Security Directory

C

Cyklus Trails

cyklustrails.com

42

Cyklus Trails is a small, specialized travel agency offering self-guided and guided cycling tours primarily in the Czech Republic and neighboring countries. Established in 2002, it targets active travelers seeking authentic outdoor adventure experiences along well-known bike paths and cultural sites. The website is built on Drupal 7 and incorporates common web technologies such as jQuery, Google Analytics, and Facebook SDK for social integration and tracking. While the site is accessible and professionally presented, it lacks critical privacy and cookie policies, which impacts compliance with GDPR and other privacy regulations. Security measures include the use of Google reCAPTCHA on contact forms, but the absence of security headers and use of outdated libraries present potential vulnerabilities. The WHOIS data for the domain is missing, raising concerns about domain registration legitimacy, although the website content and contact details appear genuine. Overall, the site demonstrates moderate digital maturity with room for improvement in security and privacy compliance.

V

VR Coaster GmbH & Co. KG

vrcoaster.com

57

VR Coaster GmbH & Co. KG is a leading provider of virtual reality solutions for real ride attractions and location-based entertainment worldwide. As part of the Mack Group, it leverages strong partnerships with industry leaders such as Mack Rides and Europa-Park to deliver advanced VR experiences integrated into theme parks and entertainment venues. The company has established a strong market position since its founding in 2014, serving a global clientele including Universal Studios and Six Flags. The website reflects a professional and modern digital presence, showcasing their VR platforms, content offerings, and client portfolio. Technically, the website is built on WordPress with modern web technologies including video backgrounds, SVG graphics, and Google reCAPTCHA for form security. The site is mobile optimized, accessible, and SEO friendly, although performance is moderate. Security posture is good with HTTPS enforced and no exposed sensitive data, but lacks some security headers and a cookie consent mechanism. The contact form collects user data securely with reCAPTCHA protection. From a security and compliance perspective, the site demonstrates good practices but could improve by adding explicit security policies, incident response information, and vulnerability disclosure mechanisms. The absence of WHOIS data for the domain is unusual and reduces trust slightly, though the strong business branding and partner ecosystem mitigate concerns. Overall, the site is trustworthy and professional with minor areas for security and privacy enhancement. Strategically, VR Coaster should focus on improving transparency around security and privacy, implement cookie consent to comply fully with GDPR, and monitor domain registration status to ensure legitimacy. Enhancing security headers and publishing a vulnerability disclosure policy would further strengthen their security posture and trustworthiness.

O

Owasco Careers

owascocareers.ca

51

Owasco Careers operates a professional, family-owned automotive dealership group in Canada, focusing on recruitment and career opportunities within their dealerships. The website presents a clear business description emphasizing culture and growth, targeting job seekers interested in automotive retail careers. The technical infrastructure is based on WordPress with modern analytics and monitoring tools such as Google Analytics, Microsoft Clarity, and New Relic, indicating a moderate level of digital maturity. The site is mobile optimized and uses HTTPS with reCAPTCHA for form security, reflecting a good security posture. However, the absence of publicly available WHOIS data and lack of privacy and cookie policies indicate gaps in transparency and privacy compliance. Overall, the website is functional and professional but would benefit from enhanced privacy disclosures and security headers to improve trust and compliance.

C

Cambra de Comerç de Terrassa

cambraterrassa.org

10

Cambra de Comerç de Terrassa is a regional chamber of commerce focused on supporting economic development and business growth in the Terrassa region of Spain. The website presents a professional and consistent brand image, offering business support services and entrepreneurial development initiatives. The target audience primarily includes local businesses and entrepreneurs seeking economic development assistance. The business model revolves around providing services and support to foster regional economic growth. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, supplemented by WooCommerce for e-commerce capabilities. It integrates several analytics and marketing tools including Matomo, Google Tag Manager, Hotjar, and LinkedIn Insight. The site is hosted by Entorno Digital, S.A., with a domain registered since 2005, indicating a mature and stable online presence. Performance and mobile optimization are good, with basic accessibility and SEO optimizations in place. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, alongside a GDPR-compliant cookie consent mechanism. However, explicit security headers and a published security policy or incident response contact are absent, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with no explicit privacy policy or terms of service found in the analyzed content. Overall, the website is trustworthy and professional, with a solid business credibility score. The main risks relate to the absence of explicit security policies and limited contact information. Strategic recommendations include enhancing security headers, publishing a security and privacy policy, and providing clear contact channels for security incidents to improve trust and compliance.

C

Cambra de Comerç de Barcelona

cambrabcn.org

10

Cambra de Comerç de Barcelona is a well-established chamber of commerce serving the business community in Barcelona and Catalonia. Founded in 2001, it operates as a non-profit organization providing business support, training, networking, and advocacy services. The website reflects a professional and consistent brand image targeting local businesses and entrepreneurs. The organization maintains a strong market position as a key regional business entity. Technically, the website is built on WordPress with modern plugins such as Gravity Forms, WooCommerce, and Yoast SEO, indicating a mature digital infrastructure. The site is moderately performant, mobile-optimized, and includes standard SEO and accessibility features. Hosting is provided by Nominalia Internet SL, a reputable registrar and hosting provider. From a security perspective, the site enforces HTTPS, uses security headers, and integrates Google reCAPTCHA to protect forms. However, DNSSEC is not enabled, and there is no publicly available security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the website is trustworthy, professional, and secure with minor areas for improvement in security transparency and DNS security. The domain registration data supports the legitimacy and long-standing presence of the organization.

