Security Directory

S

SPAK-EKO, a.s.

spakeko.sk

37

SPAK-EKO, a.s. is a Slovak non-profit joint initiative formed by major tobacco companies to address environmental pollution caused by cigarette butts. The organization operates a voluntary system for cigarette waste collection and promotes environmental awareness and innovative reuse of tobacco product waste. The website is built on WordPress using the Divi theme, hosted likely by Websupport, and presents a professional and consistent brand image targeted at municipalities, clients, and the general public concerned with environmental issues. Technical infrastructure is modern but basic, with no advanced analytics or tracking detected. Security posture is good with HTTPS and DNSSEC enabled, though explicit security headers and policies are missing. Privacy and cookie policies are absent, indicating a compliance gap. Overall, the website is trustworthy and serves its informational and advocacy purpose effectively.

V

VUMZ

vumz.sk

41

VUMZ is a Slovak-based company specializing in comprehensive technological solutions for industry and waste management, including custom manufacturing of specialized machinery, steel constructions, energy solutions, and logistics services. The company has a strong market presence with 20 years of experience and offers a wide range of services tailored to industrial clients. Their digital infrastructure is built on WordPress with modern plugins and frameworks, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and some best practices, but lacks explicit security policies and some security headers. Privacy compliance is partial with cookie consent implemented but missing a clear privacy policy. Overall, the website reflects a legitimate and professional business with room for improvement in security and compliance documentation.

N

Norwit SLOVAKIA

norwit.sk

41

Norwit SLOVAKIA operates a corporate website primarily targeting the Slovak market. The company appears to be established since 2003, with a domain age supporting a mature business presence. The website uses WordPress with the Divi theme, integrating common SEO and analytics tools such as Yoast SEO, Google Analytics, Microsoft Clarity, and Facebook Pixel. While the site includes a cookie consent mechanism indicating GDPR awareness, it lacks explicit privacy policy and terms of service pages in the analyzed content. The technical infrastructure is modern and mobile-optimized, but security headers are not detected, which is a potential area for improvement. No contact emails or phone numbers are clearly presented, which may affect user trust and compliance. Overall, the security posture is moderate with HTTPS enabled and no visible vulnerabilities, but the absence of detailed security policies and contact information limits the security maturity. Strategic recommendations include implementing comprehensive privacy and security policies, adding security headers, and providing clear contact channels for incident response.

E

ENVI - PAK

envipak.sk

61

ENVI - PAK is a Slovak producer responsibility organization specializing in waste management, recycling, and compliance services for manufacturers and municipalities. Established in 2003, it holds a leading market position as the longest operating OZV in Slovakia, supported by multiple industry awards and certifications. The website reflects a mature digital presence with professional design, clear navigation, and mobile optimization. Technically, it uses modern web technologies including Google Tag Manager and analytics, with DNSSEC and HTTPS ensuring strong security foundations. However, the absence of an explicit privacy policy and security incident response documentation represents compliance and transparency gaps. Overall, the site is trustworthy, content-rich, and well-aligned with the business's environmental mission.

K

KANAL M.P.S. s.r.o.

kanal-mps.sk

43

KANAL M.P.S. s.r.o. is a Slovak company specializing in sewer and drainage system services including electromechanical cleaning, high-pressure cleaning, and TV monitoring of sewer pipes. Established in 2003, it holds a stable market position with a medium-sized operation focused on servicing Slovak businesses and institutions. The website reflects a professional business model with clear service offerings and a consistent brand presence. Technically, the site uses modern JavaScript libraries such as jQuery, Lodash, Swiper.js, and Fancybox, hosted likely on Websupport infrastructure with DNSSEC enabled, ensuring domain security. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS and DNSSEC but lacks advanced security headers and explicit incident response or vulnerability disclosure policies. Privacy compliance is partial, with a cookie consent mechanism but no dedicated privacy policy or terms of service pages. Overall, the site is trustworthy and safe, with no adult or questionable content detected.

B

BIOPEL, a. s.

biopel.sk

44

BIOPEL, a. s. is a Slovak company specializing in the production and sale of wood biofuels including pellets, briquettes, and wood chips. The company also offers complementary products such as hygienic bedding and garden supplies, alongside services in heat production and distribution. Positioned as one of the few ENplus certified producers and traders in Slovakia, BIOPEL maintains a reputable market presence with a focus on ecological and renewable energy solutions. Their target audience includes residential and commercial customers seeking sustainable heating options. The website reflects a medium-sized enterprise with a consistent brand image and professional content presentation. Technically, the website is built on Joomla CMS with modern frontend technologies including jQuery and Bootstrap. It incorporates Google Analytics for traffic monitoring and a cookie consent mechanism to comply with basic privacy regulations. The site is mobile optimized and demonstrates good SEO practices, although some accessibility features could be enhanced. Performance is moderate, with no critical technical issues detected. From a security perspective, the website uses HTTPS with a good SSL configuration and implements cookie consent. However, it lacks visible security headers and published security or privacy policies, which are areas for improvement. No vulnerabilities or suspicious activities were detected in the content or scripts. The WHOIS data aligns well with the business claims, supporting the legitimacy of the domain and company. Overall, BIOPEL's website is professional and trustworthy, serving its business goals effectively. Strategic improvements in privacy documentation and security headers would enhance compliance and security posture, further strengthening user trust and regulatory adherence.

