Security Directory

T

TableOnline.fi

tableonline.fi

65

TableOnline.fi is a professional online restaurant reservation platform targeting consumers in Finland and Tallinn. It offers services such as restaurant bookings, user reviews, and special offers, positioning itself as a leading service in the hospitality sector within its geographic focus. The website demonstrates a modern technical infrastructure leveraging Preact, AWS hosting, and integrations with major analytics and advertising platforms like Google Analytics, Facebook Pixel, and Stripe for payment processing. Security posture is strong with HTTPS enforcement, security headers, and secure payment mechanisms, although explicit security policies and incident response information are not publicly available. Privacy compliance is supported by a comprehensive cookie consent mechanism, but lacks a clearly accessible privacy policy and terms of service. Overall, the site is well-designed, mobile-optimized, and trustworthy, with no adult or questionable content detected.

S

SHOEI CO., LTD.

shoei.com

59

SHOEI CO., LTD. is a globally recognized premium motorcycle helmet manufacturer with a strong market presence and a network of regional distributors worldwide. The website serves as a hub for worldwide distributor contacts and product information tailored to regional markets. The company targets motorcycle riders and distributors, emphasizing safety, design, and performance in its product offerings. Technically, the website employs modern JavaScript libraries and tracking tools, including Google Analytics, Facebook SDK, and Line Tag, indicating a mature digital infrastructure. The site is mobile-optimized with good navigation and professional design, though it lacks some privacy and security policy disclosures. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but the absence of security headers and incident response information suggests room for improvement. The WHOIS data is unavailable, which raises some concerns about domain registration transparency but does not detract from the professional presentation and legitimacy of the business. Overall, the website is safe, professional, and functional, with recommendations to enhance privacy compliance and security transparency.

T

TJ studio d.o.o.

tjstudio.info

50

TJ studio d.o.o. is a Croatian-based technology company specializing in web hosting, web design, and internet application development. Established since 2009, the company positions itself as a reliable and innovative service provider for businesses and individuals seeking professional digital solutions. Their offerings include a variety of hosting packages, domain registration, website maintenance, and custom web development services. The company maintains an active online presence with social media channels and a customer support portal, emphasizing customer service and technical support availability. Technically, the website is built on WordPress using the Betheme theme and integrates modern plugins such as Yoast SEO Premium and Slider Revolution. It employs Google Analytics for traffic analysis and Google reCAPTCHA for form security. The site is mobile-optimized and demonstrates good SEO practices. However, some security headers are not explicitly detected, and there is no dedicated security policy or incident response contact information visible. From a security perspective, the site uses HTTPS with a valid SSL certificate and implements GDPR-compliant cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is limited due to privacy protection, with no public registrant details, but the website content and contact information appear consistent and professional. Overall, TJ studio d.o.o. presents a trustworthy and professional digital presence with a solid technical foundation and compliance with privacy regulations. Strategic improvements in security headers and incident response transparency could further enhance their security posture and customer trust.

C

Centar za kulturu Grada Novalje

czknovalja.hr

41

Centar za kulturu Grada Novalje is a Croatian cultural center focused on promoting and organizing cultural and sports events in Novalja and surrounding areas. The website serves as an information hub for upcoming and past events, official documents, and community engagement. It targets local residents and visitors interested in cultural activities. The site is built on WordPress with a modern theme and multilingual support, reflecting a moderate level of digital maturity. Security posture is solid with HTTPS and GDPR-compliant cookie consent, though some security headers are missing and no explicit security policies are published. Overall, the site is trustworthy and professionally maintained, suitable for its public cultural institution role.

TZ Stara Novalja is a local tourism organization dedicated to promoting the town of Stara Novalja on the island of Pag, Croatia. The website serves as a comprehensive portal offering event calendars, local attractions, outdoor activities, and useful information for tourists and property renters. It targets visitors interested in cultural events, outdoor sports, and local hospitality services. The organization appears well-established with a domain registered since 2001 and consistent WHOIS data. Technically, the website is built on WordPress using the Avada theme, leveraging common web technologies such as jQuery and MediaElement.js. It integrates Google Analytics for visitor tracking and implements cookie consent mechanisms. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS, includes standard security headers, and avoids exposing sensitive data. However, it lacks a formal security policy, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is basic, with a privacy notice present but limited GDPR-specific details. Overall, the website is trustworthy and professional, serving its purpose as a tourism information hub effectively. Strategic improvements in privacy compliance, security transparency, and accessibility could further enhance its posture and user trust.

I

Institut za Neuromarketing

neuromarketinginstitut.com

55

Institut za Neuromarketing is a specialized Croatian institute providing neuromarketing services including neuroadvertising, neurobranding, scientific and expert research, and advanced technologies such as EEG, eye tracking, biometric methods, and facial coding. The website positions the institute as a market leader in Croatia with a focus on business and scientific clients. The digital infrastructure is built on WordPress with modern plugins and tools, ensuring good performance and mobile optimization. Privacy and cookie policies are well implemented, reflecting GDPR compliance. Security posture is adequate with HTTPS and reCAPTCHA usage, though improvements in DNSSEC and security headers are recommended. Overall, the website is professional, trustworthy, and well-maintained, supporting the institute's credibility and market presence.

