Security Directory

O

Obec Pasohlávky

pasohlavky.cz

62

Obec Pasohlávky is the official municipal website for the village of Pasohlávky in the Czech Republic, serving both residents and tourists. The site provides essential local government information, event calendars, news updates, and tourist services. It positions itself as a trusted source for community engagement and local tourism promotion. The website is professionally designed with consistent branding and clear navigation, targeting a general audience interested in municipal services and regional tourism. Technically, the site is built on ASP.NET Web Forms with modern JavaScript libraries such as jQuery and Swiper.js for UI components. It uses HTTPS and integrates Google Analytics for visitor tracking. The site is moderately optimized for performance and mobile devices, though accessibility features are basic. There is no detected CMS, and hosting details are not explicit. From a security perspective, the site employs HTTPS and secure form handling but lacks advanced security headers and a cookie consent mechanism, which are recommended for GDPR compliance. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data reduces domain trustworthiness, but the website content and official nature suggest legitimacy. Overall, the website is a functional and professional municipal portal with room for improvement in privacy compliance and security best practices. Strategic recommendations include implementing cookie consent, enhancing security headers, publishing a security policy, and verifying domain registration details to strengthen trust and compliance.

Vinařství Kern is a small winery based in Moravia, Czech Republic, specializing in the production and sale of quality wines. The company targets wine consumers and enthusiasts primarily in the Czech market, offering direct sales through an e-commerce enabled WordPress website. The site is professionally designed with good content quality and clear navigation, supporting a positive user experience. Technically, the website leverages WordPress with WooCommerce and several popular plugins, including LayerSlider and WPBakery Page Builder, indicating a moderate level of digital maturity. The presence of Google Analytics and Facebook Pixel shows active marketing and user tracking efforts. Security posture is solid with HTTPS and standard security headers, though the absence of published security policies and incident response information suggests room for improvement. The lack of WHOIS data reduces transparency and slightly impacts trustworthiness. Overall, the website is suitable for mature audiences due to its alcohol-related content and complies with GDPR requirements through visible privacy and cookie policies.

S

Schindler, spol. s r.o.

lapierre-bike.cz

10

Schindler, spol. s r.o. operates a professional e-commerce platform specializing in the distribution and retail of Lapierre bicycles and related cycling products in the Czech Republic. The website offers a comprehensive product catalog, including road bikes, mountain bikes, e-bikes, and accessories, targeting cycling enthusiasts and retailers. The company maintains a consistent brand presence with multi-language support and provides technical documentation and manuals to support customers. Technically, the site is built on the Shoptet e-commerce platform, leveraging modern web technologies such as Google Analytics and Tag Manager for marketing and analytics purposes. The site is well-structured, mobile-optimized, and employs HTTPS with standard security headers, reflecting a good security posture. However, the absence of WHOIS data limits domain trust verification, and no explicit security or incident response policies are published. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, though terms of service and vulnerability disclosure information are not evident. Overall, the website is professional, secure, and trustworthy, with room for improvement in transparency and security documentation.

G

GSS Mikulov

gymik.cz

51

Gymnázium a střední odborná škola Mikulov is a public secondary education institution in the Czech Republic offering both maturitní (graduation) and vocational programs including culinary, mechanical, and caregiving fields. The website serves students, parents, and staff with educational information, services, and contact details. It maintains a moderate market position as a regional educational provider with partnerships across local government and industry. The technical infrastructure is based on WordPress CMS, enhanced with Google Analytics and Tag Manager for tracking, and Typekit for fonts. The site is mobile optimized and provides a cookie consent mechanism compliant with GDPR. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are lacking. Overall, the site is professional, trustworthy, and well maintained.

A

AFS

afs.cz

46

AFS Česká Republika is a well-established non-profit organization focused on intercultural education and exchange programs. The website presents a professional and comprehensive digital presence, offering detailed information about study abroad programs, hosting foreign students, volunteering, and scholarships. The organization targets students, parents, volunteers, and educational institutions, positioning itself as a key player in intercultural educational services within the Czech Republic and globally through the AFS network. Technically, the site is built on WordPress with modern SEO and analytics integrations, including Google Analytics, Hotjar, and Facebook Pixel, supported by a CDN for performance. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security headers could be enhanced. WHOIS data is unavailable, which slightly impacts trust but is mitigated by the organization's transparency and social proof. Overall, the site is safe, user-friendly, and compliant with GDPR, reflecting a mature digital strategy for a non-profit educational entity.

M

Mikulovská rozvojová s.r.o.

mikulovskarozvojova.cz

45

Mikulovská rozvojová s.r.o. is a municipally owned company founded in 2006, serving as a key organizer and promoter of cultural, wine, and social events in Mikulov, Czech Republic. The company also manages municipal assets such as the city cinema, pension, and amphitheater, providing venue rentals and advertising services. Their market position is primarily local and regional, focusing on cultural and hospitality sectors. The website reflects a professional and consistent brand presence with good content quality and clear navigation. Technically, the site is built on Joomla CMS with UIkit and jQuery frameworks, and uses Google Analytics and Tag Manager for tracking. The site is mobile optimized and performs moderately well.

