Security Directory

A

ARR - Agentura regionálního rozvoje, spol s r.o.

arr-nisa.cz

0

ARR - Agentura regionálního rozvoje, spol s r.o. is a regional development agency based in the Liberec region of the Czech Republic. The organization focuses on providing expert support to the region, its residents, entrepreneurs, and institutions through various projects such as regional development, business incubation, tourism centralization, smart acceleration, and digital innovation hubs. The website reflects a well-established entity with a domain registered since 1998, indicating a long-standing presence in the regional development sector. Technically, the website employs a modern but straightforward technology stack including jQuery, Font Awesome, Swup for page transitions, Google Analytics, and Facebook Pixel for tracking. The site is hosted under a reputable registrar and DNS provider, with HTTPS enabled ensuring secure communications. The design is responsive and user-friendly, optimized for mobile devices, and structured for clear navigation and SEO effectiveness. From a security perspective, the site benefits from HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks explicit security headers and does not provide a cookie consent mechanism despite using tracking pixels, which may pose compliance risks under GDPR. No incident response or security policies are published, limiting transparency in security governance. Overall, the website is professional, trustworthy, and serves its governmental and regional development purpose effectively. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance its security posture and regulatory adherence.

Z

Zdravý Liberecký kraj

zdravylibereckykraj.cz

0

Zdravý Liberecký kraj is a regional government initiative in the Czech Republic focused on promoting health, quality of life, sustainable development, and community engagement within the Liberec region. The website serves as an information hub for residents, local government entities, and non-profit organizations, providing news, resources, and program details. The business model is governmental and non-profit, emphasizing public service and community well-being. Technically, the website is built on WordPress with a modern tech stack including Elementor, Bootstrap, and several plugins for SEO, GDPR compliance, and user experience enhancements. The site is mobile-optimized and demonstrates good SEO practices with structured data and meta tags. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms compliant with GDPR. However, some standard security headers are not explicitly detected, suggesting opportunities for strengthening security posture. No vulnerabilities or exposed sensitive data were found in the analyzed content. Overall, the website presents a professional and trustworthy digital presence for a regional government program. It complies with privacy regulations and provides clear contact and social media information. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and adding explicit security and incident response policies.

The website www.datalk.cz serves as the official data portal for the Liberecký kraj region in the Czech Republic, operated by the regional government authority Krajský úřad Libereckého kraje. It provides public access to a wide range of regional data including transportation, sports, tourism, investments, healthcare, social services, housing, safety, infrastructure, and environmental information. The platform offers interactive data visualizations, open datasets, analyses, and thematic articles aimed at both professional and general audiences interested in regional statistics and development. Technically, the site is built on modern web technologies including Ember.js and ArcGIS Hub, leveraging Calcite Components for UI elements. It is hosted on ArcGIS Hub's CDN infrastructure, ensuring reliable delivery and moderate performance. The site is mobile-optimized with good SEO practices and basic accessibility features. SSL is enforced, providing secure HTTPS connections. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and absence of exposed sensitive data. However, it lacks explicit security headers like Content Security Policy and HSTS, and does not provide a public security policy or incident response information. No vulnerability disclosure or security.txt file is present. Privacy compliance is supported by a comprehensive privacy policy and terms of service, but a cookie consent mechanism is missing, which is a GDPR compliance gap. Overall, the website is a trustworthy and professional government data portal with good content quality and technical implementation. The absence of WHOIS data reduces domain trustworthiness slightly, but the official partner links and content quality support legitimacy. Strategic recommendations include adding cookie consent, security headers, and publishing security policies to enhance compliance and security posture.

Fond Vysočiny operates an official regional government website providing comprehensive information about grant programs available in the Vysočina region of the Czech Republic. The site targets applicants, grant committee members, and local government entities, offering resources such as application portals, program details, and technical support. The business model centers on facilitating public funding distribution and transparency for regional development projects. The domain is well-established since 2003, reinforcing its legitimacy and trustworthiness. Technically, the website employs a combination of jQuery, Bootstrap, and the Nette PHP framework, with additional libraries for numeric input formatting and UI components. While the site is functional and moderately optimized, it loads multiple versions of jQuery, which may introduce conflicts and security risks. The site uses HTTPS and integrates analytics tools like Google Analytics and Smartlook for user behavior tracking, though it lacks visible security headers and cookie consent mechanisms, indicating room for improvement in privacy compliance. From a security perspective, the site demonstrates basic best practices such as HTTPS and form validation but lacks advanced protections like Content Security Policy headers and explicit privacy policies. The absence of cookie consent and privacy documentation poses compliance risks under GDPR. No critical vulnerabilities or blocking mechanisms were detected, but the use of multiple jQuery versions and missing security headers are notable concerns. Overall, Fond Vysočiny's website is a credible and professionally maintained government portal with good content quality and user experience. However, enhancements in privacy compliance, security header implementation, and technical modernization are recommended to strengthen its security posture and regulatory adherence.

S

SDMB, o. p. s.

broumovsko.cz

0

The website www.broumovsko.cz serves as a comprehensive regional tourism and cultural information portal for the Broumovsko region in the Czech Republic. It provides detailed information on local attractions, events, accommodation, gastronomy, and nature, targeting tourists and local visitors interested in exploring the region. The site is supported by public and EU funds, indicating a non-profit or government-affiliated entity focused on regional development and tourism promotion. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and popular libraries such as jQuery and Slick Slider for interactive elements. It integrates Google Analytics and Facebook Pixel for visitor tracking and marketing purposes. The site is mobile-optimized and features multi-language support, enhancing accessibility for international visitors. From a security perspective, the site uses HTTPS and standard tracking tools but lacks some advanced security headers like Content-Security-Policy and X-Content-Type-Options. There is no visible security.txt or vulnerability disclosure policy, and privacy and cookie policies are not clearly presented, which may pose compliance risks under GDPR. The absence of WHOIS data reduces transparency about domain ownership, though the website content and EU co-financing statements support its legitimacy. Overall, the site is well-structured, content-rich, and professionally presented, with moderate technical and security maturity. Strategic improvements in privacy compliance, security headers, and domain registration transparency would enhance trust and reduce risk.

