Security Directory

K

Krajská hygienická stanice Moravskoslezského kraje se sídlem v Ostravě

khsova.cz

50

Krajská hygienická stanice Moravskoslezského kraje se sídlem v Ostravě is a regional governmental public health authority responsible for health supervision, epidemiological monitoring, and public health support in the Moravian-Silesian region of the Czech Republic. The website serves as an official portal providing information, updates, and contact details to the public and stakeholders. It maintains a consistent and professional presence with regular updates and official publications. Technically, the site uses a modern frontend stack including Bootstrap, jQuery, and the Nette framework, delivering a moderate performance and good mobile optimization. Security posture is adequate with HTTPS assumed but lacks explicit security headers and published security policies. Privacy compliance is partial with a clear privacy policy but no cookie consent mechanism. Overall, the site is trustworthy and credible, reflecting its governmental nature.

H

Heroina | Samo još jedna WordPress web-stranica

heroina.hr

39

Heroina.hr is a small-scale WordPress website primarily using the Brooklyn theme by United Themes. The site appears to be a minimal or placeholder site with very limited business content, no privacy or cookie policies, and no contact information. The technical infrastructure is based on WordPress with multiple JavaScript libraries and plugins, indicating a moderate level of digital maturity but lacking in SEO and accessibility optimizations. Security posture is basic with HTTPS enabled but missing important security headers and privacy compliance measures. Overall, the site presents a low-risk profile but lacks professionalism and trust indicators, limiting its business credibility.

Eesti Lasterikaste Perede Liit is a reputable Estonian non-profit organization dedicated to advocating for large families with three or more children. The organization operates a well-structured website built on WordPress with WooCommerce integration, providing information about their activities, events, and support services. The site demonstrates a solid digital presence with modern technologies and SEO optimization, targeting families and member organizations in Estonia. Security posture is good with HTTPS and no visible vulnerabilities, though additional security headers and policies could enhance protection. Privacy compliance is lacking as no privacy or cookie policies were found, which is a notable gap for GDPR adherence. Overall, the website is professional, content-rich, and trustworthy, serving its community effectively.

Focus Nerez is a specialized professional magazine dedicated to stainless and corrosion-resistant steels, targeting industry professionals and businesses in the manufacturing sector. The website provides news, technical articles, e-paper subscriptions, and advertising opportunities, positioning itself as a niche media outlet within the Czech Republic and neighboring regions. The site is built on WordPress with a modern tech stack including Bootstrap and jQuery, offering a responsive and user-friendly experience. However, some technical improvements are needed, particularly in security headers and cookie consent mechanisms. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and structure appear professional and trustworthy. Overall, the site demonstrates a moderate level of digital maturity with room for security and compliance enhancements.

P

Získejte svobodu nad energií | parc4u

parc4u.cz

66

The website parc4u.cz is a Czech energy service platform focused on simplifying the process of switching energy suppliers for electricity and gas. Founded around 2019, it targets general consumers in the Czech Republic seeking fair energy prices without hidden fees. The site offers services that reduce paperwork and physical visits to offices, positioning itself as a convenient digital solution in the energy sector. Technically, the website employs modern JavaScript frameworks, likely Angular, and integrates analytics tools such as Google Tag Manager and a proprietary SAnalytics system. The site is mobile-optimized and presents a professional design with clear navigation, although accessibility features are basic. Security posture is moderate; HTTPS is implied but no explicit security headers or policies are detected, and no privacy or cookie policies are found, indicating gaps in compliance. The domain registration is consistent with the business age and sector, supporting legitimacy. Overall, the site is functional and professional but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

N

Nuvia Group

nuvia.com

62

Nuvia Group is an international company specializing in nuclear technology, offering a comprehensive range of services including engineering, EPC, services and works, and products. The company operates under the parent company Vinci Construction Group, positioning itself as a key player in heavily regulated environments such as nuclear, healthcare, defense, and industrial sectors. The website reflects a professional and consistent brand image targeting business clients and professionals in these industries. Technically, the website is built on WordPress with modern libraries such as jQuery, Owl Carousel, and Leaflet, and integrates privacy-conscious analytics via Matomo. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, though some security headers are not detected and no explicit security policy or incident response information is published. The absence of WHOIS data for the domain is a notable gap, reducing transparency and trust slightly. Overall, the website is well-designed, compliant with privacy regulations, and safe for general audiences.

S

Samtök sveitarfélaga á Norðurlandi vestra

ssnv.is

63

Samtök sveitarfélaga á Norðurlandi vestra is a regional association representing municipalities in Northwestern Iceland. The organization focuses on regional development, innovation, funding, and local governance support. Their website provides news, resources, and information targeted at local government officials and community stakeholders. The site is well-structured, professionally designed, and regularly updated, reflecting a credible and active regional government entity. Technically, the website is built on the Moya CMS framework and uses legacy but stable JavaScript libraries such as jQuery 1.11.1 and jQuery UI 1.11.2. The site is mobile-optimized and has good SEO practices, though performance is moderate. Security posture is adequate with HTTPS usage implied, but lacks explicit security headers and cookie consent mechanisms, which are recommended for compliance and protection. Security evaluation shows no critical vulnerabilities or exposed sensitive data, but the absence of WHOIS data and security policies reduces overall trust slightly. The website does not employ tracking or advertising scripts, indicating a privacy-conscious approach. Contact information is transparent and includes email, phone, and physical address, enhancing business credibility. Overall, the website presents a low-risk profile with good business credibility and content quality. Strategic improvements in security headers, cookie consent, and WHOIS transparency would enhance trust and compliance.

