Security Directory

The Wallingford Window Company Ltd is a small UK-based business specializing in the supply and installation of UPVC and aluminium replacement windows, doors, conservatories, and related home improvement products. The company positions itself as a local specialist with expertise and FENSA registration, targeting homeowners and property managers seeking quality home improvement solutions. The website presents a professional design with clear navigation and customer testimonials, supporting its credibility in the market. Technically, the website uses a basic tech stack including jQuery 1.12.4 and is hosted via GoDaddy. The site is mobile optimized and uses HTTPS, but lacks modern security headers and uses an outdated JavaScript library, which could pose security risks. There is no evidence of analytics or tracking services, and privacy and cookie policies are absent, indicating limited privacy compliance. From a security perspective, the site shows moderate posture with HTTPS enabled but missing important security headers and policies. The WHOIS data presents a significant anomaly with a domain creation date in the future, which undermines trust in the domain registration information. No incident response or vulnerability disclosure mechanisms are present. Overall, the website is functional and professional but requires improvements in security practices, privacy compliance, and domain registration transparency to enhance trustworthiness and reduce risk.

B

Bennetts

bennetts.com

53

Bennetts is a UK-based family-run business specializing in automotive parts and tools, established in 1954. The company positions itself as a leading specialist covering all car makes and models, targeting UK car owners and automotive professionals. The website provides basic information about the business, store locator services, and customer support pages including privacy and terms policies. Technically, the site runs on an older WordPress version with jQuery 1.12.4, uses Google Fonts, and includes cookie consent mechanisms. HTTPS is enforced via script redirect, but no advanced security headers are detected. The website lacks visible contact emails or phone numbers on the homepage but provides a contact form on a dedicated page. No analytics or tracking scripts were found, indicating minimal user tracking. Security posture is moderate but impacted by outdated software and missing security headers. The WHOIS lookup failed to retrieve domain registration data, raising concerns about domain legitimacy despite the active website presence. Overall, the site is functional but requires technical and security updates to improve trust and compliance.

T

Tele2

tele2.lv

70

Tele2 Latvia is a leading telecommunications operator providing mobile telephony, internet services, and device sales primarily targeting Latvian consumers and businesses. The website reflects a mature digital presence with comprehensive service offerings, multilingual support, and a strong brand identity. Technically, the site employs modern web technologies including Google Tag Manager, Cookiebot for privacy compliance, and responsive design elements ensuring good user experience across devices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in security headers and explicit incident response disclosures. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, supporting Tele2's market position as a major telecom provider in Latvia.

The Integrated Tuberculosis Information System (ITIS) website is an official government platform managed by the Department of Health of the Philippines. It serves as a centralized system for tuberculosis data collection, management, and reporting, targeting healthcare professionals and government health workers involved in tuberculosis control programs. The website provides user login functionality, registration, password recovery, and links to related government health systems such as eTBMAC and a helpdesk portal. The platform's business model is focused on public health service delivery and data management within the healthcare sector. Technically, the website uses a traditional web stack with Bootstrap for styling, jQuery for scripting, and FontAwesome for icons. The site is moderately optimized with basic mobile responsiveness and accessibility features. However, there is no evidence of advanced CMS or modern JavaScript frameworks. Performance is moderate, and SEO optimization is minimal, with no meta tags beyond basic content type and robots noindex directives. From a security perspective, the site uses HTTPS (implied by the URL), but no security headers such as Content Security Policy or HSTS are visible in the provided data. The login form includes input validation and an account lockout mechanism to mitigate brute force attacks. However, the absence of privacy and cookie policies indicates compliance gaps, especially regarding GDPR or similar data protection regulations. No incident response or vulnerability disclosure information is provided. Overall, the website is trustworthy and legitimate, consistent with a government healthcare entity. The content is safe for general audiences, with no adult or questionable material. The main risks relate to privacy compliance and security hardening. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and improving technical modernization to ensure robust protection and compliance.

C

CS GROUP

cs-soprasteria.com

46

CS GROUP is a large French technology company specializing in the design, integration, deployment, maintenance, and operation of intelligent, secure, and interconnected critical systems. As a subsidiary of Sopra Steria, it holds a strong market position in sectors such as defense, security, aerospace, transport, energy, and finance. The website reflects a professional and modern digital presence with comprehensive content and multilingual support. Technically, the site is built on WordPress with a robust set of plugins for SEO, cookie management, and user interaction, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit policies could be improved. Overall, the site is trustworthy and well-maintained, but the lack of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy.