The website www.cyklohk.cz serves as the official regional tourism portal for cycling in the Královéhradecký region of the Czech Republic. It provides detailed cycling tips, routes, trail information, and seasonal cycling bus services aimed at tourists, cycling enthusiasts, and families. The site is managed by the Královéhradecká krajská centrála cestovního ruchu, a regional tourism organization, and is supported by the Czech Ministry for Regional Development. The content is primarily in Czech with multilingual support for English, German, and Polish, enhancing accessibility for international visitors. Technically, the website is built on the Public4u CMS platform and utilizes jQuery and JavaScript libraries for interactive features. It employs HTTPS for secure communication and integrates Google Analytics for visitor tracking. The site is moderately optimized for mobile devices and has a good SEO foundation, although accessibility features could be improved. The cookie policy and consent mechanism are implemented, but explicit privacy and terms of service pages are missing. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks certain security headers that could enhance protection against common web vulnerabilities. The absence of WHOIS data for the domain is a notable concern, reducing trust in domain legitimacy despite the official nature of the organization and the professional presentation of the website. Overall, the website is a reliable and professional resource for cycling tourism in the region, but it would benefit from improved transparency regarding privacy policies, enhanced security headers, and resolution of WHOIS data availability to strengthen trust and compliance.

K

Královéhradecká krajská centrála cestovního ruchu, p. o.

ccrkhk.cz

0

Královéhradecká krajská centrála cestovního ruchu, p. o. is a regional destination management organization established by the Královéhradecký region in the Czech Republic. The organization focuses on promoting tourism, cultural events, and regional attractions within the Královéhradecký kraj. It operates as a non-profit entity with advisory bodies including local destination companies, municipalities, and professional organizations. The website serves as an information hub for tourists and stakeholders, providing news, event updates, and regional tourism resources. Technically, the website is built on WordPress 6.5.3 using the Themify Ultra theme, with jQuery and Google Analytics integrated for tracking. The site is hosted likely by the registrar REG-WEDOS, a known Czech hosting provider. The website is mobile-optimized and performs moderately well, with good SEO and accessibility basics. However, it lacks some advanced security headers and privacy compliance mechanisms such as cookie consent banners and privacy policies. From a security perspective, the site uses HTTPS with a good SSL configuration but does not implement security headers or publish security policies or incident response contacts. No forms or data collection points are visible on the homepage, reducing immediate data exposure risks. The site uses Google Tag Manager and Google Analytics for user tracking, indicating moderate user tracking levels but lacks explicit privacy compliance disclosures. Overall, the website is trustworthy and professional, reflecting a legitimate regional government-supported tourism organization. The main risks relate to privacy compliance gaps and missing security headers. Strategic improvements in these areas would enhance the site's security posture and regulatory compliance.

N

Národní knihovna České republiky

nkp.cz

0

Národní knihovna České republiky is the official national library of the Czech Republic, serving as a central cultural and educational institution. It offers a wide range of services including library catalog access, digital libraries, research support, and cultural events. The website reflects a well-established government entity with a strong market position in the cultural heritage sector. Technically, the site uses modern web technologies such as jQuery, Google Tag Manager, and integrates third-party widgets for marketing and user engagement. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS and secure forms, though some security headers could be improved. Privacy compliance is robust with clear cookie consent and privacy policies. Overall, the site is professional, trustworthy, and serves a broad audience including the general public, researchers, and cultural institutions.

D

Die Bundesregierung

bundesregierung.de

0

The website www.bundesregierung.de is the official online presence of the German federal government, providing political information, news, livestreams, and public service offerings. It serves a broad audience including citizens, media, and political stakeholders. The site is well-branded, consistent, and professionally designed, reflecting its authoritative government status. Technically, it uses CoreMedia CMS and Piwik analytics, with a moderate performance profile and good mobile and accessibility features. Security-wise, the site enforces HTTPS, respects user consent for tracking, and employs nonce-based script loading, indicating a mature security posture. However, explicit privacy and cookie policies are not clearly linked in the provided content, and no incident response contacts are visible, which are areas for improvement. Overall, the domain registration and DNS setup align with a legitimate government entity, supporting high trustworthiness.

G

Gemeinsam-Online

gemeinsamonline.de

0

The Gemeinsam-Online Serviceportal is a German government digital platform providing citizens with access to a wide range of administrative services online. It facilitates processes such as adoption applications, hazard substance notifications, housing registration, and social benefits applications. The portal is part of a broader federal initiative to unify digital public services across Germany's federal, state, and municipal levels. The website targets German residents seeking convenient, accessible government services digitally. Technically, the portal employs modern JavaScript frameworks including Dataport's UISystem and ODControls, along with libraries like jQuery, Bootstrap, and Kendo UI. The site is hosted on INWX infrastructure, uses HTTPS with strong SSL configuration, and incorporates session management and anti-forgery tokens to enhance security. Accessibility and mobile optimization are well addressed, supporting a broad user base. From a security perspective, the portal demonstrates good practices such as HTTPS enforcement, session timeout warnings, and secure form handling. However, it lacks explicit security headers (e.g., CSP, HSTS) and published incident response contacts or vulnerability disclosure policies. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. No critical vulnerabilities or suspicious WHOIS data were detected, indicating a trustworthy and stable domain. Overall, the portal is a professional, secure, and user-friendly government service platform with room for improvement in privacy consent and security policy transparency. Strategic enhancements in these areas would strengthen user trust and regulatory compliance.

F

Freie und Hansestadt Hamburg Senatskanzlei

verstoss-geldwaeschegesetz.de

0

The website www.verstoss-geldwaeschegesetz.de is an official German government service provided by the Freie und Hansestadt Hamburg Senatskanzlei, supported by the federal government. It offers an online platform for citizens and authorities to report suspected violations of the money laundering law anonymously and securely. The service aims to protect the informant's identity while facilitating compliance and enforcement efforts against money laundering activities. The site is clearly targeted at German residents and government entities involved in compliance and law enforcement. Technically, the website employs modern JavaScript libraries including Shaka Player and ContentFlow SDK, and uses eTracker for analytics with cookie blocking enabled to respect privacy. The site is hosted on PlusServer infrastructure, indicating reliable hosting. The design is professional, mobile-optimized, and accessible, with clear navigation and relevant content. However, no explicit cookie consent mechanism was found, and security headers are not visibly configured in the HTML. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries in the HTML. No forms are present in the provided HTML, suggesting data collection is handled via external portals or other mechanisms. The absence of a security.txt file and incident response contacts indicates room for improvement in vulnerability disclosure and incident management. Overall, the security posture is good but could be enhanced with additional headers and transparency. The domain WHOIS data is consistent with the website's government affiliation, with nameservers pointing to a reputable hosting provider. No suspicious patterns or privacy protection are present, supporting the legitimacy of the domain. The site does not contain any adult or questionable content and is safe for general audiences. Strategic recommendations include implementing security headers, adding a cookie consent mechanism, publishing a security.txt file, and providing incident response contact information to improve trust and compliance. Regular audits of third-party scripts and ongoing security assessments are also advised.

