Security Directory

V

Východoslovenská distribučná, a.s.

vsds.sk

57

Východoslovenská distribučná, a.s. is a major electricity distribution system operator in Slovakia, serving a large customer base including households, entrepreneurs, municipalities, and energy producers. The company provides a comprehensive online portal for managing electricity consumption points, outage reporting, and service applications. Their market position is strong as a regional leader with a large customer footprint and a parent company in the energy sector. Technically, the website employs modern JavaScript frameworks such as Dojo and AngularJS, integrates Google Analytics and Facebook Pixel for tracking, and uses a cookie consent mechanism compliant with GDPR. The site is mobile-optimized and features structured data for enhanced SEO and business transparency. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and trustworthy online presence. Overall, the website reflects a professional and credible energy distribution business with solid digital maturity.

H

Zakwaterowanie w Czechach i na Słowacji (5000+) - Hauzi.pl

hauzi.pl

46

Hauzi.pl is an online accommodation search and booking platform primarily targeting travelers seeking lodging in Slovakia and the Czech Republic. The website offers a comprehensive catalog of over 5000 accommodations including cottages, wooden houses, guest houses, apartments, and hotels, with user ratings and special offers. The platform is positioned as a popular and trusted search engine for accommodations in these regions, catering to a broad audience interested in vacation rentals and travel planning. Technically, the website employs modern web technologies such as Vue.js for frontend interactivity, integrates Google Tag Manager and Google Analytics for tracking and marketing purposes, and uses HTTPS to secure communications. The site is mobile-optimized and provides a user-friendly interface with clear navigation and search functionalities. However, some accessibility features and security headers could be improved to enhance security and compliance. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism with granular user options, indicating awareness of privacy regulations. Nonetheless, the absence of explicit privacy policy, terms of service, and security incident contact information represents gaps in compliance and transparency. The WHOIS data is not publicly available, which is common for commercial sites but reduces transparency regarding domain ownership. Overall, Hauzi.pl presents a professional and functional online platform with moderate security and privacy compliance maturity. Strategic improvements in policy transparency, security headers, and contact information would strengthen trust and regulatory adherence.

S

SalesFeed Nederland B.V.

salesfeed.com

55

SalesFeed Nederland B.V. is a Dutch technology company specializing in B2B lead generation, marketing automation, and account based marketing software. The company offers a SaaS platform focused on business recognition, real-time website personalization, and CRM enrichment to help businesses optimize sales and marketing efforts. The website is professionally designed, targeting Dutch B2B companies, and demonstrates a mature digital presence with integrations of modern marketing and analytics tools. Security posture is good with HTTPS and cookie consent mechanisms in place, though some security headers and explicit policies are missing. WHOIS data is unavailable, which slightly reduces trust but the overall business credibility remains high based on website content and branding.

C

CREATON South-East Europe Kft.

creaton.hr

55

CREATON South-East Europe Kft. is a medium-sized manufacturing company specializing in clay roof tiles and roofing accessories, serving primarily the South-East European market. The company offers a broad product range, technical consulting, and downloadable resources, targeting private investors, contractors, architects, and agricultural users. The website is professionally designed, multilingual, and provides clear navigation and relevant content. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, hosted by Neosoft in Hungary, and integrates modern technologies such as Google Maps API and Facebook Pixel for marketing and analytics. Security posture is solid with HTTPS enforced and nonce usage in scripts, though some security headers are missing and no explicit incident response or vulnerability disclosure information is provided. Privacy and cookie policies are present and GDPR compliant. Overall, the website reflects a trustworthy and established business with good digital maturity.

T

TAB

tabbv.nl

49

TAB is a specialized Dutch company focused on building fire prevention services including compartmentalization, penetrations, emergency lighting, and maintenance. The website positions TAB as a niche expert in this field, targeting businesses and professionals requiring fire safety solutions. The site is built on WordPress with a modern tech stack including Google Tag Manager, Hotjar, and Cookiebot for analytics and compliance. Structured data and SEO metadata are well implemented, enhancing search visibility. Security posture is adequate with HTTPS and cookie consent, but lacks visible security headers and published privacy or security policies, indicating room for improvement. Overall, the website is professional and trustworthy but could enhance compliance and security transparency.

W

WEMAG Netz GmbH

wemag-netz.de

10

WEMAG Netz GmbH operates as a regional electricity and gas distribution network operator in Mecklenburg and parts of Brandenburg and Lower Saxony, Germany. The company manages extensive electricity and gas networks, providing services such as network connections, energy distribution, and customer portals. Their website reflects a professional and regionally focused utility business with clear service offerings and customer support channels. Technically, the site is built on Drupal 10, uses modern JavaScript libraries, and integrates GDPR-compliant cookie management via Usercentrics. Analytics are managed through Google Tag Manager, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the site lacks explicit security policy and incident response information. Overall, the website is well-structured, accessible, and trustworthy, supporting the company's business credibility in the energy sector.

C

Comité régional du Tourisme de la région Centre-Val de Loire

tourisme-pro-centre-valdeloire.fr

10

The website 'Tourisme Pro' serves as the official digital platform for the Comité régional du Tourisme de la région Centre-Val de Loire, targeting tourism professionals within the region. It offers a comprehensive range of services including tourism data, professional training, innovation support, publications, and sustainable tourism initiatives. The site positions itself as a key regional resource and authority in tourism promotion. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for content management, GDPR compliance, and user engagement. Hosting is provided by Infomaniak Network SA, a reputable provider. The site demonstrates good mobile optimization, moderate performance, and solid SEO practices. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully detected, no vulnerabilities or exposed sensitive data were found. The absence of direct contact emails or phone numbers suggests reliance on contact forms for communication. Overall, the website is professional, trustworthy, and well-aligned with its business purpose. It maintains good privacy compliance and provides a safe browsing experience. Strategic recommendations include enhancing security headers, expanding contact information transparency, and continuous security monitoring.

