Security Directory

The website www.sp.gov.br is the official digital portal for the Government of the State of São Paulo, Brazil, managed by the Companhia de Processamento de Dados do Estado de São Paulo (Prodesp). It serves as a comprehensive platform providing institutional information, public services, news updates, and communication channels to residents, government employees, and visitors. The site demonstrates a mature digital presence with consistent branding and a clear focus on accessibility and transparency. Technically, the site leverages modern web technologies including jQuery, Bootstrap, FontAwesome, and Slick Carousel, integrated within an IBM WebSphere Portal framework. It employs Google Tag Manager and Microsoft Clarity for analytics and user behavior tracking. The site is mobile-optimized and includes accessibility features such as VLibras for sign language support, reflecting a commitment to inclusive design. From a security perspective, the website enforces HTTPS and provides clear incident response contacts including a CSIRT email. While explicit security headers were not fully visible in the HTML, the overall posture is strong with no exposed sensitive data or vulnerable libraries detected. Privacy and cookie policies are comprehensive and GDPR-compliant, supporting user data protection and transparency. Overall, the website is trustworthy, professionally maintained, and aligned with the expectations for a government portal. It effectively balances user experience, accessibility, and security, making it a reliable resource for its audience.

R

ROMSLOT – Asociaţia Organizatorilor de Sloturi

romslot.ro

41

ROMSLOT is a Romanian industry association representing slot machine operators and manufacturers. It serves as a key voice in the gambling sector, advocating for industry interests and promoting responsible gaming. The website is professionally designed using WordPress and includes relevant content such as news, member lists, and legislative information. The technical infrastructure is modern with common WordPress plugins and frontend technologies. Security posture is adequate with HTTPS enabled but lacks some security headers and formal privacy/cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is trustworthy and well-positioned within its niche.

Ž

Ženský byznys, z.s.

zensky-byznys.cz

58

Ženský byznys, z.s. is a Czech non-profit organization dedicated to empowering women by providing mentoring, workshops, and professional development programs. The organization positions itself as a leader in fostering female leadership and entrepreneurship in the Czech Republic, with partnerships including Visa and ČSOB. Their website reflects a professional and consistent brand image, targeting women professionals, entrepreneurs, and those seeking career advancement. Technically, the website is built on WordPress with modern plugins and SEO optimizations, delivering a good user experience with mobile responsiveness and accessibility considerations. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the site is trustworthy, compliant with GDPR, and provides valuable content and community engagement for its audience.

R

Radicenter

radicenter.eu

63

Radicenter is a small Estonian technology company specializing in web hosting and domain registration services. The company offers a range of hosting packages featuring cPanel management, malware scanning, and website optimization tools, targeting individuals and businesses primarily in Estonia and neighboring regions. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive business information including privacy and terms of service documents. Technically, the site is built on WordPress with modern frameworks such as Bootstrap and uses popular plugins like Contact Form 7 and WPBakery Page Builder. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though security headers could be improved. No WHOIS registrant data is publicly available due to EURid privacy policies, but the website's professionalism and compliance suggest legitimacy. Overall, Radicenter demonstrates a mature digital presence with good privacy compliance and business credibility.

B

Únikové hry Brno | Brain Teaser

brainteaser.cz

49

Brain Teaser is a small entertainment service provider specializing in escape room games located in Brno, Czech Republic. The website presents a professional design built on WordPress with popular plugins such as Yoast SEO and Elementor, indicating a moderate level of digital maturity. However, the absence of WHOIS registration data and lack of visible privacy and cookie policies suggest gaps in compliance and transparency. Security posture is basic with no detected security headers or incident response information, which could expose the business to risks. Overall, the site is functional and content-rich but requires improvements in security and compliance to enhance trust and reduce risk.

T

Televize Beskyd

tvbeskyd.cz

54

Televize Beskyd is a regional media company focused on delivering news and video content primarily for the Valašsko region in the Czech Republic. The website serves as a platform for local news coverage, video broadcasting, and community engagement. It targets a regional audience interested in current events in Rožnov pod Radhoštěm, Frenštát pod Radhoštěm, Zubří, and surrounding areas. The business operates as a small-scale media outlet with a focus on regional content.

M

Město Hranice

mesto-hranice.cz

51

Město Hranice operates an official municipal website serving the city of Hranice in the Czech Republic. The site provides comprehensive information and services for citizens, entrepreneurs, and tourists, including news updates, official notices, administrative contacts, and cultural resources. The website is well-branded with consistent city imagery and displays multiple certifications and awards, enhancing its credibility as a trusted government portal. Technically, the site uses modern web technologies such as HTML5, CSS3, JavaScript, and frameworks like Nette, with responsive design and cookie consent mechanisms implemented. Security posture is moderate, with HTTPS in use and cookie consent present, but lacking explicit security headers and detailed privacy policies. The WHOIS data is unavailable, likely due to privacy protection, which is common and justified for municipal websites. Overall, the website is professional, trustworthy, and serves its intended audience effectively.