U

Urząd Miasta Torunia

torun.pl

56

The website www.torun.pl is the official online presence of the City of Toruń, Poland. It serves as a comprehensive portal for residents, tourists, and businesses, providing extensive information on city governance, cultural events, tourism, education, sports, and development initiatives. The site is well-structured with clear navigation and consistent branding, reflecting its role as a trusted government resource. The content is primarily in Polish, targeting local and regional audiences, with links to English tourism resources.

P

PRZEDSIĘBIORCY.PL Ogólnopolska Federacja Przedsiębiorców i Pracodawców

rekomendowani.org

43

The website rekomendowani.org represents a Polish federation focused on promoting business reliability and cooperation among entrepreneurs, local governments, and institutional partners. It offers membership programs, networking opportunities, legal and economic advisory services, and certification for ethical business practices. The federation holds a notable market position with media patronage and multiple partnerships, targeting business owners, managers, and local government units in Poland. Technically, the website employs modern web technologies including Turbo Frames and Swiper.js for dynamic content presentation. The site is mobile optimized and presents a professional design with clear navigation. However, some technical aspects such as CMS identification and hosting provider remain unclear. Performance is moderate with room for improvement in accessibility and SEO. From a security perspective, the site uses HTTPS (implied by external Google Fonts and script sources) and implements a cookie consent mechanism compliant with GDPR. No explicit security headers or incident response contacts were found, and WHOIS data is unavailable, which reduces domain trustworthiness. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the site is safe, professional, and compliant with privacy regulations, but would benefit from enhanced security headers, transparent WHOIS data, and explicit contact information to improve trust and security posture.

R

Retargetly

retargetly.com

61

Retargetly is a Latin American technology platform specializing in data-driven advertising solutions, now operating as part of the global marketing company Epsilon. The website serves primarily as a transitional landing page informing visitors of this corporate change, with limited direct content or interactive features. The business is positioned as a leader in data and advertising convergence in Latin America, serving over 250 clients. Technically, the site is built on Webflow with standard web technologies such as jQuery and Google Fonts, hosted with Cloudflare DNS services. Security posture is moderate with HTTPS enabled and domain transfer lock in place, but lacks advanced security headers and cookie consent mechanisms. Privacy compliance is partial, with privacy policies available but no cookie or terms of service policies evident. No direct contact or incident response information is published, limiting transparency. Overall, the site is safe, professional, and consistent with the business narrative but could improve in privacy and security disclosures.

F

Fundacja Polskiego Godła Promocyjnego Teraz Polska

terazpolska.pl

10

Fundacja Polskiego Godła Promocyjnego Teraz Polska is a well-established non-profit foundation founded in 1991, dedicated to promoting Polish business, products, services, and innovations through quality certification and promotional marks. The website serves as an informational and promotional platform targeting Polish businesses, municipalities, and consumers interested in Polish quality standards. The foundation holds a reputable market position as a recognized promoter of Polish business excellence. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Cookiebot for cookie consent, and various social media tracking pixels, indicating a mature digital infrastructure. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some accessibility improvements could be made. Security-wise, the website uses HTTPS with a good SSL configuration and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers and a published security policy or incident response contacts are absent, representing areas for improvement. Overall, the website is professional, trustworthy, and compliant with privacy regulations, with no indications of malicious activity or content safety concerns.

T

TERRAN Slovakia s.r.o.

terran.sk

52

TERRAN Slovakia s.r.o. is a well-established manufacturer specializing in premium concrete roofing tiles and accessories, serving primarily the Slovak market and surrounding regions. The company emphasizes quality, innovation, and tradition, supported by multiple certifications and a strong brand presence. Their website reflects a mature digital infrastructure with comprehensive product information, downloadable catalogs, and customer engagement tools such as calculation services and newsletters. The target audience includes consumers, architects, and construction professionals seeking reliable roofing solutions. Technically, the website is built on WordPress with WooCommerce components, enhanced by performance optimizations like WP Rocket and integrated marketing tools such as Google Tag Manager and MailerLite. The site is mobile-optimized, SEO-friendly, and employs modern web standards, ensuring a fast and accessible user experience. Hosting is managed through a reputable provider with DNSSEC enabled, contributing to domain security. From a security perspective, the site enforces HTTPS, uses DNSSEC, and implements bot detection scripts. Privacy compliance is robust, with clear GDPR-aligned privacy and cookie policies and explicit user consent mechanisms. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance, with no indications of content blocking or security challenges. Strategic recommendations include publishing formal security policies, establishing incident response contacts, and enhancing security headers to further strengthen the security posture.

