Security Directory

F

Fundacja Academic Partners

thehacksummit.com

63

The Hack Summit is a prominent cybersecurity conference in Poland, organized by Fundacja Academic Partners. It serves as a major gathering for cybersecurity professionals, government officials, and industry experts, offering a mix of online and onsite events with extensive educational content and networking opportunities. The conference is well-established since 2020 and attracts over 2,000 participants annually, positioning itself as a key event in the Polish cybersecurity landscape. Technically, the website employs modern web technologies including AngularJS, Google Tag Manager, and multiple tracking pixels, hosted with reputable providers and secured with HTTPS. Security posture is solid with room for improvement in DNSSEC and security headers. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site reflects a professional and trustworthy organization with a clear business model focused on event hosting and community engagement.

FRAMER s.r.o. is a Slovak technology company specializing in custom web application development, SEO, and digital marketing services. Established around 2010, the company positions itself as a trusted partner for businesses seeking tailored internet solutions rather than off-the-shelf products. Their key services include web app design and development on the Microsoft .NET Framework, SEO optimization, social media marketing, email marketing, and pay-per-click campaigns. The website reflects a professional and consistent brand image with clear service descriptions and client testimonials, targeting business clients primarily in Slovakia. Technically, the website employs modern JavaScript libraries such as jQuery and Swiper.js, integrates Google Analytics and Tag Manager for tracking, and is built on a custom or unknown CMS platform. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS but lacks explicit security headers and visible anti-CSRF protections. There is no published security policy or incident response contact, and no cookie consent mechanism is present, indicating gaps in GDPR compliance. No vulnerabilities or suspicious content were found in the HTML content. WHOIS data aligns well with the website's claims, supporting legitimacy. Overall, FRAMER s.r.o. presents a credible and professional digital presence with room for improvement in privacy compliance and security hardening. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

S

Slovenská elektrizačná prenosová sústava, a.s.

sepsas.sk

48

Slovenská elektrizačná prenosová sústava, a.s. (SEPS) is the Slovak national electricity transmission system operator responsible for managing, operating, and developing the country's transmission grid. The company provides critical services including auctions, scheduling, support services, and technical data for partners, while also engaging in public consultations and international cooperation projects. SEPS holds a significant market position as an essential energy infrastructure entity in Slovakia, serving energy market participants, partners, and the general public. The website reflects a professional and comprehensive digital presence with clear navigation and relevant content tailored to its audience. Technically, the website is built on WordPress with modern technologies such as jQuery, Swiper.js, and Google Tag Manager. It employs Google reCAPTCHA for form security and implements GDPR-compliant cookie consent mechanisms. The site is mobile-optimized and SEO-friendly, though accessibility features could be enhanced. Performance is moderate, with room for optimization. From a security perspective, SEPS demonstrates a mature posture, evidenced by ISO 27001 certification and HTTPS enforcement. Security best practices include secure forms and cookie consent, though some security headers are not explicitly confirmed. No vulnerabilities or exposed sensitive data were detected in the analyzed content. However, explicit incident response and vulnerability disclosure policies are not publicly found, representing an area for improvement. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations. The domain registration data aligns well with the business claims, reinforcing legitimacy. Strategic recommendations include enhancing security headers, publishing incident response policies, improving accessibility, and maintaining regular security audits to sustain and improve the security posture.

T

Telewizja Puls Sp. z o.o.

tvpuls.pl

64

Telewizja Puls Sp. z o.o. operates a professional Polish television broadcasting website offering a wide range of entertainment content including popular TV series, movies, and news. The company has a strong market presence in Poland with multiple subsidiary channels and a well-established brand since 2006. The website demonstrates a modern technical infrastructure using React and Next.js frameworks, integrating various analytics and marketing tools such as Google Tag Manager, TikTok Pixel, and Facebook Pixel. Security posture is good with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and incident response disclosures are recommended. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms in place. Overall, the website is professional, trustworthy, and well-optimized for user experience and mobile devices.

B

Bohušovická mlékárna, a.s.

skyrcz.cz

58

Bohušovická mlékárna, a.s. is a Czech dairy manufacturer specializing in the production of Skyr, a traditional Icelandic dairy product. The company is a market leader in the Czech Republic for Skyr products, offering a variety of flavors and promoting healthy living through high-protein, low-fat dairy options. Their website is professionally designed, mobile-optimized, and rich in content including product details, recipes, and retail partner information. Technically, the site uses modern web technologies such as Google Analytics, Google Tag Manager, Microsoft Clarity, and Google reCAPTCHA to enhance user experience and security. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. Security posture is good with HTTPS and CAPTCHA protection on forms, though security headers could be improved. Overall, the website is trustworthy, professional, and compliant with relevant privacy regulations.

S

SalesFeed Nederland B.V.

salesfeed.com

55

SalesFeed Nederland B.V. is a Dutch technology company specializing in B2B lead generation, marketing automation, and account based marketing software. The company offers a SaaS platform focused on business recognition, real-time website personalization, and CRM enrichment to help businesses optimize sales and marketing efforts. The website is professionally designed, targeting Dutch B2B companies, and demonstrates a mature digital presence with integrations of modern marketing and analytics tools. Security posture is good with HTTPS and cookie consent mechanisms in place, though some security headers and explicit policies are missing. WHOIS data is unavailable, which slightly reduces trust but the overall business credibility remains high based on website content and branding.

