Security Directory

E

ENVI - PAK

envipak.sk

61

ENVI - PAK is a Slovak producer responsibility organization specializing in waste management, recycling, and compliance services for manufacturers and municipalities. Established in 2003, it holds a leading market position as the longest operating OZV in Slovakia, supported by multiple industry awards and certifications. The website reflects a mature digital presence with professional design, clear navigation, and mobile optimization. Technically, it uses modern web technologies including Google Tag Manager and analytics, with DNSSEC and HTTPS ensuring strong security foundations. However, the absence of an explicit privacy policy and security incident response documentation represents compliance and transparency gaps. Overall, the site is trustworthy, content-rich, and well-aligned with the business's environmental mission.

F

Fundacja Academic Partners

mstechsummit.pl

60

MS Tech Summit is a prominent technology conference in Poland focused exclusively on Microsoft technologies. Organized by Fundacja Academic Partners, it offers a hybrid event format with online and onsite sessions, attracting a diverse audience of IT professionals including developers, architects, and managers. The conference features over 50 presentations, multiple thematic tracks, and networking opportunities, positioning itself as a leading event in the Microsoft ecosystem in Poland. Technically, the website employs modern web technologies such as AngularJS, Google Tag Manager, and various analytics and marketing tools, ensuring a professional and responsive user experience. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms, and avoids exposing sensitive data, reflecting a mature security posture. Overall, the site demonstrates strong business credibility, technical maturity, and compliance with privacy regulations, making it a trustworthy platform for its audience.

F

Fundacja Academic Partners

yavaconf.com

63

Ya!vaConf is a specialized technology conference focusing on the Java stack, organized by Fundacja Academic Partners. It targets developers, architects, DevOps professionals, and testers interested in Java and related technologies. The conference offers both online and onsite participation, with a rich agenda, networking opportunities, and an expo. The event is well-positioned in the Polish tech conference market, emphasizing quality content and community engagement. Technically, the website employs modern web technologies including AngularJS, Google Tag Manager, and various analytics and tracking tools. It uses Cloudflare DNS and is served over HTTPS, ensuring secure access. The site is mobile-optimized and features good SEO practices, although accessibility could be improved. The presence of structured data enhances search engine understanding. From a security perspective, the site enforces HTTPS and uses clientTransferProhibited status in WHOIS to protect domain transfers. However, DNSSEC is not enabled, and no explicit security policy or incident response contacts are published. Privacy compliance is strong with clear cookie consent and a comprehensive privacy policy. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for the conference. The main risks relate to minor security enhancements and improving accessibility. Strategic recommendations include enabling DNSSEC, publishing a security policy, and enhancing accessibility features to further strengthen trust and compliance.

F

Fundacja Academic Partners

warszawskiedniinformatyki.pl

11

Warszawskie Dni Informatyki is a well-established Polish IT and Data Science event organized by Fundacja Academic Partners, targeting a broad audience from students to senior IT professionals. The event offers a comprehensive program including a conference, job fair, and Women in IT Days, supported by a strong community and reputable sponsors. The website demonstrates a mature digital presence with modern technologies, good performance, and mobile optimization. Security posture is solid with HTTPS and consent mechanisms, though some advanced security headers and policies could be improved. Overall, the platform is professional, trustworthy, and compliant with GDPR requirements.

O

OJS - Office de Justification des Statistiques

ojs.fr

39

OJS - Office de Justification des Statistiques operates as a trusted observatory and data controller for the French event industry, providing verified statistics, studies, and event data to stakeholders. The organization is accredited by COFRAC and follows ISO standards, reinforcing its credibility and regulatory compliance. The website serves as a public-facing platform to disseminate this information and support transparency in the sector. Technically, the site is built on WordPress using the Enfold theme and includes modern SEO and analytics tools, indicating a mature digital presence. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and explicit policy disclosures. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

K

kimverlag GmbH

kim-verlag.de

10

kimverlag GmbH is an independent, artist-led publishing company specializing in children's media, hobby art, and creativity. The company develops and publishes magazines, audio, and digital media, and licenses content for German and international book publishers. The website reflects a small but professional media publisher with a clear focus on creative and child-friendly content. The business is positioned as a niche publisher with a strong artistic orientation and a target audience including children and hobby artists. Technically, the website is built on WordPress using Elementor and related plugins, with modern SEO and consent management tools implemented. The site is mobile optimized and performs moderately well. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies are absent. Privacy compliance is good with GDPR-aligned privacy and cookie policies and a consent mechanism in place. Overall, the website is trustworthy, professional, and safe for general audiences.

S

Sjednocená organizace nevidomých a slabozrakých České republiky, zapsaný spolek

sons.cz

44

The website represents Sjednocená organizace nevidomých a slabozrakých České republiky, a large non-profit organization dedicated to supporting blind and visually impaired individuals across the Czech Republic. The organization provides a wide range of social services including counseling, training, guide dog programs, and barrier removal, positioning itself as a leading national entity in this sector. The website content is comprehensive, well-structured, and targets both members and the general public interested in their services. Technically, the site uses a modern JavaScript stack with jQuery, Bootstrap, and Masonry for layout, hosted by T-Mobile Czech Republic, and integrates Google Analytics for visitor tracking. Privacy compliance is addressed with GDPR-related pages and cookie consent mechanisms. Security posture is moderate with HTTPS usage and no exposed sensitive data, but lacks advanced security headers and vulnerability disclosure policies. The absence of WHOIS data reduces domain trustworthiness, but the website's content and external references support its legitimacy. Overall, the site is professional, accessible, and trustworthy with room for security and technical improvements.