C

CSL Computer Service Langenbach GmbH d/b/a joker.com

novalja-pag.net

33

Novalja-pag.net is a well-established Croatian hospitality website specializing in private accommodation listings on the island of Pag. Founded in 2002, it offers a comprehensive catalog of apartments, rooms, villas, and hotels with direct booking contact options. The platform targets tourists seeking affordable and diverse lodging options near popular destinations such as Novalja and Zrće beach. Technically, the site uses a custom CMS with common web technologies including jQuery, Bootstrap, and Google services for analytics and reCAPTCHA. While the site is mobile-optimized and provides a good user experience, it lacks HTTPS enforcement and advanced security headers, which are critical for protecting user data and enhancing trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is credible and functional but would benefit from security and privacy improvements.

D

Dizajn Studio Novalja

novalja.info

33

Novalja.info is a regional tourism portal dedicated to providing comprehensive information and direct booking options for private accommodation on the island of Pag, Croatia, focusing on the city of Novalja and surrounding destinations. The website offers a variety of services including accommodation listings, live web cameras, weather forecasts, ferry schedules, and local news, targeting tourists and visitors planning their holidays. The business operates as a small-sized entity with a long-standing presence since 2005, managed by Dizajn Studio Novalja. Technically, the website relies on legacy technologies such as an outdated jQuery version and lacks HTTPS, which impacts its security posture and user trust. The site uses Google Analytics and Tag Manager for visitor tracking but does not provide visible privacy or cookie policies, indicating limited privacy compliance. Security-wise, the absence of HTTPS and modern security headers, combined with outdated libraries, exposes the site to potential vulnerabilities. Overall, the website is functional and content-rich but requires significant improvements in security and privacy to meet modern standards.

T

Turistička zajednica Ličko-senjske županije

lika-active.com

55

The website lika-active.com serves as a regional tourism promotion platform for the Lika region in Croatia, focusing on active and adventure tourism activities such as cycling, trekking, climbing, hunting, and fishing. It is operated by the regional tourism board (Turistička zajednica Ličko-senjske županije) and targets tourists seeking outdoor and nature-based experiences. The site provides relevant information, brochures, event details, and transport options to support tourism in the region. Technically, the site uses an older technology stack including Bootstrap 2.x and jQuery 1.10.2, with basic mobile responsiveness and SEO. Security posture is moderate with no visible security headers and outdated libraries posing potential risks. Privacy compliance is lacking as no privacy or cookie policies are found. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional and informative but requires updates in security and compliance to improve trust and protection.

T

Turistička zajednica Ličko-senjske županije

lika-gastro.com

56

The website 'lika-gastro.com' serves as a regional gastronomy and tourism portal for the Lika-Senj region in Croatia, promoting traditional local cuisine and culinary culture. It targets tourists and food enthusiasts interested in authentic regional dishes and local gastronomic events. The business is small-scale, operated likely by the regional tourism board, and focuses on cultural and culinary promotion rather than commercial sales. Technically, the site uses older but functional web technologies including Bootstrap 2.x and jQuery 1.10.2, with basic mobile optimization and SEO. Security posture is moderate with no advanced security headers or DNSSEC, and outdated libraries pose some risk. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is accessible, content-rich, and trustworthy but would benefit from modernization and improved security and privacy practices.

A

Amphora

amphora.ee

9

Amphora is an Estonian-based company specializing in comprehensive information management software solutions, including document management, digital signatures, e-invoicing, contract management, and internal communication tools. Established in 2010, Amphora targets businesses and government entities seeking to digitize and streamline their document workflows and administrative processes. The company offers tiered SaaS subscription plans with transparent pricing and emphasizes integration with popular tools like Outlook and Google Calendar. Technically, the website is built on a custom ASP.NET WebForms platform utilizing Telerik UI components and jQuery 1.8.3. While the infrastructure supports modern web features and includes HTTPS encryption, some technologies are outdated, which may pose security risks. The site uses Google Analytics for visitor tracking and has basic SEO and accessibility features. From a security perspective, the site benefits from HTTPS and secure form handling but lacks visible security headers and uses an outdated JavaScript library version. There is no evidence of privacy or cookie policies, vulnerability disclosure, or incident response information, which are important for compliance and trust. Contact information is clearly presented, enhancing business credibility. Overall, Amphora's website is professional and trustworthy, with good content quality and business information. However, improvements in privacy compliance, security best practices, and technology updates are recommended to enhance security posture and regulatory adherence.

V

Valga Muusikakool

valgamuusikakool.ee

43

Valga Muusikakool is a well-established music school based in Valga, Estonia, with a history spanning approximately 100 years. The institution provides structured music education programs, organizes academic concerts, and participates in projects aimed at enhancing inclusive education and modernizing public services. The website serves as an information hub for students, parents, and the local community, offering event calendars, news updates, and application submission forms. The business model focuses on education and cultural enrichment within the local region, positioning the school as a key regional player in music education. Technically, the website is built on the Greativ CMS platform and incorporates modern web technologies such as Google Analytics, Facebook SDK, and Owl Carousel for interactive content. The site is mobile-optimized with good navigation and content quality, although some SEO and accessibility features could be improved. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and includes some best practices like secure form handling and analytics integration. However, it lacks explicit security headers, a cookie consent mechanism, and published security or incident response policies. No vulnerabilities or exposed sensitive data were found, indicating a generally sound security posture but with room for improvement in compliance and transparency. Overall, the website is professional, trustworthy, and serves its educational purpose effectively. Strategic recommendations include implementing cookie consent, enhancing security headers, publishing security policies, and considering a vulnerability disclosure program to strengthen trust and compliance.