F

Freie und Hansestadt Hamburg Senatskanzlei

leistungen-fuer-arbeitgeber.de

0

The website 'Leistungen für Arbeitgeber' is an official German government service provided by the Freie und Hansestadt Hamburg Senatskanzlei. It supports employers who employ or wish to employ people with severe disabilities by offering online application services for individual assistance and funding through the Integration Office. The site targets employers across Germany and is positioned as a trusted, accessible, and official resource. Technically, the site uses modern web technologies including JavaScript libraries for video playback and sliders, and is hosted on PlusServer infrastructure. The site is mobile-optimized and accessible, with clear navigation and professional design. Security posture is adequate with HTTPS usage and no visible vulnerabilities, but lacks explicit security headers and incident response information. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, serving an essential government function.

The website justiz.de serves as the official justice portal for the German federal government and its states, providing comprehensive legal and judicial information and digital services. It offers key services such as court directories, electronic legal communication, public announcements, forms, and updates relevant to citizens, legal professionals, and government entities. The portal is positioned as a central authoritative source for justice-related information in Germany, reflecting a large-scale government operation. Technically, the site employs modern web technologies including Bootstrap for responsive design, Font Awesome for icons, jQuery for scripting, and Matomo for privacy-focused analytics. The site is mobile-optimized, accessible, and well-structured, ensuring a good user experience. The use of HTTPS and cookie consent mechanisms demonstrates adherence to privacy and security best practices, although some security headers are not explicitly detected. From a security perspective, the portal maintains a good posture with encrypted connections and privacy-respecting analytics. However, it lacks visible security policies or incident response contacts, and no vulnerability disclosure mechanisms such as security.txt are present. No vulnerabilities or suspicious content were detected, and the domain registration aligns well with the official government entity, enhancing trust. Overall, the website is a trustworthy, professional government platform with strong content quality and privacy compliance. Strategic recommendations include enhancing security headers, publishing explicit security policies, and adding vulnerability disclosure information to further strengthen security and transparency.

I

IT-Planungsrat

it-planungsrat.de

0

The IT-Planungsrat website represents a central political steering committee for the digitalization of public administration in Germany. It serves as a coordination and governance body for federal, state, and municipal digital initiatives, targeting government entities, institutions, businesses, and society at large. The website provides comprehensive information about its mission, organizational structure, projects, and current news, reflecting a well-established government entity with a clear mandate. Technically, the website is built on TYPO3 CMS, a robust open-source content management system widely used in government and enterprise environments. It employs modern web technologies including JavaScript and CSS, and integrates Matomo analytics hosted on its own server, ensuring privacy-conscious data collection. The site is mobile-optimized, accessible, and SEO-friendly, with clear navigation and consistent branding. From a security perspective, the site enforces HTTPS, uses session cookies securely, and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policy documentation and incident response contact details. No vulnerabilities or exposed sensitive data were detected in the content. The domain registration data aligns with the website's governmental purpose, indicating legitimacy and trustworthiness. Overall, the IT-Planungsrat website demonstrates a strong digital presence with good security and privacy practices appropriate for a government institution. Strategic improvements could include publishing dedicated security policies and incident response contacts to enhance transparency and trust.

I

Initiative D21

initiatived21.de

0

Initiative D21 is a well-established German non-profit network focused on advancing the digital society and accompanying the digital transformation for over 25 years. The organization provides research, events, and working groups targeting government, industry, and the public to foster digital competencies and digital governance. Their website reflects a professional and consistent brand with comprehensive content relevant to their mission. Technically, the website uses modern web technologies including JavaScript ES modules, SVG icons, and Matomo analytics configured to disable cookies, indicating a privacy-conscious approach. The site is mobile-optimized, fast-loading, and accessible, though no explicit CMS or framework is identified. Hosting is likely via a professional provider associated with domaincontrol.com. Security posture is solid with HTTPS enforced and privacy-aware analytics, but lacks some advanced security headers and a visible security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with a comprehensive privacy policy, but no cookie consent mechanism was found. Overall, the website is trustworthy, professional, and well-aligned with the organization's mission. Recommendations include adding cookie consent, security headers, and publishing a security policy to enhance compliance and security posture.

The website digitale-verwaltung.de is an official digital administration portal operated by the Bundesministerium für Digitales und Staatsmodernisierung, Germany's Federal Ministry for Digital and State Modernization. It serves as a central information hub for the Digital Dachmarke initiative, which aims to provide a unified branding system for government digital services across federal, state, and municipal levels. The site targets citizens, government entities, and stakeholders involved in digital public services, offering detailed information, contact points, and resources to support the initiative. Technically, the site is built using the Government Site Builder CMS, employs modern web standards including HTML5, CSS3, and JavaScript, and integrates accessibility tools such as ReadSpeaker. Hosting is provided via a reputable provider with nameservers indicating European hosting. The site demonstrates good mobile optimization, accessibility, and SEO practices, with structured data enhancing search engine understanding. From a security perspective, the site enforces HTTPS and incorporates accessibility and privacy best practices. However, it lacks explicit security policy documentation, incident response contacts, and vulnerability disclosure mechanisms. No security headers were detected in the provided data, and no cookie consent mechanism was observed despite GDPR applicability. The WHOIS data aligns with the official government use, indicating a legitimate and trustworthy domain. Overall, the website presents a professional, trustworthy, and well-maintained digital government service portal with minor gaps in explicit security and privacy disclosures. Strategic improvements in these areas would enhance user trust and compliance posture.