F

Finby

trustpay.sk

11

Finby is a Slovak-based payment gateway provider specializing in localized payment methods for European e-commerce businesses. The company offers a broad range of payment solutions including card payments, local payment methods, and instant bank transfers, supported by a merchant portal and API integration. The website is professionally designed, mobile-optimized, and provides comprehensive GDPR-compliant privacy and cookie policies. Technically, the site is built on WordPress with modern plugins and hosted on Microsoft Azure DNS, ensuring good performance and reliability. Security posture is strong with HTTPS enforced and PCI DSS certification displayed, although explicit security headers and incident response information are not publicly available. Overall, Finby presents as a credible and trustworthy payment service provider with a clear market focus and solid technical infrastructure.

E

European Diamond Capacity Hub (EDCH)

diamas.org

52

The European Diamond Capacity Hub (EDCH) is a newly established collective focused on supporting Diamond Open Access scholarly publishing in Europe. It provides a range of services including a registry and forum for community collaboration, training platforms, resources and guidelines, and quality assurance tools. The initiative is part of the OPERAS program and funded by the European Union, positioning it as a key regional player in the open access ecosystem. The website is professionally designed using Drupal 10, with good mobile optimization and accessibility features. Privacy compliance is well addressed with GDPR-compliant cookie consent management and clear policies. Security posture is solid with HTTPS and domain management best practices, though DNSSEC is not enabled and security headers are not detected. Overall, the site is trustworthy, informative, and well-aligned with its mission.

M

MEVA-SK s.r.o. Rožňava

meva.sk

41

MEVA-SK s.r.o. Rožňava is a Slovakian company specializing in the sale of waste containers, storage solutions, workshop equipment, municipal supplies, home and garden products, and propane-butane appliances. The company operates a well-structured e-commerce website with multiple sister sites targeting regional markets in Central and Eastern Europe. Their business model combines B2B and B2C sales, serving municipalities, businesses, and individual consumers. The website demonstrates a good level of digital maturity with modern tracking and analytics tools integrated alongside GDPR-compliant cookie consent mechanisms. The presence of ISO certifications and detailed legal documents further enhance their credibility.

A

ASEKOL SK s.r.o.

asekol.sk

62

ASEKOL SK s.r.o. is a Slovak authorized organization specializing in extended producer responsibility and waste management services, focusing on electrical equipment, batteries, packaging, and non-packaging waste. With over 14 years of experience, ASEKOL SK holds a strong market position in Slovakia and is expanding its compliance services to Germany. The website reflects a mature digital presence built on WordPress, integrating modern analytics and cookie consent mechanisms to ensure GDPR compliance. Security posture is solid with HTTPS and privacy-focused cookie management, though opportunities exist to enhance security headers and incident response transparency. Overall, ASEKOL SK demonstrates a trustworthy and professional online presence aligned with its business objectives.

C

Capexus

capexus.sk

54

Capexus SK is a Slovak company specializing in custom commercial interior design and build services. Operating since 2011 and part of the Esco Slovensko group, it offers a comprehensive portfolio including architecture, workplace consultancy, acoustics, building technologies, and project documentation. The company has a strong market presence, evidenced by awards such as the Office Roka 2022 for Healthy Office. The website reflects a mature digital infrastructure built on WordPress with modern technologies and performance optimizations. Security posture is solid with HTTPS, DNSSEC, and best practices in place, though explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site projects professionalism, trustworthiness, and business credibility.

M

Marketing Art

marketingart.sk

53

Marketing Art is a Slovak online marketing agency specializing in web development, e-commerce solutions, online marketing, and corporate identity services. Established in 2012 and based in Trenčín, the company targets small and medium-sized businesses seeking to enhance their online presence and customer acquisition. Their website demonstrates a professional and consistent brand image supported by client testimonials and a detailed portfolio. Technically, the site is built on WordPress with modern plugins and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and Smartlook. The site is GDPR compliant with a comprehensive privacy and cookie policy and employs a consent mechanism. Security posture is good with HTTPS enabled and anti-spam measures in place, though some security headers could be improved. Overall, the website is well-designed, user-friendly, and trustworthy, reflecting a mature digital presence.

A

Ace IT s.r.o.

aceit.cz

53

Ace IT s.r.o. is a Czech-based technology company specializing in the creation of custom web projects, including websites, e-shops, and online applications, with a strong focus on quality and client-centric services since 2008. The company positions itself as a boutique agency delivering tailored solutions with an emphasis on performance and user experience. Their service portfolio includes web development, online marketing, hosting, and IT outsourcing, targeting businesses seeking professional digital presence and marketing support. Technically, the website demonstrates a mature digital infrastructure using modern frameworks such as Nette and Node.js, along with front-end technologies like Bootstrap and Google Fonts. The site is well-optimized for performance and mobile responsiveness, employs HTTPS with strong SSL configuration, and integrates advanced cookie consent management and CAPTCHA for form security, reflecting a good level of digital maturity. From a security perspective, the site enforces HTTPS, uses Cloudflare Turnstile CAPTCHA to mitigate spam, and provides a detailed cookie consent mechanism aligned with GDPR requirements. However, the absence of WHOIS transparency and lack of explicit security policies or incident response contacts represent areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional and trustworthy digital front with solid privacy compliance and security practices. The main risk lies in the missing WHOIS data, which slightly impacts domain trustworthiness. Strategic recommendations include enhancing security headers, publishing incident response information, and improving accessibility features to further strengthen the security posture and compliance.