S

swissporTON

creaton.sk

54

swissporTON is a European roofing brand specializing in ceramic and concrete roof tiles, combining Swiss quality and design with durable materials. The company targets roofing professionals, architects, distributors, and end customers seeking innovative roofing solutions. The website demonstrates a mature digital presence with modern technologies such as Google Tag Manager, Facebook Pixel, and Cookie Script for marketing and compliance. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not published. Overall, the site is professional, well-branded, and trustworthy, supporting swissporTON's market position as a quality roofing materials provider.

S

swissporTON

creaton.cz

54

swissporTON is a European roofing brand specializing in ceramic and cement roof tiles, combining Swiss quality and design. The website presents a professional and modern digital presence with detailed product offerings, targeting roofing professionals, distributors, architects, and end customers. The technical infrastructure includes modern JavaScript libraries, Google Tag Manager, Facebook Pixel, and a cookie consent mechanism, indicating a mature digital marketing and analytics setup. Security posture is generally good with HTTPS enabled and no obvious vulnerabilities, though security headers and incident response information are lacking. The absence of WHOIS data reduces transparency and trust slightly but does not detract significantly from the professional appearance and content quality. Overall, the website is well-structured, user-friendly, and trustworthy for its business domain.

S

swissporTON

creaton.ua

55

swissporTON is a roofing materials manufacturer and distributor focused on high-quality ceramic and cement roof tiles, membranes, and roofing accessories. The company targets roofing professionals, distributors, architects, and end customers primarily in Ukraine and Europe. The website is professionally designed, content-rich, and well-structured, providing detailed product information and resources for professionals. Technically, the site uses modern web technologies including Google Tag Manager and Swiper.js, with good mobile optimization and SEO practices. Security posture is moderate with HTTPS usage but lacks explicit security headers and published security policies. WHOIS data is unavailable, reducing transparency and trustworthiness from a domain registration perspective. Overall, the site is safe, professional, and trustworthy but would benefit from improved privacy compliance and security disclosures.

A

Applepie

applepie.nl

62

Applepie is a well-established full-service digital agency based in the Netherlands, specializing in branding, digital marketing, campaign content, and web development services primarily for small and medium-sized enterprises (SMEs). The company positions itself as a growth partner with over 20 years of experience and a strong client portfolio exceeding 200 organizations. Their service offerings are comprehensive, covering branding and positioning, digital marketing and data analytics, campaign and content creation, and web development technologies. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the website employs modern web technologies including jQuery, Google Tag Manager, Bing Ads, LinkedIn Insight Tag, and Leadinfo for analytics and marketing purposes. The site is built on a proprietary CMS (ApplepieCMS) and demonstrates good mobile optimization and SEO practices. Performance is moderate, with asynchronous loading of scripts to enhance speed. However, explicit security headers are not visibly implemented, though HTTPS is enforced, indicating a good SSL configuration. From a security standpoint, the website follows best practices such as HTTPS enforcement and cookie consent mechanisms compliant with GDPR. Certifications like Google Partner and Meta Certified, along with industry awards, enhance trustworthiness. However, the absence of a published security policy, incident response contacts, or a vulnerability disclosure mechanism suggests room for improvement in security transparency and readiness. Overall, Applepie presents a low-risk profile with a strong business credibility and digital maturity. Strategic recommendations include implementing explicit security headers, publishing a security policy and incident response information, and adding a security.txt file to facilitate vulnerability reporting. These steps would further strengthen their security posture and compliance stance.

T

Touraine Val de Loire

touraineloirevalley.com

10

Touraine Val de Loire is a regional tourism organization promoting cultural, natural, and gastronomic experiences in the Touraine region of France. The website offers rich content including activities, destinations, events, and accommodations, targeting tourists and travelers interested in exploring the Loire Valley. The technical infrastructure is modern, leveraging a WordPress CMS with advanced JavaScript modules and libraries, ensuring a good user experience and mobile optimization. Security posture is generally good with HTTPS and cookie consent mechanisms, but lacks explicit security headers and detailed privacy policies. The absence of WHOIS data reduces trustworthiness somewhat, though the professional presentation and multi-language support indicate a legitimate and established tourism entity. Strategic improvements in transparency, privacy compliance, and security headers would enhance overall trust and compliance.

B

Bureau des Congrès Tours Val de Loire

bureaudescongres-tours.com

43

The Bureau des Congrès Tours Val de Loire is a regional convention bureau dedicated to supporting professional event organization in the Tours and Touraine region of France. The website presents a professional and well-structured digital presence, targeting event planners and corporate clients seeking local expertise and unique venues. The business model focuses on destination management and event facilitation, positioning itself as the official regional bureau with a strong local market presence. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and WPML for multilingual support, hosted by OVH sas. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is adequate with HTTPS enforced and a comprehensive cookie consent mechanism, though it lacks advanced security headers and explicit security policies. WHOIS data shows some inconsistencies, notably a future domain creation date and minimal registrant information, which slightly reduces trust but does not undermine the professional nature of the site. Overall, the site is safe, compliant with GDPR, and suitable for its target audience.

S

Spoconline Ads

spoconline-ads.fr

61

Spoconline Ads is a technology company specializing in urban innovation and smart city solutions, focusing on sustainable, connected, and people-centered urban environments. Their offerings include solar-powered connected urban furniture, advertising LCD screens, mapping solutions, and a digital creative studio, targeting businesses and municipalities primarily in the Caribbean region. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers and incident response information are not publicly detailed. WHOIS data is unavailable due to privacy protection, which is typical for this business type. Overall, the site presents a trustworthy and credible business presence.