S

Salsify

salsify.com

69

Salsify operates as an enterprise-level SaaS provider specializing in Product Experience Management (PXM) platforms. The company targets businesses that require efficient management and automation of product content across digital channels. Their market position is supported by professional branding, customer testimonials, and integration with marketing platforms such as HubSpot and Wistia for video content. The website demonstrates a mature digital presence with good content quality and user experience, although some compliance-related pages like privacy and cookie policies were not detected in the provided data. Technically, the website leverages modern web technologies including HubSpot CMS, JavaScript libraries, and third-party marketing and analytics tools. The infrastructure supports multimedia content and marketing automation, indicating a well-developed digital maturity. Performance and mobile optimization are good, though accessibility features appear basic. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks visible security headers in the provided data. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces transparency and trust slightly, but the professional presentation and customer references mitigate this concern. Privacy compliance indicators are weak due to missing policy pages. Overall, the website presents a low to moderate risk profile with strong business credibility but could improve transparency and compliance documentation. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and cookie policies, and verifying domain registration details to improve trustworthiness.

R

RJFM

rjfm.net

56

RJFM is a well-established local radio station based in Montluçon, France, providing regional news, music hits, and podcasts primarily targeting local residents. The website reflects a professional media outlet with a consistent brand presence and a focus on delivering local content digitally. The business operates a multi-channel digital presence including streaming, podcasts, and mobile applications, positioning itself as a key local media player in the Allier region. Technically, the website uses modern web technologies and CDNs to deliver content efficiently, with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS, domain locking, and reCAPTCHA integration, though improvements such as DNSSEC and enhanced security headers are recommended. Privacy compliance is basic but includes cookie consent and a privacy policy in French. Overall, the site is trustworthy and safe for general audiences, with no adult or explicit content detected.

T

TigerHostings

tigerhostings.com

44

TigerHostings is a small technology company specializing in WordPress hosting services, offering multiple subscription plans tailored for various customer needs worldwide. The company emphasizes speed, security, and customer support, positioning itself as a reliable hosting provider recommended by WordPress.com. The website is built on WordPress with modern plugins and technologies, providing a good user experience with clear navigation and responsive design. However, the site lacks explicit privacy and cookie policies, which impacts compliance and trust. Security posture is moderate with HTTPS enabled and reCAPTCHA integration, but missing DNSSEC and security headers reduce overall security maturity. The domain registration is consistent with the business age and claims, registered through a reputable registrar without privacy protection, enhancing trustworthiness.

M

Mubea Carbo Tech GmbH

carbotech.at

10

Mubea Carbo Tech GmbH is a medium-sized Austrian manufacturing company specializing in the design, development, and production of fiber composite components for automotive series, motorsport, aeronautics, and industrial applications. As part of the global Mubea Group, it holds a leading market position as a pioneer in lightweight technology since its founding in 1993. The company offers full-service solutions from prototype to series production, targeting B2B clients in automotive and aerospace sectors. Technically, the website is built on a modern WordPress CMS with Elementor, leveraging common web technologies such as jQuery, Slick Carousel, and FontAwesome. It demonstrates good performance, mobile optimization, and SEO practices. The site employs GDPR-compliant cookie consent mechanisms via Cookiebot and integrates TrustCaptcha for form security. From a security perspective, the site uses HTTPS with good SSL configuration and employs privacy and cookie policies aligned with GDPR. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website presents a professional and trustworthy digital presence for Mubea Carbo Tech. The absence of WHOIS data limits domain trust assessment, but the business information and content quality support legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and adding incident response information to strengthen security posture and compliance.

W

weba Werkzeugbau Betriebs GmbH

weba.at

11

weba Werkzeugbau Betriebs GmbH is a medium-sized Austrian manufacturing company specializing in high-precision toolmaking for forming technology and lightweight construction. Their services span from component development, prototyping, to series production, serving industries such as automotive, agriculture, energy, and special protection vehicles. The company demonstrates a strong market position with a focus on quality, precision, and innovation, supported by certifications like ISO 45001. Technically, the website is built on TYPO3 CMS with modern responsive design and good SEO and accessibility practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response contacts could be improved. WHOIS data is privacy protected, which is justified for this business type. Overall, the website and business present a trustworthy and professional image with moderate to high digital maturity.

C

Caen Événements

caen-evenements.com

55

Caen Événements operates as the manager of the Centre de Congrès and Parc des Expositions in Caen, Normandy, producing both professional and public events such as congresses, gala evenings, and festivals. The website positions the company as a regional leader in event management within Normandy, targeting event organizers and attendees. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses various JavaScript libraries to enhance user experience. SEO and mobile optimization are well implemented, though accessibility could be improved. Security posture is solid with HTTPS and security headers in place, but lacks explicit privacy and terms of service documentation. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration status, which impacts overall trustworthiness. Strategic recommendations include adding comprehensive privacy and terms policies, improving contact transparency, and verifying domain registration details to enhance credibility and compliance.