D

Diamond Experts

rezani-vrtani.cz

52

Diamond Experts is a specialized service provider in the Czech Republic focusing on core drilling and concrete cutting services. With over 25 years of experience, the company serves both businesses and households primarily in Prague and the surrounding regions. Their offerings include a wide range of concrete-related services such as wall saw cutting, joint cutting, chemical anchoring, and structural reinforcement. The website reflects a mature business with clear contact information, certifications, and customer testimonials that enhance trust and credibility. Technically, the site employs modern JavaScript libraries and Google services for analytics and advertising, with a cookie consent mechanism that aligns with GDPR requirements. Security measures include the use of hCaptcha for bot protection, but there is room for improvement in security headers and incident response transparency. Overall, the website is professional, well-structured, and trustworthy, supporting the company's market position as a local expert in construction services.

T

Tours City Pass

tourscitypass.com

65

Tours City Pass is a small-sized tourism-focused business founded in 2020, offering digital city passes and related tourism packages for visitors to Tours, France. The website serves as an e-commerce platform enabling users to purchase passes, access interactive maps, and benefit from discounts and cultural offers. The business is positioned as a local tourism enabler with a clear target audience of tourists and visitors seeking cultural and leisure activities in the Tours metropolitan area. The parent company is Otipass, which provides the technological platform and payment processing services. Technically, the website employs a modern technology stack including Bootstrap, jQuery, React, and various analytics and tracking tools such as Matomo and Facebook Pixel. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates cookie consent mechanisms compliant with GDPR. However, some security headers are missing, and DNSSEC is not enabled, representing areas for improvement. From a security perspective, the site demonstrates good practices such as encrypted communications, cookie consent, and no visible sensitive data exposure. There is no evidence of a published security policy or incident response plan, and no vulnerability disclosure mechanism is present. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company’s founding date and no privacy protection, which supports transparency. Overall, the website is professional, trustworthy, and compliant with privacy regulations, with moderate technical sophistication and a solid security posture. Recommendations include enhancing security headers, enabling DNSSEC, and publishing formal security and incident response policies to further strengthen trust and compliance.

V

Ville de Vandœuvre

vandoeuvre.fr

52

The website www.vandoeuvre.fr serves as the official digital presence for the city of Vandœuvre-les-Nancy in France, providing residents and visitors with access to municipal news, event agendas, and a variety of online administrative services. The site targets a broad audience including families, seniors, students, and local businesses, positioning itself as a comprehensive resource for community engagement and public service delivery. The business model is typical of government websites, focusing on information dissemination and facilitating citizen interactions with municipal services. Technically, the site is built on WordPress CMS, leveraging popular plugins such as Yoast SEO for search optimization and Matomo for privacy-conscious analytics. The inclusion of libraries like jQuery, PhotoSwipe, and Leaflet indicates a moderately modern tech stack aimed at enhancing user experience with interactive elements such as maps and image galleries. The site demonstrates good mobile optimization and accessibility features, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR principles, allowing users granular control over tracking. However, the absence of explicit security headers and lack of visible privacy policy or terms of service pages represent areas for improvement. The WHOIS data is notably missing, which is unusual for an official municipal domain and slightly detracts from the domain's trustworthiness. Overall, the site is a well-structured, professional municipal portal with solid technical foundations and a focus on user privacy. Strategic enhancements in security policy transparency and domain registration clarity would further strengthen its credibility and compliance posture.

M

MENTOR im LitWIT e.V.

mentor-litwit.de

45

MENTOR im LitWIT e.V. is a small non-profit organization based in Witten, Germany, dedicated to improving children's reading and language skills through volunteer mentoring. The website is built on Joomla CMS with modern frontend technologies like Bootstrap and jQuery, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and CSRF protections, though security headers are not explicitly detected. Privacy compliance is well addressed with a cookie consent mechanism and a privacy policy. The organization is transparent with contact details and affiliations, enhancing trustworthiness. No critical security or content safety issues were found.

L

Landesverkehrsgesellschaft Niedersachsen mbH (LNVG)

mobilotsin-niedersachsen.de

43

MOBILOTSIN is a regional initiative under the Landesverkehrsgesellschaft Niedersachsen mbH (LNVG) focused on supporting municipalities and counties in Lower Saxony, Germany, with innovative mobility concepts and the traffic transition. The website presents a professional and consistent brand image, offering services such as consulting, qualification courses, and events. The target audience primarily includes local government entities and stakeholders involved in mobility management. The digital infrastructure is built on the ProcessWire CMS with modern JavaScript libraries enhancing user experience. The site is mobile-optimized and well-structured, providing clear navigation and relevant content including event listings and newsletter subscription. From a security perspective, the website uses HTTPS and does not expose sensitive data in the HTML content. However, there is no evidence of advanced security headers or published security policies, and no cookie consent mechanism is present, which could be improved for better compliance. No analytics or tracking scripts were detected, indicating minimal user tracking. Contact information is clearly provided, enhancing business credibility. WHOIS data shows consistent domain registration with no privacy protection, aligning with the website's governmental affiliation. Overall, the website demonstrates a solid technical foundation and business credibility with room for improvement in privacy compliance and security best practices. The content is safe and appropriate for a general audience, with no adult or questionable material detected.