G

Gimii

gimii.fr

43

Gimii is a French technology company specializing in innovative consent management solutions for websites and mobile applications. Their core offering, the Consent Raiser, is designed to increase user consent rates for cookies by incentivizing users with donations to associations, thereby combining privacy compliance with social impact. The company targets website publishers, advertisers, and non-profit associations, positioning itself as a niche player in the consent management market with a socially responsible business model. Founded in 2022, Gimii operates primarily in France and maintains a professional online presence with a well-structured website and active LinkedIn profile. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, and integrates marketing and analytics tools like HubSpot and Google Analytics. The site is hosted with Cloudflare DNS and enforces HTTPS, reflecting a good baseline security posture. However, explicit privacy and cookie policies are not found in the provided content, and there is no visible security or incident response policy, which are areas for improvement. Overall, Gimii demonstrates a solid digital maturity for a small company, with good content quality and business credibility but room to enhance privacy compliance and security transparency.

E

Eurosystem Procurement Coordination Office (EPCO)

epco.lu

54

The Eurosystem Procurement Coordination Office (EPCO) is an institutional entity established by the European Central Bank to coordinate joint procurement activities among the central banks of the Eurosystem and the European System of Central Banks (ESCB). Hosted by the Banque centrale du Luxembourg since 2008, EPCO facilitates cost-efficient procurement, contract management, and promotes best practices across its member institutions. The website reflects a professional and consistent brand image, targeting central banks and related governmental entities involved in procurement activities. Technically, the site is built on WordPress with modern frontend technologies and includes GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. The absence of explicit privacy and terms of service policies is a notable gap. Overall, the site is trustworthy and well-positioned as an official coordination office for Eurosystem procurement.

H

Hittalån.se

xn--hittaln-jxa.se

48

Hittalån.se is a Swedish financial comparison website specializing in loans without UC credit checks and loans for individuals with many credit inquiries. The site provides detailed listings and comparisons of loan providers that use alternative credit checks such as Creditsafe and Dun & Bradstreet, targeting consumers who want to avoid UC inquiries or have weak creditworthiness. The website is built on WordPress with modern performance optimizations including lazy loading and WebP images. It uses Google Analytics and Tag Manager for tracking visitor data. Security posture is moderate with HTTPS enabled but lacks visible security headers and explicit privacy or cookie policies. The absence of WHOIS registration data for the domain raises concerns about domain legitimacy, although the website content and structure appear professional and focused on legitimate financial services. No contact emails or phone numbers are explicitly provided, which may impact user trust and compliance. Overall, the site serves a niche market in Sweden with a clear business model as an affiliate/comparison platform for loan providers.

C

CESI – Centar za edukaciju, savjetovanje i istraživanje

sezamweb.net

53

SeZaM is a Croatian non-profit educational website focused on sexual education for youth, operated under the auspices of CESI – Centar za edukaciju, savjetovanje i istraživanje. The platform provides comprehensive thematic content on sexuality, gender equality, reproductive health, and related social issues, targeting young people and educators. It includes interactive elements such as a virtual assistant and links to related educational services. The website is well-structured and professionally designed, with clear navigation and relevant content for its audience. Technically, the site uses modern web technologies including Google Fonts, FontAwesome, Turbolinks, and Google Analytics, and is hosted on Linode. The presence of CSRF tokens and HTTPS indicates a baseline security posture, although some security best practices such as DNSSEC and security headers are missing. The website is mobile-optimized and SEO-friendly but lacks explicit privacy and cookie policies, which are important for GDPR compliance. From a security perspective, the domain is mature and registered with a reputable registrar, with protections against unauthorized transfers. No WAF or blocking mechanisms are detected, and the site is fully accessible. However, the absence of privacy and cookie policies, security headers, and vulnerability disclosure mechanisms represent compliance and security gaps. Overall, the site is trustworthy but could improve its security and privacy posture. Strategically, the site serves an important educational role in Croatia, with a clear mission and target audience. It benefits from partnerships with CESI and related services, enhancing its credibility and reach.

P

Placehold

placehold.co

55

Placehold is a small technology service offering a free, fast, and simple image placeholder generation platform supporting multiple image formats and customization options. The website is well designed, mobile optimized, and provides clear documentation for users, primarily targeting developers and designers needing placeholder images for projects. The technical infrastructure is modern, leveraging standard web technologies and Google Analytics for tracking, with advertising via Carbon Ads. Security posture is good with HTTPS enforced, but lacks security headers and formal policies such as privacy or cookie policies. No forms or sensitive data collection reduces risk exposure. Overall, the site is professional and trustworthy but could improve compliance and security transparency. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and adding vulnerability disclosure information.

C

CESI

cesi.hr

50

CESI is a Croatian non-profit organization dedicated to advancing the social position of women and achieving gender equality through education, consulting, research, and advocacy. The organization has a strong market presence with over 200 successful projects and numerous collaborations, targeting a broad audience interested in social justice and women's rights. Their website reflects a professional and consistent brand image with clear navigation and relevant content in Croatian and English. Technically, the site uses modern web standards, including HTTPS and JavaScript modules, and integrates Google Analytics for visitor insights. Accessibility and mobile optimization are well addressed, contributing to a positive user experience. Security-wise, the site enforces HTTPS and includes CSRF tokens but lacks some advanced security headers and formal security policies, indicating room for improvement. Privacy compliance is basic with cookie consent implemented, but explicit privacy and security policies could be enhanced. Overall, CESI's digital presence is credible and trustworthy, supporting their mission effectively.