LETOV AIR s.r.o. is a small, dynamically growing private aviation company based in the Czech Republic, offering a broad range of aviation services including air transport, pilot training, aircraft maintenance, and sales. The company emphasizes compliance with aviation regulations such as PART 145 and CAMO management, positioning itself as a professional service provider in the regional aviation market. The website content is relevant and informative, targeting general aviation clients and enthusiasts. Technically, the website employs legacy JavaScript libraries like jQuery and Fancybox, with Google Analytics integrated for user tracking. The site shows basic mobile optimization and accessibility but lacks modern responsive design and advanced SEO features. Security measures are minimal, with no visible HTTPS enforcement or security headers, though a cookie consent banner and email obfuscation are implemented to enhance privacy. From a security perspective, the absence of WHOIS data limits domain trust verification, and the lack of HTTPS and security headers presents vulnerabilities. No privacy policy or terms of service pages are published, which may impact compliance with GDPR and other regulations. The overall risk is moderate, with recommendations to improve security posture, privacy compliance, and technical modernization to enhance trust and user experience.

M

MONTPLAST-ITPV s.r.o

montplast-itpv.cz

54

MONTPLAST-ITPV s.r.o. is a Czech family-owned company specializing in plumbing, heating, water, and gas installation services. The company serves residential and commercial clients, offering comprehensive installation, repair, and maintenance solutions. Their website reflects a professional local business with a clear focus on quality and customer satisfaction. The company presents itself as experienced and reliable with a solid customer base and a range of key services in the energy sector. Technically, the website is built on WordPress using Elementor and several plugins including MonsterInsights for analytics and Caldera Forms for contact forms. The site is mobile-optimized and uses HTTPS with a valid SSL certificate, but lacks some security headers and cookie consent mechanisms. Analytics tracking is moderate, using Google Analytics and Tag Manager. The website content is well-structured and relevant, though SEO and accessibility could be improved. From a security perspective, the site shows good basic practices such as HTTPS and secure forms with GDPR consent. However, the absence of security headers and cookie banners indicates room for improvement. The WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is common for small businesses. No critical vulnerabilities or suspicious indicators were found. Overall, the website is trustworthy and professionally maintained, with moderate technical maturity and a solid business presence. Strategic recommendations include enhancing security headers, implementing cookie consent banners, and improving accessibility and SEO to strengthen compliance and user experience.

P

PPush

ppush.eu

54

PPush is a German-based technology service offering a free push notification app designed for organizations such as clubs, municipalities, and local businesses to send regional news and updates without requiring a dedicated app. The service emphasizes GDPR compliance and privacy by enabling anonymous message reception without collecting personal data like email or phone numbers. The website is professionally designed, multilingual, and provides comprehensive information about the service, including FAQs, testimonials, and API integration options. Technically, the site is built on WordPress with modern plugins for security, multilingual support, and cookie consent management. Security posture is strong with HTTPS, Wordfence protection, and Google reCAPTCHA integration. Privacy compliance is well addressed with a detailed privacy policy and cookie consent mechanism. Overall, the site presents a trustworthy and professional digital presence for a niche technology service focused on privacy and regional communication.

Status.net is a small business resource website founded in 2000, providing useful business templates and educational articles focused on management and organizational topics. The site targets business professionals and organizations seeking practical resources to improve operations and decision-making. Technically, the website is built on WordPress with a moderate technology stack including jQuery and various analytics and advertising scripts. Hosting appears to be on Amazon AWS infrastructure. The site demonstrates good mobile optimization and SEO practices but has basic accessibility features. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers, and does not provide a cookie consent mechanism. Privacy compliance is limited, with a basic privacy policy but no cookie or terms of service pages. No direct contact information or security policies are published, which limits transparency. Overall, the domain registration data is consistent and supports the legitimacy of the business. The website content is safe and appropriate for a general audience.

K

kuna zlatica

kunazlatica.hr

62

Kuna Zlatica is an independent design studio based in Croatia, founded in 2024. The studio specializes in various design disciplines including graphic design, visual identity, publishing, event design, spatial interventions, and packaging. Their website serves as a professional portfolio showcasing their projects and artistic approach, targeting cultural institutions, event organizers, and design professionals. The site is bilingual with Croatian as the primary language and English translation via Weglot. Technically, the website is built on Squarespace, hosted via Totohost, and uses modern web technologies including Google Fonts and Google Analytics with proper cookie consent mechanisms. Security posture is strong with HTTPS and HSTS enabled, though there is room for improvement in incident response and vulnerability disclosure transparency. Overall, the website is professional, trustworthy, and well-structured, reflecting the studio's niche market position and creative focus.