T

Tours Val de Loire Box

valdeloire-box.fr

41

Tours Val de Loire Box is a small French hospitality business specializing in selling curated experience gift boxes focused on the Val de Loire region. Their offerings include cultural passes, vintage vehicle rides, helicopter tours, gastronomy workshops, and weekend stays, targeting tourists and gift buyers interested in unique regional experiences. The website is professionally designed using WordPress with the Divi theme and WooCommerce platform, supported by modern web technologies such as jQuery and Snap.svg. The site is hosted by OVH, a reputable French provider, and includes SEO optimizations and mobile responsiveness. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Privacy policies and terms of service are present and accessible, indicating GDPR compliance. Contact information is clearly provided, enhancing business credibility. Overall, the website presents a trustworthy and professional digital presence for a niche tourism business.

T

Tours City Pass

tourscitypass.com

65

Tours City Pass is a small-sized tourism-focused business founded in 2020, offering digital city passes and related tourism packages for visitors to Tours, France. The website serves as an e-commerce platform enabling users to purchase passes, access interactive maps, and benefit from discounts and cultural offers. The business is positioned as a local tourism enabler with a clear target audience of tourists and visitors seeking cultural and leisure activities in the Tours metropolitan area. The parent company is Otipass, which provides the technological platform and payment processing services. Technically, the website employs a modern technology stack including Bootstrap, jQuery, React, and various analytics and tracking tools such as Matomo and Facebook Pixel. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates cookie consent mechanisms compliant with GDPR. However, some security headers are missing, and DNSSEC is not enabled, representing areas for improvement. From a security perspective, the site demonstrates good practices such as encrypted communications, cookie consent, and no visible sensitive data exposure. There is no evidence of a published security policy or incident response plan, and no vulnerability disclosure mechanism is present. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company’s founding date and no privacy protection, which supports transparency. Overall, the website is professional, trustworthy, and compliant with privacy regulations, with moderate technical sophistication and a solid security posture. Recommendations include enhancing security headers, enabling DNSSEC, and publishing formal security and incident response policies to further strengthen trust and compliance.

G

Gerstenberg Verlag GmbH & Co. KG

die-kleine-raupe-nimmersatt.de

61

Gerstenberg Verlag GmbH & Co. KG is a reputable German publishing company specializing in children's literature, notably the internationally acclaimed 'Die kleine Raupe Nimmersatt' by Eric Carle. The website serves as a blog and information portal for their publications, events, and educational content, targeting parents, educators, and children. Their market position is that of an established niche publisher with a strong brand presence and consistent content quality. Technically, the website is built on WordPress with Bootstrap framework, enhanced by Matomo analytics for user tracking. The site is hosted likely by Deutsche Telekom, uses HTTPS with good SSL configuration, and demonstrates moderate performance and good mobile optimization. SEO and accessibility are adequately addressed, though some accessibility features could be improved. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data. However, it lacks some advanced security headers and does not publish a formal security policy or incident response contacts. No vulnerabilities or suspicious patterns were detected in the content or WHOIS data, indicating a solid security posture. Overall, the website is professional, trustworthy, and compliant with GDPR and privacy standards. It provides a safe environment focused on children's educational content. Strategic recommendations include enhancing security headers, publishing security policies, and continuous monitoring of third-party scripts to maintain security and compliance.

Manpower France operates as a leading recruitment and temporary staffing agency in France, providing a wide range of employment services including permanent and fixed-term contracts. The company is part of the global ManpowerGroup, which enhances its market position and credibility. The website is professionally designed, targeting job seekers and employers with clear navigation and comprehensive service offerings. The content is primarily in French, reflecting its local market focus. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, ensuring a responsive and user-friendly experience across devices. Security best practices are observed with HTTPS enforcement and appropriate security headers, although there is room for improvement in accessibility and incident response transparency. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Contact information is readily available, including a dedicated Data Protection Officer email, enhancing trust and compliance. Overall, the website presents a low risk profile with a solid business credibility and technical foundation. The main limitation is the absence of WHOIS data, which is likely due to registry policies but should be monitored. Strategic recommendations include establishing a public vulnerability disclosure policy and enhancing accessibility features.

T

trace.tv

trace.tv

51

The website at trace.plus/app is currently inaccessible or blocked, showing only a loading spinner with no substantive content. The domain WHOIS data is unavailable or privacy protected, providing no registrar, creation, or registrant information. The site uses modern web technologies such as React and Gatsby, and includes multiple third-party marketing and tracking scripts including Google Tag Manager, Facebook Pixel, AppsFlyer, and Gigz. However, no privacy, cookie, or terms of service policies are present, and no contact or business information is visible. This limits the ability to assess the business or security posture comprehensively. The security posture is weak due to lack of visible security headers and absence of HTTPS enforcement indicators in the content. Overall, the site appears to be under a WAF or security challenge that blocks full content access, resulting in a low trust and credibility score.