F

Accueil | Foire St-Etienne

foiredesaintetienne.com

56

The website www.foiredesaintetienne.com represents the Foire de Saint-Etienne, an event held at Parc Expo from September 19 to 29, 2025. The site is built on Drupal 10 and uses modern web technologies including FontAwesome, Leaflet for maps, Slick Carousel for UI elements, and Matomo for analytics. It is targeted primarily at a French-speaking audience interested in attending the event. The website is professionally designed with good mobile optimization and accessibility features, providing a positive user experience. However, the absence of WHOIS data raises concerns about domain legitimacy and ownership transparency. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks comprehensive security headers and published security policies. Privacy compliance is basic, with no explicit privacy or terms of service pages found. Overall, the site is functional and informative but would benefit from enhanced transparency and security documentation.

F

Foire aux Vins d'Alsace : Festival et foire gastronomique internationale

foire-colmar.com

50

The website www.foire-colmar.com represents the Foire aux Vins d’Alsace, a well-established regional event combining a gastronomic wine fair, commercial exhibition, and music festival. It targets a broad audience including families, wine enthusiasts, and visitors to the Alsace region. The event is notable for its long history (77 editions) and diverse offerings including over 1500 wines, 350 exhibitors, and international artists. Technically, the site is built on Joomla CMS, uses modern web technologies, and implements GDPR-compliant privacy and cookie policies with consent mechanisms. The site is well-designed, mobile-optimized, and provides a good user experience with clear navigation and rich multimedia content. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure, though security headers are not evident and no explicit security or incident response policies are published. The absence of WHOIS data for the domain is a concern for domain legitimacy verification, though the professional presentation and external ticketing partnership support trust. Overall, the site is a credible and professional digital presence for a major cultural event in France.

S

Société

foireinternationale-nancy.com

59

Foire Expo de Nancy is a regional event organizer based in France, specializing in hosting a multi-sector trade fair that includes automotive, furniture, beauty, crafts, and gastronomy. The website serves as a platform for exhibitors and visitors to discover products, compare offers, and access event information. The business operates a ticketing system and provides exhibitor services, positioning itself as a key regional event in the Nancy area. Technically, the website is built on WordPress using Elementor, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though improvements such as DNSSEC and enhanced security headers are recommended. Privacy compliance is strong with clear policies and GDPR-aligned consent. Overall, the site is professional, trustworthy, and well-maintained, supporting the business's event-driven model effectively.

M

Mégacité Amiens

megacite.fr

57

Mégacité Amiens is a regional event venue in France specializing in exhibitions, congresses, and various events. The website presents a professional image with clear branding and relevant content targeting event organizers and attendees. The business model revolves around venue rental and event hosting services, positioning itself as an important player in the hospitality sector within the Amiens region. The site is built on Drupal 10 and incorporates modern web technologies and analytics tools such as Google Tag Manager and Matomo, indicating a moderate level of digital maturity. Privacy compliance is addressed through cookie consent mechanisms and a privacy policy, reflecting awareness of GDPR requirements. Security posture is generally good with HTTPS enforced and some security best practices observed, though explicit security headers and incident response information are lacking. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the website content and technical setup suggest a legitimate and trustworthy business. Overall, the site scores well in content quality, technical implementation, and privacy compliance, with room for improvement in security transparency and contact information availability.

M

Městská část Praha 1

planuj1.cz

59

The website planuj.praha1.cz serves as the official platform for the sustainable development strategy of the Prague 1 district. It provides detailed information about urban planning initiatives, public participation opportunities, sociological research, and participatory budgeting. The site targets residents, local stakeholders, and visitors interested in the future development of Prague 1. Technically, the site is built on WordPress with Elementor, leveraging modern JavaScript libraries such as jQuery and Swiper.js. It is served over HTTPS with a valid SSL certificate, ensuring secure connections. However, the absence of WHOIS data and privacy/cookie policies indicates areas for improvement in transparency and compliance. The security posture is moderate, with no detected vulnerabilities but lacking security headers. Overall, the site is professional, content-rich, and trustworthy as a government resource, but could enhance privacy compliance and security best practices.

T

Hledej Chorvatsko | pokoje a apartmány v Chorvatsku

travelplan.cz

48

The website www.ubytovanivchorvatsku.cz is a specialized online platform offering accommodation listings primarily focused on Croatia. It provides users with a comprehensive search interface to find private apartments and rooms across various Croatian regions, targeting tourists seeking affordable and direct bookings without intermediary commissions. The site features detailed listings with images, pricing, and location data, supporting a user-friendly experience with mobile responsiveness and clear navigation. Technically, the site employs common web technologies such as jQuery, Google Fonts, FontAwesome, Google Adsense, Facebook Pixel, and Google Analytics, indicating a moderate level of digital maturity. Security-wise, the site uses HTTPS but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. The absence of WHOIS data reduces transparency and trustworthiness from a domain registration perspective. Overall, the site is functional and relevant for its niche but would benefit from enhanced privacy compliance and security practices.