Y

YMY CL s.r.o.

ymy.cz

46

YMY CL s.r.o. is a Czech-based company specializing in interior design services including office and residential interiors, 3D visualizations, and complete realization and furnishing. Established in 1994 and operating as a limited liability company since 2010, it serves clients primarily in Prague, Liberec, Česká Lípa, and Northern Bohemia. The company positions itself as a professional and comprehensive service provider in the interior design sector with a focus on customer needs and quality execution. Technically, the website employs modern web technologies such as jQuery, Foundation CSS, and analytics tools like Google Analytics and Piwik, indicating a moderate level of digital maturity. However, the absence of WHOIS data and privacy/cookie policies reveals gaps in transparency and compliance. Security posture is moderate with HTTPS usage but lacks security headers and formal incident response information. Overall, the website is professional and trustworthy but would benefit from enhanced compliance and security measures.

C

Cornelissen aannemingsbedrijf

cornelissenbouw.nl

43

Cornelissen aannemingsbedrijf is a Dutch construction contracting company specializing in managing both large and small building projects with an emphasis on craftsmanship and customer involvement. The company targets individuals and businesses in the Netherlands seeking reliable construction services. The website is built on WordPress, utilizing Yoast SEO for search engine optimization and Google Analytics for visitor tracking. The technical infrastructure is modern but lacks some advanced security headers and privacy compliance features. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and incident response information. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures to align with best practices and regulatory requirements.

T

Tours Val de Loire Box

valdeloire-box.fr

41

Tours Val de Loire Box is a small French hospitality business specializing in selling curated experience gift boxes focused on the Val de Loire region. Their offerings include cultural passes, vintage vehicle rides, helicopter tours, gastronomy workshops, and weekend stays, targeting tourists and gift buyers interested in unique regional experiences. The website is professionally designed using WordPress with the Divi theme and WooCommerce platform, supported by modern web technologies such as jQuery and Snap.svg. The site is hosted by OVH, a reputable French provider, and includes SEO optimizations and mobile responsiveness. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Privacy policies and terms of service are present and accessible, indicating GDPR compliance. Contact information is clearly provided, enhancing business credibility. Overall, the website presents a trustworthy and professional digital presence for a niche tourism business.

T

Tours City Pass

tourscitypass.com

65

Tours City Pass is a small-sized tourism-focused business founded in 2020, offering digital city passes and related tourism packages for visitors to Tours, France. The website serves as an e-commerce platform enabling users to purchase passes, access interactive maps, and benefit from discounts and cultural offers. The business is positioned as a local tourism enabler with a clear target audience of tourists and visitors seeking cultural and leisure activities in the Tours metropolitan area. The parent company is Otipass, which provides the technological platform and payment processing services. Technically, the website employs a modern technology stack including Bootstrap, jQuery, React, and various analytics and tracking tools such as Matomo and Facebook Pixel. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates cookie consent mechanisms compliant with GDPR. However, some security headers are missing, and DNSSEC is not enabled, representing areas for improvement. From a security perspective, the site demonstrates good practices such as encrypted communications, cookie consent, and no visible sensitive data exposure. There is no evidence of a published security policy or incident response plan, and no vulnerability disclosure mechanism is present. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company’s founding date and no privacy protection, which supports transparency. Overall, the website is professional, trustworthy, and compliant with privacy regulations, with moderate technical sophistication and a solid security posture. Recommendations include enhancing security headers, enabling DNSSEC, and publishing formal security and incident response policies to further strengthen trust and compliance.

S

Synergiles

synergile.fr

44

Synergiles is a French innovation cluster specializing in energy and ecological transition, acting as an interface between technical, scientific, and institutional stakeholders. The website presents a professional and consistent brand image with a clear focus on its mission and services. The technical infrastructure is based on WordPress with the Divi theme and includes modern web technologies and analytics tools, indicating a moderate level of digital maturity. Security posture is good with HTTPS and reCAPTCHA usage, though explicit security headers and policies are absent. The absence of WHOIS data limits domain legitimacy verification, but the active social media presence and quality content support business credibility. Overall, the website is functional, secure, and professionally maintained but would benefit from enhanced transparency and security documentation.

T

Tours Événements

tours-evenements.com

62

Tours Événements is a professional event organization and venue management company based in Tours, France, specializing in congresses, salons, galas, and seminars. They operate key venues such as the Palais des Congrès de Tours and Parc Expo Tours, offering modular spaces and comprehensive event services including hospitality, audiovisual, and security. The company positions itself as a major regional player in the hospitality and event sector with a focus on sustainable event management, evidenced by their ISO 20121 certification. Technically, the website is built on the Webflow platform, leveraging modern web technologies and integrations such as Google Tag Manager, Hotjar, and Finsweet Cookie Consent for privacy compliance. The site is well-optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience with clear navigation and professional design. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published incident response policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is incomplete or unavailable, which slightly reduces trust but does not outweigh the professional presentation and contact transparency. Overall, the website demonstrates a strong digital presence and business credibility with minor areas for security and compliance improvement. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure information, and monitoring domain registration data for consistency.