P

Poduzetnički centar Krapinsko-zagorske županije d.o.o.

poduzetnickicentar-kzz.hr

48

Poduzetnički centar Krapinsko-zagorske županije d.o.o. is a regional business support organization based in Croatia, focused on fostering entrepreneurship, innovation, and business growth within the Krapinsko-zagorska County. The center offers a variety of services including project preparation, mentoring, coworking spaces, and specialized programs such as the Health IT Academy and Invest in Zagorje. Their market position is that of a trusted regional facilitator supported by local government and EU initiatives. Technically, the website is built on a modern WordPress platform using Elementor and Yoast SEO plugins, ensuring good SEO and responsive design. The site uses HTTPS with a valid SSL certificate and integrates Google Analytics for visitor tracking. While the site performs moderately well, there is room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks published security policies, incident response contacts, and security headers which are recommended for enhanced protection. No vulnerabilities or suspicious content were detected. The WHOIS data confirms the domain's legitimacy and consistency with the business's regional focus. Overall, the website is professional, trustworthy, and serves its business purpose well, but could improve privacy compliance and security posture by publishing relevant policies and implementing additional security headers.

F

Fotbolti Ehf.

fotbolti.net

53

Fótbolti.net is a well-established Icelandic football news and media website, operating since 2002. It serves as a primary source of football news, live scores, articles, and multimedia content for football fans in Iceland. The website is professionally designed with consistent branding and offers a variety of football-related services including news, video content, podcasts, and advertising opportunities. The target audience is primarily Icelandic football enthusiasts. Technically, the site uses a mix of modern JavaScript libraries such as jQuery, Facebook SDK, Google Analytics, and Plyr for video playback. The domain is registered with GoDaddy and uses Cloudflare DNS services, indicating a stable and secure hosting environment. Security posture is good with HTTPS enabled and domain status locks, but lacks DNSSEC and security headers. Privacy compliance is limited, with no explicit cookie consent or comprehensive privacy policy found. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

T

The British Hair Clinic

britishhairclinic.com

54

The British Hair Clinic is a professional medical service provider specializing in hair transplant and hair regrowth treatments with clinics located in Essex, London, and Manchester, UK. The company offers a range of services including FUE hair transplants, PRP treatments, laser hair therapy, and corrective surgeries tailored for men, women, and specific hair types such as Afro hair and beard transplants. The clinic is well-positioned in the UK healthcare market with strong customer ratings and recognized accreditations such as the Quality Care Commission and FUE Europe. Technically, the website is built on WordPress with modern SEO and tracking tools including Yoast SEO, Google Analytics, and Facebook Pixel. The site demonstrates good mobile optimization, accessibility, and SEO practices, although there is room for improvement in security headers and cookie consent mechanisms. The website is fully accessible without any WAF or security challenges blocking content. From a security perspective, the site uses HTTPS with no exposed sensitive data visible in the HTML. However, the absence of security headers and a vulnerability disclosure policy are areas for enhancement. The WHOIS data for the domain is unavailable, which slightly reduces trustworthiness but does not outweigh the professional presentation and business legitimacy evidenced by accreditations and contact information. Overall, the British Hair Clinic website presents a trustworthy, professional, and user-friendly platform for hair transplant services in the UK. Strategic improvements in security policies and privacy compliance would further strengthen its security posture and user trust.

Z

Zlatky.sk

zlatky.sk

46

Zlatky.sk is a Slovak-based e-commerce platform specializing in the sale of investment-grade gold and silver products, including coins and bars. The website targets investors and collectors interested in precious metals as a hedge against inflation and a store of value. The business operates primarily in the retail sector with a focus on precious metals investment. The site offers a user-friendly shopping experience with updated pricing and product listings, supported by modern JavaScript libraries and tracking tools such as Google Analytics and Facebook Pixel. Cookie consent mechanisms are implemented to comply with privacy regulations, although a dedicated privacy policy page was not found in the provided content. Security posture is moderate with HTTPS enabled but lacks advanced security headers and published security policies. Overall, the website is professional, trustworthy, and suitable for general audiences interested in precious metals investment.

S

Spelberoendes Riksförbund

spelberoende.se

47

Spelberoendes Riksförbund is a Swedish non-profit organization dedicated to supporting individuals affected by gambling addiction and their families. With over 20 years of experience, the organization offers self-help meetings, individual counseling, group sessions, and educational resources both online and through local chapters across Sweden. Their mission focuses on prevention, support, and advocacy in the gambling addiction space. The website reflects a mature digital presence built on WordPress with modern plugins and compliance tools, including GDPR cookie consent mechanisms and live chat support. Social media integration and clear contact information enhance user engagement and trust. Security posture is adequate with HTTPS and basic protections, though improvements such as DNSSEC and enhanced security headers are recommended. Overall, the site is professional, trustworthy, and well-aligned with its non-profit mission.