C

clubsAREculture

clubsareculture.de

40

clubsAREculture is a German-based cultural advocacy platform dedicated to supporting music clubs as vital cultural spaces. The website provides news, studies, newsletters, and event information related to club culture and live music, targeting cultural activists, policymakers, and the general public interested in the preservation and promotion of club culture. The platform operates as a small non-profit entity within the media sector, focusing on advocacy and information dissemination. Technically, the website is built on WordPress 6.8.3, utilizing a modern tech stack including jQuery, Modern Events Calendar Lite, and the Ashe theme. The hosting appears to be managed by Your-Server.de, with a moderate performance profile and good mobile optimization. SEO and accessibility are basic to good, with room for improvement in accessibility features. From a security perspective, the site uses HTTPS and updated software versions but lacks explicit security headers and a vulnerability disclosure policy. No cookie consent mechanism was detected, which is a compliance gap given GDPR relevance. Contact information is limited to a contact form, with no explicit emails or phone numbers found. Social media presence is active across major platforms. Overall, the website is functional, professional, and trustworthy within its niche but would benefit from enhanced security practices, privacy compliance improvements, and more transparent contact information to strengthen user trust and regulatory adherence.

A

Ad Shop AB

glasmonter.se

53

Glasmonter.se is an established Swedish e-commerce business specializing in the sale of glass showcases and cabinets primarily targeting professional customers such as companies, schools, museums, and private individuals valuing high quality and functional products. The company operates under Ad Shop AB and has been active since 2003, offering delivery and assembly services alongside standard and custom products. The website demonstrates a solid market position with trust indicators including a high credit rating and a professional online presence. Technically, the site is built on ASP.NET Web Forms with common JavaScript libraries and includes modern tracking and marketing tools with GDPR-compliant consent mechanisms. Security posture is adequate with HTTPS and reCAPTCHA usage, though it lacks advanced security headers and published security policies. The absence of WHOIS data for the domain is a notable concern that impacts trustworthiness and should be investigated further. Overall, the site provides a good user experience with clear business information and no adult or questionable content.

S

Sveučilišni računski centar (Srce)

srce.hr

54

Sveučilišni računski centar (Srce) is a central academic infrastructure institution affiliated with the University of Zagreb, providing comprehensive computing, networking, identity management, data repository, and digital education services to the Croatian academic and research community. The website reflects a mature digital presence with a professional design, clear navigation, and extensive content tailored to its target audience of students, researchers, and academic institutions. Technically, the site is built on Drupal 9 with modern libraries and frameworks, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS, cookie consent, and anti-bot measures, though explicit security headers could be enhanced. Privacy compliance is well addressed with detailed policies and consent mechanisms. Overall, the site demonstrates high business credibility and trustworthiness, despite the WHOIS data being privacy protected, which is justified for this type of institution.

Č

Česká gymnastická federace

gymfed.cz

49

Česká gymnastická federace is the official national governing body for gymnastics sports in the Czech Republic, providing comprehensive information, event calendars, results, and resources for multiple gymnastics disciplines including artistic gymnastics, TeamGym, aerobics, acrobatic gymnastics, trampoline, parkour, and more. The website targets athletes, coaches, referees, clubs, and gymnastics enthusiasts, offering news updates, directories, and an e-shop for gymnastics equipment. Technically, the site employs modern frontend technologies such as Bootstrap, jQuery, Flickity, and Google Analytics, with good mobile optimization and accessibility features. However, the absence of explicit privacy and cookie policies and lack of security headers indicate areas for improvement in privacy compliance and security posture. The WHOIS data is unavailable, limiting domain legitimacy verification, but the presence of official contact details and social media links supports the site's credibility. Overall, the site is professional, content-rich, and trustworthy within its domain.

E

eEducation Austria

eeducation.at

64

eEducation Austria is a well-established non-profit organization dedicated to advancing digital education across Austrian schools. The website serves as a comprehensive platform offering digital competence models, educational resources, tools, and community networking to support educators and institutions in their digital transformation journey. The organization targets schools and educators primarily within Austria, positioning itself as a key player in the national digital education landscape. Technically, the website is built on TYPO3 CMS with modern frontend technologies such as Bootstrap, jQuery, and FontAwesome, providing a responsive and user-friendly experience. While the site is well-structured and content-rich, it lacks visible privacy and cookie policies, which are critical for GDPR compliance. Security-wise, HTTPS is enforced, but additional security headers are not evident, and no explicit incident response or security policies are published. Overall, the website demonstrates a solid business credibility and technical foundation but would benefit from enhanced privacy compliance and security best practices to strengthen trust and regulatory adherence.