O

OJS - Office de Justification des Statistiques

ojs.fr

39

OJS - Office de Justification des Statistiques operates as a trusted observatory and data controller for the French event industry, providing verified statistics, studies, and event data to stakeholders. The organization is accredited by COFRAC and follows ISO standards, reinforcing its credibility and regulatory compliance. The website serves as a public-facing platform to disseminate this information and support transparency in the sector. Technically, the site is built on WordPress using the Enfold theme and includes modern SEO and analytics tools, indicating a mature digital presence. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and explicit policy disclosures. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

Eline GmbH operates a professional e-commerce website targeting the electrical and information technology trade sector in Germany. The company offers specialized products such as inspection stickers, inspection protocols, advertising materials, and printed matter. Founded in 1991, the business leverages a Shopify platform with a modern technical infrastructure including JavaScript frameworks, hCaptcha for form security, and GDPR-compliant cookie consent mechanisms. The website is well-structured, mobile-optimized, and integrates social media channels to enhance customer engagement. Security posture is solid with HTTPS enforced and basic protections in place, though improvements in security headers and DNSSEC are recommended. Overall, the site presents a trustworthy and professional online presence with no critical vulnerabilities detected.

A

Alice Jeunesse

alice-editions.be

43

Alice Éditions is an independent Belgian youth publishing house established in 1995, focusing on producing engaging and value-driven books for children and adolescents. The company emphasizes respect, openness, and dialogue through its publications. The website is professionally designed, well-structured, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, it is built on WordPress with modern plugins and libraries, ensuring a good user experience and moderate performance. Security posture is solid with HTTPS and secure forms, though some security headers and cookie consent mechanisms are missing. The WHOIS data is restricted, which is common for privacy but limits domain transparency. Overall, the site is trustworthy and serves its niche audience effectively.

M

Mediactive Events

mediactive-events.com

63

Mediactive Events is a French-based company specializing in event technology, digital platforms, and network infrastructure for corporate and large-scale events. With over 30 years of experience, they serve a prestigious client base including major corporations and public institutions. Their key services include corporate events, trade shows and congresses, and event venue connectivity solutions. The company positions itself as a technology expert in the event industry, offering premium digital and network services to demanding brands. Technically, the website employs modern JavaScript libraries, uses Matomo for privacy-conscious analytics, and is hosted on a dedicated CDN. The site is well-structured with rich metadata and structured data, supporting SEO and user experience. Security posture is good with HTTPS and cookie-less analytics, but lacks some security headers and public security policies. The absence of WHOIS registrant data is a concern but the professional presentation and client list support legitimacy. Overall, the website is a strong digital asset for the company but would benefit from enhanced privacy and security disclosures.

M

MoorFutures

moorfutures.de

64

MoorFutures is a German environmental initiative focused on climate protection through the restoration and rewetting of moorlands, offering CO2 compensation certificates. The website positions itself as a national and regional platform linking four moor-rich German states, providing information and access to purchase certificates. The business model centers on environmental sustainability and biodiversity preservation, targeting environmentally conscious investors and organizations. Technically, the site is built on the 1AND1 Website Editor platform, utilizing modern web technologies including jQuery, service workers for PWA capabilities, and Mapbox for mapping services. The site is mobile-optimized and implements cookie consent mechanisms compliant with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. No direct contact emails or phone numbers are exposed on the homepage, with contact likely via a dedicated contact page form. Overall, the site is professional, trustworthy, and aligned with its environmental mission.

N

Nadační fond pro podporu zaměstnávání osob se zdravotním postižení

nfozp.cz

45

Nadační fond pro podporu zaměstnávání osob se zdravotním postižení (NFOZP) is a Czech non-profit foundation dedicated to supporting the employment of persons with disabilities. Established in 2007, it operates primarily within the government and non-profit sectors, providing support services, information dissemination, and managing grants to facilitate employment opportunities for disabled individuals. The website serves as an informational and outreach platform targeting employers, persons with disabilities, and related stakeholders in the Czech Republic. Technically, the website is built on WordPress using the Divi theme, with standard JavaScript and Google Fonts integrations. It is hosted by a Czech hosting provider with a stable domain registration dating back to 2007, indicating a mature and legitimate online presence. Security-wise, the website uses HTTPS but lacks visible security headers and formal security policies, which suggests room for improvement in security posture and compliance. Privacy and cookie policies are absent, indicating potential compliance gaps with GDPR and related regulations. Overall, the website is professionally designed with good accessibility features but would benefit from enhanced privacy, security, and contact transparency to improve trust and compliance.

N

Nadační fond Čas je mozek

nfcasjemozek.cz

42

Nadační fond Čas je mozek is a Czech non-profit organization dedicated to stroke awareness, education, and patient rehabilitation support. The foundation educates the public on stroke symptoms and the importance of timely emergency response, organizes fundraising events, and provides financial aid to stroke survivors. The website reflects a focused mission with clear content and active social media engagement. Technically, the site uses standard web technologies including jQuery, Font Awesome, and Google Analytics, with a cookie consent mechanism implemented. However, the absence of a privacy policy and security headers indicates room for improvement in privacy and security compliance. The WHOIS data is missing, which limits domain trust verification, but the website content and contact information support legitimacy. Overall, the site is well-structured and professional, serving a clear non-profit healthcare mission.