A

AJI Groupe

exponum.salon

53

Exponum.salon is a French digital platform owned by AJI Groupe SAS that provides innovative digital mini-sites for exhibitors and organizers of salons, exhibitions, and events. The platform enhances visibility and engagement by offering dynamic digital plans, personalized QR codes, and easy-to-manage exhibitor mini-sites. The website is professionally designed using WordPress with Elementor and Yoast SEO, ensuring good SEO and user experience. The platform integrates Google reCAPTCHA v3 for form security and maintains comprehensive legal and privacy documentation, indicating strong compliance with GDPR and related regulations. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers could be improved. Overall, the site is trustworthy, well-maintained, and targeted at B2B clients in the event technology sector.

V

VDE VERLAG GmbH

vde-verlag.de

66

VDE VERLAG GmbH operates as a specialized technical publisher and seminar provider focused on electrical engineering standards, technical literature, and professional training. The company serves professionals and organizations in the energy and electrical engineering sectors primarily in Germany. Their business model centers on publishing DIN-VDE and IEC standards, technical books, journals, and offering subscription services and seminars. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding. Technically, the website employs modern web technologies including Bootstrap, jQuery, and FontAwesome, hosted on German Telekom infrastructure. The site is mobile-optimized, accessible, and SEO-friendly. Analytics are implemented via etracker with user consent mechanisms in place. Security best practices such as HTTPS enforcement and anti-clickjacking scripts are present, though HTTP security headers and a formal security policy are absent. Security posture is solid but could be improved by adding explicit security policies and incident response contacts. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. WHOIS data is minimal but consistent with a legitimate German entity. No suspicious or malicious indicators were found. Overall, the website is professional, trustworthy, and well-maintained, supporting the company's position as a reputable technical publisher. Strategic improvements in security transparency and header implementation would enhance trust and resilience.

V

VMV – Verkehrsgesellschaft Mecklenburg-Vorpommern mbH

vmv-mbh.de

54

VMV – Verkehrsgesellschaft Mecklenburg-Vorpommern mbH operates as a regional public transportation company in Mecklenburg-Vorpommern, Germany, providing services related to public transit schedules, ticketing, and regional transport network management. The website serves as an information portal for residents and travelers, offering schedule information, news updates, and contact options. The company positions itself as a key regional transportation authority with a focus on accessibility and customer engagement. Technically, the website is built on WordPress using modern plugins such as Elementor and Yoast SEO, ensuring good SEO and mobile responsiveness. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies could be improved. Privacy compliance is evident with a comprehensive privacy and cookie policy, aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-maintained, supporting the company's regional transportation mission.

A

Anixy

anixy.eu

42

Anixy is a French company specializing in comprehensive ticketing and event management services for fairs and public trade shows. Positioned as a leader in its domain within France, the company offers end-to-end solutions including pre-event access preparation, on-site management of human and financial flows, and post-event result analysis. The website reflects a professional business model targeting event organizers, supported by client references and experience counters indicating over two decades of operation. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating modern web technologies such as Google Tag Manager and Axeptio for cookie consent. The site is mobile-optimized with good SEO and basic accessibility features. Hosting details are not explicit, but the domain is registered with a reputable registrar, GANDI. From a security perspective, the site uses HTTPS with good SSL configuration and employs cookie consent mechanisms. However, it lacks explicit security headers, a published security policy, and incident response contacts. No vulnerabilities or suspicious elements were detected in the analysis. Overall, the website presents a trustworthy and professional digital presence with moderate to good technical and security posture. Strategic improvements in privacy compliance documentation and security policy publication would enhance trust and compliance.

P

Promethean World

prometheanworld.com

74

Promethean World is a well-established company founded in 1997, specializing in interactive displays and software solutions for education and workplace environments. The company positions itself as a global leader in this niche, targeting educational institutions and workplace technology users with a B2B business model. Their website reflects a professional and consistent brand image, supported by comprehensive privacy and cookie policies, and active social media presence. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates various marketing and analytics tools such as Google Tag Manager and Cookiebot, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, but lacks publicly visible security policies or incident response contacts, which could be improved. The absence of WHOIS data for the domain is a notable concern for domain legitimacy verification, although the website content and structured data suggest a legitimate business. Overall, the site scores well on content quality, technical implementation, and privacy compliance, with room for improvement in business credibility and security transparency.

A

Alice Jeunesse

alice-editions.be

43

Alice Éditions is an independent Belgian youth publishing house established in 1995, focusing on producing engaging and value-driven books for children and adolescents. The company emphasizes respect, openness, and dialogue through its publications. The website is professionally designed, well-structured, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, it is built on WordPress with modern plugins and libraries, ensuring a good user experience and moderate performance. Security posture is solid with HTTPS and secure forms, though some security headers and cookie consent mechanisms are missing. The WHOIS data is restricted, which is common for privacy but limits domain transparency. Overall, the site is trustworthy and serves its niche audience effectively.

G

gymnastikaprovsechny.cz

gymnastikaprovsechny.cz

54

Gymnastika pro všechny is a Czech-based small business specializing in gymnastics training for all age groups, including children and adults. The website presents a professional and well-structured platform offering various courses, individual lessons, and workshops. The business emphasizes safety, proper technique, and comprehensive physical development. The team consists of qualified trainers with multilingual capabilities, enhancing accessibility for a diverse audience. Technically, the website is built on WordPress with Elementor, ensuring a modern and responsive design, though some improvements in security headers and SEO could be made. Security posture is solid with HTTPS and GDPR-compliant cookie consent mechanisms in place. No critical vulnerabilities or suspicious elements were detected. Overall, the website reflects a trustworthy and credible local sports training provider.