B

BMBF Medienverwaltung

bmbf-bilddatenbank.de

0

The website bmbf-bilddatenbank.de serves as a digital asset management platform primarily for the German Federal Ministry of Education and Research (BMBF). It provides authenticated access to media resources such as photos, videos, and audio files, leveraging the open-source ResourceSpace software. The platform targets internal or authorized users, facilitating media management, annotation, and transformation services. The site is professionally branded and consistent with government digital services, though it lacks publicly accessible privacy or cookie policies on the login page. Technically, the site employs a modern JavaScript stack including jQuery, CKEditor, and various plugins for enhanced media handling and UI features. It is served over HTTPS, ensuring encrypted communications, but lacks visible security headers such as CSP or HSTS, which could improve its security posture. The site is moderately optimized for performance and mobile use, with basic accessibility features. From a security perspective, the platform demonstrates good practices like CSRF token usage in forms and no exposed sensitive data in the HTML. However, the absence of explicit privacy, cookie consent mechanisms, and security policies reduces compliance with GDPR and best practices. No WAF or blocking mechanisms are detected, and the domain appears legitimate though WHOIS data is limited. No contact information or incident response channels are publicly available. Overall, the site is a secure and professional government media management portal with room for improvement in privacy compliance and security header implementation. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

I

Information und Technik Nordrhein-Westfalen

statistik.nrw

0

Statistik.NRW is the official statistical office for North Rhine-Westphalia, Germany's most populous state. It provides comprehensive social and economic data, serving government bodies, researchers, businesses, and the public. The website is professionally designed, well-structured, and offers extensive statistical content and services including databases, publications, and regional profiles. The parent organization is the Landesbetrieb IT.NRW, ensuring strong institutional backing. Technically, the site is built on Drupal CMS with modern JavaScript libraries and privacy-conscious analytics (Matomo). It is mobile-optimized and accessible, with a clear cookie consent mechanism. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though some security headers could be improved. WHOIS data confirms legitimacy and consistency with the official entity. Overall, the site demonstrates a mature digital infrastructure and strong compliance with privacy regulations. It is trustworthy and reliable for users seeking official statistical information about NRW. Recommendations include enabling DNSSEC, publishing explicit security policies, and adding a vulnerability disclosure channel to further enhance security transparency.

Ú

Úrad geodézie, kartografie a katastra Slovenskej republiky

skgeodesy.sk

0

The Úrad geodézie, kartografie a katastra Slovenskej republiky (ÚGKK SR) is the official Slovak government agency responsible for geodesy, cartography, and cadastre services. The website serves as a portal for multiple cadastral and spatial data services, targeting citizens, government bodies, and geodesy professionals. It provides access to electronic cadastral data, spatial reference information, and transformation services. The site is well-maintained with recent news updates and clear contact information, reflecting an authoritative national position in its sector. Technically, the website employs a modern tech stack including jQuery, Bootstrap, and the WebJET CMS platform. It is mobile-optimized, accessible, and SEO-friendly. The cookie consent mechanism is implemented in compliance with GDPR, though some security headers are missing. No major vulnerabilities or exposed sensitive data were detected. The site uses HTTPS and secure cookie handling, indicating a solid security posture. Security-wise, the site demonstrates good practices but could improve by adding explicit security headers and publishing a security.txt file for vulnerability disclosures. Incident response contact details are not publicly available. The WHOIS data confirms the domain is legitimately registered to the Slovak government agency, consistent with the website content and language. Overall, the website is professional, trustworthy, and provides essential public services with good technical and security standards. Strategic improvements in security transparency and incident response readiness would further enhance its posture.

L

Liberecký kraj

kraj-lbc.cz

0

Liberecký kraj is the official regional government authority for the Liberec Region in the Czech Republic. The website serves as a comprehensive portal providing information about the regional office's activities, organizational structure, communication methods, and affiliated organizations. It also offers news updates, public announcements, and access to various regional services. The site targets residents, businesses, and stakeholders within the region, aiming to facilitate transparent governance and public engagement. Technically, the website employs a modern tech stack including jQuery, Moment.js, Bootstrap Bootbox, and Swiper.js for UI components. It integrates Google Tag Manager and Google Analytics for tracking and analytics, with a cookie consent mechanism to comply with GDPR. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure suitable for a government entity. From a security perspective, the site uses HTTPS and implements cookie consent for privacy compliance. However, no explicit security headers were detected in the provided data, suggesting room for improvement in security hardening. The absence of WHOIS data is unusual for a government domain and slightly impacts trust assessment, but the official branding, contact details, and social media presence support its legitimacy. Overall, the website presents a professional, trustworthy, and user-friendly platform for regional government communication. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and ensuring WHOIS data transparency to strengthen trust and compliance.

K

Kraj Vysočina

kr-vysocina.cz

0

Kraj Vysočina is the official regional government authority for the Vysočina region in the Czech Republic, providing a wide range of public services including administration, social support, education, transportation, culture, and crisis management. The website serves as a comprehensive portal for residents, businesses, tourists, and officials, offering news, events, contact information, and digital services. The organization is well-established with a domain age since 2001, reflecting its long-standing presence and authority in the region. Technically, the website uses a modern CMS (vismo®), integrates popular analytics and marketing tools such as Google Analytics and Facebook Pixel, and provides accessibility and multilingual support via Google Translate. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

K

Královéhradecká krajská centrála cestovního ruchu, p. o.

hkregion.cz

0

The website www.hkregion.cz serves as the official tourism portal for the Královéhradecký region in the Czech Republic, managed by the Královéhradecká krajská centrála cestovního ruchu, a public organization. It provides comprehensive information on regional attractions, events, cultural activities, wellness, sports, and family-friendly options, targeting tourists, local visitors, and tourism professionals. The portal features multimedia content, interactive maps, and an AI-based guide to enhance user experience. Technically, the site employs a modern technology stack including jQuery, Leaflet.js for mapping, and integrates Google Tag Manager, Google Analytics, and Facebook Pixel for analytics and marketing. It uses the Public4u CMS platform and is optimized for mobile devices with good SEO and accessibility basics. The site is served over HTTPS with a cookie consent mechanism, reflecting compliance with GDPR and privacy standards. From a security perspective, the site enforces HTTPS and secure form submissions but lacks some advanced security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies and cookie management are clearly presented, though no explicit security policy or incident response information is available. The WHOIS data is unavailable, limiting domain legitimacy verification, but the official branding and partner links support its authenticity. Overall, the site is a well-maintained regional government tourism portal with good content quality, technical implementation, and privacy compliance. Strategic improvements could focus on enhancing security headers and accessibility features to further strengthen its security posture and user inclusivity.

M

Muzeum hlavního města Prahy

muzeumprahy.cz

0

Muzeum hlavního města Prahy is a well-established municipal museum dedicated to preserving and presenting the history and culture of Prague. It operates multiple exhibition sites and offers a variety of cultural events, educational programs, and publications. The website reflects a mature digital presence with rich multimedia content, clear navigation, and multilingual support. Technically, it employs modern web technologies including Google Tag Manager and cookie consent mechanisms, ensuring compliance with privacy regulations such as GDPR. Security posture is generally good with HTTPS enforced, though the absence of visible security headers and incomplete WHOIS data suggest areas for improvement. Overall, the site is trustworthy and professional, serving a broad audience including families, schools, and researchers.