S

Spoutible

spoutible.com

7

Spoutible.com appears to be a relatively new online platform, likely a social media or communication service given the site title and some UI hints. The domain was registered in late 2022 and is hosted behind Cloudflare DNS services. The website uses common Google services such as Google Tag Manager, Google Adsense, and Google reCAPTCHA, indicating some level of digital maturity. However, the site lacks critical compliance documents such as privacy policies, cookie policies, and terms of service, which are essential for user trust and regulatory compliance. The absence of contact information and security headers further reduces the security posture and business credibility. Overall, the site presents a basic web presence with moderate technical implementation but requires significant improvements in privacy, security, and business transparency to enhance trustworthiness and compliance.

L

Litea Solution s.r.o.

usbmedia.cz

60

USB Media, operated by Litea Solution s.r.o., is a Czech-based company specializing in the custom manufacturing and sale of promotional USB flash drives and IT-related corporate gifts. Established in 2010, the company offers a range of services including laser engraving, printing on flash drives, and production of IT gadgets such as Bluetooth speakers and wireless chargers. Their market position is that of a specialized provider catering primarily to business clients seeking unique promotional items. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, supporting a positive user experience. Technically, the website is built on WordPress and leverages modern web technologies including jQuery, Google Analytics, Google reCAPTCHA, and Owl Carousel. It uses Google Fonts and integrates Google Maps API for location services. Performance is moderate with good mobile optimization, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA on its contact form, which helps mitigate spam and abuse. However, it lacks important security headers such as Content-Security-Policy and X-Frame-Options, which could enhance protection against common web attacks. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is weak due to the absence of a privacy policy and cookie consent mechanism, which is a notable gap given GDPR requirements. Overall, the website is trustworthy and legitimate, supported by consistent WHOIS data showing domain registration since 2010. Contact details are transparent with dedicated customer service representatives. The site does not contain any adult or questionable content and targets a general business audience. Strategic improvements in privacy compliance and security headers would enhance the site's security posture and regulatory adherence.

O

Obecní úřad Velké Popovice

velkepopovice.cz

47

Velké Popovice's official municipal website serves as a comprehensive portal for local residents and visitors, providing essential information such as public notices, contact details, event calendars, and citizen services. The site is positioned as a trusted local government resource with a clear focus on community engagement and transparency. Technically, the website employs a modern CMS (vismo), uses HTTPS, integrates Google Analytics with consent management, and includes accessibility and mobile optimization features. Security measures include the use of Google reCAPTCHA on forms and cookie consent banners, though explicit security policies and headers could be improved. The absence of WHOIS data limits domain trust assessment, but the website's content and contact information strongly indicate legitimacy. Overall, the site is well-maintained, user-friendly, and compliant with privacy regulations, making it a reliable digital presence for the municipality.

S

Statutární město Děčín

mmdecin.cz

51

The website www.mmdecin.cz serves as the official web portal for the statutory city of Děčín in the Czech Republic. It provides municipal information, public service announcements, and downloadable documents for residents and visitors. The site is positioned as a government entity portal with a focus on local governance and community services. The target audience primarily includes city residents and stakeholders interested in municipal affairs. Technically, the website is built on the Joomla CMS platform, utilizing common web technologies such as jQuery, Bootstrap, and Font Awesome. It incorporates Google reCAPTCHA for form security and implements a cookie consent mechanism, indicating awareness of privacy regulations such as GDPR. The site demonstrates moderate performance and good mobile optimization, though accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. However, it lacks visible security headers and does not publish explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The absence of WHOIS data is likely due to privacy protection, which is common and justifiable for government domains. Overall, the website presents a professional and trustworthy front for the city government, with room for improvement in privacy policy transparency, security header implementation, and accessibility compliance. The risk level is low, but strategic enhancements in security posture and compliance documentation are recommended.

H

Hochschülerinnen- und Hochschülerschaft an der TU Graz GmbH

printkultur.at

47

Printkultur is a well-established printing and study supply service provider based in Graz, Austria, primarily serving the academic community, especially TU Graz students and staff. Founded in 1977, the company offers a broad range of services including digital printing, copying, plotting, scanning, and binding, alongside retail of study materials and promotional items. Their market position is that of a trusted local partner with strong ties to educational institutions, supported by visible partnerships and consistent branding. Technically, the website is built on WordPress with WooCommerce for e-commerce capabilities, integrating modern tools such as Google reCAPTCHA and Borlabs Cookie for privacy compliance. The site demonstrates good SEO practices and mobile optimization, although some legacy libraries like an older jQuery version present minor security concerns. Performance is moderate, and accessibility is basic but functional. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR. However, explicit security policies and incident response contacts are absent, and some security headers are not clearly present. No critical vulnerabilities or exposed sensitive data were found, but updating libraries and adding security documentation would enhance posture. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving its niche audience effectively. Strategic improvements in security policy transparency and technical updates would further strengthen its risk profile and operational resilience.

E

Event management system - Conference Manager

conferencemanager.dk

67

Conference Manager is a well-established Danish company founded in 2006, providing a leading event registration and management system across Europe. Their SaaS platform simplifies planning and execution of various event types, including physical and online events. The website reflects a mature digital presence with professional design, SEO optimization, and integration of modern web technologies such as WordPress, Elementor, and Cookiebot for GDPR compliance. The company maintains active social media profiles on Facebook, Instagram, and LinkedIn, enhancing their market visibility. Technically, the website leverages a robust WordPress CMS with Elementor page builder and Yoast SEO plugin, supported by Google Tag Manager and Apollo tracking for analytics. Security measures include HTTPS enforcement and Google reCAPTCHA for form protection, alongside a cookie consent mechanism via Cookiebot. However, the absence of explicit security headers and privacy policy pages suggests areas for improvement in security posture and compliance transparency. Overall, the security posture is solid but could benefit from enhanced HTTP security headers and published security policies. The domain WHOIS data is consistent with the business claims, indicating legitimacy and long-term operation. No WAF or blocking mechanisms were detected, allowing full content accessibility and analysis.