G

Gradska knjiznica Marka Marulića

gkmm.hr

43

Gradska knjiznica Marka Marulića is a well-established public library based in Split, Croatia, founded in 2002. It serves a broad audience including children, youth, and adults by providing diverse library services, cultural events, educational workshops, and an online catalog. The institution holds a strong local market position as a key cultural and educational resource. The website reflects this with rich content, event listings, and membership information, targeting general public and literary enthusiasts. Technically, the site is built on WordPress with modern plugins and frameworks such as Bootstrap and Swiper, hosted by Totohost, and integrates Google Analytics for visitor insights. The site is mobile-optimized and SEO-friendly, though accessibility features are basic.

G

Gradska knjižnica i čitaonica Vinkovci

gkvk.hr

47

Gradska knjižnica i čitaonica Vinkovci is a public library serving the Vinkovci community in Croatia, providing access to a catalog, membership services, and cultural events. The website is professionally designed using WordPress with Elementor and the Litho theme, offering a responsive and accessible user experience. The site includes a cookie consent mechanism and a privacy policy compliant with GDPR, reflecting a commitment to user privacy. Security posture is solid with HTTPS enforced and no exposed sensitive data, though some security headers could be improved. Overall, the domain registration and website content align well, indicating a trustworthy and legitimate institution.

D

DiVan

divan.hr

56

DiVan is a Croatian media platform focused on providing comprehensive information about events, places, and cultural activities in Zagreb. It serves a local audience interested in concerts, festivals, gastronomy, and social happenings, positioning itself as a niche event guide with a strong community presence. The platform offers additional services such as newsletters and mobile applications to enhance user engagement. Technically, the website is built on WordPress with a modern tech stack including WooCommerce, Google Analytics, and GDPR-compliant cookie management, reflecting a mature digital infrastructure. Security measures include HTTPS enforcement and CAPTCHA protections, although some security headers could be improved. The website demonstrates good privacy compliance and transparent user consent mechanisms. Overall, DiVan presents a professional and trustworthy online presence with moderate technical performance and solid business credibility.

T

Teatar EXIT

teatarexit.hr

41

Teatar EXIT is a well-established Croatian theatre company founded in 2003, specializing in provocative and innovative theatrical performances. The website serves as a digital platform to showcase their program, ticket sales, and festival events, targeting a general audience interested in cultural arts. The company maintains a consistent brand presence with active social media channels and a mobile app offering, indicating a moderate level of digital maturity. Technically, the site is built on WordPress with modern libraries and frameworks such as Bootstrap and jQuery, and integrates Google Analytics and Facebook Pixel for marketing and analytics purposes. Security measures include HTTPS, GDPR-compliant consent mechanisms, and Google reCAPTCHA on forms, although there is room for improvement in implementing security headers and explicit incident response policies. Overall, the website is professional, secure, and compliant, with a high trustworthiness rating and no detected malicious content.

Z

ZnajomaMarka.pl

znajomamarka.pl

38

ZnajomaMarka.pl is a Polish creative agency specializing in comprehensive branding, website development, SEO, copywriting, and social media marketing services. The company targets businesses and individuals seeking to establish or enhance their online presence with professional design and marketing solutions. The website showcases a diverse portfolio of projects, indicating active engagement in the creative sector since its founding in 2024. Technically, the site is built on WordPress with Elementor, integrating modern web technologies and Google analytics tools, providing a solid digital infrastructure. Security posture is adequate with HTTPS and reCAPTCHA usage, but lacks advanced security headers and visible security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

R

RES Team

redditenhancementsuite.com

56

Reddit Enhancement Suite (RES) is a well-established, community-driven open source browser extension designed to enhance the Reddit user experience. With over 1 million users across multiple browsers, it holds a strong position in the niche market of Reddit enhancement tools. The project is supported by an active community on Reddit, GitHub, and Discord, reflecting a collaborative development and support model. The website provides clear information about the extension, download links for various browsers, and community resources, though it has entered maintenance-only mode as per the notice. Technically, the website uses a straightforward tech stack including Bootstrap for styling and Google Analytics for user tracking. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. Hosting and domain registration are stable and consistent with the project's age and scope. However, there is room for improvement in security practices, such as enabling DNSSEC, implementing security headers, and adding cookie consent mechanisms. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks explicit security policies, incident response information, and GDPR compliance indicators. No critical vulnerabilities or suspicious content were detected. The use of Google Analytics without visible cookie consent may pose privacy compliance risks. Overall, the security posture is moderate but could be enhanced with additional controls and transparency. The overall risk assessment is low, with the main recommendations focusing on improving privacy compliance, security headers, and incident response readiness. The website is trustworthy, professional, and safe for general audiences, with no adult or explicit content. Strategic improvements in security and privacy policies would further strengthen user trust and regulatory compliance.

MetroTwit is a software application developed by Pixel Tucker Pty Ltd, designed as a Twitter client for Windows platforms including Windows 7, Vista, and Windows 8 tablets. The product embraced Microsoft's Metro design language and offered features such as multiple account support, undo tweet functionality, and real-time Twitter streaming. The website clearly communicates that the product has been discontinued and the download is no longer available. The target audience was Windows users seeking a modern Twitter client experience. The company is a small Australian technology firm founded around 2010. Technically, the website is built on WordPress with standard web technologies and integrates social media widgets and Google Analytics for tracking. The site is hosted behind Cloudflare, ensuring good availability and performance. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Business credibility is supported by clear company information, testimonials, and a privacy policy. Overall, the website is functional, safe, and professional but could improve in security and privacy compliance.