G

GHMP

ghmp.cz

0

GHMP (Galerie hlavního města Prahy) is a prominent municipal gallery in Prague specializing in modern and contemporary art. The website showcases exhibitions, educational programs, online collections, and cultural events, positioning GHMP as a key cultural institution serving a broad general audience. The business model focuses on public engagement through exhibitions, workshops, and publishing activities, supported by commercial rentals and an e-commerce platform. The website reflects a medium-sized organization with consistent branding and strong trust indicators including official municipal affiliation and comprehensive privacy compliance. Technically, the website is built on WordPress and leverages modern JavaScript libraries such as jQuery, Slick Slider, and Marquee3k for interactive content. It integrates Google Tag Manager and Facebook Pixel for analytics and marketing, alongside a GDPR-compliant cookie consent mechanism. The site is mobile-optimized with good accessibility and SEO practices, delivering a moderate performance experience. From a security perspective, the site enforces HTTPS and employs cookie consent best practices. However, it lacks explicit security headers and publicly available security or incident response policies, which are recommended for enhanced protection and transparency. No vulnerabilities or exposed sensitive data were detected in the content. Overall, GHMP's website is professional, content-rich, and compliant with privacy regulations, though the absence of WHOIS registration data introduces some uncertainty regarding domain registration transparency. Strategic improvements in security policy disclosure and WHOIS data availability would further strengthen trust and security posture.

M

Městská knihovna v Praze

mlp.cz

0

Městská knihovna v Praze operates as a major public library serving the city of Prague, offering a wide range of cultural and educational services including lending books, music, films, and artworks, as well as hosting cultural events and providing free e-book downloads. The website is professionally designed, multilingual, and provides user account functionality. Technically, the site uses established JavaScript libraries and APIs, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent, but lacks some advanced security headers and uses an outdated jQuery version. WHOIS data is unavailable, which slightly impacts trust but the official city affiliation and professional presentation support legitimacy. Overall, the site is a reliable public service portal with room for security and technical improvements.

B

Botanická zahrada hlavního města Prahy

botanicka.cz

0

Botanická zahrada hlavního města Prahy operates as a public botanical garden located in Prague, Czech Republic. It offers a wide range of services including public garden access, educational programs for schools and groups, seasonal exhibitions, an e-shop, and event hosting. The garden is positioned as a leading botanical institution in Prague, focusing on plant conservation, biodiversity, and public education. The website is professionally designed with clear navigation and rich content, targeting a general audience including families, students, and visitors interested in nature and botany. Technically, the site uses modern web technologies such as Alpine.js and integrates multiple analytics and marketing tools including Google Analytics and Facebook Pixel. The site is mobile-optimized and performs moderately well, though some accessibility features could be enhanced. Security posture is good with HTTPS enforced and no obvious vulnerabilities, but could benefit from additional security headers and published security policies. Privacy compliance is well addressed with a cookie consent banner and privacy policy present. Contact information is clearly provided, enhancing business credibility. WHOIS data is unavailable, likely due to privacy protection, but the website's professional presentation and official contact details support its legitimacy.

M

Městská policie hl. m. Prahy

mppraha.cz

0

The website mppraha.cz is the official online presence of the Municipal Police of Prague, providing comprehensive information about their organizational structure, police units, public services, news, recruitment, and contact details. It serves residents and visitors of Prague with authoritative content related to public safety and law enforcement. The site is well-branded, consistent, and maintained with regular updates and official communications. Technically, it is built on Joomla CMS with modern web technologies including Leaflet for maps and integrates social media and analytics tools. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. The domain is longstanding and consistent with the official entity, enhancing trustworthiness. Overall, the site is professional, secure, and compliant with privacy regulations.

M

mawis

mawis.eu

0

MAWIS is a specialized service provider focused on delivering digital solutions for municipal and governmental infrastructure management in the Czech Republic. Their offerings include cadastral data services, urban planning tools, and public infrastructure management, targeting government agencies and municipalities. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website is built on WordPress, utilizing common plugins such as WooCommerce, Rank Math SEO, and Complianz GDPR for compliance and e-commerce functionality. The site employs modern web technologies including Google Tag Manager and Google Fonts, ensuring a moderate performance and good mobile optimization. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, indicating awareness of privacy regulations. However, explicit security policies and incident response information are absent, and security headers are not evident, suggesting room for improvement in security hardening. Overall, the website presents a trustworthy and compliant digital presence with moderate technical sophistication. Strategic enhancements in security policies and technical security controls would further strengthen its posture.

H

Hlavní město Praha (implied by branding and domain)

portalprazana.cz

0

Portál Pražana is the official digital public service portal for the City of Prague, providing residents with online access to a wide range of municipal services including document issuance, social care, transport registrations, and payment of local fees. The platform is designed to facilitate convenient and efficient interactions with city administration, reducing the need for physical visits to offices. The website is well-branded with official Prague city logos and uses a Czech language interface targeting local citizens. Technically, the site employs modern web technologies including Polymer framework and ES modules, hosted behind Cloudflare for DNS and CDN services, ensuring good security and performance. The site is mobile optimized and includes privacy-conscious analytics via Plausible. Security headers and HTTPS are properly configured, reflecting a mature security posture. While privacy and cookie policies are clearly presented with consent mechanisms, the site lacks explicit terms of service, security policy, and vulnerability disclosure pages. No direct contact information such as emails or phone numbers are visible, which is typical for government portals relying on authenticated user portals for communication. Overall, the website demonstrates a strong digital maturity and security posture appropriate for a government service portal, with recommendations to enhance transparency around incident response and vulnerability disclosures to further build trust.

V

Velké výzkumné infrastruktury ČR

vyzkumne-infrastruktury.cz

0

Velké výzkumné infrastruktury ČR is a government-supported platform providing unique research infrastructure services for science, research, and innovation in the Czech Republic. The website serves as an information hub for large research infrastructures, supported by the Ministry of Education, Youth and Sports of the Czech Republic (MŠMT). It targets research organizations, academic institutions, and innovative enterprises, offering access to advanced scientific facilities and resources. The site is professionally maintained with multilingual support and regularly updated content related to research projects, events, and international collaborations. Technically, the website is built on WordPress with common plugins for sliders, multilingual content, and RSS aggregation, delivering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced, but lacks some security headers and formal vulnerability disclosure mechanisms. Privacy and cookie policies are not explicitly found, indicating room for compliance improvement. WHOIS data is unavailable, which slightly reduces trustworthiness, but the website's affiliation with Czech government entities and research organizations supports its legitimacy. Overall, the site is a reliable resource for the Czech research community with moderate technical and security maturity.