V

Ventusky - Weather Forecast, Radar and Wind Maps

ventusky.com

56

Ventusky is a specialized weather forecasting and visualization platform offering live weather maps, radar, satellite imagery, and detailed forecasts powered by multiple reputable weather models. The platform targets general users and weather enthusiasts, providing free access with an optional Premium subscription for advanced features. The website demonstrates a good level of content quality and user experience with consistent branding and relevant, professional content. Technically, the site uses modern web technologies including JavaScript and Google Analytics, with moderate performance and good mobile optimization. However, explicit privacy and cookie policies are not found, and no contact information is provided on the main page, which may impact user trust and compliance. Security posture is moderate with HTTPS implied but lacking explicit security headers and incident response information. WHOIS data is unavailable, which reduces domain trustworthiness but the site content and technical setup appear legitimate. Overall, the site is safe for general audiences and provides valuable weather services.

3

3d-berlin vr solutions GmbH

guide3d.com

59

3d-berlin vr solutions GmbH is a German technology company specializing in digital wayfinding and information systems for complex buildings, operating since 2010. Their product portfolio includes solutions such as easyGuide, easyMaps, carFinder, and mapsEngine, targeting organizations requiring efficient navigation and information management within large facilities. The company maintains a professional online presence with a well-designed website hosted on Squarespace, integrating modern web technologies and multilingual support via Weglot. Security posture is solid with HTTPS and HSTS enabled, alongside a GDPR-compliant cookie consent mechanism. However, the absence of published privacy policies, terms of service, and explicit contact information limits transparency. WHOIS data is unavailable, raising concerns about domain registration legitimacy despite the company's apparent established market presence. Overall, the website reflects a mature digital infrastructure with room for improvement in compliance documentation and trust signals.

W

World Federation for Ultrasound in Medicine and Biology

wfumb.org

60

The World Federation for Ultrasound in Medicine and Biology (WFUMB) is a reputable international non-profit organization dedicated to advancing ultrasound technology and education in the medical field. The website serves as a comprehensive resource hub offering educational materials, official guidelines, publications, and support for Centers of Excellence globally. The organization targets medical professionals, researchers, and students, positioning itself as a leading authority in ultrasound medicine and biology. Technically, the website is built on a modern WordPress platform with a well-structured navigation system and integration of common plugins such as Google Analytics and Slider Revolution. The site demonstrates good mobile optimization and moderate performance, with a clean and professional design that supports user engagement and accessibility. From a security perspective, the site enforces HTTPS and employs standard domain protections, though it lacks visible advanced security policies or incident response information. No critical vulnerabilities or suspicious content were detected. Privacy compliance is partially addressed with a privacy policy page, but the absence of a cookie consent mechanism and explicit GDPR banners suggests room for improvement. Overall, WFUMB's website reflects a mature digital presence with strong business credibility and trustworthy domain registration. Strategic enhancements in privacy compliance and security transparency would further strengthen its posture and user trust.

M

Moosend

moosend.com

68

Moosend is a mature and reputable SaaS company specializing in email marketing and marketing automation solutions. Founded in 2009, it offers a comprehensive platform featuring email campaign management, marketing automation, landing pages, subscription forms, transactional emails, and AI-powered content generation. The company targets businesses and marketers seeking intuitive and effective digital marketing tools, positioning itself as a leading provider with a strong market presence and a consistent brand image. Technically, the website is built on WordPress and leverages modern web technologies including Google Tag Manager, Google Analytics, Microsoft Clarity, and various JavaScript libraries for enhanced user experience and analytics. Hosting is inferred to be on Amazon AWS infrastructure, ensuring reliable performance and scalability. The site is mobile-optimized, SEO-friendly, and demonstrates excellent design and navigation quality. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, with domain registration details indicating strong legitimacy and protection against unauthorized domain changes. However, DNSSEC is not enabled, and security headers are not explicitly detected, representing areas for improvement. Privacy compliance is generally good with a comprehensive privacy policy and terms of service, though a cookie consent mechanism is absent. Overall, Moosend's website reflects a professional, trustworthy, and secure digital presence suitable for its business model. Strategic recommendations include enabling DNSSEC, implementing security headers, and adding explicit cookie consent to enhance privacy compliance and security posture.

T

Travego Tour

travegotour.sk

43

Travego Tour is a Slovak-based travel company specializing in guided sightseeing tours primarily to Asia, Eastern Europe, and the Middle East. The company emphasizes a slow travel philosophy, offering authentic cultural experiences and group tours. The website reflects a niche market positioning with a focus on experiential travel, supported by clear contact information and comprehensive legal documentation. Technically, the site uses modern web technologies including Bootstrap, jQuery, Google Tag Manager, and tracking pixels, hosted likely by WebHouse with DNSSEC enabled, indicating good infrastructure maturity. Security posture is solid with HTTPS and DNSSEC, though some advanced HTTP security headers and a security.txt file are missing. Privacy compliance is well addressed with GDPR and cookie policies including consent mechanisms. Overall, the site is professional, trustworthy, and well-structured, with no signs of malicious activity or content safety concerns.

P

Pears Health Cyber Europe, s.r.o.

pearseurope.cz

45

Pears Health Cyber Europe, s.r.o. is a Czech-based company specializing in digital marketing and accredited online education services for the healthcare and pharmaceutical sectors. With over 20 years of experience, they offer tailored digital campaigns, website development, mobile applications, video production, and Veeva CRM content management. Their e-learning platform EUNI.cz serves healthcare professionals with accredited courses. The company targets healthcare providers, pharmaceutical companies, and patients primarily in the Czech Republic and several European countries. The website reflects a professional and consistent brand image with comprehensive service offerings and client testimonials, indicating a strong market position. Technically, the website is built on WordPress 6.8.3 using Oxygen Builder and integrates modern libraries such as jQuery and Google Analytics. Cookie consent is managed via CookieYes, ensuring GDPR compliance. The site is mobile-optimized with good accessibility and SEO practices. However, some security headers are missing, and WHOIS data for the domain is unavailable, which slightly impacts trustworthiness. Security posture is solid with HTTPS enforced and anonymized analytics, but could be improved by adding security headers and publishing explicit security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well implemented with clear cookie and privacy policies and consent mechanisms. Overall, the website and business demonstrate a mature digital presence with strong compliance and professional standards. The main risk is the lack of WHOIS transparency, which should be addressed to enhance domain legitimacy and trust. Strategic recommendations include improving security headers, publishing incident response information, and maintaining up-to-date software to mitigate risks.