T

Turistička zajednica Ličko-senjske županije

visit-lika.com

58

The website visit-lika.com serves as the official regional tourism portal for Ličko-senjska County in Croatia, providing comprehensive information on travel planning, cultural heritage, activities, and gastronomy. It targets tourists and visitors interested in exploring the region, positioning itself as a key regional tourism authority. The site offers event announcements, travel resources, and promotes local attractions and services. Technically, the website uses a custom CMS with Bootstrap and jQuery, integrates Google Analytics for tracking, and AddToAny for social sharing. The design is professional, mobile-optimized, and offers clear navigation, though accessibility features are basic. Security posture is moderate with domain transfer protection but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and well-established with a domain age consistent with its business history.

L

Lika ceste d.o.o.

likaceste.hr

45

Lika ceste d.o.o. is a Croatian company specializing in the maintenance, protection, reconstruction, and construction of roads and related infrastructure, primarily serving the Gospić region. The company positions itself as a regional service provider focused on public roadways, offering key services such as road maintenance and winter services. The website reflects a medium-sized enterprise with a clear focus on transportation infrastructure, targeting local government entities and public road users. Technically, the website is built on WordPress using Bootstrap for responsive design, enhanced with several JavaScript libraries including jQuery, Owl Carousel, and Google Maps API. SEO is supported by the Yoast SEO plugin, and user interaction is facilitated through Contact Form 7 with Google reCAPTCHA v3 for spam protection. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. From a security perspective, the site uses HTTPS and includes a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and published security policies or incident response information. No vulnerability disclosure or security.txt files are present, indicating room for improvement in transparency and security maturity. Overall, the website is professional and trustworthy with moderate tracking and analytics usage. It is safe for general audiences and does not contain adult or questionable content. The domain registration data aligns well with the business identity, supporting legitimacy. Strategic improvements in security headers, incident response policies, and accessibility would enhance the site's security posture and compliance.

T

Turistička zajednica grada Novalje

visitnovalja.hr

52

Visit Novalja is the official tourism website for the city of Novalja and the island of Pag in Croatia, operated by the local tourism board (Turistička zajednica grada Novalje). The site provides comprehensive information for tourists including local attractions, events, gastronomy, accommodation options, and cultural heritage. It targets tourists and visitors seeking detailed and official travel information about the region. The business model is focused on tourism promotion and information dissemination, positioning itself as a trusted local authority in the hospitality sector.

V

Valvoline

valvoline.ee

51

Valvoline.ee is the Estonian localized website for Valvoline, a globally recognized lubricant and automotive chemical brand with a history dating back to 1866. The website presents product offerings primarily focused on lubricants, coolants, and maintenance chemicals targeting automotive, industrial, and motorsports sectors. The site demonstrates a moderate level of digital maturity with use of common JavaScript libraries and Google Analytics for tracking. However, it lacks visible privacy and cookie policies, contact information, and security headers, which are important for compliance and trust. The website is accessible without WAF or blocking mechanisms, indicating no access restrictions. Overall, the site is professionally designed with good content relevance but could improve in privacy compliance and security posture.

A

Allee restoran

alleerestoran.ee

44

Allee restoran is a small hospitality business located in Tallinn, Estonia, offering a diverse and seasonal menu with a focus on fresh, local ingredients catering to omnivores and vegans alike. The restaurant operates at two addresses and provides services including lunch offers, breakfast, drinks, group menus, and event hosting. The website is professionally designed, mobile-optimized, and integrates modern web technologies and analytics tools, reflecting a mature digital presence. However, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is good with HTTPS and no exposed sensitive data, but could be improved by adding security headers and incident response information. Overall, the site is trustworthy, content-rich, and well-positioned in its market segment.

P

POS Experts

posexperts.cz

52

POS Experts is a Czech Republic-based company specializing in providing point-of-sale (POS) systems tailored for retail, restaurants, and manufacturing businesses. The company offers software and hardware solutions designed to optimize sales operations, with a focus on affordability and local market needs. Their website reflects a professional and consistent brand image, targeting small to medium-sized businesses in the retail sector. The business appears to have been operational since at least 2017, with a clear focus on the Czech market.

U

Udruga Biom

biom.hr

45

Udruga Biom is a Croatian non-profit organization dedicated to nature conservation and environmental education. The website serves as a platform to communicate their projects, publications, events, and opportunities for public involvement. It targets environmentalists, researchers, volunteers, and the general public interested in ecological issues. The organization operates primarily through donations, partnerships, and project funding, positioning itself as a reputable local NGO with active community engagement. Technically, the website is built on WordPress using modern technologies such as Tailwind CSS, Google Tag Manager, and reCAPTCHA for form security. The site is mobile-optimized with good SEO and accessibility basics, though some improvements could be made in accessibility and performance tuning. Analytics are implemented via Google Analytics, with moderate user tracking and GDPR-compliant privacy and cookie policies. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. Forms are protected with reCAPTCHA, and no obvious vulnerabilities or exposed sensitive data were detected. However, the absence of a public security policy or vulnerability disclosure page suggests room for maturity in security governance. Overall, the website is professional, trustworthy, and well-aligned with the organization's mission. It presents low risk from a security and compliance standpoint but would benefit from enhanced transparency in security policies and incident response readiness.