N

Nadační fond Čas je mozek

casjemozek.cz

44

The website www.casjemozek.cz represents a Czech non-profit initiative named 'Čas je mozek' focused on educating the public about stroke symptoms, prevention, and treatment. Founded in 2015, it is affiliated with reputable Czech medical societies, providing authoritative content and organizing charitable events. The site offers extensive educational resources, patient stories, and news updates, targeting the general public and healthcare professionals in the Czech Republic. Technically, the site uses modern web technologies including JavaScript libraries and tracking tools such as Google Analytics and Facebook Pixel. It is mobile-optimized and provides a good user experience with clear navigation and professional design. However, the absence of a privacy policy and terms of service pages, as well as missing WHOIS domain registration data, slightly reduce its trustworthiness. Security posture is moderate with HTTPS usage and cookie consent but lacks visible security headers and incident response contacts. Overall, the site is a credible and valuable resource for stroke awareness but would benefit from enhanced transparency and security best practices.

C

Comité du Risque Systémique

cdrs.lu

32

The website cdrs.lu represents the Comité du Risque Systémique, an institutional entity likely focused on systemic risk in Luxembourg. The site is primarily informational, presented in French, and built on WordPress using the Divi theme. The technical infrastructure is standard for a small institutional website, with moderate performance and basic mobile optimization. However, the site lacks critical privacy and security policies, contact information, and advanced security headers, which limits its compliance and trustworthiness. No WAF or blocking mechanisms were detected, indicating full accessibility. The WHOIS data shows Luxembourg-based name servers consistent with the domain's country code but lacks detailed registrant information, limiting full legitimacy assessment. Overall, the site is safe and suitable for general audiences but requires improvements in privacy, security, and contact transparency to enhance trust and compliance.

Asociacija ,,Padedu augti“ is a Lithuanian non-profit organization dedicated to supporting families with premature and seriously ill newborns. Established in 2011, it provides various services including social support projects, educational initiatives, and direct assistance to hospitals and families. The organization maintains a strong community presence through storytelling, events, and partnerships with healthcare institutions. Their website reflects a well-structured, content-rich platform with clear navigation and engagement tools such as a live chat widget. Technically, the website employs modern web technologies including jQuery, jQuery UI, Fancybox, and Google Fonts, hosted behind Cloudflare DNS and nameservers ensuring reliable performance and security. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and formal security policies. From a security and compliance perspective, the site lacks visible privacy and cookie policies, which is a notable compliance gap especially under GDPR. No incident response or vulnerability disclosure information is provided. Contact information is clearly available, enhancing business credibility. WHOIS data confirms domain legitimacy and consistency with the organization's profile. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security policy transparency to improve user trust and regulatory adherence.

K

Kökstavlor.se

xn--kkstavlor-07a.se

48

Kökstavlor.se is a Swedish niche affiliate marketing website specializing in kitchen posters and wall art. The site aggregates product information and links to partner retailers such as Designtorget, KitchenTime, Confident Living, and Solhem Inredning, providing users with curated selections and price comparisons. The business model relies on affiliate commissions while maintaining editorial independence and transparency through affiliate disclosures. The website is built on WordPress using Elementor and Yoast SEO, indicating a mature digital infrastructure with good SEO practices and mobile optimization. Security posture is solid with HTTPS enforced and standard security headers, though improvements like DNSSEC and Content-Security-Policy headers are recommended. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service pages. Overall, the site is professional, trustworthy, and well-positioned within its retail niche.

H

Hagstofa Íslands

hagstofa.is

58

Hagstofa Íslands is the official national statistical institute of Iceland, providing comprehensive statistical data and services related to population, society, economy, environment, and more. The website serves a broad audience including researchers, government entities, and the general public, offering open data access and custom statistical services. The domain is well-established since 1998, reflecting a stable government entity with a strong market position as Iceland's authoritative statistics provider. Technically, the website employs modern web technologies including jQuery, Matomo analytics for privacy-conscious tracking, and embedded interactive charts via Datawrapper. Hosting is managed by a local Icelandic provider, 1984 Hosting, with a moderate performance profile and good mobile optimization. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though improvements are recommended such as enabling DNSSEC and implementing security headers. Privacy compliance is partially met with a clear privacy policy and GDPR adherence, but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and serves its public mission effectively.

S

Skypark

skypark.lt

43

Skypark.lt is the online presence of Skypark, the largest trampoline park and entertainment center in Lithuania, offering leisure activities for all age groups across multiple physical locations. The website serves as a landing page directing visitors to specific location subdomains. The business is positioned as a family-friendly entertainment provider with a medium-sized footprint in the hospitality sector, founded in 2014. Technically, the site uses a custom CMS (Greativ), Google Fonts, and Google Analytics with consent management scripts that deny ad and analytics storage by default, indicating some privacy awareness. However, the site lacks visible privacy and cookie policies, contact emails, and security headers, which are areas for improvement. No WAF or blocking mechanisms were detected, and the site content is accessible and safe for general audiences.