V

Verband der Veranstaltungsorganisatoren e.V.

vdvo.de

59

The website vdvo.de represents the Verband der Veranstaltungsorganisatoren e.V., a German industry association focused on innovation within the MICE (Meetings, Incentives, Conferences, and Exhibitions) sector. The organization provides startup support, education, political advocacy, and sustainability initiatives tailored to the event industry. The site positions itself as a niche player supporting MICE innovation with a clear target audience of industry professionals and startups. The business model revolves around membership, education, and sector advocacy, with a small organizational size and a strong German regional focus. Technically, the website is built on the Squarespace platform, leveraging modern web technologies such as Google Fonts, Google Tag Manager, and reCAPTCHA for security and analytics. The site demonstrates good mobile optimization, a professional design, and clear navigation, although accessibility features are basic. Performance is moderate, typical for a CMS-based site. Structured data in JSON-LD format enhances SEO and provides clear organization and local business information. From a security perspective, the site enforces HTTPS with HSTS enabled, uses Google reCAPTCHA to protect forms, and includes security headers. However, it lacks explicit security policies, vulnerability disclosure mechanisms, and comprehensive privacy and cookie consent implementations, which are areas for improvement. No critical vulnerabilities or suspicious patterns were detected. The WHOIS data is minimal but consistent enough with the website's claims, supporting legitimacy. Overall, vdvo.de is a professionally presented, secure, and credible website for a specialized industry association. Strategic recommendations include adding explicit privacy and cookie consent policies, implementing a security.txt file, enhancing accessibility, and maintaining regular security audits to uphold compliance and trust.

A

Arbeitsgemeinschaft der Evangelischen Jugend in Deutschland e. V. (aej)

evangelische-jugend.de

52

The Arbeitsgemeinschaft der Evangelischen Jugend in Deutschland e. V. (aej) operates as a national umbrella organization for Protestant youth work in Germany. Their website serves as a comprehensive portal offering resources, advocacy information, funding guidance, and project details targeted at children, youth, and professionals in youth work. The organization maintains a strong presence with clear contact channels, social media engagement, and a newsletter subscription service. Technically, the site is built on TYPO3 CMS with modern frontend technologies including jQuery and FontAwesome, supported by Matomo analytics for privacy-conscious tracking. The site is well-structured, mobile-optimized, and accessible, reflecting a mature digital infrastructure.

C

CFL

cfl.lu

19

CFL is the national railway company of Luxembourg, providing passenger and freight transport services along with mobility solutions such as carsharing, bicycles, tram, and funicular. The website serves as a comprehensive travel portal offering timetable searches, ticket bookings (both national and international), travel packages, and customer services. The company holds a strong market position in Luxembourg's transportation sector with a large operational scale and multiple subsidiaries. Technically, the website employs modern frameworks like Bootstrap and FontAwesome, integrates Google Tag Manager and Matomo for analytics, and is optimized for mobile and accessibility. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response contacts are not found. Privacy compliance is good with privacy and cookie policies and consent mechanisms in place. Overall, the website is professional, trustworthy, and user-friendly, though the lack of WHOIS data slightly reduces trustworthiness from a domain registration perspective.

E

Exevio Ltd.

exevio.com

41

Exevio Ltd. is a Croatia-based small technology company specializing in corporate IT solutions including web development, loyalty platforms, app and game development, and quality assurance services. Founded in 2013, the company positions itself as a trusted partner for corporate clients seeking tailored IT solutions. The website reflects a professional and consistent brand image with clear service offerings and client partnerships. Technically, the site uses modern JavaScript libraries such as jQuery and integrates Google Analytics and Tag Manager for user tracking. The site is mobile optimized and has good SEO practices, though accessibility features could be improved. Security posture is solid with HTTPS enforced and domain transfer protection enabled, but lacks DNSSEC and explicit security headers. Privacy compliance is well addressed with accessible privacy, cookie, and terms policies, including a cookie consent mechanism and GDPR indicators. Business credibility is supported by ISO certifications and EU funding acknowledgments. Overall, the website is trustworthy and professionally maintained with moderate user tracking and good content quality.

C

CEC Praha a.s.

starcasinoteplice.cz

9

Star Casino Teplice operates as a modern casino located in Teplice, Czech Republic, offering a variety of live casino games including American Roulette, Black Jack, and Poker, alongside Video Lottery Terminals (VLT) from multiple providers. The business targets adult customers seeking gambling entertainment with additional food and beverage services enhancing the experience. The website is professionally designed with clear navigation and mobile optimization, reflecting a medium-sized hospitality business with a local/regional market focus. Technically, the site uses modern JavaScript libraries and Google services, with HTTPS enforced and a GDPR-compliant cookie consent mechanism. However, the absence of a privacy policy page and security headers indicates room for improvement in compliance and security posture. The WHOIS data is missing, which raises concerns about domain registration transparency but does not necessarily indicate illegitimacy given the consistent business information and active social media presence. Overall, the site is functional, trustworthy, and suitable for its target audience but would benefit from enhanced security and compliance documentation.

C

CEC Praha a.s.

starcasinoplzen.cz

10

Star Casino Plzeň operates as a local casino in Plzeň, Czech Republic, offering live casino games and a variety of VLT machines with jackpots and bonuses. The business is part of the larger Star Casino Group managed by CEC Praha a.s., a registered company in Prague. The website targets adult customers with clear age verification and legal disclaimers about gambling risks. Technically, the site uses modern JavaScript libraries and fonts, with a responsive design and good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly documented. WHOIS data is unavailable, likely due to privacy protection, which is common in the gambling industry. Overall, the site presents a professional and trustworthy front for its business operations.