VICTORIA Vysokoškolské sportovní centrum MŠMT is a Czech government-affiliated organization focused on elite sports training and support for university-level athletes and coaches. The website serves as an informational portal showcasing sports disciplines, athlete profiles, news, and social media integration. The organization operates under the Ministry of Education, Youth and Sports of the Czech Republic, positioning itself as a national center for sports excellence and education. Technically, the website uses modern web standards including HTML5, CSS3, and JavaScript with Google Fonts and embedded Vimeo videos. The site is mobile-optimized with good navigation and content structure, though some SEO and accessibility features could be enhanced. No CMS or hosting provider details are evident from the source. Security posture is moderate with HTTPS usage implied but no explicit security headers detected. No forms or sensitive data collection points are visible on the homepage, reducing immediate risk. Privacy compliance is basic with a privacy policy linked but no cookie consent mechanism present. WHOIS data is unavailable, typical for government domains in the Czech Republic, but this limits domain trust verification. Overall, the website is professional and trustworthy for its intended audience, but improvements in security headers, privacy compliance, and WHOIS transparency would strengthen its posture and user trust.

N

Národní akreditační úřad pro terciární vzdělávání

nauvs.cz

0

Národní akreditační úřad pro terciární vzdělávání is the official Czech governmental accreditation authority for tertiary education, established in 2016 and transforming from the previous National Accreditation Office for Higher Education. The website serves as an informational portal providing official documents, accreditation decisions, and contact information. The organization operates under Czech law and is led by a statutory chairman. The website is primarily targeted at higher education institutions, government bodies, and the public interested in education accreditation in the Czech Republic. Technically, the website is built on Joomla CMS with Bootstrap and jQuery libraries, hosted likely by a Czech provider (Websupport). The site is moderately optimized for performance and mobile devices, with a consistent and professional design. However, it lacks advanced SEO and accessibility features. No analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site uses HTTPS and includes CSRF tokens in forms, but lacks visible security headers such as CSP or HSTS. There is no privacy policy or cookie consent mechanism, which may pose compliance risks under GDPR. No vulnerability disclosure or security contact information is provided. Overall, the security posture is moderate but could be improved with standard best practices. The website content is safe for general audiences, with no adult or questionable content. The domain registration data aligns well with the business profile, showing consistency and legitimacy. Strategic recommendations include implementing privacy and cookie policies, adding security headers, improving accessibility, and establishing a vulnerability disclosure process.

O

OP JAK

opjak.cz

0

OP JAK is the official web portal for the Jan Amos Komenský Operational Program, a government-funded initiative focused on research, development, and education in the Czech Republic. The website serves as a comprehensive information hub for grant calls, projects, seminars, and news related to the program. It targets research organizations, educational institutions, and applicants seeking funding opportunities. The site maintains a strong market position as an authoritative source for this EU co-financed program. Technically, the website is built on WordPress with modern frameworks such as Bootstrap 5 and utilizes several plugins for event management, SEO, and cookie compliance. The infrastructure is hosted by Active24, with SSL properly configured ensuring secure communications. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS and implements GDPR-compliant cookie consent mechanisms. However, minor backend PHP warnings and the absence of explicit security headers suggest areas for improvement. No critical vulnerabilities or malicious content were detected. Privacy policies and cookie policies are comprehensive and accessible. Overall, OP JAK presents a trustworthy and professional online presence with moderate technical sophistication and good compliance posture. Strategic improvements in backend code hygiene and security headers would enhance its security posture further.

Q

QCM

qcm.cz

0

QCM is a Czech Republic-based IT company specializing in digital solutions for public procurement management and electronic communication. Established in 2001, it has developed a suite of software products and services used by major public institutions and private entities involved in public procurement. The company offers products such as E-ZAK, PVU, Qlex, and Portál dodavatele, alongside training, administration, and legal advisory services. Their market position is strong within the Czech public sector, supported by a medium-sized team and a large client base exceeding 15,700 users. Technically, the website is built on modern web technologies including JavaScript frameworks, Google Fonts, Google Tag Manager, Microsoft Clarity, and Facebook Pixel for analytics and marketing. The site is mobile-optimized, fast-loading, and uses HTTPS with reCAPTCHA for form security. The CMS appears to be Puxdesign, indicating a custom or specialized platform. SEO and accessibility are well implemented, contributing to a professional digital presence. From a security perspective, the site enforces HTTPS and uses standard security measures such as CAPTCHA and cookie consent banners. However, it lacks explicit security headers and does not publish a security policy or incident response contacts, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a clear GDPR policy and cookie management. Overall, QCM presents a trustworthy and professional online presence with a mature business model focused on government digitalization. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

B

BAföG Digital

bafoeg-digital.de

0

BAföG Digital is the official German government platform enabling students and trainees to apply online for BAföG educational funding. It is a joint offering by the federal government and the German states, providing a secure, accessible, and user-friendly digital service. The platform supports application submission, status tracking, and offers additional services such as a BAföG calculator and a dedicated mobile app. The website is well-branded with official logos and consistent messaging, targeting students and their families in Germany.

L

Landesbetrieb Information und Technik Nordrhein-Westfalen (IT.NRW)

it.nrw

0

Landesbetrieb Information und Technik Nordrhein-Westfalen (IT.NRW) is the official IT service provider and statistical office for the German state of Nordrhein-Westfalen. The organization offers IT infrastructure, digital administration support, and statistical data services to government agencies and the public. The website reflects a mature digital presence with a focus on transparency, accessibility, and user engagement through multiple digital channels and social media. Technically, the site is built on Drupal CMS, uses Matomo for privacy-respecting analytics, and implements modern web standards including responsive design and cookie consent mechanisms. Security posture is strong with HTTPS enforced and privacy compliance evident, though some security headers could be improved. Overall, IT.NRW demonstrates a high level of professionalism and trustworthiness appropriate for a government entity.

M

Ministerstvo školství, mládeže a tělovýchovy České republiky

msmt.cz

0

The website represents the official online presence of the Ministry of Education, Youth and Sports of the Czech Republic (MŠMT ČR). It serves as a comprehensive portal providing information and services related to education policy, youth programs, sports administration, research and development, and international cooperation. The site targets a broad audience including educators, students, researchers, journalists, and the general public. It holds a strong market position as a national government entity responsible for education and youth affairs. Technically, the website is built on the Marwel CMS platform and utilizes a range of JavaScript libraries such as jQuery, Prototype.js, and Scriptaculous for interactive features. The site is moderately performant with good mobile optimization and accessibility features. SEO practices are well implemented with appropriate meta tags and structured navigation. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks visible security headers and does not provide explicit incident response or vulnerability disclosure information. The WHOIS data is unavailable, likely due to registry policies, which slightly impacts trust but is mitigated by the official government domain and consistent branding. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving as a reliable resource for its stakeholders. Strategic improvements in security headers and incident response transparency could further enhance its security posture.