T

Terapeutické centrum EPIMELEIA

teracentrum.cz

39

Terapeutické centrum EPIMELEIA is a small healthcare service provider based in the Czech Republic, offering psychological and psychotherapeutic counseling, coaching, and self-development services primarily in Prague and Olomouc. The website presents a professional and consistent brand image, targeting individuals, couples, and children seeking mental health support, including online therapy options. The business model focuses on direct service provision with an emphasis on accessibility and client support. Technically, the website is built on WordPress using Elementor and Jet plugins, integrating Google Analytics and Google Tag Manager for user tracking. The site is mobile-optimized with moderate performance and basic accessibility features. Security posture is adequate with HTTPS enabled and use of Google reCAPTCHA, but lacks security headers and explicit privacy or cookie policies. WHOIS data is unavailable, limiting domain trust assessment, but the website content and presentation suggest legitimacy. Overall, the site scores moderately well in content quality, technical implementation, and business credibility, with room for improvement in privacy compliance and security best practices.

Michael Gross Art is a small-scale artist portfolio website showcasing the works of Michael Gross, including paintings, prints, and works on paper. The site targets art collectors, galleries, and enthusiasts, providing detailed galleries and information about exhibitions and the artist's background. The business model centers on promoting the artist's work and facilitating contact for inquiries. Technically, the website is built on WordPress and uses common web technologies such as jQuery, Google Analytics, and Google Tag Manager. The site is moderately optimized for performance and mobile use but lacks advanced accessibility features. Security-wise, the site benefits from HTTPS and uses Google reCAPTCHA for form protection; however, it lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies and no consent mechanisms. Overall, the website is functional and professional but would benefit from improvements in security and privacy compliance to enhance trust and regulatory adherence.

Č

Česká golfová federace

bavsegolfem.cz

41

Bav se golfem is a Czech Republic-based golf information platform operated in association with the Czech Golf Federation. It serves as a comprehensive resource for golf enthusiasts, providing location-based golf course listings, beginner guides, event information, and blog content. The platform targets a broad audience ranging from beginners to advanced players, promoting golf as a healthy and enjoyable leisure activity. The website is well-positioned nationally as a trusted source for golf-related information in the Czech Republic. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Google Analytics, Facebook SDK, Google reCAPTCHA, and Mapy.cz API for mapping services. The site is hosted on Czech infrastructure with Active24 as the inferred hosting provider. The website demonstrates good mobile optimization, SEO practices, and user experience, although accessibility features are basic. From a security perspective, the site uses HTTPS and implements CAPTCHA on forms to prevent automated abuse. However, explicit security headers are not evident, which could be improved. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a cookie consent banner present but no explicit privacy policy or terms of service pages found. Overall, the website presents a professional and trustworthy front for its business purpose. Strategic improvements in privacy documentation and security headers would enhance compliance and security posture. The domain registration data aligns well with the business, supporting legitimacy and trustworthiness.

K

KAISER GmbH & Co. KG

kaiser-elektro.de

65

KAISER GmbH & Co. KG operates a professional website focused on electrical installation products and systems, targeting business customers primarily in Germany and internationally. The company offers a broad portfolio including boxes, housings, cable glands, and specialized installation solutions emphasizing energy efficiency and fire protection. The website reflects a mature B2B business model with a consistent brand presence and a well-structured product catalog. Technically, the website is built on the Shopware e-commerce platform, utilizing modern web technologies such as JavaScript, CSS, and HTML5. It integrates third-party services like Signalize for marketing and eTracker for analytics, alongside Google reCAPTCHA for bot protection. The site is mobile-optimized with good SEO and basic accessibility features, hosted on servers associated with internet1.de. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. Security headers are likely present, and no critical vulnerabilities or exposed sensitive data were detected in the analyzed content. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, representing areas for improvement. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic enhancements in security transparency and contact availability would further strengthen trust and operational resilience.

A

Albert Leuchten

albert-leuchten.de

50

Albert Leuchten is a German-based manufacturer specializing in high-quality outdoor luminaires, including LED lighting solutions designed for environmental harmony and safety. The company targets both consumers and businesses seeking durable, weatherproof outdoor lighting products. Their market position is that of an established medium-sized enterprise with a focus on innovation and quality. The website reflects a mature digital presence built on WordPress with WooCommerce, integrating modern technologies such as Google Tag Manager and ConsentManager for privacy compliance. Security measures include HTTPS, reCAPTCHA on forms, and cookie consent mechanisms, though some security headers could be improved. Overall, the site is professional, well-structured, and GDPR compliant, with clear contact channels and business information. No critical security or content safety issues were detected.

A

AdgravityGroup S.L

neural.one

65

Neural.ONE is a small technology company based in Spain, operated by AdgravityGroup S.L, specializing in AI-powered marketing attribution solutions. Their website presents a professional and consistent brand image focused on delivering real-time marketing insights to optimize campaign ROI. The company targets marketing professionals and businesses seeking advanced attribution analytics. Technically, the website is built on the Squarespace platform, leveraging modern web technologies including Google reCAPTCHA for bot protection and Google Fonts for typography. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security posture is strong with HTTPS and HSTS enabled, though DNSSEC is not configured. Privacy compliance is basic, with a cookie policy and consent mechanism present but lacking a published privacy policy or terms of service. No direct contact information or incident response details are publicly available, which limits transparency. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

M

Město Milovice

mesto-milovice.cz

48

Město Milovice operates an official municipal website serving residents and visitors with comprehensive local government information, including news, public notices, contacts, and event calendars. The site is positioned as the authoritative source for municipal services in Milovice, Czech Republic, and targets local citizens and stakeholders. The business model is a government service portal focused on transparency and community engagement. Technically, the website uses a modern CMS platform (Vismo), employs HTTPS for secure communications, integrates Google reCAPTCHA for form security, and offers multilingual support via Google Translate. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers are missing. From a security perspective, the site maintains a solid posture with encrypted connections and anti-bot measures but lacks explicit incident response contacts and advanced security headers. No vulnerabilities or suspicious content were detected. Privacy compliance is basic but present, with GDPR-related information and cookie policy available. Overall, the website is trustworthy, professional, and well-maintained, with a strong legitimacy score based on domain age and WHOIS data. Strategic improvements could enhance security headers and incident response transparency to further strengthen trust and compliance.