R

Regentalbahn GmbH

alex.info

57

The website www.laenderbahn.com/alex/ represents the alex regional train service operated by Regentalbahn GmbH, a subsidiary of the Netinera group. It offers daily direct train connections between Germany and the Czech Republic, targeting commuters and travelers in this region. The site provides comprehensive travel information, ticket sales, real-time updates, and customer service resources. The business model focuses on regional transportation services with a strong emphasis on customer convenience and cross-border connectivity. Technically, the website is built on Craft CMS and employs modern JavaScript libraries and frameworks such as jQuery and Mmenu for mobile navigation. It integrates multiple analytics and tracking tools including Matomo, Google Tag Manager, Facebook Pixel, and Hotjar, all managed with a cookie consent mechanism to comply with privacy regulations. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. From a security perspective, the website enforces HTTPS and uses CSRF tokens to protect forms. While explicit HTTP security headers were not detected in the provided data, the site follows best practices in data protection and privacy compliance, including a comprehensive privacy policy and cookie management. No vulnerabilities or exposed sensitive data were found. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website branding and content strongly indicate a legitimate business. Overall, the site is professional, trustworthy, and well-maintained, serving its target audience effectively. The main risk lies in the missing WHOIS registration data, which should be verified externally. Strategic recommendations include enhancing HTTP security headers, publishing a vulnerability disclosure policy, and providing explicit incident response contacts to further strengthen security posture.

O

Osthannoversche Eisenbahnen Aktiengesellschaft

ohe-ag.de

53

Osthannoversche Eisenbahnen Aktiengesellschaft (OHE) is a well-established transportation company based in Germany, specializing in regional rail and bus services primarily in Niedersachsen. Founded in 1944, OHE operates workshops and infrastructure services, positioning itself as a key regional player with a strong focus on reliability and customer satisfaction. The website reflects a professional digital presence with clear business information and a user-friendly interface. Technically, the site uses modern web technologies including Craft CMS, jQuery, and FontAwesome, hosted behind Cloudflare DNS services, and integrates Matomo for privacy-conscious analytics. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though formal security policies and incident response contacts are absent. Overall, the site is trustworthy, compliant with GDPR, and well-optimized for users.

D

DPD

dpd.fr

68

DPD France operates as a major parcel delivery service provider, offering comprehensive shipping, tracking, and delivery management solutions for both professional and individual customers. The website reflects a mature digital presence with multilingual support and integration into the broader DPDgroup network. Technically, the site is built on WordPress with modern libraries such as jQuery and Bootstrap, ensuring responsive design and good user experience. Security posture is solid with HTTPS enforcement, cookie consent mechanisms, and fraud alert information, although explicit security policies and incident response details are not publicly disclosed. Overall, the site is trustworthy and professionally maintained, supporting DPD's market position in France and internationally.

F

Foire de Marseille

foiredemarseille-lavitrine.com

50

The website www.foiredemarseille-lavitrine.com serves as the official exhibitor platform for the Foire de Marseille event scheduled from September 26 to October 6, 2025. It provides visitors and exhibitors with essential information including exhibitor listings and product promotions. The platform is positioned as a regional event tool, operated under the umbrella of GL Events, a recognized event organizer. The website demonstrates a good level of content quality and user experience, with clear navigation and mobile optimization. Technically, it is built on WordPress CMS, utilizing standard libraries such as FontAwesome and Matomo for analytics, and incorporates GDPR-compliant cookie consent mechanisms. Security posture is adequate with HTTPS enforced, but lacks some advanced security headers and explicit incident response information. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and branding suggest a legitimate business presence. Overall, the site is functional and professional but would benefit from enhanced security practices and clearer contact information.

Q

Qube AG

itds.ch

64

Qube AG operates as a web and advertising agency based in Switzerland, specifically targeting the Aarau and Bern regions. Their website presents a professional image focused on branding, corporate communication, and digital strategy services. The company appears to serve businesses and organizations seeking creative and digital marketing solutions. The website is well-structured with modern design elements and uses technologies such as FontAwesome, Vimeo player, and analytics tools like Matomo and Google Tag Manager. However, the absence of visible privacy and cookie policies and lack of explicit contact information limit the transparency and compliance posture of the site. Security headers are not detected, indicating room for improvement in security hardening. The WHOIS data is unavailable or privacy protected, which is common for small agencies but reduces trust signals. Overall, the site is functional and professional but could benefit from enhanced privacy, security, and contact transparency to improve trust and compliance.

Q

Qube AG

qube.ag

64

Qube AG operates as a web and advertising agency based in Aarau and Bern, Switzerland, offering services including branding, corporate communication, digital strategy, and web design. The company targets business clients seeking professional digital and advertising solutions within the Swiss market. The website reflects a small, regionally focused agency with consistent branding and good content quality. The technical infrastructure includes modern web technologies such as Vimeo for video content, FontAwesome for icons, and analytics tools like Matomo and Google Tag Manager, indicating a moderate level of digital maturity. However, the absence of visible privacy and cookie policies, as well as lack of security headers, suggests room for improvement in compliance and security posture. The WHOIS data is privacy protected or unavailable, which is typical for small businesses but slightly reduces trustworthiness. Overall, the website is professional and functional but would benefit from enhanced security and privacy transparency to improve user trust and compliance.