B

BJELOVARSKO-BILOGORSKA ŽUPANIJA

bbz.hr

48

Bjelovarsko-Bilogorska Županija (BBŽ) is the official regional government authority for the Bjelovarsko-Bilogorska County in Croatia. The website serves as a public information portal providing news, administrative details, public calls, and legal forms relevant to residents and stakeholders of the county. It positions itself as a key regional government entity with a focus on agricultural and economic development, public administration, and community engagement. The site targets local citizens, businesses, and government officials, offering structured navigation and official announcements in Croatian with English language support.

L

Ličko-senjska županija

licko-senjska.hr

52

Ličko-senjska županija is the official regional government entity for the Ličko-senjska County in Croatia. The website serves as the primary digital platform for disseminating public administration information, news, official documents, tenders, and transparency reports. It targets residents, businesses, and stakeholders within the county, providing comprehensive access to government services and updates. The site reflects a medium-sized government organization with a focus on regional development, public services, and community engagement. Technically, the website employs a modern tech stack including jQuery, Modernizr, Owl Carousel, and Google Fonts, built on a CMS platform by VIT. It is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security is robust with HTTPS enforced and a Content-Security-Policy header, although some additional security headers could enhance protection. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. The security posture is strong, with no detected vulnerabilities or exposed sensitive data. The site lacks a security.txt file and explicit incident response contacts, which are recommended for improved security transparency. The domain registration is consistent with the official government entity, enhancing trustworthiness. Overall, the website is professional, trustworthy, and well-maintained, serving its public sector role effectively.

P

PROFIREAL GROUP

profirealgroup.com

41

PROFIREAL GROUP is an international financial services provider with over 25 years of experience, operating primarily in Europe and Asia. The company offers consumer and business lending, investment development, and fintech-related financial solutions. Their market presence spans six countries with a large client base and extensive loan disbursement history. Technically, the website is built on WordPress with standard SEO and font technologies, delivering a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published policies, which are areas for improvement. The absence of WHOIS data reduces domain trustworthiness, but the professional content and social media presence support business credibility. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security transparency.

The Schweizerische Gesellschaft für Kinderchirurgie (SGKC) is a specialized medical society focused on pediatric surgery in Switzerland. It serves as a professional community for experts and practitioners, providing education, training, and collaborative opportunities. The website reflects a well-structured, professional organization with clear communication of its mission and activities, targeting medical professionals and members. Technically, the site is built on WordPress using modern themes and plugins, ensuring a good user experience and mobile responsiveness. Security posture is adequate with HTTPS enforced, but lacks some advanced security headers and formal vulnerability disclosure policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or explicit GDPR compliance indicators. Overall, the site is trustworthy and serves its audience effectively, though improvements in security and privacy practices are recommended.

D

Dekores

dekores.eu

10

Dekores is a Polish brand under the Grupa REJS umbrella specializing in decorative and furniture materials such as Solid Surface (Krion), HPL laminates (Abet Laminati), wood panels (Panmar Wood), and acrylic boards (AGT). The company targets professionals like carpenters, designers, architects, and interior enthusiasts, offering both products and inspirational content. Their market position is solid within the manufacturing sector for interior materials in Poland. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates SEO and analytics tools effectively. Security posture is good with HTTPS and cookie consent implemented, though some security headers and explicit policies are missing. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact information and social media presence.

S

Domov | Sparklond

sparklond.sk

42

Sparklond.sk is a Slovak-based educational website specializing in professional welding training and certification. The business offers a variety of welding courses, including beginner to expert levels, with a focus on practical skills and coaching. The website features testimonials and video references to build trust and demonstrate effectiveness. The domain is relatively new, created in 2022, and uses DNSSEC with a valid registrar and hosting provider, indicating legitimacy. Technically, the site uses modern front-end libraries such as Bootstrap, Owl Carousel, and integrates third-party services like Google Tag Manager and Smartsupp Live Chat. Security measures include HTTPS and a Content-Security-Policy header, though the CSP is permissive and could be hardened. Privacy compliance is weak, with no visible privacy or cookie policies, which is a notable gap. Overall, the website is professionally designed, mobile-optimized, and provides clear contact information, but should improve privacy disclosures and tighten security headers.

T

TESTIMA, spol. s r.o.

testima.cz

44

Testima, spol. s r.o. is a Czech company specializing in nondestructive testing equipment and services, including sales, training, calibration, and servicing. With over 30 years of experience and ISO 9001 certification, it holds a stable market position serving industrial clients. The website is professionally designed, mobile-optimized, and provides clear contact and GDPR compliance information. Technically, it uses modern web technologies such as Bootstrap, jQuery, and Google reCAPTCHA to secure user interactions. Security posture is good with HTTPS and CSRF protections, though some security headers and policies could be improved. Overall, the site is trustworthy, compliant, and well-maintained.