G

Girona Softwareentwicklung GmbH

konsentas.de

49

Konsentas.de is a professional website operated by Girona Softwareentwicklung GmbH offering a modular online appointment scheduling system tailored for German government authorities. The platform supports various public sector applications including resident registration, health offices, vehicle registration, and COVID-19 related tools. The website demonstrates a solid market position with multiple municipal clients and a clear focus on e-government digital transformation. Technically, the site uses modern front-end technologies such as Bootstrap, jQuery, and Google Fonts, and integrates Google Analytics and LinkedIn tracking for marketing insights. The site is mobile-optimized and well-structured, providing a good user experience. Security posture is moderate with cookie consent implemented but lacking explicit security headers and published security policies. WHOIS data aligns with the business identity, indicating legitimacy. Overall, the website is trustworthy and professionally maintained, suitable for its target audience.

I

Inscribe Labs

mcdowell.com

61

The website www.mcdowell.com serves as a professional personal profile for John McDowell, Founder and CEO of Inscribe Labs. It highlights his extensive experience in technology product management and leadership roles at major companies such as Intel and Microsoft. The site is designed to showcase his professional background, education, and contact information primarily targeting technology professionals and potential collaborators. The website is hosted on the Strikingly platform and employs standard web technologies including JavaScript, Google Analytics, and Bugsnag for error monitoring. While the site is well-structured and professionally presented, it lacks a privacy policy and terms of service pages, which are important for compliance and user trust. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the site content itself is professional and consistent with a legitimate business profile.

T

Tourismus und Stadtmarketing Husum GmbH

nordsee-congress.de

49

Nordsee Congress is a regional event and tourism marketing organization focused on promoting Husum, Germany as a premier destination for conferences, trade fairs, and congresses. The website provides comprehensive information about venues, hotels, event planning services, and local attractions, targeting event organizers and business travelers. The organization appears established with over 25 years of experience in hosting large events, supported by professional content and a consistent brand presence. Technically, the website uses a modern tech stack including HTML5, CSS3, JavaScript, Google Analytics, and Google Tag Manager, with a CMS likely based on LIS CMS. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Cookie consent is implemented with an opt-in mechanism, reflecting good privacy compliance. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the site lacks explicit security policies, incident response information, and vulnerability disclosure mechanisms, which could be improved to enhance trust and compliance. Contact information is clearly provided, including email, phone, and social media channels, supporting business credibility. Overall, the website is professional, trustworthy, and well-suited for its target audience, with room for improvement in security transparency and accessibility compliance.

T

TAUW

tauw.com

57

TAUW is an established environmental consultancy firm focused on shaping a vital living environment through expert solutions and partnerships. The company targets businesses and organizations requiring environmental and sustainability consulting services, positioning itself as a reputable international player in the energy and environmental sectors. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive privacy and cookie compliance mechanisms. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, Cookiebot for consent management, and Sooqr for search functionality, indicating a well-integrated digital infrastructure. Security posture is strong with HTTPS enforced and multiple security headers present, although the absence of a public security policy or incident response contact is noted. The lack of WHOIS data is unusual but does not detract significantly from the site's legitimacy given the professional content and compliance features. Overall, the website presents a trustworthy and professional image suitable for its business domain.

D

Designers Inn | Premium WordPress Themes

designers-inn.de

9

Designers Inn is a small German-based business specializing in premium WordPress themes and providing German-language support, workshops, and SEO/online marketing tips targeted primarily at self-employed professionals and small businesses. The website is built on WordPress using the Divi theme and several plugins to enhance functionality, including video optimization and advanced tab modules. The technical infrastructure is modern and includes CDN usage and analytics integration, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks comprehensive privacy and security policies, which are critical for GDPR compliance. No blocking or WAF mechanisms interfere with content accessibility, allowing full analysis.

F

Frutiko

frutiko.cz

48

Frutiko.cz is a Czech Republic-based e-commerce retailer specializing in edible flower bouquets, classic flowers, cakes, and gift baskets. The company targets general consumers seeking unique and fresh gift options with delivery services across Prague, Brno, and the wider Czech Republic. The website is professionally designed, multilingual, and offers a seamless shopping experience with clear navigation and mobile optimization. Technically, the site leverages modern web technologies including jQuery, Bootstrap, and multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, though the absence of a published security policy and incident response contact suggests room for improvement. The lack of WHOIS data reduces domain trust slightly but does not detract significantly from the overall legitimacy given the professional presentation and comprehensive privacy and cookie policies. Overall, Frutiko.cz presents a trustworthy and well-managed online retail platform with good compliance and security practices.