L

Latvijas Republikas Saeima

saeima.lv

59

The website saeima.lv is the official online presence of the Latvian Parliament (Latvijas Republikas Saeima). It serves as a comprehensive portal for legislative information, parliamentary session schedules, news updates, and public engagement resources. The site targets Latvian citizens, government officials, media, and international partners, providing transparent access to legislative processes and governmental activities. The business model is that of a government institution focused on public service and information dissemination. Technically, the website employs legacy technologies such as jQuery 1.12.4 and SWFObject for Flash content, alongside modern tools like Google Tag Manager for analytics. The site is served over HTTPS, includes cookie consent mechanisms, and integrates social media channels for outreach. While the design and navigation are professional and user-friendly, mobile optimization and accessibility are basic and could be improved. From a security perspective, the site benefits from HTTPS and cookie consent compliance but lacks visible security headers and uses outdated libraries that may introduce vulnerabilities. There is no explicit security policy or incident response contact information published, which could be enhanced to improve trust and readiness. No WAF or blocking mechanisms were detected, and no sensitive data exposure was found. Overall, the website is a trustworthy and authoritative government portal with good privacy compliance and professional content. Strategic improvements in updating legacy technologies, enhancing security headers, and publishing security policies would strengthen its security posture and user trust.

A

Arena Park

arenapark.hr

54

Arena Park is a medium-sized retail shopping center located in Croatia, owned by the parent company NEPI Rockcastle. The website serves as a digital portal for customers to explore stores, promotions, and services offered at the mall. It targets a general audience interested in shopping and leisure activities. The site is built on WordPress with a modern tech stack including Bootstrap and jQuery, optimized for mobile and SEO. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though some advanced security headers and policies could be added. Privacy compliance is strong, with clear GDPR cookie management and privacy policies. Overall, the website is professional, trustworthy, and well-maintained, supporting the business's market position as a regional retail hub.

Maplesoft is a well-established software company specializing in mathematics-based software and services for education, engineering, and research. As a subsidiary of Cybernet Systems Co. Ltd., it holds a strong market position with a comprehensive product suite including Maple, MapleSim, and Maple Flow. The company targets educational institutions, engineering professionals, and researchers, offering software sales, licensing, consulting, and training services. The website reflects a mature digital presence with multi-language support and clear business communication. Technically, the site uses a modern tech stack with Bootstrap and jQuery, supported by reputable analytics and advertising tools. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved and jQuery updated. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

Invest Pomurje is a regional development agency focused on promoting foreign direct investment in the Pomurje region of Slovenia. The website highlights the region's strategic location in Central Europe and offers detailed information on business opportunities in sectors such as tourism, sport, renewable energy, advanced agriculture, and metal processing. The agency provides support services to investors and showcases success stories to build credibility. The target audience includes foreign investors and businesses seeking expansion in Central and South-Eastern Europe. Technically, the website is built on WordPress using the Uncode theme and integrates common tools like Yoast SEO, Google Analytics, and Google Maps API. The site is mobile optimized and demonstrates good SEO practices. Security-wise, the site enforces HTTPS and includes a cookie consent mechanism, but lacks explicit security policies or incident response information. No vulnerabilities or suspicious content were detected, and the domain registration is consistent with a legitimate business entity. Overall, the website presents a professional and trustworthy front for regional investment promotion.

N

NordNet SA (Registrar)

tourisme-en-champagne.com

57

The website tourisme-en-champagne.com serves as a comprehensive regional tourism portal for the Champagne region in France, offering information on destinations, cultural heritage, accommodations, and activities. It targets tourists and visitors interested in exploring the Champagne terroir and related experiences. The site is well-established with a domain age dating back to 1999, indicating a mature presence in the tourism sector. Technically, the site is built on Drupal 7 with a variety of JavaScript libraries for UI enhancements and analytics, including Matomo and Google Analytics. While the site is functional and provides good content quality and navigation, it uses some outdated JavaScript libraries that may pose security risks. Security posture is moderate with HTTPS enabled but lacks visible security headers and DNSSEC. Privacy compliance is weak due to the absence of explicit privacy and cookie policies or consent mechanisms. Overall, the site is credible and trustworthy but would benefit from improvements in security and privacy compliance.

S

Společnost lékařské genetiky a genomiky České lékařské společnosti Jana Evangelisty Purkyně, z. s.

slg.cz

52

The website slg.cz represents the official portal of the Czech Society of Medical Genetics and Genomics, affiliated with the Czech Medical Society Jana Evangelisty Purkyně. It provides comprehensive information on medical genetics, genomics, rare diseases, and related professional activities including conferences, seminars, and educational courses. The site targets healthcare professionals, geneticists, and researchers primarily in the Czech Republic and Slovakia. The business model is that of a non-profit professional society offering educational resources, event organization, and professional guidelines. The domain has been active since 2005, indicating a well-established presence in the medical genetics community.

A

Agencija za gospodarenje otpadom d.o.o.

ago-dnz.hr

43

Agencija za gospodarenje otpadom d.o.o. operates as a regional governmental agency responsible for waste management in the Dubrovačko-neretvanska županija region of Croatia. The website serves as an informational and project communication platform, highlighting EU-funded initiatives under the Operational Programme Competitiveness and Cohesion 2014-2020. The agency provides key services including waste management infrastructure development, public education, and regulatory compliance support. Their market position is that of a specialized public sector entity with strong governmental and EU partnerships.