J

Jonatan Heyman

heyman.info

53

The website heyman.info is a personal technical blog and project showcase maintained by Jonatan Heyman. It features a wide range of technical articles, open source projects, and websites developed by the author, targeting developers and tech enthusiasts. The site has a consistent and professional design with content dating back to 2010, indicating a mature and established personal brand. The business model is primarily content publishing and personal branding with no direct commercial transactions evident. Technically, the site uses a static site generator (likely Pelican), Google Analytics for visitor tracking, and integrates external fonts and scripts for enhanced user experience. The site is mobile optimized and has good SEO practices but lacks explicit privacy and cookie policies. Security posture is moderate with HTTPS enabled but missing security headers and no visible incident response or security policies. Overall, the site is legitimate and trustworthy but could improve compliance and security transparency.

M

Mar-Com Rijeka

mar-com.hr

45

Mar-Com Rijeka is a small Croatian IT service company specializing in website creation, IT support, and graphic design with over 20 years of experience. The company targets local businesses and private individuals in Rijeka and surrounding areas, offering modern and affordable IT solutions. Their market position is supported by a portfolio of over 200 successful projects and positive client testimonials. Technically, the website employs modern web technologies such as jQuery, Slick Slider, and Google Fonts, with good mobile optimization and accessibility features including a UserWay widget. Security posture is solid with HTTPS enforced and a cookie consent mechanism in place, though there is room for improvement in security headers and incident response transparency. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, reflecting a mature digital presence for a small IT service provider.

W

WMD HOSTING

wmd.hr

53

WMD HOSTING is a Croatian-based web hosting and domain registration provider offering a range of services including web development, SEO marketing, SSL certificates, and internet marketing. The company targets businesses and individuals seeking comprehensive web solutions, positioning itself as a regional player with promotional offers such as 'Hosting AKCIJA 1+1'. The website demonstrates a good level of digital maturity with modern technologies like Craft CMS, Bootstrap, jQuery, and integration of analytics and chat services. Security posture is solid with HTTPS, CSRF protection, and cookie consent mechanisms, although some security headers and explicit privacy policies are missing. Overall, the site is professional and trustworthy but could improve compliance transparency and contact accessibility.

BitByte, obrt za IT usluge, is a Croatian small IT service provider specializing in computer servicing, network solutions, website development, and fiscal software hosting. The company targets both private and business customers, emphasizing professional diagnostics, OEM parts, and secure fiscal solutions via Remaris Master hosted in their data center. The website reflects a professional and consistent brand image with clear service offerings and distributor partnerships. Technically, the site is built on WordPress using Elementor and Yoast SEO, with HTTPS and Google reCAPTCHA implemented for security. However, the absence of privacy and cookie policies and limited WHOIS transparency due to GDPR reduce the overall privacy compliance and trust slightly. Security headers are not evident, suggesting room for improvement in security posture. Overall, the site is functional, well-structured, and suitable for its business purpose.

H

Human interaction company

burza.hr

55

Human interaction company is a specialized technology service provider focusing on AI and human-computer interaction solutions. The company positions itself as an end-to-end AI partner, offering services from concept through implementation. Their market presence is supported by global awards and a professional online presence, targeting businesses seeking advanced AI integration with human-centric design. Technically, the website is built on modern frameworks such as Next.js and integrates multiple analytics and tracking tools, indicating a mature digital infrastructure. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, the site uses HTTPS and modern analytics scripts but lacks explicit security headers and published security policies, suggesting room for improvement in security posture. The WHOIS data is missing or privacy protected, which slightly reduces trust but is not uncommon for tech companies. Overall, the website is professional, secure, and compliant with privacy regulations, though it could benefit from enhanced transparency in security and terms of service documentation.

E

Eesti E-kaubanduse Liit

e-kaubanduseliit.ee

53

Eesti E-kaubanduse Liit is a well-established non-profit association uniting over 530 reputable e-commerce businesses in Estonia, operating for more than 16 years. The organization focuses on fostering collaboration, trust, and growth within the Estonian e-commerce sector by providing education, events, legal guidance, and a recognized trustmark certification called 'Turvaline ostukoht'. The website reflects a mature market position with strong community engagement and a clear mission to improve the e-commerce ecosystem in Estonia. Technically, the site is built on Webflow, leveraging modern web technologies and Google Tag Manager for analytics and consent management. The site is mobile-optimized, accessible, and professionally designed, providing a positive user experience. Security posture is strong with HTTPS enforced and a comprehensive cookie consent mechanism integrated with Google Consent Mode, although some security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the website and business demonstrate high credibility and trustworthiness.

R

Regional Development Agency DUNEA LLC.

dubrovnik-neretva.eu

42

The website represents the official Representation Office of the Dubrovnik-Neretva Region in Brussels, serving as a liaison and promotional platform for the region within the European Union. It highlights the Regional Development Agency DUNEA, which coordinates sustainable development and project management for the region. The site targets regional stakeholders, investors, EU institutions, and the general public interested in regional development. Technically, the site is built on Joomla CMS with a modern but moderate tech stack including Bootstrap, jQuery, and Revolution Slider, offering good mobile optimization and user experience. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional, trustworthy, and content-rich but would benefit from enhanced privacy and security measures.