M

Montpellier Méditerranée Métropole et ville de Montpellier

montpellier.fr

68

Montpellier Méditerranée Métropole and the city of Montpellier operate an official government website serving residents, visitors, and stakeholders with comprehensive information on local governance, public services, urban projects, and citizen participation. The website is well-structured, professionally designed, and targets a broad audience including citizens and businesses within the metropolitan area. Technically, the site is built on Drupal 10, employs modern JavaScript libraries, and integrates Matomo analytics with privacy considerations such as Do Not Track. Security posture is good with HTTPS enforced and no exposed sensitive data, though explicit security headers and privacy policies are not clearly present in the analyzed content. The absence of WHOIS data limits domain registration trust analysis, but the official .fr domain and consistent branding support legitimacy. Overall, the site demonstrates a mature digital presence appropriate for a large government entity.

N

Nantes Saint-Nazaire Développement

nantes-saintnazaire.fr

11

Nantes Saint-Nazaire Développement is a French economic development agency focused on supporting businesses in implantation and growth within the Nantes Saint-Nazaire region. It emphasizes environmental and societal transitions and positions itself as the first economic development agency with a mission in France. The website is professionally designed, mobile-optimized, and uses modern WordPress technologies including Yoast SEO and WP Rocket for performance and SEO enhancements. Security measures include HTTPS and reCAPTCHA, with a cookie consent mechanism implemented, though explicit security headers and detailed privacy policies are not evident. The absence of WHOIS data is likely due to privacy protections common in French domain registrations. Overall, the site reflects a mature digital presence aligned with its governmental and economic development role.

The Mecklenburg-Prignitzer Elektrogemeinschaft (m-peG) is a regional professional community focused on the electrical trade sector in Mecklenburg-Vorpommern, Germany. It serves as a platform for electrical installation companies and related stakeholders to collaborate, access training, and participate in industry events. The website reflects a well-structured, professional presence with clear navigation and relevant content tailored to its target audience of trade professionals and members. The business model centers on membership and event-based revenue streams, supported by partnerships with regional industry associations and companies. Technically, the website is built on Django CMS with modern frontend technologies including Bootstrap 5 and Swiper.js for interactive elements. It employs Matomo for analytics, indicating a preference for privacy-conscious tracking. The site is mobile-optimized and performs moderately well, though some accessibility features could be enhanced. Security practices include HTTPS enforcement and CSRF protection on forms, but lack explicit security headers and cookie consent mechanisms. From a security perspective, the site demonstrates a solid baseline posture with no evident vulnerabilities or exposed sensitive data. However, the absence of a cookie consent banner and security policy documentation suggests room for improvement in GDPR compliance and transparency. The WHOIS data is minimal but consistent with the website's regional focus, supporting legitimacy. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures. Strategically, the organization should prioritize implementing cookie consent mechanisms, publishing security policies, and adding vulnerability disclosure information to strengthen compliance and user trust. Enhancing accessibility and security headers will further improve the site's robustness and reputation.

Z

Zeitverlag Gerd Bucerius GmbH & Co. KG

zeitverlag.de

51

Die ZEIT Verlagsgruppe ist ein etabliertes und renommiertes Medienunternehmen mit einem breiten Portfolio an Print-, Online-, Audio- und Eventangeboten. Die Website präsentiert das Unternehmen als eines der führenden Medienhäuser Europas mit einem starken Fokus auf Innovation, digitale Angebote und Bildungsprogramme. Die Zielgruppe umfasst Leser, Geschäftskunden sowie potenzielle Mitarbeiter. Technisch basiert die Website auf WordPress mit modernen Plugins und Frameworks, die eine gute Performance und mobile Optimierung gewährleisten. Die Sicherheitsmaßnahmen umfassen HTTPS, Cookie-Consent-Management und reCAPTCHA, jedoch fehlen explizite Sicherheitsrichtlinien und Incident-Response-Informationen. Insgesamt zeigt die Website eine hohe Professionalität, gute Datenschutzkonformität und eine vertrauenswürdige Marktposition.

C

Cube Infrastructure Managers

cubeinfrastructure.com

10

Cube Infrastructure Managers is an independent European asset manager specializing in mid-market infrastructure investments since 2007. The company focuses on sectors such as energy transition, telecommunications, transport, and environment, emphasizing sustainable and socially responsible investments. Their market position is solid with over €4 billion capital raised and a portfolio of 40+ investments. The website reflects a mature digital presence built on WordPress with modern technologies and good SEO practices. Security posture is strong with HTTPS and reCAPTCHA implemented, though some security headers are missing and no public security policy is found. Privacy compliance is well addressed with clear privacy and cookie policies. The absence of WHOIS data is a concern but does not outweigh the professional presentation and trust signals on the site. Overall, the site is trustworthy and professionally managed.

L

Lease a Bike

lease-a-bike.de

62

Lease a Bike is a large German bike leasing service provider targeting companies, public employers, and employees. It offers a digital platform for bike leasing, enabling companies to provide bikes as employee benefits with minimal administrative effort. The company is affiliated with Volkswagen Financial Services AG and Pon.Bike, indicating strong market positioning and trust. The website is modern, well-designed, and optimized for mobile, featuring extensive customer testimonials and a comprehensive service offering. Technically, the site uses modern frameworks like Tailwind CSS, HubSpot forms, and Google Tag Manager, hosted behind Cloudflare DNS. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers and policies are not fully documented. Privacy compliance is basic, with no explicit privacy or terms of service pages found in the provided content. Overall, the site is professional, trustworthy, and business-focused with a strong digital presence.