M

mediaform, s.r.o.

mediaform.cz

45

mediaform, s.r.o. is a boutique marketing, UX, and design studio based in Prague, Czech Republic, founded in 2011. The company specializes in creating technologically advanced and aesthetically pleasing digital applications and presentations, focusing on effective user experience and attention to detail. Their client portfolio includes notable brands such as L'Oréal, Marks & Spencer, and the Ministry of Interior of the Czech Republic, indicating a strong market position within the media and marketing sector. The website reflects a professional and consistent brand image targeting businesses seeking specialized marketing and design services. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates analytics tools like Google Analytics and Facebook Pixel. Hosting is provided by VAS Hosting, with domain registration dating back to 2011, consistent with the company's founding year. The site is mobile optimized and provides a good user experience, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks important security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security practices.

The European Cancer Patient Coalition (ECPC) is a well-established non-profit organization advocating for cancer patients across Europe. The website serves as a comprehensive platform for policy advocacy, health and research initiatives, patient engagement, and awareness campaigns. It targets cancer patients, caregivers, healthcare professionals, and European policymakers, positioning itself as a key voice in European cancer patient advocacy with over a decade of history. Technically, the site is built on WordPress with modern plugins and tools, offering good SEO, mobile optimization, and user experience. Security posture is adequate with HTTPS and domain protections, though improvements in DNSSEC and security headers are recommended. Privacy compliance is strong with clear GDPR consent mechanisms and policies. Overall, the site is professional, trustworthy, and content-rich, supporting its mission effectively.

F

Forum Organizacji Pacjentów

fop25.pl

9

Forum Organizacji Pacjentów is a well-established non-profit organization hosting an annual conference focused on patient organizations and healthcare advocacy in Poland. The 2025 event aligns with significant dates such as the World Day of the Sick and Poland's EU presidency, attracting national and European leaders in healthcare. The website is professionally designed using WordPress and Divi theme, featuring live streaming integration and social media connectivity. However, it lacks visible privacy and cookie policies, which are critical for GDPR compliance. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Tracking technologies from Google are used, indicating moderate user tracking. Overall, the site is credible and serves its business purpose effectively but should improve privacy compliance and security best practices.

H

Health and Environment Alliance

env-health.org

58

The Health and Environment Alliance (HEAL) is a European non-profit organization dedicated to ensuring that health evidence influences policymaking in environmental health. Their website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. HEAL offers advocacy, research projects, and campaigns focused on chemicals, climate, air quality, and pesticides, targeting policymakers and stakeholders in the health and environment sectors. Technically, the site is built on WordPress with modern plugins and tools such as Gravity Forms, Yoast SEO, and Google Analytics, indicating a well-maintained infrastructure. Security posture is solid with HTTPS and reCAPTCHA protections, though improvements in security headers and cookie consent mechanisms are recommended. The absence of WHOIS data transparency slightly reduces trust but does not outweigh the professional presentation and clear contact information. Overall, HEAL's website is a credible and authoritative platform for environmental health advocacy.

M

Ministarstvo unutarnjih poslova Republike Hrvatske

mup.hr

10

The Ministry of the Interior of the Republic of Croatia operates the official government website mup.gov.hr, providing authoritative information and services related to internal affairs, police operations, and citizen support. The website serves a broad audience including Croatian citizens, residents, media, and international visitors seeking official updates and resources. It maintains a strong market position as the primary government entity responsible for internal security and public safety in Croatia. Technically, the website employs a modern technology stack including Google Analytics, Google Tag Manager, Facebook Pixel, and JavaScript libraries such as Galleria and Fancybox for enhanced user experience. The site is mobile-optimized and accessible, with a clear navigation structure and professional design. Privacy compliance is robust, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. From a security perspective, the site enforces HTTPS and uses tracking consent banners, but lacks visible security headers in the HTML source. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is due to GDPR privacy protections, which is typical for government domains. Overall, the domain and website exhibit high legitimacy and trustworthiness. The overall risk assessment is low, with recommendations to enhance security headers, publish a formal security policy, and consider a vulnerability disclosure mechanism to further strengthen security posture and transparency.

H

Harvest

getharvest.com

11

Harvest is a well-established SaaS company specializing in time tracking and invoicing software, serving over 70,000 businesses globally. Their platform offers comprehensive features including time tracking, reporting, invoicing, and team scheduling through Harvest Forecast. The website demonstrates a mature digital infrastructure leveraging HubSpot CMS, Google Analytics, and other modern marketing and analytics tools, ensuring a professional and user-friendly experience across desktop and mobile platforms. Security practices are robust with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the professional presentation and market presence. Strategic recommendations include enhancing transparency around security policies and incident response, and publishing vulnerability disclosure information to further build trust.

L

Lovezagreb

uhpa.hr

10

The website represents UHPA, a well-established Croatian tourism industry association founded in 2002, serving over 330 members including travel agencies and key tourism stakeholders. It focuses on promoting sustainable tourism, professional development, and industry advocacy. The site is professionally designed with good content quality, clear navigation, and bilingual support. Technically, it uses modern web technologies including React and Cloudflare services, with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though it lacks a public vulnerability disclosure policy and incident response contacts. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site is trustworthy, professional, and serves as a credible resource for the Croatian tourism sector.