B

Banque centrale du Luxembourg

apieceofluxembourg.lu

60

The website 'A Piece of Luxembourg' is an official platform managed by the Banque centrale du Luxembourg, offering unique numismatic products that celebrate Luxembourg's culture, history, and heritage. It targets collectors and enthusiasts interested in Luxembourg-themed euro coins and related products, positioning itself as a niche leader in this specialized market. The business model revolves around e-commerce sales combined with cultural promotion, leveraging the authority and trust of the central bank. Technically, the website is built on WordPress and employs modern web technologies such as jQuery, FontAwesome, Swiper.js, and integrates Google Tag Manager for analytics. The site is mobile-optimized with good SEO practices and a moderate performance profile. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. From a security perspective, the site uses HTTPS with an excellent SSL configuration and implements cookie consent. However, it lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces domain registration transparency but does not significantly detract from the site's legitimacy given its official affiliation. Overall, the website presents a low-risk profile with strong business credibility and good technical and security posture. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility features to further strengthen trust and compliance.

T

TESVOLT AG

tesvolt.com

57

TESVOLT AG is a German-based company specializing in the production and provision of lithium battery storage systems tailored for renewable energy applications across industry, commerce, and agriculture sectors. The company positions itself as a leading European full-service provider with a strong market presence demonstrated by over 6,000 projects worldwide. TESVOLT offers a broad product portfolio including cabinet and container systems, energy management solutions, and partner programs to support sustainable energy transitions. Technically, the website is built on the CIDEMOS CMS platform with modern web technologies such as lazy loading, JSON-LD structured data, and Google Tag Manager for analytics. The site is well-optimized for mobile devices and SEO, providing a professional user experience with clear navigation and comprehensive content. From a security perspective, the website enforces HTTPS, uses CSRF tokens in forms, and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers are not detected, and no dedicated incident response or vulnerability disclosure pages are present, indicating room for improvement in security transparency and defense-in-depth. Overall, the website and business exhibit a high level of professionalism and trustworthiness, supported by certifications, awards, and active social media engagement. The only notable concern is the lack of WHOIS data, which may be due to domain privacy or registration anomalies but does not currently detract significantly from the company's credibility. Strategic recommendations include enhancing security headers, publishing incident response information, and implementing a security.txt file to further strengthen security posture and stakeholder trust.

W

Weingut Christen

weingutchristen.at

56

Weingut Christen is a small regional wine producer based in Austria, specializing in the production and sale of wines from Niederösterreich. The company operates through direct sales including an Ab-Hof-Verkauf (farm gate sales) and participates in local wine festivals and events, targeting wine enthusiasts and regional customers. The website reflects a professional and consistent brand image with clear business and contact information. Technically, the site is built on WordPress with WooCommerce for e-commerce capabilities, leveraging modern frameworks like Bootstrap and libraries such as jQuery and FontAwesome. SEO is well implemented with Yoast SEO plugin and the site is mobile optimized. Security posture is good with HTTPS enforced and GDPR-compliant cookie consent mechanisms in place, although additional security headers could enhance protection. No critical vulnerabilities or suspicious content were detected. Overall, the site is trustworthy and well-maintained, suitable for its business purpose.

C

CNC

cnc.cz

51

CNC is a Czech Republic-based company specializing in video communication and collaboration solutions, offering a broad portfolio of videoconferencing and teleconferencing equipment and services. With over 25 years of experience and more than 600 installations, CNC serves small to large companies across various sectors, emphasizing tailored solutions, ergonomic design, and comprehensive support including installation and training. The website is professionally designed, mobile-optimized, and provides clear contact channels and GDPR-compliant privacy and cookie policies. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, with secure HTTPS and reCAPTCHA protections on forms. Security posture is strong with no visible vulnerabilities or exposed sensitive data, though the site lacks a dedicated security policy or incident response page. Overall, CNC presents a trustworthy and credible business with a solid digital presence.

K

Kuratorium Deutsche Altershilfe Wilhelmine-Lübke-Stiftung e. V.

kda.de

62

Kuratorium Deutsche Altershilfe Wilhelmine-Lübke-Stiftung e. V. (KDA) is a well-established German non-profit organization founded in 1962, focused on promoting a humane society for aging and self-determined living. It operates under the patronage of the German Federal President and provides research, consultancy, project management, and advocacy services in the fields of aging, care, and social participation. The organization targets older adults, care professionals, public and private institutions, and policymakers primarily in Germany with European outreach. The website is professionally designed, content-rich, and well-structured, reflecting a mature digital presence.

The website www.rogatec.si serves as the official digital presence for the Zavod za kulturo, turizem in razvoj Rogatec, a local government entity focused on cultural heritage, tourism, and community development in Rogatec, Slovenia. It provides comprehensive information about local attractions, events, visitor programs, and public procurement, positioning itself as a key resource for tourists and residents alike. The site demonstrates a strong commitment to cultural promotion and community engagement through detailed event calendars, virtual tours, and craft center offerings. Technically, the website is built on a modern WordPress platform with a robust tech stack including Yoast SEO, event calendar plugins, and GDPR compliance tools. It integrates well-known marketing and analytics services such as Google Analytics, Google Tag Manager, and Facebook Pixel, indicating a mature digital marketing approach. The site is mobile-optimized, accessible, and SEO-friendly, ensuring a positive user experience across devices. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully confirmed, the presence of security plugins and absence of exposed sensitive data suggest a reasonable security posture. No critical vulnerabilities or suspicious activities were detected. The WHOIS data aligns well with the website's claims, showing a consistent and legitimate registration history. Overall, www.rogatec.si is a professionally managed, secure, and compliant website that effectively supports its mission of cultural and tourism promotion. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and improving incident response visibility to further strengthen its security and trustworthiness.