S

Splitsko-dalmatinska Županija

digitalnadalmacija.hr

56

Digitalna Dalmacija is a regional technology and education initiative led by the Split-Dalmatia County, focused on fostering digital skills, startup ecosystem growth, and a vibrant technology community in Croatia. The website serves as a hub for educational programs, startup acceleration, and community events, targeting students, professionals, retirees, and entrepreneurs. It is well-positioned as a government-backed regional technology hub with strong partnerships and community engagement. The technical infrastructure is based on ASP.NET WebForms with modern JavaScript libraries and CMS (DNN), providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and some best practices, but lacks explicit security headers and vulnerability disclosure mechanisms. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional, trustworthy, and content-rich, but could improve in privacy and security transparency.

Javna ustanova RERA S.D. za koordinaciju i razvoj Splitsko-dalmatinske županije is a Croatian public institution focused on regional development and coordination within the Split-Dalmatia County. The organization provides technical assistance, project preparation, and manages EU fund utilization to support local government, entrepreneurs, and NGOs. The website reflects its authoritative role with comprehensive content, official documentation, and transparent public procurement information. Technically, the site uses modern web technologies including Bootstrap, jQuery, and analytics tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though additional security headers and explicit security policies could enhance protection. Overall, the domain registration and WHOIS data align well with the institution's identity, indicating legitimacy and trustworthiness.

G

Grad Ozalj

ozalj.hr

42

Grad Ozalj operates as the official municipal government website for the city of Ozalj in Croatia, providing comprehensive information and services to residents, investors, businesses, and tourists. The site covers a wide range of municipal functions including city governance, budget transparency, procurement, local projects, and community engagement. It serves as a central digital platform for public communication and administrative transparency. Technically, the website is built on WordPress using the Elementor page builder, enhanced with SEO tools like Rank Math and privacy compliance plugins such as Complianz. The infrastructure supports modern web standards including HTTPS and responsive design, ensuring accessibility across devices. Google Analytics is employed for visitor tracking with an explicit cookie consent mechanism, reflecting a mature digital presence. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks explicit advanced security headers and published incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data confirms the domain's legitimacy and consistency with the municipal entity, reinforcing trustworthiness. Overall, Grad Ozalj's website demonstrates a solid balance of content quality, technical implementation, and privacy compliance suitable for a government entity. Strategic improvements in security headers and incident response transparency could further enhance its security posture and public trust.

M

MIN – MEĐIMURJE, INVESTICIJE, NEKRETNINE d.o.o.

medjimurje-nekretnine.hr

36

MIN – MEĐIMURJE, INVESTICIJE, NEKRETNINE d.o.o. is a Croatian limited liability company specializing in managing investments and real estate operations within the Međimurje County. The company operates with a clear regional focus, providing investment management, financial planning, and public procurement services. The website reflects a small-sized business with a stable market presence since 2008, targeting local investors and public entities. Technically, the website is built on WordPress 4.9.26 with common JavaScript libraries like jQuery and FancyBox, hosted on Totohost servers. While the site is accessible and functional, it uses outdated software versions that pose security risks. Security posture is moderate with HTTPS enabled but lacking modern security headers and updated components. Privacy compliance is partial, with a GDPR policy page present but no cookie consent mechanism. Overall, the website is trustworthy but would benefit from technical and security improvements to enhance resilience and compliance.

T

Tehnološko-inovacijski centar Međimurje d.o.o.

ticm.hr

10

Tehnološko-inovacijski centar Međimurje (TICM) is a well-established regional technology and innovation center based in Croatia, founded in 2012. It supports technology-based entrepreneurship through incubation, coworking, educational courses, and business advisory services. The website reflects a professional and consistent brand with a clear focus on regional development and innovation. The technical infrastructure is modern, leveraging WordPress CMS with Bootstrap and various JavaScript libraries, and integrates Google Analytics and reCAPTCHA for analytics and security. Security posture is good with HTTPS enforced and some best practices observed, though there is room for improvement in security headers and formal security policies. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is trustworthy and serves its target audience effectively.

M

Međimurska priroda

medjimurska-priroda.info

47

The website 'Međimurska priroda' appears to be a regional or nature-focused site, likely providing information about the Međimurje region's natural environment or tourism opportunities. The site is built on WordPress using Elementor and several plugins for events, galleries, and forms. It employs Google Analytics for visitor tracking but lacks visible privacy or cookie policies, which is a compliance concern. Technically, the site is moderately optimized with good mobile responsiveness but lacks advanced security headers and detailed WHOIS transparency. The absence of registrant data and domain registration details due to WHOIS query failure limits the ability to fully verify legitimacy. Overall, the site is functional and safe for general audiences but would benefit from enhanced privacy compliance and security hardening.

The website partnerstvo-razvoj.net serves as the official portal for the Zagorska razvojna agencija, a regional development agency focused on employment, education, and entrepreneurship within the Krapinsko-zagorska županija region in Croatia. It provides job listings, scholarship information, public tenders, and educational resources aimed at residents and stakeholders in the region. The site is primarily in Croatian with an English language option, targeting local citizens and regional partners. The business model is that of a government or non-profit entity facilitating regional development and public information dissemination. Technically, the website employs older JavaScript libraries such as jQuery 1.6, Google Analytics for tracking, and some custom scripts for UI elements like menus and pagination. The site appears to be custom-built without a popular CMS. Performance is moderate with basic mobile optimization and accessibility features. SEO is basic but functional. Hosting and domain registration are consistent with a legitimate regional agency, with the domain registered since 2011. From a security perspective, the site uses HTTPS but lacks visible security headers and employs outdated JavaScript libraries that may expose it to vulnerabilities. There is no DNSSEC enabled, and no explicit privacy or security policies are published. The login form is minimal and lacks visible advanced protections. Cookie policy scripts exist but without a clear consent mechanism, indicating partial privacy compliance. Overall, the website is functional and credible for its purpose but has room for improvement in security posture, privacy compliance, and technical modernization. Strategic enhancements in these areas would improve trust and resilience against threats.