J

Jasněna Vláhová s.r.o.

vlahova.cz

53

Jasněna Vláhová s.r.o. operates the website vlahova.cz, a well-established Czech family business specializing in the design and distribution of watches, clocks, and jewelry products across Europe. The company has a strong retail presence with nearly two thousand stores supplied and offers a variety of collections targeting women, men, and children. The website reflects a professional e-commerce platform with clear navigation, product showcases, and marketing integrations. Technically, the site uses a combination of jQuery, Alpine.js, and other modern JavaScript libraries, supported by Google Tag Manager and Facebook Pixel for analytics and marketing. Security measures include HTTPS enforcement and cookie consent mechanisms, although explicit security headers and incident response information are not publicly detailed. Overall, the site demonstrates a mature digital presence aligned with its business operations.

N

Nadační fond Čas je mozek

casjemozek.cz

44

The website www.casjemozek.cz represents a Czech non-profit initiative named 'Čas je mozek' focused on educating the public about stroke symptoms, prevention, and treatment. Founded in 2015, it is affiliated with reputable Czech medical societies, providing authoritative content and organizing charitable events. The site offers extensive educational resources, patient stories, and news updates, targeting the general public and healthcare professionals in the Czech Republic. Technically, the site uses modern web technologies including JavaScript libraries and tracking tools such as Google Analytics and Facebook Pixel. It is mobile-optimized and provides a good user experience with clear navigation and professional design. However, the absence of a privacy policy and terms of service pages, as well as missing WHOIS domain registration data, slightly reduce its trustworthiness. Security posture is moderate with HTTPS usage and cookie consent but lacks visible security headers and incident response contacts. Overall, the site is a credible and valuable resource for stroke awareness but would benefit from enhanced transparency and security best practices.

C

Centous Solutions

techdignity.com

57

Centous Solutions is a small, India-based company specializing in developing Shopify apps aimed at enhancing e-commerce store performance, customer experience, and operational efficiency. Their portfolio includes apps for shipping protection, customer reviews, background music, product options, bulk image import, tagging, and inventory automation. The company also offers related services such as store setup, sales marketing, app installation, and troubleshooting. The website is built on WordPress and integrates modern technologies including Bootstrap, jQuery, and Google Tag Manager, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and reCAPTCHA implemented, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-positioned in the Shopify app niche.

The website represents the Zväz cestovného ruchu Slovenskej republiky, a Slovak voluntary organization of employers in the tourism sector. It focuses on protecting and promoting the interests of its members, advocating for sustainable tourism development, regulatory frameworks, and workforce innovation. The organization targets tourism businesses, government bodies, and stakeholders in Slovakia. Technically, the site is built on WordPress with Elementor, using common plugins and libraries, hosted by Websupport. The site is moderately performant, mobile-optimized, and SEO-friendly but lacks advanced accessibility features. Security posture is adequate with HTTPS enabled but lacks explicit security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration is consistent and trustworthy, reflecting a legitimate organization with a stable online presence.

JSB stavební is a small family-owned construction company operating primarily in Prague and the Central Bohemian region since 2016. The company specializes in comprehensive renovations of apartments, family houses, and offices, as well as the construction of smaller commercial projects and family homes. Their website presents a professional image with clear service descriptions and galleries showcasing completed projects, targeting local residential and commercial clients. Technically, the website is built using standard web technologies including Bootstrap, jQuery, and Font Awesome, providing a responsive and user-friendly experience. However, there is no evidence of advanced CMS usage or hosting details. Performance is moderate with good mobile optimization but basic accessibility and SEO features. From a security perspective, the site lacks HTTPS verification in the provided data, security headers, and privacy or cookie policies, indicating potential compliance and security gaps. The absence of WHOIS data limits domain legitimacy verification, although the website content and contact details appear consistent with a legitimate small business. Overall, the site is functional and informative but would benefit from improved security practices, privacy compliance, and domain registration transparency to enhance trust and reduce risk.

P

PACE-VET

pace-vet.eu

39

PACE-VET is an educational project focused on developing a digital platform for the recognition and validation of vocational competencies in the event technology sector. The website presents detailed project information, objectives, and schedules, targeting vocational learners, employers, and education providers. The platform aims to facilitate micro-credential certification to improve labor market adaptability. Technically, the website is built on WordPress with modern plugins and libraries, offering a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy but could improve in security and privacy transparency.