C

CESI – Centar za edukaciju, savjetovanje i istraživanje

sezamweb.net

53

SeZaM is a Croatian non-profit educational website focused on sexual education for youth, operated under the auspices of CESI – Centar za edukaciju, savjetovanje i istraživanje. The platform provides comprehensive thematic content on sexuality, gender equality, reproductive health, and related social issues, targeting young people and educators. It includes interactive elements such as a virtual assistant and links to related educational services. The website is well-structured and professionally designed, with clear navigation and relevant content for its audience. Technically, the site uses modern web technologies including Google Fonts, FontAwesome, Turbolinks, and Google Analytics, and is hosted on Linode. The presence of CSRF tokens and HTTPS indicates a baseline security posture, although some security best practices such as DNSSEC and security headers are missing. The website is mobile-optimized and SEO-friendly but lacks explicit privacy and cookie policies, which are important for GDPR compliance. From a security perspective, the domain is mature and registered with a reputable registrar, with protections against unauthorized transfers. No WAF or blocking mechanisms are detected, and the site is fully accessible. However, the absence of privacy and cookie policies, security headers, and vulnerability disclosure mechanisms represent compliance and security gaps. Overall, the site is trustworthy but could improve its security and privacy posture. Strategically, the site serves an important educational role in Croatia, with a clear mission and target audience. It benefits from partnerships with CESI and related services, enhancing its credibility and reach.

Z

Zavičajni Muzej Ozalj

zmo.hr

54

Zavičajni Muzej Ozalj is a small cultural heritage museum located in Ozalj, Croatia, dedicated to preserving and showcasing 6000 years of local history through diverse collections including archaeological, ethnographic, and photographic artifacts. The museum also operates an open-air Ethno Park that exhibits traditional architecture and pre-industrial everyday items, targeting general visitors interested in history and culture. The website is professionally designed with good content quality, clear navigation, and accessibility features implemented via the EqualWeb plugin. Technically, it uses a modern but basic tech stack including Bootstrap and jQuery, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though it lacks explicit security policies and incident response information. Overall, the domain registration data aligns well with the museum's identity, indicating legitimacy and trustworthiness.

C

Centar za poduzetništvo d.o.o.

czp.hr

43

Centar za poduzetništvo d.o.o. is a regional entrepreneurial support center serving the Dubrovnik-Neretva County in Croatia. The organization focuses on providing a range of services including education, business consulting, credit programs, and assistance with EU funding projects. Their website reflects a government-affiliated entity aimed at fostering entrepreneurship and small business growth in the region. The target audience primarily consists of local entrepreneurs and small business owners seeking support and resources. Technically, the website employs a modern technology stack featuring jQuery, Bootstrap, FontAwesome, and various plugins for enhanced user experience and accessibility. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates Google Analytics and UserWay accessibility tools, indicating a mature digital infrastructure. The website content is well-structured, professionally designed, and includes clear navigation and relevant business information. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security policies and incident response contact details. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with GDPR-aligned privacy and cookie policies and a consent mechanism in place. The website demonstrates a good security posture but could improve by adding formal security documentation and security headers. Overall, the website is trustworthy, professional, and serves its business purpose effectively. The domain registration data aligns with the website's claims, reinforcing legitimacy. Strategic recommendations include enhancing security transparency, publishing incident response information, and maintaining regular security audits to sustain trust and compliance.

H

Hrvatski savez za sportski ribolov na moru

hssrm.hr

42

Hrvatski savez za sportski ribolov na moru (HSSRM) is a well-established Croatian non-profit sports federation dedicated to marine sport fishing. Founded in 1953, it serves approximately 25,000 members and provides key services such as fishing permit distribution, organizing competitions, and educational programs. The website reflects a consistent brand and offers relevant content for its target audience of fishing enthusiasts in Croatia. Technically, the site uses modern web technologies including Bootstrap, jQuery, FontAwesome, and Leaflet.js, with integration of Facebook social plugins for community engagement. The site is moderately optimized for mobile and performance, with clear navigation and good content quality. Security posture is adequate but could be improved by adding security headers and formal policies. Privacy compliance is lacking as no privacy or cookie policies are present. WHOIS data confirms domain legitimacy and consistency with the organization's profile. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security measures.

J

Javna ustanova za Zaštitu i očuvanje prirode Ličko senjske Županije

zop-lsz.hr

44

The website represents a Croatian public institution dedicated to the protection and preservation of nature in the Ličko-senjska County. It provides comprehensive information about protected areas, educational programs, projects, and public announcements. The institution targets local citizens, environmental professionals, and visitors interested in nature conservation. The business model is that of a government entity focused on environmental stewardship and public service. Technically, the website is built on WordPress using popular plugins such as Elementor, WPBakery, LayerSlider, and Slider Revolution. It employs modern web technologies including HTTPS, jQuery, and Google Fonts. The site is mobile-optimized and includes accessibility features, enhancing user experience for diverse audiences. From a security perspective, the site uses HTTPS with good SSL configuration and security headers. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policies or incident response information. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, aligned with GDPR requirements. Overall, the website is trustworthy, professionally maintained, and serves its public institution role effectively. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and vulnerability disclosure information to further enhance trust and compliance.

Ž

ŽUPANIJSKA UPRAVA ZA CESTE LIČKO-SENJSKE ŽUPANIJE

zuc-ls.hr

45

ŽUPANIJSKA UPRAVA ZA CESTE LIČKO-SENJSKE ŽUPANIJE is a Croatian regional government agency responsible for the management and maintenance of roads within Ličko-Senjska County. The website serves as an official communication channel providing public notices, procurement information, road maps, and contact details to residents, contractors, and stakeholders. The agency positions itself as a trusted authority in transportation infrastructure within the region. Technically, the website is built on WordPress with Elementor and several plugins, offering a modern, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS and security headers, though it lacks published security policies and cookie consent mechanisms. Overall, the site is professional, trustworthy, and serves its public function effectively.

