Security Directory

L

Latvijas Pašvaldību savienība

lps.lv

46

Latvijas Pašvaldību savienība (LPS) is a key Latvian non-profit association representing local governments. The website serves as an information hub providing news, committee details, international cooperation, projects, and resources for municipalities and public sector stakeholders. It targets municipal officials and Latvian citizens interested in local governance. The site is professionally designed with consistent branding and clear navigation, supporting multiple languages and social media channels. Technically, it uses modern web technologies including jQuery, Google reCAPTCHA, Google Analytics, and Google Custom Search, ensuring a moderate to good performance and mobile optimization. Security posture is strong with HTTPS and bot protection, though lacks some security headers and published policies. Privacy compliance is partial due to missing privacy and terms of service pages. Overall, the domain and WHOIS data align well with the organization's legitimacy and business purpose.

E

Eco Valley Foundation

ecovalley.hu

55

Eco Valley Foundation is a small, established non-profit organization based in Hungary, dedicated to promoting ecological sustainability through education, volunteer programs, and organic farming projects. Their website reflects a clear mission focused on community engagement and environmental awareness, targeting volunteers, students, and supporters of sustainable living. The organization has a consistent brand presence and provides transparent contact information, enhancing trustworthiness. Technically, the website is built on WordPress with common libraries such as jQuery and Bootstrap, offering moderate performance and good mobile optimization. However, it lacks advanced security headers and privacy compliance features such as cookie consent and privacy policies, which are critical for GDPR adherence. The site uses HTTPS, ensuring secure communication. From a security perspective, the site demonstrates basic best practices like HTTPS and CAPTCHA on forms but lacks published security policies or incident response contacts. No vulnerabilities or suspicious domains were detected. The WHOIS data confirms the domain's legitimacy and long-standing presence, supporting the organization's credibility. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security posture improvements to align with modern standards and regulations.

S

Suzana Stojković

suzanastojkovic.com

54

Suzana Stojković operates a professional creative services website specializing in branding, graphic design, web design, photography, and video/animation services. The website presents a strong market position with a portfolio of satisfied clients and testimonials, targeting businesses and individuals seeking tailored creative solutions. Technically, the site is built on WordPress using Elementor and several modern plugins, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though additional security headers and incident response mechanisms are recommended. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which should be verified to ensure trustworthiness. Overall, the website is professional, user-friendly, and compliant with privacy regulations, making it a credible digital presence for the business.

E

Ealys

ladesirade-vence.fr

39

The website www.ladesirade-vence.fr represents a small hospitality business offering a vacation villa rental in Vence, France. The site provides detailed information about the villa, including accommodation capacity, amenities, and local attractions, targeting tourists and vacationers seeking a premium holiday experience on the Côte d'Azur. The business appears to be a niche local operator with a professional online presence but limited public business registration transparency. Technically, the website employs a modern front-end stack including Bootstrap, jQuery, and various UI libraries, delivering a visually appealing and mobile-optimized experience. However, there is no evidence of a CMS or advanced backend platform. Performance is moderate with good SEO basics but lacks advanced analytics or tracking tools. From a security perspective, the site lacks visible security headers and cookie consent mechanisms, and WHOIS data is not publicly available, which is common for small businesses but reduces transparency. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is minimal, with a basic privacy policy page but no cookie banner or GDPR explicit consent. Overall, the website is functional and professional but would benefit from enhanced security practices, improved privacy compliance, and greater transparency in business and domain registration information to increase trustworthiness and regulatory adherence.

S

Société Française de Dermatologie

sfdermato.org

53

The Société Française de Dermatologie (SFD) is a well-established French non-profit professional society dedicated to promoting dermatology research, education, and public health. With over 130 years of history and more than 2400 members, it serves medical professionals, researchers, and patients by providing educational resources, funding opportunities, and organizing congresses. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional design consistent with its mission. Technically, the site employs a modern tech stack including Bootstrap, jQuery, and Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized and uses HTTPS with good SSL configuration. However, some security best practices such as security headers and explicit security policies are missing, which could be improved to enhance the security posture. From a security perspective, the site shows good privacy compliance with GDPR-aligned cookie consent and anonymized analytics. No vulnerabilities or suspicious activities were detected. The absence of WHOIS data limits domain trust analysis, but the professional content and certifications like HONcode support legitimacy. Overall, the site is a trustworthy and authoritative resource in the dermatology field, with recommendations to improve security headers, publish security policies, and clarify domain registration data to further strengthen trust and compliance.