Z

Zavod za hitnu medicinu Krapinsko - zagorske županije

hitna-kzz.hr

46

Zavod za hitnu medicinu Krapinsko - zagorske županije is a regional public healthcare institution providing emergency medical services in the Krapinsko-zagorska county of Croatia. The website serves as an official portal offering information about emergency services, first aid education, public health announcements, and EU project participation. The target audience is the general public within the region. The business model is that of a public healthcare service provider with a medium-sized operational scope.

Z

Zagorje Priroda

zagorje-priroda.hr

54

Zagorje Priroda is a Croatian public institution dedicated to the protection and management of natural protected areas within the Krapinsko-Zagorska County. The organization focuses on environmental conservation, education, research, and public engagement through events and publications. Their website serves as an informative portal for the public and stakeholders, highlighting their activities, projects, and news. The institution is regionally positioned as a key governmental entity for nature protection with a clear mission and community focus. Technically, the website is built on WordPress CMS with common plugins such as WPBakery Page Builder and Slider Revolution. It integrates Google Analytics and Google Tag Manager for traffic and user behavior analysis. The site is mobile-optimized and uses HTTPS, ensuring secure communication. However, some security headers are missing, and the jQuery version is outdated, which could pose minor security risks. From a security and compliance perspective, the website enforces HTTPS and does not expose sensitive data. It provides a comprehensive privacy policy in Croatian, indicating GDPR awareness, though it lacks an explicit cookie consent mechanism. Contact information is clearly presented, including email, phone, and physical address, enhancing trust. No incident response or security policy pages were found, suggesting room for improvement in transparency and readiness. Overall, the website is professional, trustworthy, and serves its purpose well. Strategic improvements in security headers, updating libraries, and implementing cookie consent would enhance its security posture and compliance. The domain registration data aligns well with the organization's claims, supporting legitimacy and credibility.

The website represents the Zavod za prostorno uređenje Krapinsko-zagorske Županije, a Croatian government institute responsible for spatial planning in the Krapinsko-zagorska County. It provides official news, spatial plans, documents, and public information access, targeting local residents, government officials, and urban planners. The site is well-structured with clear navigation and consistent branding, reflecting its role as a regional government authority. Technically, the site uses Bootstrap and jQuery with Google Analytics for visitor tracking. It is served over HTTPS with a cookie consent mechanism compliant with GDPR, although some security headers are missing. No forms or social media links were detected in the analyzed content. WHOIS data confirms the domain's legitimacy and appropriate registration details consistent with a government entity. Overall, the website is professional, trustworthy, and secure with room for improvement in security headers and incident response transparency.

M

Morgan Code

morgancode.com

52

Morgan Code is a small software development agency founded in 2020, specializing in custom software solutions, mobile applications, web development, and IT consulting. The company emphasizes a personalized approach to client problems and aims to improve business scalability through technology. Their market position is that of a niche agency with a focus on tailored solutions for businesses. Technically, the website is built on WordPress using Elementor, with modern JavaScript and PHP technologies, and is hosted behind Cloudflare DNS. The site is moderately performant and mobile-optimized with good SEO practices. Security-wise, the site enforces HTTPS and uses Google reCAPTCHA for form protection but lacks DNSSEC and security headers, and does not publish security or incident response policies. Privacy compliance is minimal, with no visible privacy or cookie policies. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

T

Telia Eesti AS

winterplace.ee

45

Otepää Winterplace is Estonia's largest winter park located in the city center of Otepää, offering a variety of winter leisure activities including snowtubing, ice skating, igloo cinema, and play areas for children. The business targets families, youth, and groups such as schools and companies, positioning itself as a premier winter entertainment destination in Estonia. The website reflects a well-structured and visually appealing platform with integration of social media and mapping services to enhance user engagement. Technically, the site employs modern JavaScript libraries and Google services, managed via the Greativ CMS, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and basic consent mechanisms, but lacks explicit privacy policies and security headers, which are areas for improvement. Overall, the domain registration and website content are consistent and legitimate, supporting a trustworthy online presence for the business.

V

Valga Gümnaasium

valgagym.ee

50

Valga Gümnaasium is a secondary educational institution located in Valga, Estonia, with a domain established in 2012. The website serves students, parents, staff, and alumni by providing information about school activities, news, schedules, and contact details. The institution maintains a solid local presence with partnerships and affiliations to various educational and governmental organizations. Technically, the website uses a modern CMS (Greativ), integrates Google Fonts, Google Analytics, and Facebook SDK for social media and analytics purposes. The site is mobile-optimized and offers clear navigation and relevant content. Security posture is adequate with HTTPS enabled and some consent management for cookies, but lacks explicit privacy and cookie policies and security headers. Overall, the site is professional, trustworthy, and safe for general audiences.