J

Justified Image Grid - Premium WordPress Gallery

justifiedgrid.com

58

JustifiedGrid.com is a specialized WordPress plugin provider offering a premium image gallery solution that enables users to present photos in a justified grid layout without cropping. The website targets WordPress users, photographers, and website owners seeking advanced gallery features integrated with popular sources like Facebook and Flickr. The business appears to be a small, niche player in the WordPress plugin market, founded around 2012, with a consistent and professional online presence. Technically, the site is built on WordPress with WooCommerce for sales, leveraging common plugins such as UberMenu and Slider Revolution, and uses Cloudflare DNS for domain management. The site is moderately optimized for performance and mobile devices, with good SEO practices evident in meta tags and structured data.

Muzej Međimurja Čakovec is a well-established regional museum in Croatia, offering a broad range of cultural, historical, and artistic exhibits. The website reflects a mature digital presence with detailed content about museum collections, exhibitions, and educational programs. The institution targets general audiences including tourists, researchers, and local visitors. Technically, the website uses modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, hosted on a Croatian hosting provider. Security posture is adequate with HTTPS enabled but lacks some security headers and formal privacy and cookie policies, which are important for compliance and trust. Overall, the site is professional and trustworthy but could improve privacy compliance and security best practices.

M

Međimurska energetska agencija d.o.o. MENEA

menea.hr

46

Međimurska energetska agencija d.o.o. MENEA is a Croatian regional energy agency established in 2008, focusing on energy consulting, project management, energy planning, and systematic energy management. The agency serves municipalities, businesses, and stakeholders in the energy sector, leveraging EU funding and regional initiatives to promote sustainable energy solutions. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its audience. Technically, the site is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for enhanced user experience and accessibility. Security posture is solid with HTTPS and reCAPTCHA integration, though it lacks some advanced security headers and explicit incident response information. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is trustworthy, well-maintained, and aligned with the business's mission and market position.

O

OÜ Sahkar TT

sahkar.ee

43

OÜ Sahkar TT is a small Estonian company specializing in external network construction and large-scale earthworks, offering services such as material sales and transport, machine rental with operator, and trailer transport. The company targets businesses and clients requiring construction and logistics services within the region. The website is professionally designed using the Greativ CMS platform and incorporates modern JavaScript libraries for enhanced user experience. It is hosted by Zone Media OÜ and uses HTTPS to secure communications. However, the site lacks privacy and cookie policies, which are critical for GDPR compliance. Security headers are also missing, representing an area for improvement. Overall, the website is functional, safe, and trustworthy but could benefit from enhanced privacy and security measures.

E

Eesti Lihaveisekasvatajate Ühistu

veis.ee

43

Eesti Lihaveisekasvatajate Ühistu operates as a cooperative primarily focused on the purchase, sale, and brokerage of beef cattle in Estonia. Founded in 2015, it serves a significant network of over 200 cattle breeders and is a founding member of a larger association with 400+ members. The cooperative maintains a modern livestock collection center and targets both domestic and international markets. Their business model centers on providing reliable and professional services to cattle breeders, ensuring quality livestock for various purposes including breeding and meat production. Technically, the website is built on the Greativ CMS platform and employs modern web technologies such as JavaScript, jQuery, Bootstrap, and integrates Google Tag Manager and Facebook SDK for analytics and marketing. The site is mobile-optimized with good navigation and content relevance, although accessibility features are basic. Hosting is provided by Zone Media OÜ, a known Estonian hosting provider, consistent with the domain registration data. From a security perspective, the site uses HTTPS and client-side form validation but lacks visible security headers and published privacy or cookie policies, indicating room for improvement in compliance and security posture. No WAF or blocking mechanisms were detected, and the site content is fully accessible. The business provides clear contact information but does not disclose incident response or vulnerability disclosure policies. Overall, the website presents a trustworthy and professional image suitable for its target audience of livestock breeders. Strategic improvements in privacy compliance and security hardening would enhance its risk profile and user trust.

K

Kalev Spa Hotell & Veekeskus

kalevspa.ee

44

Kalev Spa Hotell & Veekeskus is a well-established hospitality and wellness business located in Tallinn, Estonia, known for its water park, spa services, hotel accommodations, and sports club. The website reflects a mature digital presence with multi-language support, professional design, and comprehensive service information targeting tourists, families, and business clients. Technically, the site uses modern JavaScript libraries, a CMS platform (Greativ), and integrates with third-party booking and marketing tools, ensuring a good user experience and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security and incident response policies are not publicly detailed. Overall, the site is trustworthy, compliant with GDPR, and professionally maintained.

W

Webglobe, s.r.o.

c4.cz

45

Webglobe, s.r.o. operates the website webhosting-c4.cz, providing professional web hosting, domain registration, and AI-powered website building services primarily targeting individuals and businesses in the Czech Republic. The company emphasizes fast SSD/NVMe hosting, WordPress optimization, and 5-star customer support, positioning itself as a reputable mid-sized technology service provider with over 25 years of market presence. The website content is well-structured, professionally designed, and mobile-optimized, offering clear navigation and relevant service information. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, FontAwesome, and Google Fonts. It uses HTTPS with automatic certificates ensuring secure connections. However, no advanced security headers were detected, and cookie consent mechanisms are absent, indicating room for improvement in privacy compliance. The hosting infrastructure is described as secure with active malware scanning and DDoS protection, supporting current PHP versions and modern web standards. Security posture is generally good with secure login forms and encrypted connections, but the absence of WHOIS data reduces domain trustworthiness. No visible vulnerability disclosure or incident response policies were found. The site collects user data via contact forms and tracking scripts, with moderate user tracking levels. Overall, the website is safe, professional, and trustworthy, but could enhance transparency and compliance by publishing security policies and implementing cookie consent. Strategically, Webglobe should focus on improving privacy compliance, publishing security and incident response information, and ensuring WHOIS data availability to strengthen domain legitimacy. Enhancing security headers and auditing third-party scripts will further improve security posture and user trust.