G

Growio

growio.sk

52

Growio is a professional services company specializing in leadership development, business coaching, and organizational growth programs. Founded in 2021 and headquartered in Slovakia with an Asia-Pacific office in India, Growio targets leaders and organizations seeking to navigate disruption and build resilient, high-performing teams. The company emphasizes future-ready workforce development and offers tailored executive coaching and development programs. Their market position is supported by partnerships with recognized companies and membership in the International Coaching Federation (ICF). Technically, the website employs a modern front-end stack including Bootstrap, jQuery, and various UI libraries, hosted on Websupport infrastructure with DNSSEC enabled. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, though terms of service and explicit security policies are absent. Security posture is solid with HTTPS enforced and DNSSEC enabled, but could be improved by adding security headers and publishing incident response contacts or vulnerability disclosure policies. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a trustworthy and professional digital presence aligned with the company's business goals. Strategically, Growio should enhance its security transparency and compliance documentation to strengthen trust and meet evolving regulatory requirements. Continued monitoring of third-party libraries and performance optimization will support sustained digital maturity.

C

Congrex Switzerland

congrex.com

50

Congrex Switzerland is a well-established Professional Conference Organiser specializing in medical and scientific association conferences across Europe and internationally. The company offers a comprehensive suite of services including conference organisation, registration, hotel accommodation, association management, and strategic marketing and communication. Their website reflects a mature business with a medium-sized team and a strong market position in the hospitality sector. Technically, the website is built on WordPress using the Divi theme and several professional plugins, supporting multilingual content and modern web standards. Performance and mobile optimization are good, though accessibility could be improved. Security posture is adequate with HTTPS enforced and domain transfer protection enabled, but lacks DNSSEC and security headers. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the site is professional and trustworthy but could enhance transparency and security practices.

CDVUK.SK is a Slovak internet magazine established in 2016, providing a variety of articles covering education, home improvement, health, lifestyle, and other general interest topics. The website is built on WordPress CMS, hosted on Hostinger servers, and uses standard web technologies including jQuery and Google Fonts. The site demonstrates good SEO practices with structured data and meta tags, and content is regularly updated with author attribution. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the website is functional, safe, and serves a general Slovak-speaking audience with moderate professionalism and trustworthiness.

NECHTENASBYT.CZ is a Slovak online magazine providing content focused on home renovation, finance, energy, business, and lifestyle topics. The website is built on WordPress and features a variety of blog posts authored primarily by 'Magazín Admin' and other contributors. The site targets Slovak-speaking homeowners, investors, and professionals interested in practical advice and industry insights. Technically, the site uses standard WordPress technologies including jQuery and FontAwesome, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and visible privacy or cookie policies. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for small media sites. Overall, the site is functional, content-rich, and moderately trustworthy but would benefit from enhanced privacy compliance and security best practices.

Sekce Výživy a nutriční péče, z. s. is a Czech registered non-profit association dedicated to nutrition and nutritional care in healthcare, social care, and community settings. The organization provides educational seminars, workshops, and collaborates with other professional bodies to improve nutritional standards. The website is built on WordPress with common plugins and presents professional content targeting healthcare professionals and students. Technically, the site uses modern web technologies and is mobile optimized, but lacks some security headers and privacy compliance features. The absence of WHOIS data raises concerns about domain registration transparency, although the website content and partnerships indicate legitimacy. Security posture is moderate with HTTPS enabled and CAPTCHA on forms, but improvements are recommended in security headers and privacy policies. Overall, the site is functional and professional but should address compliance and transparency gaps to enhance trust.

E

eSestra.sk – Akreditované online vzdelávanie

esestra.sk

43

eSestra.sk is an accredited online education platform targeting nurses and healthcare professionals primarily in Slovakia. The platform offers a variety of professional courses with flexible access, including credit packages and free courses for registered nurses. The website demonstrates a consistent and professional brand presence with a focus on user-friendly navigation and relevant content for its target audience. Technically, the site is built on WordPress with Elementor and incorporates modern web technologies such as jQuery, Bootstrap, and Swiper.js. Hosting is provided by Websupport, with DNSSEC enabled and HTTPS enforced, indicating a good baseline security posture. However, some advanced security headers and formal security policies are absent, which could be improved. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service in the provided content. Overall, the site is trustworthy, well-maintained, and serves a niche educational market effectively.

T

TRILAB

trilab.cz

53

TRILAB is a manufacturing technology company specializing in delta kinematics 3D printers for industrial and business clients. The company has an international presence, serving over 30 countries, and positions itself as a competitive player in additive manufacturing. The website is built on WordPress with modern plugins and includes multilingual support. It employs Google Tag Manager for analytics and Cookiebot for cookie consent management, indicating a basic level of privacy compliance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. No privacy policy or terms of service pages were detected, which are important for compliance and trust. Overall, the website is professional and well-branded, but improvements in security and compliance documentation are recommended.

V

VITAPUR spol. s r.o.

woolife.sk

51

Woolife, operated by VITAPUR spol. s r.o., is a specialized e-commerce retailer focused on sustainable, stylish merino wool clothing. The company emphasizes natural materials and craftsmanship, producing knitted apparel in Krásna Lípa. The website targets a general audience interested in eco-friendly fashion and offers multiple localized versions for European markets. Technically, the site uses modern analytics and marketing tools such as Google Analytics 4, Google Tag Manager, and Microsoft Clarity, integrated within the Upgates e-commerce platform. The site is well-structured with good SEO and mobile optimization, though accessibility features are basic. Security posture is solid with HTTPS and standard security headers, but lacks published security policies or incident response contacts. Privacy compliance is partial due to missing privacy and terms of service pages, though cookie consent is implemented. Overall, the site is professional and trustworthy but would benefit from enhanced compliance documentation and explicit security disclosures.