Zakon.hr is a well-established Croatian legal information portal operated by cyber_Folks d.o.o., providing comprehensive access to laws, regulations, and legal documents. The website targets legal professionals, businesses, and the general public seeking reliable legal information. It maintains a strong market position as a leading legal resource in Croatia, supported by updated content and a related AI legal assistant service, Zakon.ai. The business model appears to be a combination of subscription and advertising revenue streams.

V

Vodovod i kanalizacija d.o.o.

vik-ka.hr

55

Vodovod i kanalizacija d.o.o. Karlovac is a well-established regional utility company founded in 2002, providing water supply and sewage management services primarily in Karlovac and surrounding areas in Croatia. The company emphasizes quality and environmental responsibility, as evidenced by its ISO 9001 and ISO 14001 certifications. Their website reflects a professional and user-focused approach, offering comprehensive information, customer support, and transparency through detailed policies and contact channels. Technically, the site uses Joomla CMS with modern web technologies and is hosted behind Cloudflare, ensuring good performance and security. The presence of cookie consent and privacy policies indicates compliance with GDPR regulations. However, explicit security policies and incident response contacts are not found, representing an area for improvement. Overall, the website and business demonstrate high legitimacy and trustworthiness with a solid digital presence.

Ampere Computing is a technology company specializing in cloud native processors designed for efficient and scalable performance in data centers and edge computing environments. Founded in 2017, the company positions itself as a provider of high-efficiency CPUs that meet the growing demands of cloud computing with minimal resource consumption. The website reflects a modern, professional digital presence built on contemporary web frameworks such as Next.js and Chakra UI, hosted on Microsoft Azure infrastructure. The site is well-optimized for performance and mobile responsiveness, providing a good user experience with clear navigation and relevant content focused on their core business offerings. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms via OneTrust, indicating a baseline commitment to privacy compliance. However, explicit privacy policies, terms of service, and security policies are not found, which represents an area for improvement. The WHOIS data shows a consistent domain registration history aligned with the company's founding date, with standard registrar protections but lacking DNSSEC, which could enhance DNS security. Overall, the security posture is solid but could be strengthened by publishing formal security and privacy documentation, adding vulnerability disclosure mechanisms, and enabling DNSSEC. The absence of direct contact information and social media links on the main page limits immediate user engagement and trust signals. The website content is safe, professional, and targeted at a general audience interested in cloud computing technologies.

A

Age-Friendly University Global Network

afugn.org

63

The Age-Friendly University Global Network is a non-profit organization focused on promoting positive and active aging through higher education institutions worldwide. The website serves as a hub for membership, resources, research, and advocacy related to age-friendly university principles. The network is affiliated with Arizona State University, which adds credibility and institutional support. The website is built on the Squarespace platform, featuring a professional design, clear navigation, and mobile optimization. However, the absence of a privacy policy and WHOIS registrant data limits full trust verification. Security posture is strong with HTTPS and HSTS enabled, but lacks explicit security policies or incident response contacts. Overall, the site is suitable for its educational and non-profit mission but could improve compliance and transparency.

Museums.SI is a Slovenian cultural heritage portal operated by Semantika d.o.o., providing comprehensive information about museums, galleries, exhibitions, collections, educational programs, articles, authors, and virtual exhibitions in Slovenia. The website serves as a national platform to promote Slovenian cultural institutions and their activities to the general public and cultural enthusiasts. Technically, the site is built on the DNN CMS platform, utilizing Bootstrap and jQuery libraries, and integrates Google Analytics for visitor tracking. The site is mobile optimized with a moderate performance profile and basic accessibility features. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies. Privacy compliance is basic with a privacy policy available in Slovenian and a cookie consent banner. No contact emails or phone numbers are explicitly provided on the homepage, which may affect direct communication. Overall, the website is professional, trustworthy, and safe for general audiences.

P

Pikant

pikant.hr

46

Pikant is a Croatian design and marketing studio providing a broad range of creative and IT services including web design, graphic design, product design, branding, IT support, and marketing consulting. The company positions itself as a regional leader with a focus on quality and client satisfaction, serving businesses primarily in Croatia and the EU. The website is professionally designed, mobile-optimized, and provides clear contact information and client references. Technically, the site uses modern web technologies such as Google Fonts, Revolution Slider, and Cognito Forms for contact management, with Google Analytics for traffic analysis. Security posture is good with HTTPS enabled and secure form handling, though some security headers and cookie consent mechanisms are missing. The WHOIS data is privacy protected due to GDPR, which is justified for this business type. Overall, the website reflects a legitimate, small-sized business with a solid digital presence.

R

Razvojna agencija Sotla

ra-sotla.si

40

Razvojna agencija Sotla is a Slovenian regional development agency established in 2003, focusing on regional development programs, entrepreneurship support, and project management primarily in the Obsotelje and Kozjansko regions. The agency operates as a non-profit entity serving local governments, entrepreneurs, and community stakeholders. Their website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to their target audience. Technically, the site is built on WordPress using modern plugins such as Elementor and Events Manager, ensuring good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, compliant with GDPR cookie requirements, and free from suspicious indicators.