M

MIN – MEĐIMURJE, INVESTICIJE, NEKRETNINE d.o.o.

medjimurje-nekretnine.hr

36

MIN – MEĐIMURJE, INVESTICIJE, NEKRETNINE d.o.o. is a Croatian limited liability company specializing in managing investments and real estate operations within the Međimurje County. The company operates with a clear regional focus, providing investment management, financial planning, and public procurement services. The website reflects a small-sized business with a stable market presence since 2008, targeting local investors and public entities. Technically, the website is built on WordPress 4.9.26 with common JavaScript libraries like jQuery and FancyBox, hosted on Totohost servers. While the site is accessible and functional, it uses outdated software versions that pose security risks. Security posture is moderate with HTTPS enabled but lacking modern security headers and updated components. Privacy compliance is partial, with a GDPR policy page present but no cookie consent mechanism. Overall, the website is trustworthy but would benefit from technical and security improvements to enhance resilience and compliance.

Integrirani promet zagrebačkog područja d.o.o. is a public sector company owned primarily by the City of Zagreb and two surrounding counties. It focuses on integrated passenger transport planning and management in the Zagreb metropolitan area. The website serves as an informational portal presenting the company's mission, master plans, and news related to transportation projects. Technically, the site is built on an older WordPress version with common plugins such as Contact Form 7 and Google Maps integration. While the site is functional and provides relevant content, it uses outdated software versions that pose security risks. The security posture is basic with HTTPS enabled but lacks modern security headers and updated libraries. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is trustworthy and professional but requires technical and compliance improvements to enhance security and user trust.

Z

Zagorje Priroda

zagorje-priroda.hr

54

Zagorje Priroda is a Croatian public institution dedicated to the protection and management of natural protected areas within the Krapinsko-Zagorska County. The organization focuses on environmental conservation, education, research, and public engagement through events and publications. Their website serves as an informative portal for the public and stakeholders, highlighting their activities, projects, and news. The institution is regionally positioned as a key governmental entity for nature protection with a clear mission and community focus. Technically, the website is built on WordPress CMS with common plugins such as WPBakery Page Builder and Slider Revolution. It integrates Google Analytics and Google Tag Manager for traffic and user behavior analysis. The site is mobile-optimized and uses HTTPS, ensuring secure communication. However, some security headers are missing, and the jQuery version is outdated, which could pose minor security risks. From a security and compliance perspective, the website enforces HTTPS and does not expose sensitive data. It provides a comprehensive privacy policy in Croatian, indicating GDPR awareness, though it lacks an explicit cookie consent mechanism. Contact information is clearly presented, including email, phone, and physical address, enhancing trust. No incident response or security policy pages were found, suggesting room for improvement in transparency and readiness. Overall, the website is professional, trustworthy, and serves its purpose well. Strategic improvements in security headers, updating libraries, and implementing cookie consent would enhance its security posture and compliance. The domain registration data aligns well with the organization's claims, supporting legitimacy and credibility.

M

Městská kulturní zařízení Hranice, p.o.

muzeum-hranice.cz

42

Muzeum a galerie Hranice is a public cultural institution based in Hranice, Czech Republic, providing museum and gallery exhibitions, cultural events, and educational programs. The website serves as an information portal for visitors and researchers, showcasing current and upcoming exhibitions and events. The institution appears to be well-established since 2016 and targets a general audience interested in culture and local history. Technically, the website is built on WordPress with common plugins for SEO and cookie compliance, integrating Google Analytics and Google Maps API for enhanced user experience. The site is mobile-optimized and provides clear navigation and content structure. Security-wise, the site uses HTTPS and a cookie consent mechanism, but lacks published security policies or incident response contacts. No critical vulnerabilities or suspicious content were detected, and the domain registration data aligns well with the website's claims, indicating legitimacy. Overall, the website is professional, trustworthy, and compliant with basic privacy regulations, though it could improve by publishing privacy and security policies.

G

GDPR CENTRUM

gdprcentrum.cz

58

GDPR CENTRUM is a Czech-based small business collective of IT and legal professionals specializing in GDPR certification, implementation, consultancy, and software development. The company targets small businesses, sole proprietors, and online merchants, offering affordable and free GDPR compliance tools including a documentation generator. The website is professionally designed with clear navigation and comprehensive content in Czech, reflecting a strong focus on GDPR education and practical compliance support. Technically, the site uses a modern but somewhat dated tech stack including Bootstrap and jQuery 1.12.4, with good mobile optimization but lacking some modern security headers and explicit privacy/cookie policies. Security posture is moderate with HTTPS usage but missing advanced security configurations and incident response details. WHOIS data is unavailable, which reduces domain trustworthiness, but the detailed content and contact information support legitimacy. Overall, the site provides valuable GDPR compliance resources with room for improvement in privacy transparency and security best practices.

G

Galén, spol. s r.o.

cesradiol.cz

50

Česká radiologie is a professional Czech medical journal specializing in radiology, affiliated with the Czech Medical Society J.E. Purkyně and other radiological societies. It publishes original research, reviews, and case studies targeted at practical and clinical physicians as well as postgraduate medical education participants. The journal is well-established with a domain age since 2006 and is indexed in major medical databases such as EMBASE and SCOPUS. The website is powered by the Actavia peer review and editorial system and maintains partnerships with reputable Czech medical organizations.

