance and functionality. Overall, Truck1 presents a credible and mature digital presence with a strong market position in the commercial vehicle marketplace segment.

T

Truck1 Sp.z.o.o.

truck1.rs

47

Truck1.rs is a regional website of the Truck1 brand, a well-established online marketplace specializing in used commercial vehicles including trucks, trailers, construction machinery, and special vehicles. The platform targets businesses and individuals in Serbia and Europe, offering over 150,000 listings from leading European dealers. The website is professionally designed with multilingual and multi-currency support, reflecting its international reach and market position as a leading commercial vehicle marketplace. Technically, the site employs a modern tech stack with extensive use of third-party analytics and marketing tools such as Google Analytics, Facebook Pixel, TikTok Analytics, and others, managed via Google Tag Manager. The site is served over HTTPS with no DNSSEC enabled and lacks some security headers, indicating room for improvement in security hardening. Privacy and cookie policies are not clearly presented, which may impact GDPR compliance. Overall, the site demonstrates a good security posture but would benefit from enhanced transparency and security policy disclosures.

T

Truck1 Sp.z.o.o.

truck1.si

46

Truck1.si is a regional Slovenian portal of the Truck1.eu group, offering a comprehensive online marketplace for used trucks, commercial vehicles, and related equipment. The platform targets European buyers and sellers, providing over 150,000 listings from trusted dealers. The business is well-established since 2003, with a strong market presence and multi-language support, positioning itself as a leading player in the transportation sector's online vehicle marketplace. Technically, the website employs modern tracking and advertising technologies, including Google Tag Manager, Facebook Pixel, TikTok Analytics, and others, hosted on Google infrastructure with secure HTTPS connections. However, the site lacks explicit privacy and cookie policies, which impacts its privacy compliance rating. Security posture is generally good with HTTPS and no exposed sensitive data, but could be improved by adding security headers and incident response information. Overall, the site is professional, trustworthy, and safe for general audiences, but should enhance privacy transparency and security documentation to improve compliance and user trust.

T

Truck1 Sp.z.o.o.

truck1.pt

48

Truck1 Sp.z.o.o. operates an established international online marketplace specializing in the sale of used and new trucks, tractors, construction machinery, and related heavy equipment. Founded in 2003 and headquartered in Poland, the company serves a global audience with localized websites in multiple countries and languages. The platform offers extensive listings, dealer services, and promotional tools, positioning itself as a key player in the transportation equipment sector. The website is professionally designed with good content quality and clear navigation, targeting businesses and individuals in the transportation and heavy machinery markets. Technically, the website employs a modern technology stack including multiple analytics and advertising platforms such as Google Analytics, Facebook Pixel, TikTok Analytics, and others. It uses HTTPS with strong SSL configuration and integrates consent management for privacy compliance. Mobile optimization and SEO practices are well implemented, though accessibility features could be improved. The site relies heavily on third-party marketing and tracking scripts, indicating a mature digital marketing strategy. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or WAF blocking were detected. Privacy compliance is partial, with no explicit privacy or cookie policy pages found in the provided content, though consent mechanisms for analytics are present. Overall, Truck1 presents a trustworthy and professional online marketplace with a solid business foundation and technical infrastructure. To enhance trust and compliance, it should publish clear privacy, cookie, and security policies, and consider adding vulnerability disclosure information. These improvements would strengthen its security posture and regulatory adherence, supporting continued growth and customer confidence.

T

Truck1 Sp.z.o.o.

truck1.me

48

Truck1 Sp.z.o.o. operates a comprehensive online marketplace specializing in commercial vehicles including trucks, trailers, construction machinery, and agricultural equipment. Founded in 2003 and headquartered in Warsaw, Poland, the company serves a global audience with a strong focus on the European market. The platform offers extensive listings, dealer promotions, leasing options, and subscription services to connect buyers and sellers efficiently. The website is professionally designed with consistent branding and supports multiple languages and regional versions, enhancing its accessibility and market reach. Technically, the website employs a modern technology stack with extensive use of JavaScript and integrates multiple third-party marketing and analytics tools such as Google Analytics, Facebook Pixel, TikTok Analytics, and LinkedIn Insight Tag. The site is HTTPS secured and mobile optimized, providing a good user experience across devices. However, there is room for improvement in security headers and explicit privacy and cookie policy disclosures. From a security perspective, the site demonstrates a solid baseline with HTTPS enforcement and no visible sensitive data exposure. The absence of security headers and lack of a public vulnerability disclosure or incident response contact are areas to address. The WHOIS data is unavailable due to malformed responses, which reduces transparency but is somewhat mitigated by the professional presentation and consistent business information on the site. Overall, Truck1 presents a trustworthy and professional platform with a strong market position in the transportation sector. Strategic improvements in privacy compliance and security practices would enhance its risk posture and user trust.