T

T1 Tallinn

t1tallinn.com

58

T1 Tallinn operates as a large retail and entertainment shopping center located in Tallinn, Estonia. The website presents a comprehensive overview of the business offerings including retail stores, dining options, entertainment venues, and additional customer services. The site targets a broad audience including families and general shoppers, positioning itself as a key shopping and leisure destination in the region. The business appears well-established with a domain age consistent with its operational history since 2016. Technically, the website is built on WordPress CMS, leveraging modern web technologies such as jQuery, Video.js, and Google Fonts. It uses Cloudflare for DNS and CDN services, ensuring good performance and security. The site is mobile-optimized, accessible, and SEO-friendly, with structured data and meta tags implemented effectively. Analytics and marketing tools like Google Analytics and Facebook Pixel are used for user tracking and marketing purposes. From a security perspective, the website enforces HTTPS and uses clientTransferProhibited domain status to prevent unauthorized transfers. However, DNSSEC is not enabled, and security headers are not explicitly observed, indicating room for improvement. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear cookie consent mechanisms and a comprehensive privacy policy aligned with GDPR requirements. Contact information is transparent and professionally presented. Overall, the website demonstrates a solid security posture and business credibility with no major red flags. Recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and considering a vulnerability disclosure program to further enhance trust and security maturity.

R

Regionalni centar kompetentnosti u turizmu i ugostiteljstvu Zabok

rcktu-zabok.hr

34

The website represents the Regional Center of Competence in Tourism and Hospitality located in Zabok, Croatia. It serves as an educational institution offering secondary education, adult courses, workshops, retraining, and consulting services focused on tourism and hospitality sectors. The center aims to develop professional skills, creativity, and social responsibility among students and professionals, supported by EU funding. The site is well-structured, professionally designed, and targets students, adult learners, and regional businesses in the tourism and hospitality industry. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit privacy and terms of service pages and a vulnerability disclosure policy. Overall, the domain registration and hosting are consistent with the business profile, indicating legitimacy and trustworthiness.

B

Business Angels Impact Fund

baif.hr

54

Business Angels Impact Fund is a Croatian-based investment fund focused on supporting startups and companies that generate social and environmental impact. The website presents a professional and consistent brand image, targeting investors and social enterprises. The technical infrastructure is built on WordPress using Elementor and Astra theme, indicating a moderate level of digital maturity with good mobile optimization and basic SEO. Security posture is moderate with HTTPS enabled but lacking advanced security headers and policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and trustworthy but would benefit from enhanced security and compliance measures.

R

Ride & Bike 2

rideandbike.eu

38

Ride & Bike 2 is a regional tourism promotion website focusing on the natural and cultural heritage of several regions in Croatia and Slovenia. It provides information about outdoor activities, cultural sites, and local attractions, targeting tourists and outdoor enthusiasts. The website leverages WordPress CMS with WPBakery Page Builder and integrates Google Tag Manager for analytics. While the site is well-structured and visually consistent, it lacks critical privacy and cookie policies, as well as explicit contact information, which impacts its compliance and trustworthiness. Security posture is moderate with HTTPS enabled but missing security headers and incident response contacts. Overall, the site is functional and serves its tourism promotion purpose but requires improvements in privacy compliance and security best practices.

R

Radnica.org

radnica.org

60

Radnica.org is a Croatian non-profit platform dedicated to supporting individuals facing workplace discrimination, particularly gender-based discrimination. The website offers educational content, guidance on rights, and an anonymous reporting form to help victims. It is affiliated with CESI, a recognized organization, enhancing its credibility. Technically, the site is built on Webflow with modern web fonts and scripts, delivering a good user experience with mobile optimization and clear navigation. Security-wise, the site uses HTTPS and Cloudflare Turnstile captcha for form protection, but lacks visible security headers and explicit incident response policies. Privacy compliance is well addressed with a cookie consent banner and a privacy policy page. Overall, the site is trustworthy and serves a niche audience effectively.

C

CESI – Centar za edukaciju, savjetovanje i istraživanje

sezamweb.net

53

SeZaM is a Croatian non-profit educational website focused on sexual education for youth, operated under the auspices of CESI – Centar za edukaciju, savjetovanje i istraživanje. The platform provides comprehensive thematic content on sexuality, gender equality, reproductive health, and related social issues, targeting young people and educators. It includes interactive elements such as a virtual assistant and links to related educational services. The website is well-structured and professionally designed, with clear navigation and relevant content for its audience. Technically, the site uses modern web technologies including Google Fonts, FontAwesome, Turbolinks, and Google Analytics, and is hosted on Linode. The presence of CSRF tokens and HTTPS indicates a baseline security posture, although some security best practices such as DNSSEC and security headers are missing. The website is mobile-optimized and SEO-friendly but lacks explicit privacy and cookie policies, which are important for GDPR compliance. From a security perspective, the domain is mature and registered with a reputable registrar, with protections against unauthorized transfers. No WAF or blocking mechanisms are detected, and the site is fully accessible. However, the absence of privacy and cookie policies, security headers, and vulnerability disclosure mechanisms represent compliance and security gaps. Overall, the site is trustworthy but could improve its security and privacy posture. Strategically, the site serves an important educational role in Croatia, with a clear mission and target audience. It benefits from partnerships with CESI and related services, enhancing its credibility and reach.