C

Croatia Rally

rally-croatia.com

10

Croatia Rally is a prominent sporting event organizer focused on the ERC Croatia Rally 2025, a major motorsport event that attracts global spectators and promotes Croatia as a tourist destination. The website effectively communicates the event's details, hospitality packages, merchandising, and calendar, targeting motorsport fans, tourists, media, and competitors. The business operates in the transportation and tourism sectors with a medium-sized footprint and a founding date consistent with the domain registration in 2015. Technically, the website employs modern web technologies including JavaScript libraries, analytics, and marketing tools, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and domain transfer protection, though improvements in security headers and DNSSEC are recommended. Privacy compliance is addressed with clear policies and consent mechanisms. Overall, the site presents a professional and trustworthy digital presence with strong business credibility.

AroundZagreb.hr is a tourism promotion website operated by the Turistička Zajednica Grada Zagreba, the official tourism board of Zagreb, Croatia. The site provides multilingual content aimed at tourists interested in exploring Zagreb and its surroundings, featuring local attractions, weather updates, and social media integration. The business model focuses on information dissemination and tourism promotion, positioning itself as a trusted official source for visitors. Technically, the website is built using React with modern asynchronous script loading and is hosted behind Cloudflare DNS services, ensuring good performance and availability. The site is mobile-optimized and includes SEO best practices such as meta tags and structured data.

M

Marker d.o.o.

marker.hr

60

Marker d.o.o. is a Croatian company specializing in the development of professional web shops for both retail (B2C) and wholesale (B2B) clients. Established in 2011, the company has positioned itself as a leading domestic agency with multiple awards and certifications such as ISO 9001 and ISO 27001. Their services focus on enabling businesses to increase sales through effective e-commerce solutions. The website reflects a mature digital presence with a clear business focus, professional design, and comprehensive content including client references and an active blog.

Hrvatski izvoznici is a well-established Croatian association dedicated to supporting exporters through certifications, news, events, and educational resources. The website serves as a comprehensive platform for Croatian exporters, providing timely updates, a database of exporters, and organizing key industry events. The organization maintains strong partnerships with major Croatian financial and trade institutions, enhancing its credibility and market position. Technically, the website uses a custom CMS with legacy JavaScript libraries and integrates Google Analytics and Google Tag Manager for tracking. While the site is functional and professionally designed, some outdated technologies and missing security headers present moderate security risks. Privacy compliance is addressed through a cookie consent banner and a basic cookie policy, but no explicit privacy or security policies are found. Overall, the site is trustworthy and serves its target audience effectively, though improvements in security and technical modernization are recommended.

Stowarzyszenie Apetyt na Życie is a Polish non-profit organization established in 2012, dedicated to supporting children and adults suffering from digestive system disorders, particularly those requiring parenteral or enteral nutrition and patients with inflammatory bowel diseases. The organization provides patient support, educational resources, advocacy, and fundraising activities, positioning itself as a trusted community resource within Poland's healthcare sector. The website reflects a professional and consistent brand image, with comprehensive content including patient stories, news, and multimedia resources.

P

Polskie Towarzystwo Neurologiczne

ptneuro.pl

60

Polskie Towarzystwo Neurologiczne operates a professional and educational website serving neurologists, medical professionals, and patients in Poland. The site provides membership information, certifications, news, educational campaigns, and access to professional journals. The organization is well-established with a domain registered since 2006 and maintains a consistent brand presence online. Technically, the website is built on Drupal 8 with modern JavaScript libraries and integrates Google Analytics for traffic monitoring. The site is mobile-optimized and accessible, with clear navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent implemented, though improvements could be made by enabling DNSSEC and adding security headers. No critical vulnerabilities or suspicious content were detected. Overall, the website reflects a credible and trustworthy professional society with good digital maturity.

Kwiat Kobiecości is a Polish non-profit organization dedicated to raising awareness and providing support for women diagnosed with cervical cancer. Founded around 2021, it is driven by the personal experiences of Ida Karpińska and other women who have battled and overcome this disease. The organization focuses on education, support, and advocacy to address the alarming statistics of cervical cancer in Poland. The website serves as a platform for information dissemination and community engagement, leveraging social media channels such as Facebook, Instagram, and YouTube to extend its reach. Technically, the website is built on WordPress using the Divi theme, supplemented by plugins like WooCommerce, Responsive Lightbox, and YOP Poll. It integrates Google Analytics and Facebook Pixel for visitor tracking and marketing insights. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. The absence of visible privacy and cookie policies, as well as security headers, indicates areas for improvement in compliance and security hardening. From a security perspective, the site uses HTTPS with a good SSL configuration, but lacks advanced security headers and explicit privacy compliance mechanisms. No WHOIS data is available, likely due to privacy protection, which is justifiable given the organization's non-profit and health-related nature. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, Kwiat Kobiecości presents as a legitimate and focused non-profit entity with a clear mission. Enhancements in privacy policy visibility, cookie consent, and security headers would strengthen its compliance posture and user trust. The technical infrastructure is sound but could benefit from ongoing updates and security best practices to maintain resilience.