B

BrandEx

brand-ex.org

60

BrandEx is a specialized event and award platform focused on recognizing excellence in live communication and brand experience within the German-speaking market. Established in 2017, it organizes annual award ceremonies celebrating creativity and innovation in categories such as architecture, events, and special awards. The website serves as a hub for ticket sales, jury information, news updates, and industry networking, targeting marketing professionals, event organizers, and creative agencies. Technically, the site is built on WordPress with modern plugins for SEO, cookie management, and analytics, hosted behind Cloudflare DNS. Security posture is solid with HTTPS and cookie consent mechanisms, though some advanced security headers and DNSSEC are not implemented. Privacy compliance is strong, reflecting GDPR requirements with detailed cookie categories and user consent options. No critical vulnerabilities or suspicious indicators were found. Overall, BrandEx presents a professional, trustworthy, and well-maintained digital presence aligned with its business goals.

B

Banque centrale du Luxembourg

apieceofluxembourg.lu

60

The website 'A Piece of Luxembourg' is an official platform managed by the Banque centrale du Luxembourg, offering unique numismatic products that celebrate Luxembourg's culture, history, and heritage. It targets collectors and enthusiasts interested in Luxembourg-themed euro coins and related products, positioning itself as a niche leader in this specialized market. The business model revolves around e-commerce sales combined with cultural promotion, leveraging the authority and trust of the central bank. Technically, the website is built on WordPress and employs modern web technologies such as jQuery, FontAwesome, Swiper.js, and integrates Google Tag Manager for analytics. The site is mobile-optimized with good SEO practices and a moderate performance profile. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. From a security perspective, the site uses HTTPS with an excellent SSL configuration and implements cookie consent. However, it lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces domain registration transparency but does not significantly detract from the site's legitimacy given its official affiliation. Overall, the website presents a low-risk profile with strong business credibility and good technical and security posture. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility features to further strengthen trust and compliance.

SoviSol GmbH is a medium-sized German company specializing in the procurement and supply of solar energy components, including photovoltaic modules, battery storage systems, inverters, and mounting systems. With over 10 years of experience, the company targets professional customers such as solar installers, builders, and project developers. Their website presents a professional image with clear navigation, relevant content, and a focus on sustainable energy solutions. The company maintains multiple physical locations in Germany and provides clear contact information. Technically, the website uses modern frontend technologies like jQuery, Bootstrap, and Swiper.js, and integrates Cookiebot for GDPR-compliant cookie consent management. The site is mobile-optimized and performs moderately well.

E

Eurener

eurener.com

47

Eurener is a Spanish photovoltaic module manufacturer specializing in high-quality, durable solar panels primarily targeting the European residential and commercial markets. The company emphasizes sustainability, advanced solar technologies, and premium design, supported by industry certifications and awards such as the TOP Brand seal and Ecovadis platinum medal. The website is built on WordPress with Elementor, featuring modern web technologies and multilingual support, providing a professional user experience with good navigation and mobile optimization. Security posture is adequate with HTTPS and domain registration protections, but lacks advanced DNS security and explicit security policies. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the website reflects a credible and established business with room for improvement in privacy and security transparency.

T

TESVOLT AG

tesvolt.com

57

TESVOLT AG is a German-based company specializing in the production and provision of lithium battery storage systems tailored for renewable energy applications across industry, commerce, and agriculture sectors. The company positions itself as a leading European full-service provider with a strong market presence demonstrated by over 6,000 projects worldwide. TESVOLT offers a broad product portfolio including cabinet and container systems, energy management solutions, and partner programs to support sustainable energy transitions. Technically, the website is built on the CIDEMOS CMS platform with modern web technologies such as lazy loading, JSON-LD structured data, and Google Tag Manager for analytics. The site is well-optimized for mobile devices and SEO, providing a professional user experience with clear navigation and comprehensive content. From a security perspective, the website enforces HTTPS, uses CSRF tokens in forms, and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers are not detected, and no dedicated incident response or vulnerability disclosure pages are present, indicating room for improvement in security transparency and defense-in-depth. Overall, the website and business exhibit a high level of professionalism and trustworthiness, supported by certifications, awards, and active social media engagement. The only notable concern is the lack of WHOIS data, which may be due to domain privacy or registration anomalies but does not currently detract significantly from the company's credibility. Strategic recommendations include enhancing security headers, publishing incident response information, and implementing a security.txt file to further strengthen security posture and stakeholder trust.

E

EVBox

evbox.com

11

EVBox is a well-established global provider of electric vehicle charging stations and software solutions, founded in 2007. The company targets businesses, resellers, distributors, installers, OEMs, and electric vehicle users, offering scalable and modular charging solutions alongside partner support and maintenance services. Their market position is strong within the energy and transportation sectors, supported by a global partner network and certifications. Technically, the website is built on WordPress with modern SEO and analytics tools, hosted by OVH sas, and optimized for performance and mobile devices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though DNSSEC is not enabled and some security headers could be added. The domain registration is consistent and trustworthy, with no privacy protection but with domain status flags to prevent unauthorized changes. Overall, the website is professional, secure, and compliant with GDPR, providing a trustworthy digital presence for EVBox.