R

RESPECT, a.s.

jsmerespect.cz

66

RESPECT, a.s. is a Czech Republic-based insurance brokerage company with a family-oriented business culture. The website focuses on career opportunities within the company, targeting job seekers interested in working in a supportive, regional environment. The company operates multiple regional offices and emphasizes personal growth and work-life balance. The website is professionally designed with clear navigation and strong branding consistency, reflecting a medium-sized enterprise with a solid market position in the insurance sector. Technically, the site uses modern JavaScript frameworks, font services, and Google Analytics with user consent, indicating a mature digital infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. The absence of WHOIS data limits domain trust analysis, but the website's professional presentation and contact transparency support its legitimacy. Overall, the site is safe, GDPR compliant, and trustworthy for its intended audience.

M

Morka Labs

morkalabs.com

52

Morka Labs is a Lithuanian-based small web development agency specializing in creating websites and digital solutions with a focus on programming and unique design. The company has been operating since 2015 and presents a professional online presence with a portfolio showcasing diverse client projects. The website is built on WordPress, leveraging popular plugins such as Yoast SEO and Contact Form 7, and integrates Google Analytics and reCAPTCHA for analytics and security. The site is well-structured, mobile-optimized, and includes a cookie consent mechanism compliant with GDPR principles, although no explicit privacy policy or terms of service were found. Security practices include HTTPS and CAPTCHA protection, but the absence of DNSSEC and security headers indicates room for improvement. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

S

Sun4energy Heinz Streit GmbH

sun4energy.ch

47

Sun4energy Heinz Streit GmbH is a small Swiss company specializing in sustainable energy solutions, primarily focusing on photovoltaic systems, carport solar systems, and wind power installations. The company operates regionally in the Seeland area, offering comprehensive consulting, planning, and turnkey installation services for solar energy projects. Their website reflects a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on WordPress with a custom theme, uses modern web technologies, and integrates Google Analytics for visitor tracking with appropriate cookie consent mechanisms. Security posture is solid with HTTPS enforced, though some security headers and formal policies are absent. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

F

France Sclérose en Plaques

france-sclerose-en-plaques.org

63

France Sclérose en Plaques is a well-established French non-profit foundation dedicated to supporting patients with multiple sclerosis, funding research, and raising public awareness. The organization operates a professional and content-rich website that effectively communicates its mission, services, and opportunities for public engagement such as donations and volunteering. The website demonstrates a mature digital presence with multiple social media channels and clear navigation tailored to its target audience of patients, caregivers, and healthcare professionals. Technically, the site employs modern JavaScript libraries, Google Analytics, and reCAPTCHA for security and user experience, with good mobile optimization and accessibility features. Security posture is strong with HTTPS and consent management, though some HTTP security headers could be improved. The absence of WHOIS data limits domain ownership verification but does not detract significantly from the site's legitimacy given the consistent branding and trust indicators. Overall, the site is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource in the healthcare non-profit sector.

C

comperio.ch aG

trainingplus.ch

48

comperio.ch aG operates the TRAININGplus platform, a specialized course management software designed to simplify and digitize course administration for organizations. The company has a longstanding presence since 1990 and targets businesses and institutions requiring efficient course planning, participant management, and reporting. The website reflects a professional and consistent brand image with clear service offerings and contact channels. Technically, the site is built on WordPress with modern plugins and integrates Google Analytics and reCAPTCHA for security and analytics. Security posture is solid with HTTPS and form protection, though it lacks some advanced security headers and formal policies. Privacy compliance is incomplete due to missing privacy and cookie policies. Overall, the domain registration aligns well with the business identity, supporting legitimacy and trustworthiness.

I

Italieonline s.r.o

olaszorszagonline.hu

42

Italieonline s.r.o operates a professional online travel agency website focused on Italian holidays, offering a wide range of accommodation options including apartments, hotels, and camping sites. The company has a strong market presence since 1997 and is a member of multiple reputable travel associations, enhancing its credibility. The website targets Hungarian-speaking travelers and provides multilingual support through sister sites in various European languages. Technically, the site employs modern web standards, responsive design, and Google Analytics for user tracking, with a cookie consent mechanism in place. Security posture is good with HTTPS enabled and no visible vulnerabilities, though some security headers and policies could be improved. Overall, the site is well-structured, user-friendly, and trustworthy for its intended audience.

I

Italieonline s.r.o

talianskoonline.sk

10

Italieonline s.r.o operates a professional online travel agency website specializing exclusively in holidays in Italy, offering a wide range of accommodations including apartments, hotels, and campsites for both summer and winter vacations. The company has a strong market presence in Slovakia and neighboring Central European countries, supported by multiple language versions and membership in reputable travel associations. The website demonstrates a good level of digital maturity with modern technologies, responsive design, and SEO optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site is trustworthy and well-positioned in its niche.