The website tavokraujas.lt represents the Vilniaus Universiteto Ligoninės Santaros Klinikų Kraujo centras, a major Lithuanian healthcare institution specializing in blood donation and transfusion services. The site provides comprehensive information about blood donation, donor registration, donor eligibility, and blood donation events. It serves as an important resource for potential donors and healthcare professionals in Lithuania. The business is well-positioned as a trusted healthcare provider with ISO 9001:2015 certification and affiliation with a leading university hospital. Technically, the website uses a variety of established JavaScript libraries and CSS frameworks such as jQuery, Bootstrap, and Owl Carousel to deliver a responsive and user-friendly experience. The site is mobile optimized and features multiple interactive forms for donor registration and event organization. However, there is no evidence of a CMS, and hosting details are not disclosed. From a security perspective, the website uses HTTPS but lacks visible security headers and explicit privacy or cookie policies, which are important for GDPR compliance. No incident response or vulnerability disclosure information is provided. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain and business. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening to improve user trust and regulatory adherence.

I

Izzy Trading, s.r.o.

foxii.cz

39

FOXii is a specialized cloud-based service software targeting companies with field service operations, primarily in the Czech and Slovak markets. The platform enables digitalization of service workflows including planning, protocol creation, and technician tracking. The company behind FOXii, Izzy Trading, s.r.o., founded in 2019, presents a professional and consistent online presence with clear contact information and GDPR compliance. Technically, the website uses modern JavaScript libraries and cloud hosting on DigitalOcean, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and reCAPTCHA protections, though some security headers are missing. The site employs comprehensive cookie consent mechanisms and integrates multiple analytics and marketing tools with user consent.

I

INFO WEB s.r.o.

ladnafotografie.cz

49

LADNÁ FOTOGRAFIE is a small local photography studio based in Ladná near Břeclav, Czech Republic, specializing in portrait, still life, product, and other photographic services. The website serves as a professional portfolio showcasing various photographic works and targets local customers seeking photography services. The business is operated by INFO WEB s.r.o., founded in 2019, and maintains an active social media presence on Facebook and Instagram. Technically, the website uses a modern tech stack including Bootstrap, jQuery, and various plugins to deliver a visually appealing and responsive user experience. However, the site lacks critical compliance documents such as privacy and cookie policies, and no explicit contact information is provided on the pages analyzed. Security posture is moderate with HTTPS assumed but no security headers detected, and no analytics or tracking scripts are present, indicating minimal user tracking. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security practices.

S

Sveučilšni računski centar - Srce

croris.hr

60

CroRIS is an official Croatian government-supported information system dedicated to the science sector, providing comprehensive data on researchers, projects, publications, and scientific infrastructure. It is operated by the University Computing Centre Srce in partnership with the Ministry of Science and Education and other academic institutions. The platform serves as a central hub for scientific data in Croatia, targeting researchers, academic institutions, and government stakeholders. Technically, the website employs modern web technologies including jQuery, Bootstrap, and Font Awesome, with a custom-built CMS and good mobile and accessibility support. Security measures include HTTPS, CSRF protection, and SAML2 authentication for user login, though some security headers and explicit cookie consent mechanisms are missing. The domain registration is consistent with the official nature of the site, registered under CARNET with Croatian country code and appropriate age. Overall, the site is professional, trustworthy, and well-positioned as a national science information resource.

The website www.prekmurjevsrcu.si is a small regional cultural site dedicated to the Prekmurje Slovene community, emphasizing cultural unity with the mother nation. The site is modest in content and design, primarily serving informational and community awareness purposes. It does not appear to operate as a commercial business and lacks detailed business information or contact channels. Technically, the site uses common frontend libraries such as jQuery, Bootstrap, Font Awesome, Fancybox, and Owl Carousel, indicating a basic but functional technical infrastructure. The site is mobile responsive and moderately performant but lacks advanced SEO and accessibility features. Security posture is weak due to the absence of HTTPS enforcement information, security headers, and privacy or cookie policies. No contact or incident response information is provided, limiting trust and compliance. Overall, the site is safe with no adult or questionable content but requires significant improvements in security, privacy compliance, and business transparency to enhance credibility and user trust.

M

MAMFORCE

incq-all.com

51

INC.Q, operated by MAMFORCE, is a recently established company (founded in 2023) specializing in Diversity, Equity, and Inclusion (DEI) certifications, consulting, and training services. The company positions itself as a leader in DEI initiatives across Europe, offering a range of services including DEI certification, equal pay certification, ESG data reporting, and employer branding. The website reflects a professional and consistent brand image, targeting businesses seeking to improve their DEI practices and employee engagement. The digital infrastructure is built on WordPress with modern marketing and analytics integrations, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and some best practices, though improvements such as enabling DNSSEC and publishing security policies are recommended. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website is trustworthy and professionally maintained, though the domain is very new, aligning with the company's recent founding.

Valga Sport is a local Estonian sports organization focused on promoting youth and community sports activities, managing sports facilities, and organizing events. The website serves as an information portal for sports opportunities, events, and news relevant to the Valga region. The organization appears to be a small-sized entity with a public or non-profit orientation, supported by local government affiliations. Technically, the website is built on the Greativ CMS platform and uses common web technologies including Google Analytics and Facebook Pixel for tracking. The site is mobile-optimized with a moderate performance profile and basic SEO and accessibility features. Hosting and domain registration are consistent with a local Estonian provider, Telia Eesti AS. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks advanced security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The WHOIS data is transparent and consistent with the business claims, supporting legitimacy. Overall, the website is professional and trustworthy for its intended audience but could improve in privacy compliance and security posture to better align with modern standards.