M

mica BUFFET & CATERING

mica-catering.at

42

mica BUFFET & CATERING is a small hospitality business specializing in buffet and catering services primarily for schools and educational institutions in the Linz region of Austria. The company emphasizes fresh, regionally sourced ingredients and seasonal menus, operating at multiple school locations. The website is built on TYPO3 CMS with a moderate technical stack including jQuery and Unslider, indicating a stable but somewhat dated infrastructure. The site is accessible, uses HTTPS, and employs Piwik analytics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced but lacks advanced security headers and modern JavaScript libraries. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the business presents a professional and trustworthy online presence with room for technical and security improvements.

B

Byrokratova přísaha

byrokrates.cz

42

Byrokratova přísaha is a Czech language blog focused on public policy, governance, and innovation topics primarily targeting professionals and academics interested in government and public administration. The website operates on WordPress CMS hosted by Wedos, using common plugins such as Jetpack and Google Analytics for analytics and performance. The content is well-structured and relevant, with a moderate level of technical implementation and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies. No contact information or formal business credentials are provided, indicating a small-scale informational blog rather than a commercial enterprise. Overall, the website is safe, trustworthy, and provides valuable content for its niche audience.

I

IMK Ltd.

imk.ch

54

IMK Ltd. is a Swiss-based company specializing in organizing congresses and facilitating communication within the healthcare sector. Established in 1993 and headquartered in Basel, it serves as an intermediary promoting exchange between doctors, patients, and industry stakeholders. The company maintains a professional online presence with detailed event listings and active engagement in healthcare-related activities. Technically, the website is built on the Contao CMS platform, utilizing modern JavaScript libraries and ensuring good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and incident response information are absent. Privacy policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, the website and business demonstrate high credibility and trustworthiness within their niche.

COMORESTAURANT is an online magazine primarily targeting Slovak-speaking audiences with content focused on home improvement, marketing strategies, investment advice, and lifestyle topics. The website operates on WordPress CMS and employs standard SEO practices including JSON-LD structured data and Open Graph metadata to enhance search engine visibility. The technical infrastructure is moderate, with some outdated components such as older WordPress and jQuery versions that may pose security risks if not updated. Security posture is limited due to absence of security headers and lack of visible security or incident response policies. The website lacks privacy and cookie policies, which impacts GDPR compliance and user trust. WHOIS data for the domain is unavailable, reducing confidence in domain legitimacy and ownership transparency. Overall, the site provides good quality content and user experience but requires improvements in security, privacy compliance, and business credibility to enhance trustworthiness and regulatory adherence.

Online magazín CARNEVALE is a Slovak language digital publication offering a broad range of articles focused on lifestyle, home improvement, business, sports, and local services. The website targets a general Slovak-speaking audience interested in practical advice and news across multiple categories. The business model is content publishing via a WordPress-based online magazine platform, positioning itself as a niche regional media outlet in Slovakia. Technically, the site uses WordPress 5.4.18 with jQuery and SEO plugins, delivering moderate performance and good mobile responsiveness. Security posture is basic with HTTPS enforced via client-side redirect but lacks security headers and formal privacy or cookie policies. No contact or business registration information is provided, and WHOIS data is unavailable, which reduces trust and transparency. Overall, the site is functional and content-rich but would benefit from improved security practices and compliance documentation.

The website represents Kancelář Ombudsmana pro zdraví, a Czech non-profit organization providing free legal advice and support related to healthcare rights. Established in 2014, it has built a recognized presence in the Czech healthcare sector, offering services such as complaint handling, educational seminars, and legal internships. The organization targets patients, healthcare professionals, and legal students, aiming to improve awareness and protection of healthcare rights. Technically, the website is built on WordPress 4.9.28 with Gantry 5 framework and uses plugins like Smart Slider 3 and MonsterInsights for analytics. While HTTPS is enforced, the site uses outdated core software and libraries, lacks advanced security headers, and does not publish privacy or cookie policies, indicating moderate digital maturity. Security posture is moderate with enforced HTTPS but missing security headers and outdated software increasing risk. No incident response or security policy information is published. WHOIS data is unavailable, which reduces domain trustworthiness, though the website content and business presence suggest legitimacy. Overall, the site is functional and informative but requires updates to software, security practices, and privacy compliance to improve trust and security posture.

The International Federation of Nurse Anesthetists (IFNA) is a well-established non-profit organization representing nurse anesthetists globally. The website serves as a hub for education, accreditation, research, and international collaboration within the nurse anesthesia community. It offers resources such as standards, publications, congress information, and membership details, positioning IFNA as a key international voice in healthcare for nurse anesthetists. Technically, the website is built on WordPress with a moderate technology stack including common plugins for SEO, social sharing, and content management. The site enforces HTTPS and has a consistent branding and professional design, though it uses outdated WordPress and jQuery versions which pose security risks. Security posture is basic with no advanced headers or incident response contacts visible, and privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from improved security and compliance measures.