O

Obec Psáry

psary.cz

45

The website psary.cz serves as the official online presence for the municipality of Psáry and Dolní Jirčany in the Czech Republic. It provides residents and visitors with comprehensive local government information, including news, events, public notices, waste management, and contact details. The site targets local citizens and community members, offering a centralized platform for municipal services and community engagement. Technically, the website is built on WordPress CMS, utilizing common web technologies such as jQuery and Bootstrap for responsive design and user interface components. It integrates Google reCAPTCHA to protect forms from spam and abuse. The site is hosted likely by Active24, the domain registrar, and employs HTTPS for secure communications. Mobile optimization and SEO practices are adequately implemented, though some accessibility features could be enhanced. From a security perspective, the website demonstrates a moderate security posture with HTTPS enabled and reCAPTCHA integration. However, it lacks explicit security headers and a vulnerability disclosure policy, which are recommended best practices. Privacy compliance is basic, with a privacy policy present but no visible cookie consent mechanism. Contact information is clearly provided, enhancing trust and transparency. Overall, psary.cz is a well-maintained municipal website with good content quality and user experience. Strategic improvements in security headers, privacy compliance, and incident response policies would further strengthen its security posture and regulatory adherence.

O

Obec Nučice

nucice.eu

45

The website nucice.eu serves as the official digital presence of the municipality of Nučice in the Czech Republic. It provides residents and visitors with essential local government information, including official announcements, event calendars, public documents, and contact details. The site targets local citizens and stakeholders interested in municipal affairs and community events. The business model is that of a governmental public service portal, focusing on transparency and community engagement. The website maintains a consistent brand identity aligned with municipal standards and offers good content quality and navigation.

M

Město Rokycany

rokycany.cz

48

The website rokycany.cz serves as the official digital presence of the city of Rokycany, Czech Republic. It provides comprehensive information about municipal services, local news, cultural and sports events, public notices, and online services for residents and visitors. The site is well-established, with a domain age dating back to 1997, reflecting a mature and stable online presence. The content is primarily in Czech and targets local citizens, businesses, and tourists. The business model is centered on public administration and community engagement, offering transparent access to city governance and services. Technically, the website employs a proprietary CMS (vismo) common among Czech municipalities, leveraging modern web technologies such as HTML5, CSS3, JavaScript, Google reCAPTCHA for form security, and Google Translate for multilingual support. The site is mobile-optimized and features a clear navigation structure, although accessibility features are basic. Performance is moderate, with external dependencies on Google fonts and CDN-hosted libraries. From a security standpoint, the site uses HTTPS and integrates Google reCAPTCHA to protect forms from abuse. However, it lacks explicit security headers and a dedicated security or incident response policy page, which are areas for improvement. Privacy compliance is addressed with a privacy policy and cookie policy, but no active cookie consent mechanism is implemented. Contact information is clearly provided, enhancing trust and transparency. Overall, rokycany.cz is a trustworthy and professional municipal website with good content quality and business credibility. Strategic recommendations include enhancing security headers, implementing cookie consent mechanisms, and publishing detailed security and incident response policies to strengthen compliance and user trust.

M

Městský úřad Spálené Poříčí

spaleneporici.cz

50

The website spaleneporici.cz serves as the official digital presence of the municipal office of Spálené Poříčí, a town in the Czech Republic. It provides residents and visitors with comprehensive information about the town, including local news, official documents, event calendars, and tourism-related content. The site targets local citizens, tourists, and stakeholders interested in municipal services and community activities. The business model is government/public service oriented, focusing on transparency and community engagement. The domain is well-established since 2001, reinforcing its credibility and trustworthiness. Technically, the website employs a modern tech stack including HTML5, CSS, JavaScript, and integrates Google services such as Analytics, Tag Manager, reCAPTCHA, and Translate. It uses the vismo CMS platform, which is common for Czech municipal websites. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Hosting and domain registration are consistent with Czech providers, supporting local presence. From a security perspective, the site enforces HTTPS, uses Google reCAPTCHA to protect forms, and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit published security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The security posture is solid but could be enhanced by adding security headers and formal policies. Overall, the website is a trustworthy, well-maintained municipal portal with good content quality and user experience. It demonstrates compliance with privacy regulations and employs standard security practices. Strategic improvements in transparency around security policies and incident handling would further strengthen its posture.

G

Gesellschaft für Energie und Klimaschutz Schleswig-Holstein

eksh.org

54

Gesellschaft für Energie und Klimaschutz Schleswig-Holstein (EKSH) is a German non-profit organization dedicated to promoting projects in energy and climate protection. The organization supports scientific research, education, and community initiatives focused on sustainable mobility, renewable energy, sector coupling, and energy efficiency. EKSH positions itself as a regional leader in Schleswig-Holstein, providing approximately 2 million euros annually for pilot projects and programs. The website is professionally designed, well-structured, and provides comprehensive information about its themes, projects, and news updates. Technically, the site is built on TYPO3 CMS, uses HTTPS, and includes modern web technologies such as Google reCAPTCHA for form security. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. However, the WHOIS data for the domain is unavailable, which limits domain registration trust verification. Despite this, the website's content quality, contact transparency, and social media presence support its legitimacy.