U

Ugandi Resto

ugandiresto.ee

44

Ugandi Resto is a well-established restaurant located in Otepää, Estonia, offering a unique blend of Nordic and Mediterranean cuisine. The business has a strong local presence with over 23 years of history and multiple prestigious awards, positioning it as a reputable hospitality provider in the region. The website reflects a professional and customer-friendly approach with clear service offerings including dining, private event hosting, and gift cards. Technically, the website uses modern web technologies and a proprietary CMS, delivering a good user experience with mobile optimization and rich content. However, there are gaps in privacy compliance and security best practices, notably the absence of privacy and cookie policies and limited security headers. The security posture is adequate but could be enhanced to meet higher standards. Overall, the site is trustworthy and well-maintained but should address compliance and security improvements to reduce risk and enhance user trust.

T

Tirespot OÜ

tirespot.ee

43

Tirespot OÜ is a small Estonian company specializing in the retail and servicing of automotive tires and related products and services. The company operates primarily in Pärnu, Estonia, offering a wide range of tires including summer and winter tires, tire changes, rim sales and restoration, oil changes, and air conditioning services. The website reflects a well-established regional business with a clear focus on automotive maintenance and tire sales. The company holds a Gasellfirma certification, indicating strong business performance and growth. Technically, the website is built on the Greativ CMS platform and leverages modern web technologies including Google Tag Manager, Google Analytics, Facebook SDK, and lazy loading libraries. The site is mobile-optimized with good SEO practices and clear navigation. Hosting is provided by Zone Media OÜ, consistent with the Estonian business location. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security policies, incident response contacts, and advanced security headers are not evident. No security blocking or WAF challenges were detected, and no vulnerabilities were apparent from the content analysis. Overall, the website presents a professional and trustworthy online presence for a small automotive retail and service business in Estonia. Strategic improvements could include publishing a security policy, incident response information, and enhancing security headers to strengthen the security posture further.

E

Ekstreemmoto OÜ

ktm.ee

43

Ekstreemmoto OÜ operates the ktm.ee website, serving as a regional retailer specializing in KTM motorcycles and related riding gear in Estonia, with physical stores in Tallinn and Tartu. The website provides comprehensive product categories including onroad and offroad motorcycles, used bikes, powerwear, and rental services. The company targets motorcycle enthusiasts and buyers within Estonia, positioning itself as a trusted local dealer with a decade-long presence since 2010. Technically, the website is built on the Greativ CMS platform and integrates modern web technologies such as Google Analytics, Facebook SDK, and various JavaScript libraries to enhance user experience and marketing capabilities. The site is mobile-optimized and provides clear navigation and professional design.

U

Unicount OÜ

unicount.eu

65

Unicount OÜ operates a professional online platform specializing in company formation, virtual office, and accounting services tailored primarily for Estonian e-residents. The company positions itself as a trusted European agent with a strong market presence, supporting multiple languages and serving founders from various countries. Their business model leverages digital identity and e-residency to streamline company registration and management processes. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools, ensuring good performance and user experience. Security posture is solid with HTTPS enforcement, cookie consent mechanisms, and spam protection, though some security headers could be enhanced. Overall, the site demonstrates strong compliance with GDPR and privacy regulations, providing clear policies and consent management. The domain registration details align well with the business claims, reinforcing legitimacy and trustworthiness.

S

Sparta Spordiselts

sparta.ee

46

Spordiklubi Sparta is a well-established sports club based in Tallinn, Estonia, offering a wide range of fitness and sports services including gym access, group trainings, personal training, and youth sports programs. The club targets a broad audience from beginners to professional athletes and maintains a strong local presence with active social media channels and community engagement. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content about its offerings. Technically, the site uses modern JavaScript frameworks, Google Analytics, Microsoft Clarity, and a proprietary CMS called Greativ, ensuring a good user experience and performance. Security posture is solid with HTTPS enforced and secure login forms, though some security headers could be improved. Privacy compliance is strong with clear GDPR-aligned privacy and cookie policies and consent mechanisms. Overall, the site reflects a credible and trustworthy business with transparent contact information and no detected security or content safety issues.

Z

Zone Media OÜ

t1venue.ee

44

T1 Venue is a modern event venue located in Tallinn, Estonia, operated by Zone Media OÜ. The venue offers versatile spaces suitable for galas, conferences, receptions, and other special events, with a capacity of up to 800 people. The website is professionally designed using the Greativ CMS platform, featuring responsive design and integration with Google Analytics and Tag Manager for marketing and analytics purposes. The technical infrastructure is solid with HTTPS enabled, but lacks DNSSEC and some security headers. Privacy compliance is minimal, with no dedicated privacy or cookie policy pages, though cookie consent is managed via script. Overall, the website presents a trustworthy and professional image suitable for its hospitality industry niche.

Š

Šiuolaikinių didaktikų centras VšĮ

sdcentras.lt

40

Šiuolaikinių didaktikų centras VšĮ is a Lithuanian non-profit educational organization operating since 1999, focusing on adult education, professional development, and pedagogical seminars. The organization actively participates in national and international projects and initiatives, targeting adult learners and educators. Their market position is that of an accredited non-formal education institution with a clear focus on competence development and educational research. Technically, the website is built on WordPress with modern plugins and SEO practices, offering a good user experience and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and explicit policies could be improved. Privacy and cookie policies are present and GDPR compliant. Overall, the website is professional, trustworthy, and well-maintained, serving its educational mission effectively.