M

Ministerstvo pro místní rozvoj ČR

mmr.cz

0

The website represents the official online presence of the Ministry for Regional Development of the Czech Republic (Ministerstvo pro místní rozvoj ČR). It serves as a central government portal providing information on regional policy, housing, urban planning, construction law, investment policy, tourism, public auctions, real estate activities, and funeral services. The ministry was established in 1996 and plays a significant role in managing public funds and regulatory oversight in these sectors. The site targets Czech citizens, government officials, municipalities, and businesses involved in housing and regional development. Technically, the website is built on ASP.NET WebForms and likely uses Kentico CMS, with modern web technologies such as JavaScript, CSS, and Google Fonts. The site is mobile-optimized and provides a structured navigation experience. However, some security best practices like security headers are missing, and privacy and cookie policies are not explicitly found in the provided content. User tracking is implemented via Facebook Pixels, with Google Analytics scripts present but commented out. From a security perspective, the site uses HTTPS and includes CSRF tokens in forms, indicating basic security hygiene. The absence of WHOIS data is typical for government domains under CZ NIC registry policies and does not detract significantly from trustworthiness. No vulnerabilities or malicious content were detected. Overall, the site is professional, trustworthy, and serves its governmental function effectively. Recommendations include implementing explicit privacy and cookie policies with consent mechanisms, adding security headers to enhance protection, and regularly auditing third-party scripts and libraries for vulnerabilities.

K

Kudy z nudy

kudyznudy.cz

0

Kudy z nudy is a well-established Czech tourism portal operated under the auspices of CzechTourism, the official Czech tourism board. The website provides comprehensive information and inspiration for trips, cultural events, and activities throughout the Czech Republic, targeting families, tourists, and cultural enthusiasts. It serves as a key digital platform for promoting Czech tourism with a strong market position supported by government backing. Technically, the site is built on ASP.NET WebForms with modern JavaScript libraries such as jQuery, Google Tag Manager, and reCAPTCHA integrated for security and analytics. The site is mobile-optimized, accessible, and SEO-friendly, offering a professional user experience with clear navigation and rich content. Security posture is solid with HTTPS enforced and anti-bot measures in place, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy practices. Overall, the site is trustworthy, professional, and safe for general audiences.

S

Středočeská centrála cestovního ruchu, p. o.

strednicechy.cz

0

The website www.strednicechy.cz serves as the official regional tourism portal for Central Bohemia, Czech Republic. It provides comprehensive information about nature, cultural heritage, events, and travel experiences in the region. The site targets tourists and visitors interested in exploring Central Bohemia's attractions and offers services including event calendars, travel tips, and a Convention Bureau for business events. The site is well-branded and consistent with official regional tourism entities, enhancing its credibility. Technically, the website is built on WordPress with modern plugins and libraries such as WPML for multilingual support, Google Analytics, Hotjar, and Microsoft Clarity for analytics and user behavior tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some lazy loading images show errors that should be addressed. Security posture is good with HTTPS enforced and no obvious vulnerabilities detected, but additional security headers could be implemented to strengthen defenses. Privacy compliance is well-handled with a cookie consent mechanism and a clear cookie policy page, indicating GDPR awareness. Contact information is clearly provided, including email, phone, and physical address, supporting business credibility. However, WHOIS data is missing, which reduces trust from a domain registration perspective and warrants further verification. Overall, the website is a professional, secure, and user-friendly platform for regional tourism promotion, with minor technical and security improvements recommended to enhance trust and performance.

H

Hlavní město Praha

praha.eu

0

The website praha.eu serves as the official portal for the City of Prague, providing comprehensive information and services related to city administration, transportation, culture, environment, and public services. It targets residents, visitors, and businesses, positioning itself as a key government resource. The site leverages modern web technologies including Liferay CMS and React, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with GDPR and cookie consent mechanisms in place. Overall, the site demonstrates a mature digital infrastructure suitable for a large government entity.

K

Královéhradecký kraj

khk.cz

0

Královéhradecký kraj operates as the official regional government authority for the Královéhradecký region in the Czech Republic. The website serves as a comprehensive portal providing citizens, businesses, and local municipalities with access to a wide range of public services including social services, transportation, healthcare, education, and regional development. The site is well-positioned as a trusted source of official information and services for the region's residents and stakeholders. Technically, the website is built on Drupal 10, leveraging modern web technologies such as Bootstrap for responsive design, Slick Carousel for interactive content, and integrates Google Analytics and Google Tag Manager for analytics and tracking. The site demonstrates good mobile optimization, accessibility features, and SEO practices, reflecting a mature digital infrastructure suitable for a government entity. From a security perspective, the site enforces HTTPS, employs cookie consent mechanisms compliant with GDPR, and shows no signs of exposed sensitive data or vulnerable libraries. However, explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly visible and could be improved. The absence of WHOIS data is consistent with CZ.NIC registry policies for .cz domains and does not detract from the site's legitimacy. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include enhancing security header implementation, publishing a dedicated security policy or incident response contact, and considering a security.txt file to facilitate vulnerability disclosures.

I

Internationalistische Liste / MLPD

inter-liste.de

0

The Internationalistische Liste / MLPD website serves as the official online presence for a German political alliance and party focused on socialist and environmentalist policies. It provides information about their candidacy in the 2025 Bundestagswahl, their political platform, key figures, and campaign materials. The site targets politically engaged voters and supporters of leftist movements in Germany. Technically, the website is built on WordPress, uses modern web technologies, and is hosted by a reputable German hosting provider. The site is mobile-optimized and presents content in a clear, professional manner. Security-wise, the site uses HTTPS but lacks advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

Z

Zákony pro lidi PLUS

zakonyprolidiplus.cz

0

Zákony pro lidi PLUS is a Czech Republic-based subscription legal information service providing comprehensive access to Czech laws, historical legal documents, international treaties, judicial decisions, and related legal resources. The website targets legal professionals, public administration, educational institutions, and students, offering tools such as note-taking, bookmarking, and English translations of key laws. The platform is positioned as a reliable and cost-effective legal research tool in the Czech market. Technically, the site employs modern web technologies including Bootstrap and Font Awesome, with a responsive design and moderate performance. Security posture is good with HTTPS enabled, but lacks some security headers and explicit privacy and cookie policies, which are recommended for compliance and trust. The WHOIS data is not publicly available, indicating privacy protection, which is common and justified for this type of service. Overall, the website is professional, trustworthy, and safe for general audiences.