S

Sport-Santé

sport-sante.lu

45

Sport-Santé is a Luxembourg-based non-profit federation focused on promoting therapeutic physical activities for patients with chronic diseases. Managed by the Fédération Luxembourgeoise des Associations de Sport de Santé (FLASS), it serves as a recognized label and resource hub offering information, events, and videos to support health through physical activity. The website is well-structured, multilingual, and optimized for SEO, targeting patients and healthcare professionals in Luxembourg. Technically, it is built on WordPress with modern plugins and libraries, providing a good user experience across devices. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security headers and published security policies. The absence of WHOIS data limits domain trust verification, but the presence of official partnerships and consistent branding supports legitimacy. Overall, the site is professional, informative, and trustworthy within its healthcare niche.

I

iZlato Sloveská republika s.r.o.

izlato.sk

53

iZlato Sloveská republika s.r.o. operates the largest online jewelry store in Slovakia, specializing in gold and diamond jewelry. The website offers a comprehensive e-commerce platform with extensive product categories, filtering options, and customer service features including reservation and contact forms. The company targets a general audience interested in purchasing fine jewelry online and through physical stores. The business model is retail-focused with a strong digital presence and marketing integration.

T

Theater der Hansestadt Wismar

theater-wismar.de

65

Theater der Hansestadt Wismar is a local cultural institution in Germany offering theatrical performances, educational programs, and event hosting services. The website provides detailed event listings, ticketing information, and contact details, targeting a broad audience including families and theater enthusiasts. The site is built on an ikiss CMS platform using technologies such as jQuery and Flexslider, with a moderate performance and good mobile optimization. Security posture is adequate but could be improved by updating libraries and implementing security headers. Privacy compliance is addressed with a cookie consent banner and a privacy policy page, though explicit GDPR compliance details are minimal. Overall, the website is professional, trustworthy, and serves its community effectively.

Status.net is a small business resource website founded in 2000, providing useful business templates and educational articles focused on management and organizational topics. The site targets business professionals and organizations seeking practical resources to improve operations and decision-making. Technically, the website is built on WordPress with a moderate technology stack including jQuery and various analytics and advertising scripts. Hosting appears to be on Amazon AWS infrastructure. The site demonstrates good mobile optimization and SEO practices but has basic accessibility features. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers, and does not provide a cookie consent mechanism. Privacy compliance is limited, with a basic privacy policy but no cookie or terms of service pages. No direct contact information or security policies are published, which limits transparency. Overall, the domain registration data is consistent and supports the legitimacy of the business. The website content is safe and appropriate for a general audience.

L

Ljiljana Lončarić Peharda

ljiljanaloncaricpeharda.com

43

The website ljiljanaloncaricpeharda.com serves as a personal portfolio for the artist Ljiljana Lončarić Peharda, showcasing her paintings, illustrations, music, and blog content. It targets art enthusiasts and potential clients interested in her creative work. The business model is primarily personal branding and portfolio presentation, with a niche market position in the art domain. The website is small scale, founded around 2017, and primarily serves a Croatian audience with multilingual support via WPML.

D

DAR BLUE d.o.o.

darblue.hr

41

Darblue.hr is the online presence of DAR BLUE d.o.o., a Croatian company specializing in the cultivation and sale of fresh blueberries and other berries. The company operates a 12-hectare plantation with 80,000 plants, focusing on high-quality domestic blueberry production with extended harvest seasons through selected varieties. Their business model centers on retail and wholesale distribution of fresh and packaged berries, maintaining cold chain logistics to ensure product quality. The website reflects a professional and consistent brand image, with clear contact information and compliance with GDPR regulations. Technically, the site is built on WordPress with popular plugins like WPBakery and Slider Revolution, and uses Google Analytics for visitor tracking. While the site is generally well-implemented, some outdated JavaScript libraries and lack of explicit security headers present moderate security concerns. No blocking or WAF mechanisms interfere with content access. The domain registration data aligns well with the business claims, supporting legitimacy. Overall, the site demonstrates a solid digital presence for a small agricultural business with good trust indicators and compliance practices.

C

Cyklus Trails

cyklustrails.com

42

Cyklus Trails is a small, specialized travel agency offering self-guided and guided cycling tours primarily in the Czech Republic and neighboring countries. Established in 2002, it targets active travelers seeking authentic outdoor adventure experiences along well-known bike paths and cultural sites. The website is built on Drupal 7 and incorporates common web technologies such as jQuery, Google Analytics, and Facebook SDK for social integration and tracking. While the site is accessible and professionally presented, it lacks critical privacy and cookie policies, which impacts compliance with GDPR and other privacy regulations. Security measures include the use of Google reCAPTCHA on contact forms, but the absence of security headers and use of outdated libraries present potential vulnerabilities. The WHOIS data for the domain is missing, raising concerns about domain registration legitimacy, although the website content and contact details appear genuine. Overall, the site demonstrates moderate digital maturity with room for improvement in security and privacy compliance.