J

Johnson & Johnson Institute

jnjinstitute.com

68

Johnson & Johnson Institute operates as a global leader in professional medical education and training, providing both physical and virtual learning centers worldwide. The website reflects a mature enterprise-level organization with consistent branding and a clear focus on healthcare professionals as its target audience. The business model centers on delivering high-quality educational resources and training programs to medical practitioners globally. Technically, the website is built on Drupal 10 CMS, leveraging modern JavaScript libraries and analytics tools such as Google Tag Manager and Hotjar, indicating a well-maintained and digitally mature infrastructure. Security posture is solid with HTTPS enforcement and domain transfer protections, though there is room for improvement in DNSSEC implementation and explicit security headers. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms in place. Overall, the website presents a trustworthy and professional digital presence aligned with the Johnson & Johnson brand.

W

Webglobe, s.r.o.

webhosting-c4.cz

10

Webglobe, s.r.o. operates the website webhosting-c4.cz, providing professional web hosting, domain registration, and AI-powered website building services primarily targeting individuals and businesses in the Czech Republic. The company emphasizes fast SSD/NVMe hosting, WordPress optimization, and customer support, positioning itself as a reputable mid-sized technology service provider with over 25 years of market presence. The website content is well-structured, professionally designed, and mobile-optimized, offering clear navigation and relevant business information. Technically, the site uses modern technologies including Google Tag Manager, Google Fonts, and supports multiple PHP versions, ensuring good performance and SEO readiness. Security posture is solid with HTTPS enforced, automatic SSL certificates, and multi-layered protection including malware scanning and DDoS mitigation. However, the absence of visible security headers and cookie consent mechanisms indicates room for improvement in security best practices and privacy compliance. WHOIS data is unavailable, which slightly reduces trustworthiness, but the overall business credibility remains high due to transparent contact information and consistent branding. Strategic recommendations include implementing cookie consent, enhancing security headers, and publishing security policies to further strengthen compliance and trust.

B

Bændablaðið

bbl.is

57

Bændablaðið is a specialized Icelandic media outlet focusing on agricultural news, rural culture, and lifestyle. The website offers a variety of content including news articles, interviews, opinion pieces, classifieds, photo archives, and digital magazine issues. It targets Icelandic-speaking rural communities and those interested in Icelandic agriculture. The business model is primarily media publishing supported by advertising, classifieds, and subscriptions for digital magazine editions. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, CookieHub for cookie consent, and FontAwesome for icons. The site is mobile-optimized and provides a good user experience with clear navigation and structured content. Performance is moderate with room for improvement in accessibility and SEO. From a security perspective, the site uses HTTPS with a valid SSL certificate and implements cookie consent mechanisms. However, it lacks visible security headers and does not provide explicit privacy policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data limits domain registration trust analysis, but the professional presentation and contact information support legitimacy. Overall, Bændablaðið presents a trustworthy and professional media presence in its niche, with recommendations to enhance privacy disclosures and security headers to improve compliance and security posture.

K

Krytina.sk

krytina.sk

42

Krytina.sk is a Slovak content and advisory portal specializing in roofing materials and roof construction. Established in 2008, it provides homeowners, builders, and renovators with comprehensive information, inspiration, and free consulting services related to roof selection, installation, and maintenance. The website features a variety of articles, downloadable resources, and interactive calculators to assist users in making informed decisions about roofing. It maintains a niche position in the Slovak market with a focus on quality content and user engagement through social media and newsletters. Technically, the website is built on WordPress with modern plugins for SEO, performance optimization, and GDPR compliance. It uses Google Analytics, Google Tag Manager, Hotjar, and Fathom for analytics and user behavior tracking, all integrated with user consent mechanisms. Hosting is provided by Websupport, and DNSSEC is enabled, indicating a secure DNS configuration. The site is mobile-optimized and demonstrates good SEO practices. From a security perspective, the site enforces HTTPS with a valid SSL certificate and uses cookie consent banners to comply with privacy regulations. However, it lacks explicit security policies or incident response information publicly available. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the website's Slovak focus and business history, enhancing trustworthiness. Overall, Krytina.sk presents a professional, secure, and privacy-conscious platform for roofing-related content and consulting. Strategic improvements could include adding explicit security policies, incident response contacts, and terms of service to further enhance trust and compliance.

M

Marek Straka

marekstraka.com

50

Marek Straka is a professional business consultant specializing in management consulting, corporate finance, and business strategy. The website positions Marek as an experienced consultant with over a decade of expertise, targeting SMEs and corporate clients primarily in Slovakia. The business model revolves around providing consulting services to help companies grow through strategic planning and financial analysis. The website is well-structured, professionally designed, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the site runs on WordPress with modern plugins and tracking tools, hosted by a reputable provider. Security posture is good with HTTPS and cookie consent mechanisms, though improvements like DNSSEC and security headers could enhance protection. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact channels and social proof through testimonials.