A

AUREA INVEST, a.s.

betonserver.cz

40

BetonServer.cz is a well-established Czech industry portal specializing in concrete and related construction materials and services. Operating since 1999 under the company AUREA INVEST, a.s., it offers a comprehensive directory of companies, categorized listings, industry news, and advertising opportunities tailored to construction professionals and suppliers in the Czech Republic. The portal serves as a key resource for locating concrete producers, prefabricate manufacturers, material suppliers, and recycling centers, positioning itself as a leading niche platform in its market. Technically, the website employs a modern JavaScript stack including jQuery, Select2, Fancybox, and MapLibre GL JS for interactive maps, alongside Google Analytics for user tracking. The site is mobile-optimized with responsive design and uses HTTPS for secure content delivery. However, no explicit CMS or security frameworks are identified, and some standard security headers appear to be missing. From a security perspective, the site shows good baseline practices such as HTTPS usage and no exposed sensitive data. Yet, it lacks visible privacy and cookie policies, security incident response contacts, and vulnerability disclosure mechanisms, which are important for compliance and trust. The domain WHOIS data is consistent with the business claims, showing a long-standing registration since 1999, reinforcing legitimacy. Overall, BetonServer.cz is a credible and professionally maintained portal with solid business credibility and technical implementation. To enhance its security posture and privacy compliance, it should implement explicit privacy and cookie policies, add security headers, and provide incident response information. These improvements will strengthen user trust and regulatory adherence.

K

KDS Sedlčany

kds.cz

47

KDS Sedlčany is a Czech manufacturing company specializing in the production of knives, scissors, and various cutting tools. With a long tradition and expertise in cutlery manufacturing, the company offers high-quality products and services including sharpening, repairs, custom production, and manufacturing cooperation. The website reflects a medium-sized enterprise with a clear business focus on manufacturing and retail, targeting both B2B and B2C customers. Technically, the site is built on ASP.NET Web Forms with legacy jQuery and integrates modern analytics and marketing tools with GDPR-compliant cookie consent mechanisms. Security posture is moderate with HTTPS usage and cookie consent but lacks explicit security headers and incident response contacts. The absence of WHOIS data reduces domain trustworthiness, but the website content and business information appear professional and legitimate. Overall, the site is well-structured, user-friendly, and compliant with privacy regulations.

S

Sucht Schweiz

addictionsuisse.ch

62

Sucht Schweiz is a Swiss non-profit foundation dedicated to preventing and mitigating problems related to the consumption of psychoactive substances and addictive behaviors. The organization operates with a strong focus on research, prevention, information dissemination, and advocacy. Their website reflects a mature digital presence with multilingual support, professional design, and clear calls to action such as donations and educational offerings. The foundation targets a broad audience including professionals, affected individuals, and the general public interested in addiction-related topics. Technically, the website is built on WordPress using modern frameworks and libraries such as Flynt, Swiper.js, and Usercentrics for consent management. It integrates analytics tools like Google Analytics and Facebook Pixel with user consent mechanisms, indicating compliance with privacy regulations. The site is mobile optimized and accessible, with good SEO practices implemented via Yoast SEO. From a security perspective, the site enforces HTTPS and uses consent management but lacks visible security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. WHOIS data confirms the domain's legitimacy and consistency with the organization's identity. Overall, Sucht Schweiz presents a trustworthy and professional online presence suitable for its non-profit mission. However, improvements can be made in publishing explicit privacy and security policies and enhancing security headers to strengthen compliance and trust.

T

TNX s.r.l.

avatable.com

48

AVATABLE is a specialized SaaS provider offering a comprehensive restaurant booking management system integrated with a website solution. The company, TNX s.r.l., targets restaurants, pizzerias, fast food outlets, and event organizers primarily in Italy. Their platform includes a booking engine, table and room management, digital menus, CRM capabilities, marketing automation, and delivery integration. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience. Technically, the site uses modern web technologies including jQuery, Bootstrap, and various JavaScript libraries, with good SEO and performance characteristics. Security posture is solid with HTTPS enforced and no obvious vulnerabilities, though explicit security headers and incident response policies are absent. Privacy and cookie policies are present and GDPR compliant. WHOIS data is missing, which reduces trust slightly but the overall business presence and content quality support legitimacy.

INVOICEX is a well-established Italian software company specializing in invoicing, warehouse management, and internal accounting solutions tailored for small and medium enterprises, freelancers, and artisans. The company, TNX s.r.l., has over 20 years of experience and a strong client base exceeding 10,000 active users annually. Their product offers multi-platform compatibility and a free version with upgrade options, supported by professional technical assistance and continuous updates. The website reflects a mature digital presence with comprehensive content and clear business positioning. Technically, the website employs modern JavaScript libraries such as jQuery and Bootstrap, integrates multiple analytics and tracking tools including Google Analytics, Matomo, and Facebook Pixel, and uses HTTPS with good SSL configuration. The site is mobile-optimized and features a cookie consent mechanism compliant with GDPR. However, some security headers like Content-Security-Policy and X-Frame-Options are not detected, representing an area for improvement. From a security perspective, the site demonstrates good practices such as secure login forms and data backup options but lacks explicit security policy documentation and incident response contacts. No vulnerabilities or exposed sensitive data were found in the HTML content. The domain registration data is consistent with the business claims, enhancing trustworthiness. Overall, the website scores well in content quality, technical implementation, privacy compliance, and business credibility, with moderate security posture. Strategic recommendations include enhancing HTTP security headers, publishing security policies, and improving accessibility features to further strengthen the site's security and compliance posture.