B

Bajkazyl Olomouc

bajkazylolomouc.cz

48

Bajkazyl Olomouc is a small local business specializing in bicycle recycling, repair, custom bike building, and sales, serving the Olomouc community in the Czech Republic. The website presents a clear description of their services and target audience, positioning itself as a community hub for cycling enthusiasts. Technically, the site is built using modern React and Gatsby frameworks, with Google Analytics integrated for visitor tracking. The site is mobile optimized and offers a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS but lacks important security headers and formal privacy or cookie policies, which are areas for improvement. The absence of WHOIS data suggests privacy protection on domain registration, which is common for small businesses. Overall, the site is professional and trustworthy but could enhance compliance and security posture.

C

Cyklus Trails

cyklustrails.com

42

Cyklus Trails is a small, specialized travel agency offering self-guided and guided cycling tours primarily in the Czech Republic and neighboring countries. Established in 2002, it targets active travelers seeking authentic outdoor adventure experiences along well-known bike paths and cultural sites. The website is built on Drupal 7 and incorporates common web technologies such as jQuery, Google Analytics, and Facebook SDK for social integration and tracking. While the site is accessible and professionally presented, it lacks critical privacy and cookie policies, which impacts compliance with GDPR and other privacy regulations. Security measures include the use of Google reCAPTCHA on contact forms, but the absence of security headers and use of outdated libraries present potential vulnerabilities. The WHOIS data for the domain is missing, raising concerns about domain registration legitimacy, although the website content and contact details appear genuine. Overall, the site demonstrates moderate digital maturity with room for improvement in security and privacy compliance.

A

Awen Amenca z.s.

awenamenca.cz

55

Awen Amenca is a small non-profit organization based in the Czech Republic focused on reducing school segregation by empowering Roma parents, advocating for equal access to education, and organizing community leadership. Their website clearly communicates their mission, activities, and impact, targeting Roma communities, parents, schools, and municipalities. The organization operates campaigns to enroll Romani children in quality mainstream schools and supports legal advocacy against discrimination. Technically, the website is built on the Webnode CMS platform, uses AWS Cloudfront CDN for hosting, and integrates Google Analytics and ShareThis for tracking and social sharing. The site is mobile optimized with good design and navigation, though accessibility features are basic. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published policies. WHOIS data is unavailable, which limits domain trust assessment. No privacy or cookie policies are found, indicating compliance gaps. Overall, the website is functional and professional but could improve transparency and security compliance.

R

Red Monkeys GmbH

red-monkeys.de

46

Red Monkeys GmbH is an independent advertising agency based in Konstanz, Germany, specializing in brand building, communication, and activation services. Their website presents a professional and comprehensive overview of their offerings, targeting businesses seeking creative marketing solutions. The agency showcases a strong portfolio with client logos and case studies, emphasizing their regional market presence and creative expertise. Technically, the website employs modern web standards, including HTML5, CSS3, JavaScript, and integrates Vimeo for video content and analytics tools such as Google Analytics and Matomo. The site is mobile-optimized and features a cookie consent mechanism compliant with GDPR requirements. Security-wise, the website uses HTTPS with good SSL configuration and enforces cookie consent for tracking scripts, though it lacks a publicly available security policy or incident response contacts. Overall, the site is trustworthy, well-designed, and compliant with privacy standards, making it a reliable digital presence for the agency.

C

Chefstidningen

chefstidningen.se

46

Chefstidningen is a Swedish media company specializing in leadership and HR content targeted at academics and professionals. The website offers a mix of free and premium subscription content, including articles, newsletters, and a printed magazine. It is owned by Individ & Samhälle Sverige AB, affiliated with Akademikerförbundet SSR, indicating a strong institutional backing. The site is well-branded and consistent with its niche market positioning. Technically, the website is built on WordPress with WooCommerce for subscription management, leveraging modern web technologies such as Bootstrap and jQuery. It integrates multiple third-party analytics and advertising services, including Google Analytics, Google Tag Manager, and LinkedIn Insight. The site is mobile-optimized and SEO-friendly, though performance is moderate. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. There is no visible security policy or incident response information, and no cookie consent mechanism was detected, which may pose GDPR compliance risks. The domain is long-standing and registered with a reputable registrar, supporting the site's legitimacy. Overall, Chefstidningen presents a professional and credible online presence with room for improvement in privacy compliance and security hardening to better protect user data and enhance trust.