Lesoochranárske zoskupenie VLK operates the website 'Všetko pre NIČ' as a non-profit environmental advocacy platform focused on protecting natural forests in Slovakia. The organization promotes non-intervention in forest areas, organizes petitions, legal actions, and educational events to safeguard wildlife and natural reserves. The website serves as a communication and fundraising tool targeting environmentally conscious Slovak citizens and supporters. Technically, the site employs modern JavaScript libraries, Google Analytics, Facebook Pixel, and Google Tag Manager for tracking and user engagement. It integrates YouTube videos and Google Maps for enhanced content delivery. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and a published privacy policy or terms of service, which are areas for improvement. Overall, the website is well-designed, user-friendly, and trustworthy, with moderate tracking practices and a clear call to action for donations.

B

BRAINZ STUDIOS

brainz.cz

44

BRAINZ STUDIOS is a medium-sized independent group of creative studios based in Prague, Czech Republic, founded in 2018. They offer a broad range of new media services including digital innovation, strategic communication, VR and AR immersive experiences, and brand building. The company operates multiple specialized studios and incubates startups and platforms, positioning itself as a versatile player in the creative media industry with a strong presence in various sectors such as automotive, financial services, pharma, entertainment, and more. Their market position is reinforced by multiple awards and media features, indicating a reputable and professional organization. Technically, the website is built on modern web technologies including Webflow CMS, Vue.js, GSAP animations, and integrates Google Analytics and Tag Manager for tracking. The site is well optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Cookie consent is managed via Usercentrics and Finsweet, demonstrating awareness of privacy compliance requirements. From a security perspective, the site uses HTTPS with good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security headers and does not publish privacy policies or terms of service, which are important for compliance and trust. No incident response or vulnerability disclosure mechanisms are evident. Overall, the security posture is good but could be improved with additional policies and headers. The overall risk assessment is low, with the main recommendations focusing on enhancing privacy compliance, publishing security policies, and adding security headers. The website is professional, trustworthy, and safe for general audiences, with no adult or questionable content detected.

Stone Pagamentos is a leading Brazilian fintech company providing comprehensive payment solutions including card machines, digital business accounts (Conta PJ), credit, insurance, and payment links. The company targets small and medium businesses, microentrepreneurs, and autonomous professionals, positioning itself as a key player in Brazil's financial services market. The website reflects a mature digital presence with professional design, clear navigation, and extensive service offerings. Technically, the site employs modern frameworks such as Next.js and integrates multiple analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and anti-bot measures like reCAPTCHA Enterprise, though explicit security policies and incident response information are not published. Overall, the site demonstrates high business credibility and trustworthiness, with clear contact channels and consistent branding.

The Yes Men website represents a small, long-established activist collective focused on partnering with other activist groups to employ creative tactics for social campaigns. The organization has a niche market position within the non-profit activism sector, offering services such as workshops, trainings, collaborations, and media productions including movies. The website is built on Drupal 9 CMS and integrates Google Analytics and Google Tag Manager with IP anonymization, reflecting a moderate level of digital maturity. The site is well-structured, mobile-optimized, and provides clear navigation and relevant content for its audience. Security posture is adequate with HTTPS enabled, but lacks some security headers and formal privacy and cookie policies, which are important for compliance and trust. The domain registration is consistent and long-standing, supporting the legitimacy of the organization. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

T

Home - Welcome to Technorati

technorati.com

55

Technorati.com is a media content website providing breaking news, entertainment, sports, games, trending videos, and weather information. The site targets a general audience interested in diverse topical content. The business model appears to be advertising-supported, leveraging multiple ad networks and tracking technologies to monetize traffic. The domain is well-established, created in 2002, indicating a long-standing presence in the digital media space. Technically, the website employs modern JavaScript frameworks, likely React, with asynchronous chunk loading and integration of various third-party services including Google Tag Manager, Google Analytics, Microsoft Clarity, Criteo, and Taboola. The site uses HTTPS and is hosted with CDN support, but lacks DNSSEC and explicit security headers, which are areas for improvement. Performance and mobile optimization are moderate but could be enhanced. From a security perspective, the site uses HTTPS and domain status locks to protect domain integrity. However, the absence of DNSSEC, security headers, and publicly available security or privacy policies indicates a moderate security posture. The extensive use of tracking and advertising scripts without clear cookie or privacy policies raises privacy compliance concerns, especially regarding GDPR. Overall, the website is functional and moderately professional but lacks transparency in privacy and security policies. Strategic improvements in privacy compliance, security headers, and DNSSEC implementation are recommended to enhance trust and security posture.

W

Webglobe, s.r.o.

c4.cz

45

Webglobe, s.r.o. operates the website webhosting-c4.cz, providing professional web hosting, domain registration, and AI-powered website building services primarily targeting individuals and businesses in the Czech Republic. The company emphasizes fast SSD/NVMe hosting, WordPress optimization, and 5-star customer support, positioning itself as a reputable mid-sized technology service provider with over 25 years of market presence. The website content is well-structured, professionally designed, and mobile-optimized, offering clear navigation and relevant service information. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, FontAwesome, and Google Fonts. It uses HTTPS with automatic certificates ensuring secure connections. However, no advanced security headers were detected, and cookie consent mechanisms are absent, indicating room for improvement in privacy compliance. The hosting infrastructure is described as secure with active malware scanning and DDoS protection, supporting current PHP versions and modern web standards. Security posture is generally good with secure login forms and encrypted connections, but the absence of WHOIS data reduces domain trustworthiness. No visible vulnerability disclosure or incident response policies were found. The site collects user data via contact forms and tracking scripts, with moderate user tracking levels. Overall, the website is safe, professional, and trustworthy, but could enhance transparency and compliance by publishing security policies and implementing cookie consent. Strategically, Webglobe should focus on improving privacy compliance, publishing security and incident response information, and ensuring WHOIS data availability to strengthen domain legitimacy. Enhancing security headers and auditing third-party scripts will further improve security posture and user trust.