O

Ordinalo

ordinalo.net

52

Ordinalo is an Italian-based software service provider specializing in take away and food delivery management solutions for restaurants and food businesses. The company offers a comprehensive SaaS platform including a website, mobile apps for Android and iOS, order management, delivery rider coordination, digital menus with QR codes, and marketing tools such as push notifications. Ordinalo positions itself as a niche player enabling restaurants to disintermediate from large food delivery platforms and build direct customer relationships. The website is professionally designed, content-rich, and targets small to medium-sized food service businesses in Italy. Technically, the site uses modern web technologies and integrates analytics and tracking tools, but lacks some advanced security headers and a published security policy. The WHOIS data is unavailable, which slightly reduces domain trustworthiness, but the overall business credibility is supported by clear contact information, client logos, and active social media presence. Privacy and cookie policies are implemented with consent mechanisms, indicating GDPR awareness. Overall, Ordinalo presents a solid digital presence with room for security and compliance improvements.

U

University of York

york.ac.uk

68

The University of York is a prestigious UK academic institution, part of the Russell Group, offering outstanding teaching and research services. The website reflects a mature digital presence with comprehensive content targeting prospective and current students, researchers, and academic staff. The site is well-branded and professionally maintained, emphasizing its academic reputation and community engagement. Technically, the site employs modern web technologies and multiple analytics and marketing tools to optimize user experience and engagement. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the domain and website present a trustworthy and credible academic entity.

D

Digital Wizards Group s.r.o.

rocketoomax.cz

55

Rocketoo MAX, operated by Digital Wizards Group s.r.o., provides a hybrid e-commerce platform combining custom and packaged solutions tailored to business needs. The company targets businesses seeking scalable, feature-rich e-shop solutions with integrations to ERP systems and marketing tools. The website demonstrates a mature digital presence with comprehensive content, client references, and strong branding. Technically, the site uses modern frameworks including October CMS, Bootstrap, and jQuery, with integrations for analytics and live chat. Security posture is solid with HTTPS, HSTS, and cookie consent mechanisms, though some security headers could be enhanced. The absence of WHOIS data is a notable gap in domain legitimacy verification but does not detract from the professional presentation and business credibility. Overall, the site is well-structured, user-friendly, and compliant with GDPR requirements.

S

schweitzer media gmbh

schweitzer-media.de

49

schweitzer media gmbh is a small, full-service advertising agency based in Kiel, Germany, specializing in integrated marketing, branding, design, web development, film, and photography. The company targets businesses and public institutions seeking comprehensive marketing solutions. Their market position is regional and overregional with a focus on strong ideas and digital transformation. The website reflects a high level of professionalism with excellent content quality and user experience. Technically, the site is built on WordPress with modern optimization tools and consent management, indicating a mature digital infrastructure. Security posture is good with HTTPS and privacy compliance, though some security headers and explicit policies could be improved. Overall, the domain registration and website content are consistent and legitimate, supporting a high trust level.

C

CENTROPEN, a.s.

air-pens.com

43

CENTROPEN, a.s. operates the AIRPENS website, offering specialized airbrush markers designed for children aged 4 and up. The company emphasizes safety, creativity, and local manufacturing in the Czech Republic, maintaining compliance with European toy safety standards. The website serves as a product showcase and resource hub, including downloadable stencils and instructional videos, targeting parents and educators seeking safe creative tools for children. The business holds a solid market position as a reputable manufacturer with a long history dating back to 1940, leveraging local production to ensure quality and safety. Technically, the website employs modern web technologies including Google Fonts, Google Analytics, Facebook Pixel, and reCAPTCHA for form protection. Hosting appears to be with Wedos, a known Czech hosting provider. The site is mobile-optimized with good navigation and content quality. Security posture is moderate, with HTTPS enabled and form protection via reCAPTCHA, but lacks advanced security headers and published security policies. Privacy compliance is basic, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

Intercultura is a well-established Italian non-profit organization dedicated to promoting intercultural dialogue and international student exchange programs primarily for middle and high school students. The organization operates through a volunteer-based model offering educational programs, scholarships, family hosting, and school activities. Their market position is strong within the Italian educational non-profit sector, supported by a consistent brand presence and active social media engagement. Technically, the website employs a mature technology stack including jQuery, bxSlider, fancybox, and integrates third-party services such as Google Analytics, Google Tag Manager, OneSignal for push notifications, and Iubenda for privacy and cookie compliance. The site is moderately performant with good mobile optimization and SEO practices, though some legacy libraries like jQuery 1.12.3 could be updated for security. From a security perspective, the site enforces HTTPS and uses a consent management platform for GDPR compliance. However, it lacks explicit security headers and uses an older jQuery version, which could pose vulnerabilities. No explicit incident response or security policies are published. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with its educational mission. The risk profile is low but could be improved by updating libraries and enhancing security headers. Strategic recommendations include modernizing the tech stack, implementing comprehensive security headers, and publishing incident response policies to strengthen trust and compliance.