Corniche Watches is a niche luxury watch e-commerce brand founded in 2013, focusing on combining traditional watchmaking art with modern design inspired by the Côte d’Azur. The website presents a professional and consistent brand image, targeting fashion-conscious consumers and watch enthusiasts. The business model centers on direct online sales of watches, bracelets, and straps, supported by marketing efforts such as newsletters and social media engagement. Technically, the site is built on WordPress with WooCommerce, leveraging modern frameworks and third-party services for analytics, marketing, and customer support. The website is mobile-optimized and SEO-friendly, providing a good user experience. Security posture is solid with HTTPS enforced and domain registration secured, though some security headers are missing and no explicit security policies are published. Privacy compliance is well addressed with a detailed cookie consent mechanism and GDPR-aligned privacy policy. Overall, the site is trustworthy and professionally managed, with room for improvement in security transparency and direct contact information availability.

B

brandstalentsrights

create-success.net

62

brandstalentsrights is a specialized sports marketing and branding agency based in Germany, focusing on leveraging data-driven insights to create compelling media formats with sports personalities. The company targets athletes and sports-related businesses aiming to enhance their brand presence and storytelling. The website is professionally designed using Squarespace, featuring clear navigation and relevant content that highlights their services and team. Technically, the site uses modern web technologies and integrates Google Analytics for tracking, but lacks some advanced security headers and a public WHOIS record, which slightly impacts trustworthiness. The cookie consent mechanism is implemented, but no privacy policy or terms of service pages were found, indicating room for compliance improvement. Overall, the security posture is moderate with HTTPS enforced but missing some best practices. The domain WHOIS data is unavailable, which raises minor concerns but does not negate the professional appearance and functionality of the site.

J

JAKO AG

jako.com

69

JAKO AG operates a professional e-commerce platform specializing in sportswear and equipment for men, women, and children, primarily targeting sports teams and individual consumers in Germany and surrounding regions. The website presents a well-structured, content-rich shopping experience with clear navigation and product categorization. The company leverages modern technologies such as Algolia for search, Google Tag Manager, and analytics tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS enforced and consent-based cookie management, though some security headers could be improved. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Despite the absence of WHOIS registration details, the site shows strong trust indicators including a high Trusted Shops rating and consistent branding. Overall, the site is professional, secure, and user-friendly, supporting JAKO's position as a reputable sportswear retailer.

K

Kerekesh Teatar

kerekesh-teatar.hr

46

Kerekesh Teatar is a Croatian theatre company specializing in comedic and cultural performances, offering a schedule of shows primarily in Croatia. The website presents a professional and well-structured digital presence, leveraging WordPress with modern plugins and themes to deliver content effectively. The company maintains a consistent brand image and integrates social media channels to engage its audience. Technically, the site uses a solid tech stack including WordPress, jQuery, and Google Analytics, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though security headers could be improved. Overall, the site is trustworthy and compliant with GDPR, reflecting a legitimate and transparent business.

B

BGV Badische Versicherungen

bgv.de

72

BGV Badische Versicherungen is a regional German insurance provider specializing in family and private insurance solutions. The website targets families and private customers, offering tailored insurance products with benefits and discounts. The company positions itself as a trusted family insurer with a professional online presence. Technically, the website is built using JavaServer Faces with OmniFaces and PrimeFaces frameworks, integrating modern marketing and analytics tools such as Google Analytics, Google Ads, Facebook Pixel, and Cookiebot for consent management. The site demonstrates good digital maturity with mobile optimization, accessibility features, and SEO best practices. Security-wise, the site enforces HTTPS and a strict Content-Security-Policy, with no detected vulnerabilities or exposed sensitive data. However, explicit security policies and incident response contacts are not publicly available. Overall, the website is professional, secure, and compliant with GDPR, but could improve transparency by publishing terms of service and security policies.

A

APATOR POWOGAZ CZECHIA s.r.o.

metra-su.cz

50

APATOR POWOGAZ CZECHIA s.r.o. is a well-established Czech company specializing in manufacturing and distributing measuring and controlling units such as heat cost allocators, water meters, thermostats, and related software solutions. With over 70 years of experience and a broad product portfolio, the company targets businesses and distributors in the energy and thermoregulation sectors. Their website reflects a professional presence with clear product information, contact channels, and customer support services. The company maintains a moderate digital maturity with modern web technologies including Bootstrap, jQuery, Google Analytics, and reCAPTCHA for form security. Cookie consent mechanisms and GDPR compliance are addressed, though the privacy policy is basic in scope.

K

Specialisté na dmychadla – Kubíček VHS

kubicekvhs.cz

41

The website kubicekvhs.cz appears to be a small-scale, Czech Republic based site likely related to education or a personal business, given the domain age and hosting details. The site uses common web technologies such as Google Analytics, Google Tag Manager, and Font Awesome icons, hosted on websupport.cz servers. However, the site lacks critical privacy and cookie policies, contact information, and security headers, which limits its compliance and trustworthiness. The content quality is basic with minimal SEO and accessibility features, indicating a modest digital maturity level. Security posture is weak due to missing security headers and lack of disclosed security policies or incident response mechanisms. Overall, the site is accessible with no blocking or WAF detected, but improvements in privacy compliance, security best practices, and business transparency are recommended to enhance trust and professionalism.