J

Johnson & Johnson Medical Devices Companies

e-ifu.com

55

The website www.e-ifu.com serves as a digital portal for accessing Instructions for Use (IFU) documents related to Johnson & Johnson Medical Devices. It targets medical professionals and patients, providing multilingual support and a structured interface for document retrieval. The site is branded consistently with Johnson & Johnson Medical Devices Companies and uses modern web technologies including Drupal 10, Bootstrap 5, and various JavaScript libraries for enhanced user experience and functionality. Despite the professional presentation and clear business focus, the absence of WHOIS registration data raises questions about domain legitimacy, although the content and branding strongly suggest a legitimate enterprise presence. From a technical perspective, the site employs a robust technology stack with good mobile optimization and accessibility features. The use of Google Analytics, Google Tag Manager, and Qualtrics indicates moderate user tracking and marketing analytics integration. However, the site lacks visible privacy and cookie policies, which impacts its privacy compliance rating. Security best practices such as HTTPS usage and secure form handling are observed, but security headers and incident response contact information are not evident. Overall, the security posture is moderate with no critical vulnerabilities detected in the provided content. The missing WHOIS data and lack of explicit privacy documentation are notable gaps. The website is safe for general audiences, with no adult or questionable content detected. Strategic recommendations include publishing comprehensive privacy and cookie policies, enhancing security headers, and providing clear contact information for security incidents to improve trust and compliance.

I

Integra LifeSciences

balloonsinuplasty.com

67

Integra LifeSciences is a healthcare enterprise specializing in medical devices, particularly in the treatment of sinusitis through innovative solutions like Balloon Sinuplasty. The website serves both patients and healthcare professionals by providing educational content, treatment options, and surgeon locator services. The company positions itself as a trusted provider in the ENT medical device market with a focus on minimally invasive procedures. Technically, the website leverages modern web technologies including Bootstrap, jQuery, GSAP, and is hosted on Oracle Cloud Infrastructure with content delivery via Oracle's CDN. It integrates Google Analytics for user tracking and OneTrust for cookie consent management, reflecting a moderate level of digital maturity and privacy compliance. The site is mobile optimized and offers a good user experience, though accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms but lacks explicit security headers such as CSP or HSTS, which are recommended for improved protection. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data for the domain is a concern, potentially indicating privacy protection or a recent registration, which slightly lowers the trust score. Overall, the website is professional, content-rich, and aligned with healthcare industry standards. Strategic improvements in security headers, accessibility, and WHOIS transparency would enhance trust and compliance. The risk level is moderate with no critical issues detected.

Johnson & Johnson is a globally recognized healthcare enterprise specializing in innovative medicines, medical devices, and consumer health products. The company positions itself as a leader in preventing and curing complex diseases with a focus on smarter, less invasive treatments and personalized solutions. The website reflects a mature digital presence with comprehensive content targeting healthcare professionals, investors, job seekers, and the general public interested in health. The business model is diversified across multiple healthcare sectors, maintaining a strong market position worldwide. Technically, the website employs modern web technologies including JavaScript frameworks, WebComponents, and a Brightspot CMS platform. It integrates analytics and marketing tools such as Google Analytics, Facebook SDK, and Kameleoon for A/B testing, alongside a robust cookie consent mechanism powered by OneTrust. The site demonstrates good performance, mobile optimization, accessibility, and SEO practices, indicating a high level of digital maturity. From a security perspective, the site enforces HTTPS with excellent SSL configuration and implements key security headers. Privacy and cookie policies are comprehensive and GDPR compliant, with clear consent mechanisms. However, explicit security policies, incident response details, and vulnerability disclosure programs are not publicly available, representing areas for improvement. No critical vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and secure, supporting Johnson & Johnson's reputation as a leading healthcare company. The absence of WHOIS data is likely due to privacy protection, common for large enterprises, and does not detract from the site's legitimacy. Strategic recommendations include publishing detailed security and incident response policies, establishing a vulnerability disclosure program, and enhancing transparency around data retention and protection officer contacts.

V

Viðskiptablaðið

vb.is

58

Viðskiptablaðið is a well-established Icelandic business news website founded in 1997, providing news and analysis primarily in the Icelandic language. The site targets Icelandic-speaking audiences interested in business, finance, and general news. It operates on a business model combining advertising and subscription services, with a professional and consistent brand presence. Technically, the website uses modern web technologies including Google Analytics, Facebook Pixel, Cloudflare DNS, and Airserve for advertising. The site is mobile-optimized and has good SEO practices, though accessibility features are basic. Security posture is adequate with HTTPS enabled and Cloudflare DNS, but lacks advanced security headers and published security policies. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the domain's WHOIS data confirms legitimacy and long-term operation, supporting a high trust level.