D

Digital Wizards Group s.r.o.

rocketoo.cz

52

Rocketoo, operated by Digital Wizards Group s.r.o., is a professional e-commerce platform offering rental-based online store solutions primarily targeting small to medium businesses in the Czech Republic. The platform provides a comprehensive suite of services including customizable templates, integrated payment gateways, marketing tools, and POS systems for physical stores. The website demonstrates a mature digital presence with modern technologies such as OctoberCMS, Bootstrap, and Cookiebot for GDPR compliance. Despite the lack of WHOIS data which raises some concerns about domain registration transparency, the website content and business information are consistent and professional, indicating a legitimate operation. Security posture is generally good with HTTPS and secure forms, though improvements in security headers and published policies are recommended. Overall, Rocketoo presents a trustworthy and well-structured e-commerce solution with room for enhanced security and transparency.

F

Flying Revue

flying-revue.com

9

Flying Revue is a specialized aviation media platform targeting pilots and aviation enthusiasts, primarily serving the Czech and international aviation community. The website offers aviation news, event coverage, and aviation-related apps, positioning itself as a niche media outlet with a focus on quality content and community engagement. The business model relies on content publishing, app offerings, and advertising revenue. Technically, the site uses a mix of legacy and modern web technologies including jQuery 1.8.3, Google Analytics, Facebook Pixel, and Google AdSense, hosted on a CMS platform identified as Fonio. The site is mobile-optimized and SEO-friendly, providing a good user experience with clear navigation and relevant content. Security posture is generally good with HTTPS enforced and consent mechanisms for cookies, but the use of outdated JavaScript libraries and lack of security headers are areas for improvement. The absence of WHOIS domain registration data raises concerns about domain legitimacy and trustworthiness, although the website content and social media presence support its authenticity. Overall, the site scores moderately high in content quality and security but should address domain registration transparency and update technical components to enhance trust and security.

The website webnem.cz is operated by DALTEN media s.r.o. and offers specialized web presentation services for real estate properties, enabling clients to create dedicated websites for individual properties with marketing and SEO benefits. The business targets real estate professionals and property sellers primarily in the Czech Republic, leveraging over 20 years of experience and partnerships with multiple real estate platforms. Technically, the site uses modern JavaScript libraries including jQuery and Google Analytics, with a responsive design optimized for mobile devices. Security posture is solid with HTTPS enforced and consent-based cookie management, though some security headers are missing. Privacy compliance is evident through GDPR consent mechanisms and a linked privacy policy hosted on a partner site. Contact information is comprehensive and prominently displayed. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

DALTEN media s.r.o. operates the Web Makléře platform, providing real estate agents in the Czech Republic with customizable personal websites integrated with their RealityMIX.cz profiles. The service offers fast setup, professional templates, and hosting, targeting real estate professionals seeking to enhance their online presence. The company leverages over 20 years of experience in real estate software development and maintains partnerships with major real estate portals, positioning itself as a trusted provider in the local market. Technically, the website uses modern JavaScript libraries, Google Fonts, and cookie consent management, with responsive design and moderate performance. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though security headers could be improved. Privacy compliance is good, linking to a GDPR-compliant privacy policy on a partner domain. Contact information is clear and comprehensive. Overall, the website is professional, trustworthy, and well-aligned with its business goals.

I

iZlato Sloveská republika s.r.o.

izlato.sk

53

iZlato Sloveská republika s.r.o. operates the largest online jewelry store in Slovakia, specializing in gold and diamond jewelry. The website offers a comprehensive e-commerce platform with extensive product categories, filtering options, and customer service features including reservation and contact forms. The company targets a general audience interested in purchasing fine jewelry online and through physical stores. The business model is retail-focused with a strong digital presence and marketing integration.

L

Lichtflut.Medien GmbH & Co. KG

lichtflut-medien.de

46

Lichtflut.Medien GmbH & Co. KG is a specialized digital agency based in Flensburg, Germany, focusing on web design, TYPO3 programming, SEO, SEA, and newsletter marketing. Established in 2005, the company positions itself as a trusted partner for businesses seeking expert digital solutions with a strong emphasis on measurable results and client collaboration. The website reflects a professional and consistent brand image with comprehensive service descriptions and client testimonials, reinforcing its market credibility. Technically, the website is built on TYPO3 CMS, leveraging modern web standards and Google Analytics for performance insights. The site is mobile-optimized and demonstrates good SEO practices, although some security headers could be enhanced. The hosting is managed via DomainControl, a reputable provider, and the site uses HTTPS with a good SSL configuration. From a security perspective, the site employs HTTPS and CAPTCHA on forms, indicating attention to secure user interactions. However, it lacks explicit security policies and incident response contacts, and cookie consent mechanisms are absent despite tracking usage. No vulnerabilities or suspicious activities were detected in the content or scripts. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in security headers and privacy compliance would further enhance its posture and trustworthiness.

K

Klia cz S.r.o.

klia.cz

45

Klia cz S.r.o. operates as a wholesale importer and distributor of flowers and related accessories across the Czech Republic, serving primarily flower shops and wholesale customers. The company maintains multiple branches in key Czech cities and offers an online catalog and e-shop services. Their business model focuses on regular imports from major flower markets such as Aalsmeer in the Netherlands, ensuring a broad and high-quality product range. The website is professionally designed, with clear navigation and good mobile optimization, reflecting a mature digital presence. Technically, the site uses a mix of jQuery plugins and Google Analytics for tracking, but some components like jQuery are outdated, posing potential security risks. Security posture is generally good with HTTPS and cookie consent mechanisms, though the absence of security headers and outdated libraries are areas for improvement. The lack of WHOIS data reduces domain trustworthiness, but the overall business credibility remains high based on content and contact transparency. Strategic recommendations include updating technical components, enhancing security headers, and improving domain registration transparency.