BIOK laboratorija is a Lithuanian cosmetics manufacturing company specializing in natural and innovative cosmetic and oral care products. They manage multiple brands and serve Nordic and European markets with over 250 products. The website is professionally designed, mobile-optimized, and includes comprehensive privacy and cookie policies compliant with GDPR. Technically, the site uses a mix of legacy and modern JavaScript libraries, Google Analytics, and Facebook SDK for marketing and tracking. Security posture is generally good with HTTPS and reCAPTCHA implemented, but lacks explicit security headers and uses an outdated jQuery version. WHOIS data is missing, which raises some concerns about domain registration transparency. Overall, the site is trustworthy and professional but could improve security and domain registration visibility.

L

L'Occitane en Provence

loccitane.com

72

L'Occitane en Provence operates a global e-commerce platform specializing in premium beauty and skincare products inspired by the Provence region. The website demonstrates a mature digital infrastructure leveraging Salesforce Commerce Cloud, React, and modern web technologies to deliver a responsive and accessible user experience. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a strong commitment to user data protection. Security posture is robust with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not prominently disclosed. Overall, the website presents a professional and trustworthy front for a large retail brand, with minor gaps in transparency around security and contact information.

Zakon.hr is a well-established Croatian legal information portal operated by cyber_Folks d.o.o., providing comprehensive access to laws, regulations, and legal documents. The website targets legal professionals, businesses, and the general public seeking reliable legal information. It maintains a strong market position as a leading legal resource in Croatia, supported by updated content and a related AI legal assistant service, Zakon.ai. The business model appears to be a combination of subscription and advertising revenue streams.

M

Merantix Momentum

merantix-momentum.com

66

Merantix Momentum is a German-based technology company specializing in AI and machine learning solutions tailored for businesses across various industries. The company positions itself as a partner for developing and operating customized AI use cases, targeting a broad B2B audience. The website content is professional, well-structured, and localized in German, indicating a focus on the German-speaking market. The digital infrastructure leverages modern web technologies including Webflow CMS, Cookiebot for consent management, HubSpot for marketing and analytics, and Google Tag Manager, reflecting a mature digital presence. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and vulnerability disclosure mechanisms are absent. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website appearance. Overall, the site demonstrates good privacy compliance and marketing transparency but would benefit from enhanced security disclosures and verified domain registration information.

M

Ministarstvo zaštite okoliša i zelene tranzicije

bioportal.hr

48

Bioportal.hr is the official web portal for the Information System for Nature Protection in Croatia, operated by the Ministry of Environment and Green Transition. It serves as a comprehensive platform providing biodiversity data, observation reporting tools, red list assessments, and other resources aimed at supporting nature conservation efforts. The website targets researchers, environmental professionals, government agencies, and the general public interested in Croatian natural heritage. It holds a strong market position as the authoritative national resource for environmental data and reporting. Technically, the website is built on WordPress with multilingual support via WPML, leveraging modern JavaScript libraries such as jQuery and Swiper.js for interactive features. The site includes a GDPR-compliant cookie consent mechanism and integrates Google Analytics for visitor insights. Performance and mobile optimization are good, with accessibility features implemented to support diverse users. From a security perspective, the site enforces HTTPS and uses cookie consent best practices. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the domain's legitimacy and alignment with the governmental entity operating the site. Overall, bioportal.hr demonstrates a solid security posture, good privacy compliance, and professional digital presence. It is a trustworthy platform for environmental data dissemination with room for minor security enhancements.

G

Gradski muzej Novalja

gradskimuzejnovalja.hr

40

Gradski muzej Novalja is a small government/non-profit cultural institution based in Croatia, focused on preserving and presenting the cultural heritage of Novalja and its surroundings. The website serves as an informational and educational platform offering museum exhibitions, lectures, and workshops to the local community and visitors. The digital presence is built on a modern WordPress CMS with Elementor and Astra theme, providing a good user experience with mobile optimization and SEO enhancements. Security posture is adequate with HTTPS enabled and no visible exposed sensitive data, but lacks advanced security headers and incident response information. Privacy compliance is limited, with no explicit cookie consent or detailed GDPR policy. Overall, the website is trustworthy and professionally maintained, suitable for its cultural mission.

V

Vodovod d.o.o. – Podružnica Novalja

aglomeracijanovalja.hr

42

The website represents a public infrastructure project managed by Vodovod d.o.o. – Podružnica Novalja, focused on improving water supply and wastewater treatment infrastructure in the Novalja region of Croatia. The project is co-financed by the European Union through the Cohesion Fund and national funds, emphasizing environmental protection and public utility enhancement. The site provides detailed project descriptions, progress updates, and contact information for stakeholders and the public. Technically, the website is built on WordPress CMS, utilizing common technologies such as jQuery, Yoast SEO for search engine optimization, and Swiper.js for interactive sliders. Hosting is provided by Plus Hosting Grupa d.o.o., a Croatian hosting provider. The site is mobile-optimized with good navigation and moderate performance. Google Analytics is used for visitor tracking, with a cookie consent mechanism in place to comply with GDPR. From a security perspective, the site enforces HTTPS and employs cookie consent banners, but lacks explicit security headers and public security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the hosting provider and the domain age aligns with the project timeline, supporting legitimacy. Overall, the website is professional, trustworthy, and compliant with privacy regulations. It effectively serves its purpose as an informational portal for a public utility project. Strategic improvements could include enhanced security headers, public incident response information, and accessibility enhancements to further strengthen security posture and user experience.