T

Truck1 Sp.z.o.o.

truck1.co.uk

49

Truck1 Sp.z.o.o. operates a well-established European online marketplace specializing in the sale of heavy-duty trucks, construction, and agricultural machinery. Founded in 2003, the company targets businesses and individuals seeking commercial vehicles primarily in the UK and broader European markets. The platform offers a wide range of vehicle categories and supports multiple languages and country-specific domains, indicating a broad international footprint. Key services include vehicle listings, dealer promotions, and leasing options, positioning Truck1 as a significant player in the transportation sector's digital marketplace. Technically, the website employs a modern technology stack with extensive use of JavaScript and integrates multiple analytics and advertising platforms such as Google Analytics, Facebook Pixel, TikTok Analytics, and Criteo. The site is mobile-optimized with good accessibility and SEO practices, contributing to a positive user experience. HTTPS is enforced with appropriate security headers, reflecting a solid security posture. However, explicit privacy and cookie policies are not clearly found in the provided content, indicating room for improvement in privacy compliance. Security-wise, the site demonstrates good practices including secure forms and no visible vulnerabilities in the HTML content. The absence of WHOIS data and the error message from the domain registry raise concerns about domain registration transparency, which slightly impacts trustworthiness. No WAF or blocking mechanisms were detected, and the site content is fully accessible and safe for general audiences. Overall, Truck1 presents a professional and credible online marketplace with strong business and technical foundations. Strategic enhancements in privacy policy transparency and domain registration clarity would further strengthen its security and compliance posture.

T

Truck1 Sp.z.o.o.

truck1eu.se

48

Truck1 Sp.z.o.o. operates a well-established online marketplace platform specializing in the sale and purchase of used trucks, trailers, agricultural and construction machinery across Europe. Founded in 2003 and headquartered in Warsaw, Poland, the company targets businesses and individuals seeking commercial vehicles and equipment. The platform supports multiple languages and localized domains, enhancing its accessibility and market reach. Key services include vehicle listings, dealer services, advertising, and leasing options, positioning Truck1 as a significant player in the European transportation equipment market. Technically, the website employs a modern technology stack with extensive use of third-party analytics and advertising tools such as Google Tag Manager, Facebook Pixel, TikTok Analytics, and Criteo. The site is mobile-optimized with good navigation and SEO practices, though some accessibility features appear basic. Security posture is solid with HTTPS enforced and secure login forms, but could be improved by adding explicit security headers and privacy policies. Security evaluation reveals no critical vulnerabilities or exposed sensitive data, but the absence of explicit privacy and cookie policies and lack of incident response or vulnerability disclosure information indicate areas for compliance improvement. The WHOIS data for the exact domain www.truck1eu.se is missing, which raises some concerns about domain registration legitimacy, although the business entity and main domain truck1.eu are legitimate and well-documented. Overall, Truck1 presents a professional and functional online marketplace with moderate risk due to incomplete WHOIS data and privacy compliance gaps. Strategic recommendations include enhancing privacy and cookie disclosures, implementing comprehensive security headers, and publishing vulnerability disclosure and incident response information to strengthen trust and compliance.

T

Truck1 Sp.z.o.o.

truck1eu.no

49

Truck1 Sp.z.o.o. operates an established online marketplace focused on the sale and purchase of used trucks, agricultural machinery, construction equipment, and related vehicles across Europe. The website targets businesses and individuals seeking competitive pricing and a broad selection from reputable dealers. Founded in 2003, the company has developed a multi-lingual, multi-regional platform with localized versions for many countries, enhancing its market reach and user accessibility. Technically, the website employs a modern technology stack including Google Tag Manager, multiple analytics and advertising pixels (Facebook, TikTok, LinkedIn, Criteo, Taboola), and JavaScript frameworks for UI components. The site is mobile-optimized with good SEO practices and uses HTTPS to secure communications. However, no CMS or hosting provider details were identified from the HTML content. From a security perspective, the site enforces HTTPS and uses various tracking and advertising scripts but lacks visible security headers and a published privacy or cookie policy in the analyzed content. No vulnerability disclosure or incident response information is provided, which could be improved to enhance trust and compliance. The absence of WHOIS data limits domain legitimacy verification, but the professional presentation and structured data suggest a legitimate business. Overall, Truck1.eu presents a professional and functional platform with extensive vehicle listings and dealer partnerships. Strategic improvements in privacy compliance, security header implementation, and transparency around incident response would strengthen its security posture and user trust.

T

Truck1 Sp.z.o.o.

truck1.lt

44

Truck1 Sp.z.o.o. operates a large European online marketplace specializing in the sale of used trucks, trailers, tractors, and commercial vehicles. Founded in 2003, the company has established itself as a key player in the transportation sector, offering over 150,000 listings and partnering with numerous dealers across multiple countries. The website targets businesses and individuals seeking commercial vehicles, providing a comprehensive catalog and additional services such as leasing and dealer promotions. Technically, the site employs modern tracking and marketing technologies including Google Tag Manager, Facebook Pixel, TikTok Analytics, and others, enabling extensive user behavior analysis and targeted advertising. The site is well-structured, mobile-optimized, and uses HTTPS with appropriate security headers, reflecting a good security posture. However, the absence of WHOIS registration data and explicit security or incident response policies introduces some trust concerns. Overall, the platform demonstrates a mature digital presence with room for improvement in privacy compliance and transparency.

T

Truck1 Sp.z.o.o.

truck1-ru.lv

49

Truck1 Sp.z.o.o. operates an established online marketplace specializing in the sale of used and new commercial vehicles, including trucks, trailers, agricultural and construction machinery, targeting primarily Russian-speaking users in Latvia and broader European markets. Founded in 2003, the company maintains a strong market position with localized websites and a comprehensive catalog of vehicle categories. The website demonstrates a good level of digital maturity, employing multiple modern analytics and advertising technologies to support marketing and user engagement. Security posture is solid with HTTPS enforcement and secure login forms, though there is room for improvement in security headers and public privacy documentation. Overall, the site is professional and trustworthy, but lacks visible privacy and cookie policies, which impacts compliance and user trust.