The website 'Spektrum rozvoje zen' serves as a platform supporting women engaged in socially beneficial activities under the organization SPIRALIS. It targets a niche audience within the Czech Republic and operates as a small non-profit entity. The site content is minimal, primarily providing a promotional message and a link to an external Weebly-hosted site, indicating limited direct engagement on the main domain. Technically, the website is built on an outdated WordPress 4.8.3 platform with the Divi theme and uses older jQuery libraries, which introduces potential security vulnerabilities. Hosting is provided by Wedos, a Czech hosting provider consistent with the website's regional focus. Security posture is moderate with HTTPS enabled but lacking security headers and updated software. Privacy compliance is weak, with no visible privacy or cookie policies and no GDPR compliance indicators. Contact information is absent, reducing business credibility and user trust. Overall, the site is functional but requires significant improvements in security, privacy, and content richness to enhance trust and compliance.

M

MAS Radbuza

mas-radbuza.cz

41

MAS Radbuza is a Czech local action group focused on community-led local development across 52 municipalities in the Plzeň region. The organization manages EU grant distribution through multiple operational programs and supports local education projects, GDPR compliance services, and cultural initiatives. The website is built on WordPress with a moderate technical stack including Bootstrap and jQuery, and uses Google reCAPTCHA for form security. While the site is accessible and well-structured, it lacks some modern security headers and cookie consent mechanisms. WHOIS data is unavailable, which slightly reduces trustworthiness, but the presence of partner logos and EU funding references supports legitimacy. Overall, the site demonstrates a good balance of content quality and technical implementation with room for security and privacy improvements.

Golfoveclenstvi.cz is an online platform operated by Golf Europe s.r.o., focused on providing a comprehensive comparison of golf club memberships across the Czech Republic. The website also offers tips on advantageous golf offers and promotes related golf services and products. It targets golf enthusiasts and players in the Czech market, positioning itself as a niche leader in golf membership aggregation and related services. The business model revolves around aggregating membership information and promoting affiliated golf-related businesses. Technically, the website is built on WordPress 4.7.31 with a technology stack including jQuery 1.12.4, Bootstrap 2.3.2, and Font Awesome 4.7.0. The site shows basic mobile optimization and moderate performance but uses outdated software versions that may pose security risks. SEO and accessibility features are basic, and the site includes Facebook social plugins for marketing and engagement. From a security perspective, the site uses HTTPS but lacks visible security headers and employs outdated libraries, increasing vulnerability risk. No privacy, cookie, or terms of service policies are present, indicating poor privacy compliance. WHOIS data is unavailable, limiting domain legitimacy verification and reducing trustworthiness. Contact information is present but limited to a company email and phone number in the footer. Overall, the website is functional and safe for general audiences but requires updates to its technical stack, improved security practices, and enhanced privacy compliance to strengthen its security posture and business credibility.

G

Golf Europe s. r. o.

progolfistu.cz

38

Progolfistu.cz is a Czech Republic-based family-owned retail business specializing in golf equipment and accessories since 2009. The company operates both an e-commerce platform and a physical store located in Prague 5, offering a wide range of golf products including clubs, bags, balls, clothing, and training aids. Their market position is that of a trusted local retailer with a focus on personalized service and a broad product portfolio from well-known brands. Technically, the website employs common web technologies such as jQuery, Google Analytics, Facebook Pixel, and affiliate tracking, indicating a mature digital marketing approach. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks visible advanced security headers and formal security policies. The absence of WHOIS data for the domain is a notable concern, although the website content and business information appear legitimate and professional. Overall, the site demonstrates a solid business presence with room for improvement in security transparency and domain legitimacy verification.

B

Bezpečné Čáslavsko – Společný informační kanál bezpečnostních složek

bezpecnecaslavsko.cz

41

Bezpečné Čáslavsko is a regional public safety information portal focused on the Čáslavsko microregion in the Czech Republic. It serves as a centralized channel providing updates and information about local police, municipal police, fire services, and other safety organizations. The website targets local residents and stakeholders interested in community safety and crime prevention. The business model is informational and community service-oriented, with a small regional footprint and a focus on public service rather than commercial activities. Technically, the site is built on WordPress with several plugins for maps, forms, and UI enhancements. While the site is mobile-optimized and well-structured, it uses outdated WordPress and jQuery versions, which pose security risks. Security posture is moderate with HTTPS enforced and Wordfence plugin active, but lacks modern security headers and up-to-date software. Privacy compliance is limited due to absence of a privacy policy and terms of service, though a cookie consent banner is present. Overall, the site is trustworthy and legitimate, supported by consistent WHOIS data and domain age. Strategic improvements in security updates, privacy documentation, and security headers are recommended to enhance trust and compliance.

Hrvatska akreditacijska agencija (HAA) is a Croatian national accreditation agency operating as an independent, non-profit public institution. It provides accreditation services and manages the e-Akreditacija portal, which offers electronic services and maintains registers of accreditations. The agency is positioned as the authoritative accreditation body in Croatia with international cooperation ties to organizations such as ILAC and EA. The website is professionally designed, uses WordPress CMS, and integrates standard web technologies including Google Analytics and reCAPTCHA for security and analytics purposes. The site is accessible, mobile-optimized, and provides clear navigation and relevant content for its target audience of accredited entities and government bodies. Security posture is adequate with HTTPS enforced and cookie consent implemented, though improvements could be made by adding security headers and explicit privacy policies. WHOIS data is redacted due to GDPR, but the domain and website content align with a legitimate government agency. Overall, the website demonstrates a good balance of professionalism, technical implementation, and business credibility.