E

Ekstreemmoto OÜ

klim.ee

42

Klim.ee is an Estonian e-commerce website specializing in quality on-road and off-road motorcycle apparel and accessories. Operated by Ekstreemmoto OÜ, the site targets motorcycle enthusiasts in Estonia, offering a range of products including jackets, pants, helmets, gloves, and protective gear for both men and women. The business appears to be a small-sized retailer founded in 2019, with a clear focus on niche motorcycle apparel markets. The website is professionally designed with good navigation and mobile responsiveness, supporting a positive user experience.

A

Allee restoran

alleerestoran.ee

44

Allee restoran is a small hospitality business located in Tallinn, Estonia, offering a diverse and seasonal menu with a focus on fresh, local ingredients catering to omnivores and vegans alike. The restaurant operates at two addresses and provides services including lunch offers, breakfast, drinks, group menus, and event hosting. The website is professionally designed, mobile-optimized, and integrates modern web technologies and analytics tools, reflecting a mature digital presence. However, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is good with HTTPS and no exposed sensitive data, but could be improved by adding security headers and incident response information. Overall, the site is trustworthy, content-rich, and well-positioned in its market segment.

S

Splitsko-dalmatinska Županija

digitalnadalmacija.hr

56

Digitalna Dalmacija is a regional technology and education initiative led by the Split-Dalmatia County, focused on fostering digital skills, startup ecosystem growth, and a vibrant technology community in Croatia. The website serves as a hub for educational programs, startup acceleration, and community events, targeting students, professionals, retirees, and entrepreneurs. It is well-positioned as a government-backed regional technology hub with strong partnerships and community engagement. The technical infrastructure is based on ASP.NET WebForms with modern JavaScript libraries and CMS (DNN), providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and some best practices, but lacks explicit security headers and vulnerability disclosure mechanisms. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional, trustworthy, and content-rich, but could improve in privacy and security transparency.

T

Telia Eesti AS

winterplace.ee

45

Otepää Winterplace is Estonia's largest winter park located in the city center of Otepää, offering a variety of winter leisure activities including snowtubing, ice skating, igloo cinema, and play areas for children. The business targets families, youth, and groups such as schools and companies, positioning itself as a premier winter entertainment destination in Estonia. The website reflects a well-structured and visually appealing platform with integration of social media and mapping services to enhance user engagement. Technically, the site employs modern JavaScript libraries and Google services, managed via the Greativ CMS, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and basic consent mechanisms, but lacks explicit privacy policies and security headers, which are areas for improvement. Overall, the domain registration and website content are consistent and legitimate, supporting a trustworthy online presence for the business.

Z

Zone Media OÜ

sunset.ee

45

Club Sunset is a well-established hospitality business operating a popular summer nightclub and event venue located in Pärnu, Estonia. The website reflects a professional and modern digital presence with clear branding and a focus on nightlife, events, and cocktail services. The business targets a mature audience interested in entertainment and social gatherings during the summer season. The domain age and WHOIS data confirm a stable and legitimate operation with consistent registration details matching the business location. Technically, the website uses a proprietary CMS (Greativ), modern JavaScript libraries such as Swiper.js for UI components, and integrates Google Fonts and Google Tag Manager for analytics and tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some accessibility features appear basic, and performance is moderate. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers and does not provide a privacy policy or cookie consent mechanism, which are critical for GDPR compliance. No vulnerability disclosure or incident response information is available, indicating room for improvement in security transparency and user trust. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website is credible and professionally maintained but should prioritize privacy compliance and security best practices to enhance trust and regulatory adherence. Adding privacy and cookie policies, security headers, and vulnerability disclosure would significantly improve the security posture and user confidence.

U

Ugandi Resto

ugandiresto.ee

44

Ugandi Resto is a well-established restaurant located in Otepää, Estonia, offering a unique blend of Nordic and Mediterranean cuisine. The business has a strong local presence with over 23 years of history and multiple prestigious awards, positioning it as a reputable hospitality provider in the region. The website reflects a professional and customer-friendly approach with clear service offerings including dining, private event hosting, and gift cards. Technically, the website uses modern web technologies and a proprietary CMS, delivering a good user experience with mobile optimization and rich content. However, there are gaps in privacy compliance and security best practices, notably the absence of privacy and cookie policies and limited security headers. The security posture is adequate but could be enhanced to meet higher standards. Overall, the site is trustworthy and well-maintained but should address compliance and security improvements to reduce risk and enhance user trust.

O

OÜ Sahkar TT

sahkar.ee

43

OÜ Sahkar TT is a small Estonian company specializing in external network construction and large-scale earthworks, offering services such as material sales and transport, machine rental with operator, and trailer transport. The company targets businesses and clients requiring construction and logistics services within the region. The website is professionally designed using the Greativ CMS platform and incorporates modern JavaScript libraries for enhanced user experience. It is hosted by Zone Media OÜ and uses HTTPS to secure communications. However, the site lacks privacy and cookie policies, which are critical for GDPR compliance. Security headers are also missing, representing an area for improvement. Overall, the website is functional, safe, and trustworthy but could benefit from enhanced privacy and security measures.