A

ArhivPRO d.o.o.

eindigo.net

56

ArhivPRO d.o.o. is a Croatian technology company specializing in digital archiving and cataloguing solutions, primarily through their INDIGO platform. The platform targets institutions such as libraries, archives, museums, and schools, enabling them to digitize, manage, and publish diverse materials including books, photographs, and multimedia. The company demonstrates a strong market position in the cultural heritage and education sectors, supported by client references and EU project funding. Technically, the website employs modern web technologies and responsive design, providing a professional user experience. Security posture is moderate with HTTPS usage but lacks visible security headers and formal privacy/cookie policies. The WHOIS data is privacy protected due to GDPR, which is justified given the nature of the business. Overall, the website and business present a trustworthy and professional image with room for improvement in privacy and security transparency.

H

Hrvatske ceste d.o.o.

hrvatske-ceste.hr

63

Hrvatske ceste d.o.o. is a Croatian state-owned company responsible for the management, construction, reconstruction, and maintenance of the national road network. The website reflects its official status with consistent branding and clear presentation of its services and public information. The target audience includes government entities, contractors, drivers, and the general public interested in road infrastructure and related services. The company operates under the ownership of the Republic of Croatia, positioning itself as the authoritative body for state roads.

Z

Zavičajni Muzej Ozalj

zmo.hr

54

Zavičajni Muzej Ozalj is a small cultural heritage museum located in Ozalj, Croatia, dedicated to preserving and showcasing 6000 years of local history through diverse collections including archaeological, ethnographic, and photographic artifacts. The museum also operates an open-air Ethno Park that exhibits traditional architecture and pre-industrial everyday items, targeting general visitors interested in history and culture. The website is professionally designed with good content quality, clear navigation, and accessibility features implemented via the EqualWeb plugin. Technically, it uses a modern but basic tech stack including Bootstrap and jQuery, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though it lacks explicit security policies and incident response information. Overall, the domain registration data aligns well with the museum's identity, indicating legitimacy and trustworthiness.

C

Centar za poduzetništvo d.o.o.

czp.hr

43

Centar za poduzetništvo d.o.o. is a regional entrepreneurial support center serving the Dubrovnik-Neretva County in Croatia. The organization focuses on providing a range of services including education, business consulting, credit programs, and assistance with EU funding projects. Their website reflects a government-affiliated entity aimed at fostering entrepreneurship and small business growth in the region. The target audience primarily consists of local entrepreneurs and small business owners seeking support and resources. Technically, the website employs a modern technology stack featuring jQuery, Bootstrap, FontAwesome, and various plugins for enhanced user experience and accessibility. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates Google Analytics and UserWay accessibility tools, indicating a mature digital infrastructure. The website content is well-structured, professionally designed, and includes clear navigation and relevant business information. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security policies and incident response contact details. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with GDPR-aligned privacy and cookie policies and a consent mechanism in place. The website demonstrates a good security posture but could improve by adding formal security documentation and security headers. Overall, the website is trustworthy, professional, and serves its business purpose effectively. The domain registration data aligns with the website's claims, reinforcing legitimacy. Strategic recommendations include enhancing security transparency, publishing incident response information, and maintaining regular security audits to sustain trust and compliance.

The website www.peresobralik.ee represents the Estonian non-profit organization Eesti Lasterikaste Perede Liit, which focuses on promoting family-friendly dining establishments through a certification mark. The site targets families with children in Estonia and provides information about the certification, news updates, and regional member organizations. The business model is non-profit and community-oriented, aiming to enhance societal recognition and support for families with children. Technically, the website is built on WordPress and utilizes common web technologies such as jQuery, Owl Carousel, Font Awesome, and Google Fonts. The site is moderately performant, mobile-optimized, and has a clear navigation structure. However, it lacks advanced SEO and accessibility features. The hosting provider is not explicitly identified from the content. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is present. The site does not use analytics or tracking services, indicating minimal user tracking. Overall, the website is legitimate, safe, and professionally presented but has room for improvement in privacy compliance and security best practices. The WHOIS data aligns well with the website's claims, supporting its trustworthiness.

V

Valga Muusikakool

valgamuusikakool.ee

43

Valga Muusikakool is a well-established music school based in Valga, Estonia, with a history spanning approximately 100 years. The institution provides structured music education programs, organizes academic concerts, and participates in projects aimed at enhancing inclusive education and modernizing public services. The website serves as an information hub for students, parents, and the local community, offering event calendars, news updates, and application submission forms. The business model focuses on education and cultural enrichment within the local region, positioning the school as a key regional player in music education. Technically, the website is built on the Greativ CMS platform and incorporates modern web technologies such as Google Analytics, Facebook SDK, and Owl Carousel for interactive content. The site is mobile-optimized with good navigation and content quality, although some SEO and accessibility features could be improved. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and includes some best practices like secure form handling and analytics integration. However, it lacks explicit security headers, a cookie consent mechanism, and published security or incident response policies. No vulnerabilities or exposed sensitive data were found, indicating a generally sound security posture but with room for improvement in compliance and transparency. Overall, the website is professional, trustworthy, and serves its educational purpose effectively. Strategic recommendations include implementing cookie consent, enhancing security headers, publishing security policies, and considering a vulnerability disclosure program to strengthen trust and compliance.