G

Generální ředitelství Hasičského záchranného sboru ČR

hzscr.cz

0

The Hasičský záchranný sbor České republiky (Fire Rescue Service of the Czech Republic) is a government agency responsible for protecting lives, health, and property from fires and other emergencies. It operates under the Ministry of the Interior and coordinates integrated rescue efforts across the country. The website serves as an official information portal providing news, public safety advice, organizational details, and educational resources. It targets Czech residents, emergency responders, and government officials. Technically, the site uses standard web technologies including jQuery and Google Analytics, with a focus on accessibility and compliance with GDPR through cookie consent and privacy policies. Security posture is solid with HTTPS and Content Security Policy headers, though some improvements are recommended such as updating legacy libraries and adding additional security headers. The domain WHOIS data is not publicly available, likely due to registry privacy policies, but the domain is a trusted government domain (.gov.cz) with consistent branding and content. Overall, the site is professional, trustworthy, and serves an essential public safety function.

Č

Česká pošta

kredit-ds.cz

0

The website kredit-ds.cz/payment is an official service portal operated by Česká pošta, the Czech postal service, providing a platform for users to top up credit for their data mailboxes. The site targets Czech individuals and businesses who use electronic government communication services. It offers payment options including payment by card and domestic bank transfer, with clear instructions and official branding. The website is well-structured, mobile-optimized, and provides essential contact information, enhancing user trust and accessibility. Technically, the site is built using modern web technologies including React and Material-UI, ensuring a responsive and user-friendly interface. While performance is moderate, the site lacks some advanced SEO and accessibility features. Security practices include HTTPS and form validation, but the absence of security headers and cookie consent mechanisms indicates room for improvement in compliance and security hardening. From a security perspective, no critical vulnerabilities or malware indicators were found. However, the lack of WHOIS data due to privacy protection limits domain registration transparency. The site aligns with GDPR requirements through its privacy policy, but cookie consent is missing. Overall, the site demonstrates a solid security posture for a government service but should enhance transparency and compliance features. The overall risk assessment is low, with recommendations focusing on improving security headers, cookie consent, and publishing security policies to strengthen user trust and regulatory compliance. The site’s legitimacy is high given its association with Česká pošta and consistent branding.

Č

Česká pošta, s.p.

datovy-trezor.cz

0

Česká pošta, s.p. operates the Datový trezor service, a supplementary digital mailbox capacity service for existing data mailboxes in the Czech Republic. The website provides a secure, government-backed platform for ordering and managing this service, targeting both individual and business users who require secure digital communication. The site is well-branded with official logos and provides clear contact information, terms, and privacy policies, reflecting a mature digital service offering from a national postal authority. Technically, the site leverages modern web technologies including React and Liferay, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS enforcement and standard security headers, though some improvements in vulnerability disclosure and incident response transparency could be made. Overall, the site is trustworthy and professional, though the lack of WHOIS data limits domain registration trust analysis.

The website egako.eu represents the professional monthly publication 'Geodetický a Kartografický Obzor' (GaKO), a peer-reviewed journal focused on geodesy, cartography, and cadastral matters primarily serving professionals in the Czech Republic and Slovakia. The publication has a long historical legacy dating back to 1913 and is recognized in official research registries. The website provides access to current and archived issues, primarily in Czech, with an English alternate page available. The business model centers on specialized scientific publishing with electronic distribution since 2013. Technically, the site is built on WordPress 5.3.20, utilizing jQuery and several JavaScript plugins such as Nivo Slider. The site shows moderate performance and basic mobile optimization. SEO and accessibility features are present but could be improved. The site uses HTTPS, but no advanced security headers were detected, and some JavaScript libraries are outdated, posing potential security risks. From a security perspective, the site lacks explicit privacy and cookie policies, incident response contacts, and vulnerability disclosure mechanisms. Tracking is limited to Histats.com, indicating minimal user tracking. No adult or questionable content is present, and the site is accessible without WAF or security challenges. WHOIS data shows the domain is registered to Gransy s.r.o., a Czech company, consistent with the website's content and audience. Overall, the site is a credible and professional resource within its niche but would benefit from improved security practices, updated technical components, and enhanced privacy compliance to strengthen trust and regulatory adherence.

W

WirtschaftsEntwicklungsGesellschaft Bochum mbH

bochum-wirtschaft.de

0

WirtschaftsEntwicklungs-Gesellschaft Bochum mbH operates as a regional economic development agency focused on supporting Bochum-based companies, startups, investors, and project developers. The organization offers a broad range of services including commercial space brokerage, business services, startup consulting, and technology center management. The website reflects a strong market position as a trusted partner for economic growth and innovation in Bochum, Germany. The content is professionally presented, targeting local businesses and stakeholders with clear calls to action and comprehensive service descriptions. Technically, the site is built on TYPO3 CMS with modern frontend libraries, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site is trustworthy, compliant with GDPR, and well-maintained, supporting the organization's credibility and outreach efforts.

M

MWEIMH Nordrhein-Westfalen

wirtschaft.nrw

0

The website wirtschaft.nrw is the official portal of the Ministry for Economic Affairs, Industry, Climate Protection and Energy of North Rhine-Westphalia, Germany. It serves as a comprehensive information hub for economic policy, industry, energy, climate protection, innovation, and digitalization initiatives within the state. The site targets businesses, entrepreneurs, policymakers, and the general public interested in these sectors. It is positioned as a trusted government source with extensive content and clear navigation. Technically, the site is built on Drupal CMS with modern web technologies including Bootstrap and Modernizr. It employs Matomo analytics with strong privacy controls respecting user consent and Do Not Track settings. The site is mobile-optimized, accessible, and performs moderately well. Hosting and domain registration are consistent with a German government entity. From a security perspective, the site uses HTTPS with good SSL configuration and cookie consent mechanisms. However, some security headers are not explicitly detected and DNSSEC is not enabled, which could be improved. There is no public security policy or incident response contact information visible. No vulnerabilities or suspicious content were found. Overall, wirtschaft.nrw demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. It is a safe and reliable resource for its audience. Strategic recommendations include enabling DNSSEC, enhancing security headers, publishing a security.txt file, and improving incident response visibility to further strengthen its security posture.