Filmmuseum Potsdam is a cultural and educational institution dedicated to film history, exhibitions, and cinema programming. The website serves as a portal for visitors to explore exhibitions, digital content, and research projects related to film culture. The institution targets a general audience interested in film and cultural heritage, operating primarily as a non-profit entity within the media and education sectors in Germany. The website is built on idbase CMS 5.5 and uses a combination of jQuery, Bootstrap, and other JavaScript libraries to deliver a responsive and interactive user experience. Cookiebot is integrated for GDPR-compliant cookie consent management. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, but the use of outdated JavaScript libraries and lack of visible security headers suggest room for improvement. No explicit privacy policy or terms of service pages were found in the provided content, which is a compliance gap. Overall, the website is professional and trustworthy but would benefit from enhanced privacy disclosures and updated technical components.

B

Bike Kitchen Brno

bikekitchenbrno.cz

40

Bike Kitchen Brno is a small community-driven non-profit organization based in the Czech Republic focused on providing an open bicycle repair workshop and fostering social engagement around cycling culture. The website serves as a hub for community events, educational programs, and environmental initiatives. The organization benefits from EU grant support, indicating some level of external validation and funding. Technically, the website is built on WordPress with common plugins and uses HTTPS with a good SSL configuration, though some libraries like jQuery are outdated, posing potential security risks. The site lacks formal privacy and cookie policies, which is a compliance gap especially under GDPR. Security posture is moderate with some best practices implemented but missing key headers and vulnerability disclosures. Overall, the site is functional, well-branded, and serves its community purpose effectively but would benefit from improved compliance and security hardening.

P

Plavi ured

plaviured.hr

59

Plavi ured is a government-supported entrepreneurial center based in Zagreb, Croatia, established in 2015 as part of the Zagrebački inovacijski centar d.o.o. It provides education, support programs, and consulting services to entrepreneurs, including small and medium enterprises, micro entrepreneurs, craftsmen, and beginners. The website is professionally designed using WordPress with modern plugins such as Yoast SEO and Slider Revolution, and it integrates Google reCAPTCHA for form security and Complianz for GDPR-compliant cookie management. The site demonstrates good digital maturity with clear navigation, mobile optimization, and SEO best practices. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the use of an outdated jQuery version and lack of explicit security headers are noted as areas for improvement. Privacy compliance is strong, with comprehensive privacy and cookie policies and consent mechanisms in place. Overall, the website is trustworthy and serves as a credible digital presence for the entrepreneurial center.

Tenisová škola Zýka Hořovice is a small, family-run tennis school based in the Czech Republic with over 20 years of experience. The business focuses on tennis training for children and competitive players, offering services such as racket stringing and court rentals. The website is built on the eStránky.cz platform and integrates basic technologies like jQuery and Facebook SDK for social media connectivity. However, the site lacks critical compliance documents such as privacy and cookie policies and does not provide contact emails, limiting its professional and compliance posture. The absence of WHOIS data raises concerns about domain legitimacy, although the site content appears genuine and targeted at local tennis enthusiasts.

P

Praskoleská společnost sv. Prokopa

svprokop.cz

37

The website www.svprokop.cz represents the Praskoleská společnost sv. Prokopa, a small local cultural society in the Czech Republic focused on organizing cultural events and preserving local heritage sites such as chapels and churches. The site content is primarily in Czech and includes announcements for cultural events, indicating an active community engagement. Technically, the website is built on WordPress 4.9.28 with plugins such as Yoast SEO and Contact Form 7, and uses Bootstrap 3.3.7 for styling. While the site is served over HTTPS with valid SSL, it uses outdated software versions and lacks modern security headers, which could expose it to vulnerabilities. No privacy, cookie, or terms of service policies are present, and no contact emails or phone numbers are explicitly provided, limiting user trust and compliance with privacy regulations. WHOIS data is unavailable, which reduces domain trustworthiness and raises concerns about domain legitimacy. Overall, the site is functional but requires updates and improvements in security, privacy compliance, and transparency to enhance trust and protect users.

S

SLOVAK INTERCARGO, s.r.o.

medzinarodna-preprava.sk

44

SLOVAK INTERCARGO, s.r.o. operates the website medzinarodna-preprava.sk, providing comprehensive international freight forwarding and logistics services primarily focused on sea and road transport. Established in 2003 and based in Slovakia, the company offers customs clearance, cargo insurance, and inland transport services, targeting businesses requiring reliable global shipping solutions. The website presents a professional and consistent brand image with clear service descriptions and contact information, positioning the company as a trusted player in the Slovak transportation sector. Technically, the website uses a classic tech stack including Bootstrap 3.3.7, jQuery 1.12.4, and Google reCAPTCHA for form security. While the site is mobile-optimized and well-structured, it lacks modern security headers and explicit privacy and terms of service pages, which are areas for improvement. Performance is moderate, and SEO practices are basic but adequate for the business scope. From a security perspective, the site benefits from HTTPS and reCAPTCHA integration but misses key security headers and formalized security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the business claims, showing a consistent and legitimate registration history. Overall, the website is a solid representation of a small logistics company with good business credibility but would benefit from enhanced privacy compliance and security hardening to improve trust and regulatory adherence.