K

Kalev Spa Hotell & Veekeskus

kalevspa.ee

44

Kalev Spa Hotell & Veekeskus is a well-established hospitality and wellness business located in Tallinn, Estonia, known for its water park, spa services, hotel accommodations, and sports club. The website reflects a mature digital presence with multi-language support, professional design, and comprehensive service information targeting tourists, families, and business clients. Technically, the site uses modern JavaScript libraries, a CMS platform (Greativ), and integrates with third-party booking and marketing tools, ensuring a good user experience and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security and incident response policies are not publicly detailed. Overall, the site is trustworthy, compliant with GDPR, and professionally maintained.

E

Ekotek Eesti OÜ

ekotek.com

45

Ekotek Eesti OÜ operates as the authorized distributor of Victorinox products in the Baltic region, primarily serving Estonia with a retail presence in over 50 stores. The company focuses on offering high-quality Victorinox pocket tools, kitchen knives, and corporate gifting solutions, targeting both consumers and business clients. Founded in 1997, Ekotek has established a reputable market position as a trusted regional distributor. Technically, the website is built on the Greativ CMS platform and leverages modern JavaScript libraries such as Swiper.js and Plyr.js for enhanced user experience. It integrates Google Fonts, Facebook SDK, and YouTube APIs, indicating a mature digital infrastructure. The site is mobile-optimized and includes cookie consent mechanisms compliant with GDPR, reflecting a good level of digital maturity. From a security perspective, the site enforces HTTPS and uses cookie consent to manage tracking. However, DNSSEC is not enabled, and explicit security headers are not detected in the HTML content, suggesting room for improvement in hardening security posture. No incident response or vulnerability disclosure policies are publicly available, which could be enhanced to improve trust and compliance. Overall, Ekotek's website is professional, trustworthy, and compliant with privacy regulations, with a solid business foundation and a clear focus on retail distribution. Strategic improvements in security headers and DNS security would further strengthen its security posture.

Z

Zone Media OÜ

unibetarena.ee

44

Unibet Arena is a modern event and entertainment venue based in Estonia, operated by Zone Media OÜ since 2022. The website provides comprehensive information about upcoming events, venue spaces, and visitor services, targeting event attendees and organizers. The business model focuses on venue rental and event hosting, supported by catering and technical services. The site is professionally designed with consistent branding and good user experience, optimized for mobile devices. Technically, it uses modern JavaScript libraries, Google APIs, and is hosted on Microsoft Online infrastructure. Security posture is solid with HTTPS, security headers, and privacy-conscious cookie consent, though some improvements are recommended such as fixing lazy loading errors and adding explicit security policies. Overall, the website is trustworthy and compliant with GDPR, with a clear business presence and no suspicious indicators.

K

KIWIS & BROWNIES

prombu.com

50

Prombu.com is a German-based SaaS provider specializing in online promotional tools such as Advent calendars and football World Cup prediction games. The company, branded as KIWIS & BROWNIES, targets small to medium businesses, clubs, and private users seeking to engage customers and fans through interactive web applications. The website is professionally designed with clear navigation, responsive layouts, and detailed product descriptions, supporting a positive user experience. Technically, the site uses modern frontend frameworks like Bootstrap and Swiper.js, hosted behind Cloudflare DNS, but lacks advanced CMS or analytics integrations. Security posture is adequate with HTTPS enforced but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Contact information is limited to a support email, with no phone or physical address disclosed. Overall, the site is trustworthy and functional but would benefit from enhanced security and privacy features.

G

Generac Power Systems, Inc.

generac.com

68

Generac Power Systems, Inc. is an established enterprise specializing in manufacturing reliable and environmentally-friendly power generation equipment including home standby generators, portable power solutions, solar and battery systems, and EV chargers. The company targets residential and industrial customers seeking dependable energy solutions. Their website reflects a mature digital presence with modern technologies such as Vue.js, Amplitude analytics, and Google Tag Manager, supporting a good user experience and performance. Privacy and cookie policies are implemented with consent mechanisms, indicating compliance with data protection regulations. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly available. The absence of WHOIS data is a notable gap but does not detract from the overall legitimacy suggested by the website content and integrations.

P

Pracenamieru.sk

pracenamieru.sk

36

Pracenamieru.sk is an online platform founded in 2016 that offers professional academic writing assistance primarily targeting students in Slovakia and neighboring countries. The service emphasizes anonymity, originality, and customer satisfaction, providing a range of academic work types including seminar, bachelor, diploma, and MBA papers. The business model revolves around an online ordering system with options for installment payments and free revisions, supported by a team of approximately 50 experts. The website features testimonials and a cookie consent mechanism, reflecting a moderate level of trust and compliance with privacy regulations. Technically, the website employs a modern JavaScript stack including jQuery, Swiper.js, and tracking tools such as Google Analytics and Hotjar. It is hosted by Active24 with DNSSEC enabled and uses HTTPS, ensuring a secure connection. The site is mobile-optimized with good navigation and content quality, although accessibility features are basic. No CMS or major frameworks are detected, indicating a custom-built solution. From a security perspective, the site benefits from HTTPS and DNSSEC but lacks explicit HTTP security headers and published security policies or incident response contacts. Forms include honeypot fields to mitigate bot submissions, and cookie consent is implemented. However, the absence of direct company contact details and security disclosures suggests room for improvement in transparency and security posture. Overall, the website presents a legitimate, small-scale educational service with good content and technical implementation but moderate security and privacy compliance maturity. Strategic enhancements in security headers, incident response transparency, and contact information disclosure would strengthen trust and resilience.