I

Intercontinental Exchange

theice.com

66

Intercontinental Exchange (ICE) operates a comprehensive digital platform offering global exchanges, clearing services, market data, and technology solutions primarily in the energy and financial sectors. The website demonstrates a strong market position with a focus on innovation and digitization of traditional markets. Technically, the site uses modern web technologies including React and various JavaScript libraries, delivering a professional and responsive user experience. Security posture is solid with HTTPS and reCAPTCHA integration, though some security headers and explicit privacy policies are missing. The absence of WHOIS data is notable but likely due to privacy or registry restrictions rather than malicious intent. Overall, the site is professional, trustworthy, and business-focused.

V

Vleeko

vleeko.com

49

Vleeko is a well-established digital marketing agency based in Mexico, with a strong presence in major cities such as CDMX, Puebla, Hermosillo, and Guadalajara. The company offers a comprehensive suite of digital marketing services including brand design, web design, Google Ads, Facebook Ads campaigns, social media management, and digital strategies. With over 20 years of experience and multiple certifications from Google, AMIPCI, HubSpot, and others, Vleeko positions itself as a trusted partner for businesses seeking to enhance their digital footprint. The website reflects a professional and consistent brand image, supported by good content quality and clear navigation.

G

GLAJ-Vaud

glaj-vaud.ch

48

GLAJ-Vaud is a Swiss non-profit umbrella organization coordinating youth activities in the canton of Vaud. It provides services such as training (FORJE), platforms for youth engagement, and project management for youth-related initiatives. The website is built on WordPress with WooCommerce and uses modern SEO and performance tools. The technical infrastructure is solid with HTTPS and security best practices, though some security headers could be improved. Privacy compliance is basic, lacking explicit privacy and cookie policies. Contact is available via a member login and a contact page. Overall, the site is professional and trustworthy but could enhance privacy and security transparency.

K

Kantonale Verwaltung Appenzell Ausserrhoden

ar.ch

41

The website ar.ch is the official online portal for the canton of Appenzell Ausserrhoden in Switzerland, providing comprehensive information and services related to the cantonal government. It serves citizens, businesses, and other stakeholders with access to government departments, news, legal resources, and public services. The site is well-structured, professionally designed, and consistent with government branding, reflecting a medium-sized government entity's digital presence. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies including Matomo for analytics and Google reCAPTCHA for form security. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Security is robust with HTTPS enforced and appropriate security headers, but lacks some advanced security disclosures and cookie consent mechanisms. From a security perspective, the site shows a mature posture with no visible vulnerabilities or exposed sensitive data. However, it could improve privacy compliance by implementing explicit cookie consent and publishing detailed security policies and incident response contacts. The WHOIS data aligns well with the official government identity, supporting the site's legitimacy. Overall, the site is a trustworthy, professional government portal with solid technical and security foundations but would benefit from enhanced privacy and security transparency to fully comply with modern regulations and best practices.

J

Jugendcafé Camäleon

camaleon.li

50

Jugendcafé Camäleon is a small non-profit youth center based in Vaduz, Liechtenstein, providing a community space for youth engagement, projects, and events. The website serves as an informational and promotional platform targeting local youth and community members, offering details about their services, events, and gallery. The organization appears well-established since 2018 with a clear local focus and active social media presence. Technically, the website is built on WordPress with standard plugins such as Yoast SEO and Contact Form 7, ensuring basic SEO and contact functionalities. The site is mobile-optimized and uses modern libraries like Swiper.js and FontAwesome for UI enhancements. Security posture is adequate with HTTPS enforced and Google reCAPTCHA protecting forms, though it lacks advanced security headers and explicit incident response policies. Privacy and cookie policies are present but lack an explicit consent mechanism. Overall, the site is trustworthy, professional, and safe for general audiences.

L

Liechtensteinische Kraftwerke

energieportal.li

60

The website energieportal.li is a digital portal operated by Liechtensteinische Kraftwerke, a regional energy provider in Liechtenstein. It primarily serves as a login gateway for users to access energy consumption and production data. The site currently displays a maintenance message indicating limited data availability due to technical issues. The business targets energy consumers and stakeholders within Liechtenstein, providing essential energy data services. The portal uses modern web technologies including Angular framework, Google Maps API, and Google reCAPTCHA for bot protection, hosted on Microsoft Azure Blob Storage for static assets. The technical infrastructure is modern and moderately optimized for performance and mobile use. Security posture is good with HTTPS enforced and basic security headers, though additional headers and explicit security policies are absent. Privacy compliance is weak due to missing privacy and terms of service pages, and no contact or incident response information is provided. Overall, the site is legitimate and trustworthy, but could improve transparency and compliance documentation.

T

ThemeFreesia

themefreesia.com

58

ThemeFreesia is a small technology company specializing in the development and distribution of free and premium responsive WordPress themes and plugins. Their market position is focused on providing accessible, stylish, and functional WordPress solutions primarily targeting business owners, designers, and bloggers. The company offers a business model combining free themes with paid 'Plus' plugins to enhance functionality and support. The website demonstrates a good level of digital maturity with a WordPress CMS infrastructure, integration of modern technologies such as Google Analytics, reCAPTCHA, WooCommerce, and SEO optimization via Yoast. Hosting is provided by Bluehost with Cloudflare DNS services, ensuring reliable uptime and performance. Security posture is moderate with HTTPS enforced and use of reCAPTCHA, but lacks DNSSEC and explicit security headers. Privacy compliance is basic with a privacy policy and cookie consent banner present, though GDPR compliance is not explicitly indicated. Overall, the website is professional, trustworthy, and safe for general audiences, with room for improvement in security policies and technical hardening.