B

BerlinerLuft. Tehnika d.o.o.

berlinerluft.hr

46

BerlinerLuft. Tehnika d.o.o. is a Croatian manufacturing company specializing in ventilation equipment and systems. As part of the BerlinerLuft corporate group, it offers a broad portfolio of products including smoke extraction ducts, fans, air distribution components, and fire protection systems. The company targets professional and industrial clients in the HVAC sector, positioning itself as a reliable regional player with a solid product range and certifications such as CE marking. The website reflects this business focus with professional content and clear navigation. Technically, the website is built on OctoberCMS with jQuery and jQuery UI libraries, and uses Google Analytics for tracking. The site is mobile-optimized and performs moderately well, though some technical debt is evident from the use of older JavaScript libraries. SEO and accessibility are basic but adequate. Security posture is good with HTTPS enforced and no visible sensitive data exposure, but lacks security headers and a vulnerability disclosure mechanism. From a security and compliance perspective, the site has a privacy policy and terms of service, but lacks a cookie consent mechanism and incident response contact details. WHOIS data is consistent with the business claims, showing a domain registered in Croatia since 2015, supporting legitimacy. No WAF or blocking mechanisms were detected, and no adult or questionable content is present. Overall, the website is professional and trustworthy with room for improvement in security headers, privacy compliance, and modernization of technical components. Strategic enhancements in these areas would strengthen the company’s digital maturity and compliance posture.

I

ISOPLUS d.o.o.

isoplus.rs

44

ISOPLUS d.o.o. is a Serbian company specializing in the sale and service of pre-insulated pipes and related products for district heating systems. The company operates within the ISOPLUS holding group and serves industrial clients primarily in the energy sector. With over 130 projects in the last five years and annual delivery of approximately 2500 km of pipes, ISOPLUS holds a solid market position regionally. Their offerings include a wide range of pipe products, fittings, accessories, and services such as network control, design, and installation support. The website reflects a professional business with clear contact information and certifications, although it lacks some compliance documentation such as privacy and cookie policies.

Z

Zaklada GNK Dinamo Nema Predaje

zakladanemapredaje.hr

48

Zaklada GNK Dinamo Nema Predaje is a Croatian non-profit foundation officially affiliated with the GNK Dinamo football club. The foundation focuses on promoting equality, social inclusion, and providing humanitarian aid, particularly targeting persons with disabilities, socially vulnerable groups, and young talented athletes. The website serves as a platform to communicate the foundation's mission, programs, and events, and facilitates donations and community engagement. It maintains a strong presence on social media and provides comprehensive contact and legal information.

D

DEKOD d.o.o.

dekod.hr

52

DEKOD d.o.o. is a well-established Croatian ticketing organization with over two decades of experience and a leading market position in the region. The company offers a comprehensive suite of ticketing and event management services, including e-ticketing systems, payment solutions, and web shop capabilities. Their clientele includes cultural institutions, event organizers, and public venues, supported by a strong regional presence and trusted partnerships such as with ulaznice.hr. The website reflects a professional business focus with clear contact information and client testimonials, reinforcing their credibility. Technically, the site is built on WordPress with the Enfold theme and uses common web technologies, but it runs outdated software versions that pose security risks. Security posture is moderate with HTTPS enabled but lacks modern security headers and visible privacy or cookie policies, indicating room for compliance improvement. Overall, the website is functional and trustworthy but would benefit from technical and compliance updates to enhance security and user trust.

I

IslaWEB S.L.

islaweb.com

59

IslaWEB S.L. is a Spanish web hosting provider with over 20 years of experience offering professional internet presence solutions including web hosting, dedicated servers, and domain registration. The company targets businesses and professionals primarily in Spain, positioning itself as an early and established player in the Spanish hosting market. The website is well-structured, mobile-optimized, and provides clear service plans and contact options. However, the absence of WHOIS registration data raises concerns about domain legitimacy despite the professional presentation and detailed legal disclosures. Technically, the site uses legacy JavaScript libraries such as jQuery 1.12.4 and custom scripts, with no detected CMS or advanced frameworks. Performance is moderate with good mobile optimization and basic accessibility. Security posture is average; forms are secured with consent checkboxes, but no security headers or cookie consent mechanisms are detected. SSL status is unknown from the data provided, which is a critical gap. From a security perspective, the site lacks explicit incident response contacts and published security policies. The privacy policy is comprehensive and GDPR compliant, reflecting good data protection awareness. No vulnerabilities or tracking technologies were detected, indicating minimal user tracking and advertising. Overall, the website presents a professional and trustworthy front for a small technology business but requires verification of domain registration and improvements in security headers and cookie consent to enhance trust and compliance.