L

Leopold Kostal GmbH & Co. KG

kostal-drives-technology.com

64

KOSTAL Drives Technology is a well-established industrial technology company specializing in frequency converters and motor control solutions. With a heritage spanning over 100 years, the company holds a strong market position as a leader in energy-efficient and sensorless motor control technologies. Their product portfolio targets diverse industrial sectors including machinery, water treatment, renewable energy, logistics, and building technology. The website reflects a professional and comprehensive digital presence, supporting global operations with multiple languages and extensive product information. Technically, the website is built on TYPO3 CMS and incorporates modern web technologies such as Bootstrap, Swiper.js, and Google Tag Manager. It demonstrates good performance, mobile optimization, and accessibility features. Privacy compliance is robust, featuring a consent management platform (Usercentrics) and clear GDPR-aligned policies. Security posture is strong with HTTPS enforcement and secure form handling, though some security headers could be explicitly improved. The WHOIS data is unavailable or not found, which is unusual but the website's content, branding, and external references to the Kostal group domains support its legitimacy. No WAF or blocking mechanisms were detected, allowing full content access and analysis. Overall, the site is trustworthy, professional, and well-maintained, with minor recommendations for enhanced security headers and vulnerability disclosure practices.

K

KOSTAL Automobil Elektrik GmbH & Co. KG

kostal-automobil-elektrik.com

63

KOSTAL Automobil Elektrik GmbH & Co. KG is a globally recognized automotive supplier specializing in mechatronic and electronic components for electromobility and future vehicle user interfaces. The company positions itself as a worldwide leader with a strong focus on innovation, energy efficiency, and embedding people-centric solutions. Their product portfolio includes Comfort Electronics, Comfort Controls, and Drive Controls, targeting automotive manufacturers and partners. The website reflects a mature digital presence built on TYPO3 CMS, integrating modern technologies such as Google Tag Manager and Usercentrics for privacy compliance. The content is professionally curated, with clear navigation and multilingual support, indicating a well-established corporate identity. However, the WHOIS data for the domain is missing or indicates the domain is unregistered, which raises concerns about domain registration legitimacy despite the professional website content.

K

Krajowa Izba Gospodarcza Elektroniki i Telekomunikacji (KIGEiT)

fgtime.pl

60

FGTIME.pl is the official website for the 17th Forum Gospodarcze TIME ICTWEEK, a significant economic forum focused on digital transformation, telecommunications, and technology in Poland and Europe. Organized by the Krajowa Izba Gospodarcza Elektroniki i Telekomunikacji (KIGEiT) and partners, the site serves as a platform to promote events, partnerships, and strategic initiatives aligned with Poland's digital decade and EU presidency. The website targets business professionals, government officials, and technology stakeholders, providing event information, photo galleries, and partner details. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies including Google Tag Manager and CookieYes for consent management. The site demonstrates good SEO practices with structured data and Open Graph metadata, moderate performance, and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms, though some security headers are not explicitly detected. No critical vulnerabilities or blocking mechanisms were found, and the site maintains a professional and trustworthy appearance. However, explicit privacy policy and terms of service pages were not detected, which could be improved for compliance and user trust. Contact information is limited to social media and event venue address, with no direct emails or phone numbers visible. Overall, FGTime.pl is a credible and well-maintained site supporting an important industry event, with recommendations to enhance security headers and publish comprehensive privacy and security policies for improved compliance and transparency.

E

Etnetera Motion

motion.cz

66

Etnetera Motion is a full-service digital agency based in Prague and part of the Etnetera Group. The company specializes in crafting digital products and services that help businesses grow and build strong relationships with their customers. Their key services include influencer marketing, campaign management, project management, strategy, design, UI, and UX. The website reflects a professional and modern digital agency targeting business clients seeking creative and strategic digital solutions. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Tag Manager, Google Analytics, Cookiebot for consent management, and Cloudflare Turnstile for bot protection. The site is mobile-optimized, uses a CDN for hosting, and implements good SEO and accessibility practices, though accessibility could be further improved. From a security perspective, the site enforces HTTPS, employs standard security headers, and provides a comprehensive cookie consent mechanism with granular user controls. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not present, representing areas for improvement. Overall, the website is trustworthy, professionally designed, and compliant with GDPR requirements. The lack of WHOIS data due to privacy protection is typical for commercial entities and does not detract from the site's legitimacy. Strategic recommendations include publishing terms of service, security policies, and incident response information to enhance transparency and trust.

B

Baytree Interactive Ltd

jackpotcity.com

62

Jackpot City is a well-established online casino platform operated by Baytree Interactive Ltd, registered in Guernsey. The website offers a comprehensive range of casino games including slots, blackjack, roulette, and video poker, targeting both novice and experienced players globally. It emphasizes convenience, mobile compatibility, and a rewarding user experience through bonuses and loyalty programs. The platform is certified by reputable bodies such as eCOGRA and regulated by the Kahnawake Gaming Commission, enhancing its credibility in the online gambling market. Technically, the site employs modern JavaScript libraries, Google Tag Manager for analytics, and Cloudflare for hosting and performance optimization. The website is mobile-optimized with good SEO and accessibility basics. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response information are lacking. WHOIS data is unavailable, likely due to privacy protection, which is common in the gambling industry but slightly reduces transparency. Overall, Jackpot City presents a professional, trustworthy, and user-friendly online casino experience with room for improvement in security disclosures and direct contact information.