A

Autodesk, Inc

tinkercad.com

56

Tinkercad is a free, web-based application developed by Autodesk, Inc, focused on providing accessible tools for 3D design, electronics, and coding. It targets educators, students, and hobbyists, serving as an introductory platform to Autodesk's broader design technologies. The website demonstrates a high level of digital maturity with modern frameworks like Angular, service workers for offline capabilities, and integration with Autodesk APIs. The content is rich, well-structured, and optimized for various devices, reflecting excellent user experience and design quality. Security posture is strong with HTTPS enforcement and bot protection via Google reCAPTCHA, complemented by kidSAFE COPPA certification ensuring child safety and privacy compliance. However, the absence of explicit cookie consent mechanisms and security headers suggests room for improvement in privacy compliance and security best practices. WHOIS data is unavailable, likely due to privacy protections, but the website's professional presentation and Autodesk branding support its legitimacy. Overall, the site is trustworthy, well-maintained, and suitable for its educational audience.

B

BAVARIA Bratislava s.r.o.

bavariabratislava.sk

10

BAVARIA Bratislava s.r.o. operates as an authorized BMW dealership and service center located in Bratislava, Slovakia. The company offers a comprehensive range of BMW vehicles including new and used cars, alongside financial services, servicing, and original accessories. Positioned as the largest and most modern BMW showroom in Slovakia, it targets BMW customers seeking premium automotive products and services. The website reflects a professional and consistent brand image aligned with BMW standards. Technically, the website is built on the siteLAB CMS platform and incorporates modern JavaScript libraries such as Swiper.js and Owl Carousel for UI components, along with Google reCAPTCHA for form security and Facebook SDK for customer chat integration. The site is mobile-optimized and includes SEO best practices, although some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and integrates anti-bot measures via reCAPTCHA. However, it lacks explicit security headers and a published security policy or incident response contact, which are recommended for enhanced trust and compliance. Privacy and cookie policies are well implemented with clear consent mechanisms, supporting GDPR compliance. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements in security headers and incident response transparency would further strengthen its posture.

Jablotron Alarmsysteme s.r.o. is a reputable technology company specializing in security systems, smart home automation, and energy management solutions. The company targets residential and commercial customers primarily in Central Europe, offering innovative alarm and monitoring products. Their website demonstrates a strong market position with professional branding and comprehensive service offerings. Technically, the site is built on a modern React and Next.js stack with excellent mobile optimization and fast performance. Security measures such as HTTPS, security headers, and reCAPTCHA are properly implemented, reflecting a mature security posture. However, the absence of WHOIS domain registration data and lack of public vulnerability disclosure policies slightly reduce trust. Overall, the website is professional, secure, and compliant with GDPR, making it a trustworthy digital presence for the company.

V

Virtualna Tvornica

virtualna-tvornica.com

10

Virtualna Tvornica is a Croatian digital agency specializing in web development and online marketing services, established in 2012. The company offers a broad range of services including web shop creation, website and web application development, AI and ERP integration, and various digital marketing solutions such as Google, Meta, and TikTok advertising. Their market position is that of a specialized, small-sized agency with a consistent brand presence and a portfolio of successful projects. Technically, the website is built on WordPress with modern plugins and frameworks, optimized for SEO and mobile devices, and integrates standard marketing and security tools like Google Tag Manager and reCAPTCHA. Security posture is good with HTTPS and cookie consent mechanisms in place, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, the website is professional, trustworthy, and compliant with GDPR, with no signs of blocking or WAF interference.

N

Nacionalna i sveučilišna knjižnica u Zagrebu

nsk.hr

10

The website represents the Nacionalna i sveučilišna knjižnica u Zagrebu, the largest Croatian national and university library. It serves as a central resource for academic and public users in Croatia, providing extensive library services and resources. The domain is well-established since 1997 and registered under CARNET, a reputable Croatian academic network, supporting its legitimacy. Technically, the site is built on WordPress with modern SEO and accessibility features, including multilingual support and cookie consent mechanisms. Security posture is good with HTTPS and reCAPTCHA usage, though security headers and explicit policies could be enhanced. User tracking is moderate via Google Analytics and Tag Manager. Overall, the site is professional, trustworthy, and safe for general audiences.

T

Thomastik-Infeld GmbH

thomastik-infeld.com

71

Thomastik-Infeld GmbH is a well-established Austrian company specializing in the development and production of high-quality music strings since 1919. The company targets musicians and music professionals worldwide, offering a broad portfolio including orchestral, guitar, and folk strings. Their website reflects a mature digital presence with professional design, multilingual support, and integrated e-commerce and consulting tools. Technically, the site employs modern frameworks such as Bootstrap and jQuery, enhanced with Google Tag Manager and reCAPTCHA for security. The security posture is solid with HTTPS and consent management, though explicit security headers and incident response policies are absent. The lack of WHOIS data for the domain raises concerns about domain registration legitimacy, warranting further investigation. Overall, the website is trustworthy, professional, and compliant with GDPR, serving as a strong digital asset for the company.

Časopis Zagreb moj grad is a Croatian online magazine dedicated to the culture, history, and education about the city of Zagreb. It targets local residents and enthusiasts of Zagreb, providing well-curated articles without sensationalism. The website is built on WordPress with modern plugins such as Yoast SEO and Elementor, indicating a moderate level of digital maturity. Hosting is provided by cyber_Folks d.o.o., a Croatian registrar and hosting provider, which aligns with the local focus of the publication. Security posture is good with HTTPS enforced and use of Google reCAPTCHA on forms, but lacks explicit privacy and cookie policies, which are important for GDPR compliance. Overall, the site is professional and trustworthy but could improve compliance and security transparency.