V

VITAPUR spol. s r.o.

woolife.eu

52

Woolife, operated by VITAPUR spol. s r.o., is a small retail e-commerce business specializing in stylish knitted clothing made from merino wool. The company emphasizes comfort, natural materials, and sustainable production, manufacturing products at Schindler's knitting mill in Krásná Lípa. Their product range includes sweaters, t-shirts, and accessories, targeting consumers interested in sustainable and natural wool clothing. The website is professionally designed with consistent branding and good content quality, supporting a positive market position within the niche sustainable fashion sector. Technically, the website leverages modern marketing and analytics technologies including Google Analytics 4, Google Ads, Microsoft Clarity, and Google Tag Manager, built on the Upgates e-commerce platform. The site is mobile-optimized with good SEO practices and moderate performance. However, some improvements in accessibility and security headers could enhance the technical maturity. From a security perspective, the site enforces HTTPS with excellent SSL configuration but lacks visible security headers such as Content-Security-Policy or HSTS. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy policy or terms of service pages found in the provided content. Contact information is not explicitly available, which may impact user trust and compliance. Overall, the website presents a low-risk profile with a legitimate business focus and good digital presence. Strategic improvements in privacy documentation, security headers, and contact transparency are recommended to enhance trust and compliance.

V

VITAPUR spol. s r.o.

woolife.de

51

Woolife, operated by VITAPUR spol. s r.o., is a niche e-commerce retailer specializing in stylish, sustainable knitted clothing made from merino wool. The company emphasizes comfort, natural materials, and sustainable manufacturing processes, targeting environmentally conscious consumers primarily in Germany and neighboring European markets. The website presents a professional and consistent brand image with a focus on quality and craftsmanship. Technically, the site leverages modern analytics and marketing tools such as Google Analytics 4, Microsoft Clarity, and Google Tag Manager, hosted on Forpsi infrastructure with Upgates e-commerce platform. Security posture is generally good with HTTPS enforced and cookie consent implemented, though the absence of a privacy policy and terms of service pages represents compliance gaps. No critical vulnerabilities or blocking mechanisms were detected, and the site content is safe for general audiences.

I

ibericode BV

mc4wp.com

56

MC4WP (Mailchimp for WordPress) is a well-established WordPress plugin developed by ibericode BV, providing seamless integration between WordPress sites and Mailchimp email marketing services. The plugin enjoys a strong market position with over 2 million active users and 60 million downloads, supported by a freemium business model offering both free and premium features. The website content is professionally presented, targeting WordPress site owners and developers seeking to enhance their email marketing capabilities. Technically, the site leverages WordPress CMS with Jekyll for SEO metadata generation and employs privacy-friendly analytics (Koko Analytics), reflecting a mature digital infrastructure with good performance and mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security policies and incident response information suggests room for improvement. The lack of WHOIS data for the domain is a notable anomaly that reduces trustworthiness, although the overall business credibility remains high due to consistent branding, positive user testimonials, and comprehensive privacy and terms policies. Strategic recommendations include implementing cookie consent mechanisms, publishing security and incident response policies, and resolving WHOIS data inconsistencies to enhance trust and compliance.

Inforpol Net is a Polish technology company with a long-standing history since 1996, evolving from publishing local directories to providing comprehensive internet services including web design, hosting, programming, and digital marketing. The company targets businesses primarily in Poland, offering tailored IT and advertising solutions. Their market position is supported by a substantial portfolio and client base, along with Google Partner status. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates advanced analytics and marketing tools such as Piwik PRO and Google Tag Manager, with a cookie consent mechanism ensuring GDPR compliance. Security posture is adequate with HTTPS and consent management, though improvements in security headers and explicit policies are recommended. Overall, the site is professional, trustworthy, and well-optimized for its audience.

C

CSL Plasma

cslplasma.hu

62

CSL Plasma is a healthcare-focused organization operating in Hungary that facilitates blood plasma donation to support patients with conditions treatable only by plasma-based therapies. The website serves as an informational and engagement platform for potential donors and the community, featuring patient stories, donation processes, and news updates. The organization positions itself as a trusted intermediary connecting donors and patients, emphasizing the life-saving impact of plasma donation. Technically, the website is built on Drupal CMS with modern front-end frameworks such as Bootstrap 5 and FontAwesome for icons. It integrates Google Tag Manager for analytics and OneTrust for GDPR-compliant cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some performance optimizations could be considered. From a security perspective, the site uses HTTPS with a presumably strong SSL configuration. However, it lacks visible security headers and does not provide explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is partially addressed through cookie consent but lacks a formal privacy policy and terms of service. Overall, the website is professional, trustworthy, and well-structured, serving its purpose effectively. Strategic improvements in privacy documentation, security headers, and contact transparency would enhance its compliance and security posture.