Ž

ŽUPANIJSKA UPRAVA ZA CESTE LIČKO-SENJSKE ŽUPANIJE

zuc-ls.hr

45

ŽUPANIJSKA UPRAVA ZA CESTE LIČKO-SENJSKE ŽUPANIJE is a Croatian regional government agency responsible for the management and maintenance of roads within Ličko-Senjska County. The website serves as an official communication channel providing public notices, procurement information, road maps, and contact details to residents, contractors, and stakeholders. The agency positions itself as a trusted authority in transportation infrastructure within the region. Technically, the website is built on WordPress with Elementor and several plugins, offering a modern, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS and security headers, though it lacks published security policies and cookie consent mechanisms. Overall, the site is professional, trustworthy, and serves its public function effectively.

Z

Zavod za prostorno uređenje Ličko-senjske županije

zzpulsz.hr

47

Zavod za prostorno uređenje Ličko-senjske županije is a Croatian government agency established in 2008, responsible for coordinating, monitoring, and implementing spatial planning within the Ličko-senjska county. The website serves as an official portal providing information about spatial plans, reports, and institutional activities targeting local residents, government officials, and urban planning professionals. The business model is focused on public sector service delivery with a clear mandate and regional authority. Technically, the website employs a modern but straightforward technology stack including jQuery, Modernizr, and Owl Carousel, hosted on a CMS platform developed by VIT. The site is mobile-optimized, accessible with multiple user-friendly features such as font resizing and contrast modes, and implements cookie consent mechanisms. SEO and metadata are well handled, though no structured JSON-LD data was found. From a security perspective, the site uses HTTPS with a good SSL configuration and basic security best practices like form validation and cookie consent. However, it lacks advanced security headers and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is trustworthy, professional, and serves its government function well. The main risks relate to missing privacy and security policy documentation and absence of explicit incident response information. Addressing these gaps would improve compliance and user trust.

L

Lika ceste d.o.o.

likaceste.hr

45

Lika ceste d.o.o. is a Croatian company specializing in the maintenance, protection, reconstruction, and construction of roads and related infrastructure, primarily serving the Gospić region. The company positions itself as a regional service provider focused on public roadways, offering key services such as road maintenance and winter services. The website reflects a medium-sized enterprise with a clear focus on transportation infrastructure, targeting local government entities and public road users. Technically, the website is built on WordPress using Bootstrap for responsive design, enhanced with several JavaScript libraries including jQuery, Owl Carousel, and Google Maps API. SEO is supported by the Yoast SEO plugin, and user interaction is facilitated through Contact Form 7 with Google reCAPTCHA v3 for spam protection. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. From a security perspective, the site uses HTTPS and includes a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and published security policies or incident response information. No vulnerability disclosure or security.txt files are present, indicating room for improvement in transparency and security maturity. Overall, the website is professional and trustworthy with moderate tracking and analytics usage. It is safe for general audiences and does not contain adult or questionable content. The domain registration data aligns well with the business identity, supporting legitimacy. Strategic improvements in security headers, incident response policies, and accessibility would enhance the site's security posture and compliance.

V

Valvoline

valvoline.ee

51

Valvoline.ee is the Estonian localized website for Valvoline, a globally recognized lubricant and automotive chemical brand with a history dating back to 1866. The website presents product offerings primarily focused on lubricants, coolants, and maintenance chemicals targeting automotive, industrial, and motorsports sectors. The site demonstrates a moderate level of digital maturity with use of common JavaScript libraries and Google Analytics for tracking. However, it lacks visible privacy and cookie policies, contact information, and security headers, which are important for compliance and trust. The website is accessible without WAF or blocking mechanisms, indicating no access restrictions. Overall, the site is professionally designed with good content relevance but could improve in privacy compliance and security posture.

M

Međimurska energetska agencija d.o.o. MENEA

menea.hr

46

Međimurska energetska agencija d.o.o. MENEA is a Croatian regional energy agency established in 2008, focusing on energy consulting, project management, energy planning, and systematic energy management. The agency serves municipalities, businesses, and stakeholders in the energy sector, leveraging EU funding and regional initiatives to promote sustainable energy solutions. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its audience. Technically, the site is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for enhanced user experience and accessibility. Security posture is solid with HTTPS and reCAPTCHA integration, though it lacks some advanced security headers and explicit incident response information. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is trustworthy, well-maintained, and aligned with the business's mission and market position.

T

Tehnološko-inovacijski centar Međimurje d.o.o.

ticm.hr

10

Tehnološko-inovacijski centar Međimurje (TICM) is a well-established regional technology and innovation center based in Croatia, founded in 2012. It supports technology-based entrepreneurship through incubation, coworking, educational courses, and business advisory services. The website reflects a professional and consistent brand with a clear focus on regional development and innovation. The technical infrastructure is modern, leveraging WordPress CMS with Bootstrap and various JavaScript libraries, and integrates Google Analytics and reCAPTCHA for analytics and security. Security posture is good with HTTPS enforced and some best practices observed, though there is room for improvement in security headers and formal security policies. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is trustworthy and serves its target audience effectively.