D

Datalab

datalab.al

57

Datalab is a well-established Slovenian technology company specializing in ERP software solutions, primarily through their flagship product PANTHEON. The company has a strong regional presence with sister sites across multiple Balkan countries, indicating a broad market reach. Their website is built on a modern WordPress CMS with a professional design and good SEO practices, integrating essential marketing and analytics tools such as Google Tag Manager, Google Analytics, Hotjar, and Cookiebot for GDPR-compliant cookie consent. Security posture is solid with HTTPS and reCAPTCHA implemented, though there is room for improvement in security headers and explicit security policies. The absence of clear privacy and terms of service pages slightly impacts privacy compliance scores. Overall, the website reflects a mature digital infrastructure suitable for a medium-sized enterprise in the technology sector.

D

Datalab BH d.o.o.

datalab.ba

53

Datalab BH d.o.o. operates a professional ERP and business information system platform named PANTHEON, targeting small to medium enterprises and accounting services primarily in Bosnia and Herzegovina and the wider Southeast European region. The company offers a comprehensive suite of software solutions including ERP modules, cloud hosting, and digital business tools, supported by consulting and training services. The website reflects a mature digital presence with multilingual support and a strong focus on customer engagement through testimonials and educational content. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good SEO and mobile responsiveness. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers could be improved. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and trustworthiness.

D

Datalab

datalab.si

57

Datalab is a well-established Slovenian technology company specializing in ERP software solutions, notably the PANTHEON business information system. With a domain age dating back to 1997 and multiple regional partner sites, Datalab demonstrates a mature market presence in the technology sector, targeting businesses seeking comprehensive ERP solutions. The website is built on a modern WordPress platform using the Enfold theme, integrated with standard SEO and analytics tools such as Yoast SEO, Google Analytics, and Cookiebot for GDPR compliance. The technical infrastructure is hosted on Azure DNS, indicating a reliable hosting environment. Security measures include HTTPS encryption and reCAPTCHA integration; however, the absence of security headers suggests room for improvement in security posture. The site implements a robust cookie consent mechanism, reflecting good privacy compliance practices, though explicit privacy policy and terms of service pages were not detected in the provided content. Overall, the website presents a professional and trustworthy digital presence with moderate to good performance and user experience.

D

Dimedia internet tehnologije d.o.o.

dimedia.hr

43

Dimedia internet tehnologije d.o.o. is a Croatian technology company specializing in custom software development, mobile applications, web design, and internet marketing services. Established in 2010, the company targets businesses seeking comprehensive digital solutions to enhance their online presence and operational efficiency. Their market position is supported by a portfolio of clients across real estate, tourism, and corporate sectors, demonstrating a solid foothold in the regional IT services market. The website reflects a professional and consistent brand image with clear service offerings and client references. Technically, the website employs a modern tech stack including jQuery, Google Analytics, Facebook SDK, and Google reCAPTCHA, ensuring basic security and user engagement features. The site is mobile-optimized with good SEO practices, though some accessibility features could be improved. Hosting and domain registration are consistent with the company's Croatian location, enhancing trust. From a security perspective, the site uses HTTPS and implements reCAPTCHA on forms, but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is basic with presence of privacy and cookie policies, but no explicit GDPR compliance statements or data retention policies were found. Overall, the website is trustworthy and professionally maintained, with moderate technical sophistication and a solid business credibility profile. Strategic improvements in security policy transparency and accessibility would further enhance their posture.

R

Registry Services, LLC

uipm.tv

42

UIPM TV is a specialized media streaming platform dedicated to broadcasting live and recorded events related to Modern Pentathlon and associated sports disciplines such as Biathle, Triathle, Laser Run, and Obstacle events. The platform targets sports enthusiasts and fans of these niche sports, providing official content likely authorized by the governing body UIPM. The website is built on WordPress using the Divi theme, integrating Dailymotion's API for video streaming and Matomo for analytics, reflecting a moderate level of digital maturity and technical infrastructure. Security measures include HTTPS, reCAPTCHA for form protection, and GDPR cookie consent mechanisms, although some security best practices like DNSSEC and security headers are missing. The domain registration is consistent and legitimate, registered with OVH sas and publicly associated with Registry Services, LLC. However, the site lacks explicit privacy policies, terms of service, and direct contact information, which impacts privacy compliance and business credibility scores. Overall, the site is functional, professionally designed, and serves its niche audience effectively but would benefit from enhanced security and compliance documentation.

A

Auto*Mat

auto-mat.cz

46

Auto*Mat is a small, community-focused organization based in the Czech Republic dedicated to urban mobility and sustainable transportation solutions. The website serves as an informational and engagement platform for the local community and stakeholders interested in city transportation projects. The business operates primarily as a non-profit or advocacy group with a niche market position in transportation within the Czech Republic. Technically, the website is built on WordPress, hosted by GreenGeeks, and employs modern web technologies including Google Tag Manager, Facebook Pixel, and Google reCAPTCHA to enhance user experience and security. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics in place. Security posture is adequate with HTTPS enforced and some security best practices observed, though there is room for improvement in implementing advanced security headers and publishing a security policy. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service. Overall, the domain is legitimate, well-aged, and consistent with the business claims, indicating a trustworthy online presence.

Hrvatska akreditacijska agencija (HAA) is a Croatian national accreditation agency operating as an independent, non-profit public institution. It provides accreditation services and manages the e-Akreditacija portal, which offers electronic services and maintains registers of accreditations. The agency is positioned as the authoritative accreditation body in Croatia with international cooperation ties to organizations such as ILAC and EA. The website is professionally designed, uses WordPress CMS, and integrates standard web technologies including Google Analytics and reCAPTCHA for security and analytics purposes. The site is accessible, mobile-optimized, and provides clear navigation and relevant content for its target audience of accredited entities and government bodies. Security posture is adequate with HTTPS enforced and cookie consent implemented, though improvements could be made by adding security headers and explicit privacy policies. WHOIS data is redacted due to GDPR, but the domain and website content align with a legitimate government agency. Overall, the website demonstrates a good balance of professionalism, technical implementation, and business credibility.

H

HŽ Putnički prijevoz

hzpp.hr

50

HŽ Putnički prijevoz is the Croatian national passenger rail transport company providing domestic and international train services. The website serves as an information and ticketing portal for passengers, offering travel schedules, ticket purchase options, and travel advisories. The company targets general public users traveling within Croatia and to European destinations by rail. The business model is that of a public transportation service provider with a large market presence as the national rail operator. Technically, the website employs modern web standards including HTTPS, Google Tag Manager, and reCAPTCHA for security and analytics. Accessibility features such as font size adjustment and dyslexia mode enhance user experience. However, the site lacks visible privacy and terms of service pages, and no direct contact information is found in the provided content. Security posture is good with HTTPS and bot protection but could be improved by adding security headers and explicit security policies. Overall, the domain and website appear legitimate and professionally maintained, consistent with a national transportation entity.

G

GoDaddy Operating Company, LLC

klemmsecurity.com

71

The website is a domain sales landing page operated by GoDaddy Operating Company, LLC, offering the domain klemmsecurity.com for sale. It targets individuals and businesses interested in acquiring premium domains, providing options to buy outright or lease to own. The platform leverages GoDaddy's established domain aftermarket infrastructure and integrates partner services such as Afternic and Trustpilot for trust and transaction facilitation. The site is professionally designed with a focus on secure and straightforward domain transactions. Technically, it uses modern web frameworks including Next.js and JavaScript, hosted on GoDaddy's infrastructure, with basic SEO and accessibility features. Security posture is moderate with HTTPS implied and reCAPTCHA implemented, but lacks explicit security headers and detailed policies. Overall, the domain sales platform is credible and trustworthy, though WHOIS data for the parking subdomain is unavailable, which is typical for such sales platforms.

B

Borealis

borealis.agency

45

Borealis is a Croatia-based digital agency specializing in the creation of custom digital products including complex web applications, e-commerce platforms, multimedia applications, and promotional games. The company emphasizes long-term client relationships and serves a global clientele with a comprehensive service offering from concept through post-launch support. Their website reflects a professional and modern digital presence built on WordPress, with integration of Google Tag Manager and reCAPTCHA for analytics and security. While the site is well-designed and content-rich, it lacks explicit privacy and cookie policies, which is a notable compliance gap. Security posture is generally good with HTTPS and form protection, but could be improved by adding security headers and formal incident response disclosures. Overall, Borealis presents as a credible and established digital agency with a solid market position and trustworthy online presence.

Ż

Żywiec Zdrój

wolewode.pl

69

The website 'Mamo, tato, wolę wodę!' is an established educational program initiated by Żywiec Zdrój, targeting preschools in Poland to promote healthy hydration habits among children. The program offers educational materials, contests, and certification, positioning itself as a trusted and recognized initiative in the Polish education sector. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates Google services for analytics and spam protection. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS, uses Google reCAPTCHA, and implements cookie consent mechanisms, though it lacks advanced security headers and a published security policy. The domain is stable and consistent with the business claims, enhancing trust. Overall, the site is secure, compliant with GDPR, and professionally maintained, suitable for its educational mission.

Všudehrálové.cz is a Czech Republic-based niche community website dedicated to golf enthusiasts, providing news, tournament information, golf course rankings, and community updates. The site targets local golf players and fans, offering relevant content about golf courses and events primarily in the Czech region. The business model appears to be community-driven, possibly supported by membership or event fees, with a focus on fostering engagement among golf players. Technically, the website runs on WordPress 5.3.20 with jQuery 1.10.2, Google Analytics, and Google reCAPTCHA integrated for analytics and bot protection. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled and reCAPTCHA usage; however, the absence of security headers and use of outdated JavaScript libraries present vulnerabilities. Privacy compliance is weak due to missing privacy and cookie policies, and no GDPR consent mechanisms are evident. Overall, the site is functional and relevant to its audience but requires improvements in security and privacy to enhance trust and compliance.

Obec Klíčany operates as the official municipal government website for the village of Klíčany in the Czech Republic. The site provides residents and visitors with essential information about local governance, community news, public notices, and administrative contacts. It serves a small population of approximately 610 inhabitants and focuses on transparency and accessibility of municipal services. The website is well-structured, professionally designed, and targets local citizens and stakeholders. Technically, the website employs a custom CMS platform (IPO Redakční systém) and uses established JavaScript libraries such as jQuery and jQuery UI, alongside Google reCAPTCHA for form security and Matomo for privacy-conscious analytics. The site is mobile responsive and includes cookie consent mechanisms aligned with GDPR requirements. However, some libraries are outdated, and security headers are not visibly implemented, which could be improved. From a security perspective, the site benefits from HTTPS encryption and user consent for cookies, but lacks explicit security policies and incident response information. The absence of WHOIS data reduces domain trust slightly, though the website content and domain usage appear legitimate for a local government entity. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with good privacy compliance and a solid foundation for municipal communication. Strategic improvements in security headers, updated libraries, and enhanced transparency on security policies would further strengthen its posture.