Česká společnost pro aterosklerózu is a well-established professional society in the Czech Republic focused on atherosclerosis and lipidology. Founded in 2000, it serves healthcare professionals and researchers by providing expert recommendations, organizing congresses and webinars, publishing a specialized journal (AtheroReview), and supporting research projects. The organization maintains strong partnerships with both domestic and international medical societies and pharmaceutical companies, reinforcing its market position as a trusted authority in cardiovascular prevention and lipid disorders. Technically, the website is built on WordPress with a standard set of libraries including jQuery, Bootstrap, and Owl Carousel. It is hosted by Active24, a reputable Czech hosting provider. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. Google Analytics and Tag Manager are used for visitor tracking, indicating moderate digital maturity. From a security perspective, the site uses HTTPS but lacks visible security headers and does not provide a security policy or vulnerability disclosure page. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is limited as no privacy or cookie policies were found, representing a compliance gap under GDPR. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, trustworthy, and content-rich, but it would benefit from improved privacy compliance and enhanced security headers to strengthen its security posture and regulatory adherence.

M

McCoy Mart

mccoymart.com

60

McCoy Mart operates as India's largest online marketplace for building and construction materials, targeting construction professionals such as builders, contractors, architects, and interior designers. The platform offers a wide range of products sourced from over 300 brands, project lead services, and credit financing options, positioning itself as a comprehensive solution for the construction industry in India. The website is professionally designed with good content relevance and clear navigation, optimized for mobile users. Technically, it leverages modern web technologies including Laravel backend, jQuery, Bootstrap, and integrates marketing and analytics tools like Google Tag Manager, Facebook Pixel, and Visual Website Optimizer. Security posture is moderate with HTTPS enabled and CSRF protection, but lacks DNSSEC and security headers, and does not provide privacy or cookie policies, which are compliance gaps. The domain registration data is consistent with the business claims, enhancing trustworthiness. Overall, the site is functional and credible but would benefit from improved privacy compliance and enhanced security measures.

I

IN LEASE

inlease.cz

41

IN LEASE is a Czech Republic based company specializing in operativní leasing, vehicle leasing, and fleet management services. The website presents a professional and well-structured digital presence targeting businesses and individual customers seeking leasing solutions. The company has been operating since 2015, with domain registration data consistent with its business claims. The technical infrastructure is built on WordPress CMS with modern tracking and analytics tools such as Google Tag Manager, Piwik PRO, and Microsoft Clarity, indicating a mature digital marketing approach. Security measures include HTTPS enforcement and use of Google reCAPTCHA, but lack explicit security policies or vulnerability disclosure mechanisms. Privacy compliance is basic with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the website is functional, secure, and credible but could improve transparency and compliance documentation.

H

Hemmy.se

hemmy.se

58

Hemmy.se is a Swedish e-commerce retailer specializing in household appliances, garden machinery, grills, and outdoor furniture, offering fast home delivery at competitive prices. Established in 2017, the company targets Swedish consumers seeking affordable and convenient shopping for home and garden products. The website presents a professional design with clear navigation and regularly updated promotional content. Technically, the site employs modern web technologies including jQuery, Bootstrap, and integrates multiple analytics and marketing tools such as Google Analytics, Hotjar, and Voyado Analytics. Hosting and DNS services are provided via Cloudflare, ensuring reliable performance and security. Security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism in place, although some security headers and explicit security policies are not publicly visible. Privacy compliance is supported by a detailed privacy policy linked through Cookiebot, indicating GDPR adherence. No contact information or terms of service were found on the homepage, which could be improved to enhance business credibility. Overall, the site is functional, secure, and compliant with privacy regulations, serving a medium-sized retail business in Sweden.

G

GDPR CENTRUM

gdprcentrum.cz

58

GDPR CENTRUM is a Czech-based small business collective of IT and legal professionals specializing in GDPR certification, implementation, consultancy, and software development. The company targets small businesses, sole proprietors, and online merchants, offering affordable and free GDPR compliance tools including a documentation generator. The website is professionally designed with clear navigation and comprehensive content in Czech, reflecting a strong focus on GDPR education and practical compliance support. Technically, the site uses a modern but somewhat dated tech stack including Bootstrap and jQuery 1.12.4, with good mobile optimization but lacking some modern security headers and explicit privacy/cookie policies. Security posture is moderate with HTTPS usage but missing advanced security configurations and incident response details. WHOIS data is unavailable, which reduces domain trustworthiness, but the detailed content and contact information support legitimacy. Overall, the site provides valuable GDPR compliance resources with room for improvement in privacy transparency and security best practices.

R

RJFM

rjfm.net

56

RJFM is a well-established local radio station based in Montluçon, France, providing regional news, music hits, and podcasts primarily targeting local residents. The website reflects a professional media outlet with a consistent brand presence and a focus on delivering local content digitally. The business operates a multi-channel digital presence including streaming, podcasts, and mobile applications, positioning itself as a key local media player in the Allier region. Technically, the website uses modern web technologies and CDNs to deliver content efficiently, with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS, domain locking, and reCAPTCHA integration, though improvements such as DNSSEC and enhanced security headers are recommended. Privacy compliance is basic but includes cookie consent and a privacy policy in French. Overall, the site is trustworthy and safe for general audiences, with no adult or explicit content detected.