V

Vegan France Interpro

vegan-france.fr

51

Vegan France Interpro is a French non-profit association dedicated to the economic development of vegan businesses in France. The website serves as a platform for news, events, and advocacy related to veganism and vegan economic activities. It targets French vegan businesses, startups, and stakeholders interested in the vegan market. The association positions itself as a key player in promoting vegan economic interests within France, providing networking opportunities and visibility for vegan enterprises. Technically, the website is built on WordPress, utilizing common libraries such as jQuery, Font Awesome, and Owl Carousel for UI components. The site is mobile-optimized with a professional design and clear navigation, though some accessibility features are basic. SEO practices are adequately implemented with proper meta tags and structured data. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is partially addressed with a privacy policy present and GDPR considerations, but cookie consent mechanisms are absent. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the site is professional and trustworthy in content and presentation but would benefit from enhanced security headers, explicit cookie consent, and more transparent contact information. The absence of WHOIS data limits domain legitimacy verification, which slightly reduces trustworthiness. Strategic improvements in security and privacy compliance would strengthen the site's risk posture and user trust.

Ö

Öko-völgy Alapítvány

okovolgy.hu

55

Öko-völgy Alapítvány is a Hungarian non-profit organization dedicated to fostering a sustainable, ecological, and organic farm community. The organization emphasizes education, volunteer work, and community engagement to promote environmental stewardship. The website serves as an informational and engagement platform, providing news, project details, and contact avenues for interested parties. The domain is well-established since 2007, supporting the organization's credibility and longevity. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and Font Awesome. It integrates Google Analytics and Facebook Pixel for user tracking and marketing insights. The site is mobile-optimized with good SEO practices but lacks some advanced security headers and explicit privacy or cookie policies, which are areas for improvement. From a security perspective, the site uses HTTPS with a valid SSL configuration, but no advanced security headers were detected. There is no visible incident response or vulnerability disclosure information. The presence of multiple external gambling-related links and hidden promotional content may pose reputational risks and affect content safety ratings. Overall, the security posture is moderate but could be enhanced with better policies and headers. The overall risk is moderate with no critical security issues detected. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, publishing a security.txt file, and reviewing third-party content to ensure alignment with the organization's mission and audience expectations.

E

Ealys

ealys.com

41

Ealys is a French web development agency specializing in the creation, redesign, and maintenance of websites and web applications, primarily serving clients in the North-East region of France including Metz, Nancy, and Strasbourg. With over 20 years of experience, the company targets a diverse clientele ranging from SMEs to large groups and institutional clients. Their service offerings include website creation, web application development, hosting, security, and audits, positioning them as a comprehensive digital solutions provider in their regional market. The website reflects a professional and consistent brand image with clear service descriptions and client references. Technically, the site employs modern web technologies such as HTML5, CSS3, jQuery, and popular plugins like Revolution Slider and Fancybox, ensuring a responsive and user-friendly experience. Google Analytics is used for visitor tracking, and a cookie consent mechanism is implemented, indicating basic privacy compliance. Security-wise, the site uses HTTPS and follows some best practices but lacks advanced security headers and explicit incident response or vulnerability disclosure policies. The domain registration data is consistent with the business claims, showing a long-established presence without privacy protection, which supports legitimacy. Overall, the website is well-structured, professional, and trustworthy, though there is room for improvement in security and compliance documentation.

D

Digia Oyj

digia.com

63

Digia Oyj is a well-established Finnish software and service company founded in 1997, specializing in digital transformation, AI, analytics, and cybersecurity services. The company targets businesses and organizations seeking to leverage technology for smarter business operations and sustainable futures. Their market position is strong in Finland with a large company size and a comprehensive service portfolio. The website is professionally designed, mobile-optimized, and uses HubSpot CMS with modern marketing and analytics tools. Security posture is good with HTTPS enforced and clientTransferProhibited domain status, though DNSSEC is not enabled and some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Contact is primarily via web forms, with no direct emails or phone numbers publicly listed. Overall, the website reflects a credible, professional, and trustworthy business presence.

M

Magefan

magefan.com

72

Magefan is a Ukraine-based e-commerce agency specializing in Magento 2 and Shopify solutions since 2015. They offer a broad portfolio of Magento 2 extensions and Shopify apps, alongside customization services aimed at improving store performance, security, and user experience. The company has a strong market presence with over 120,000 customers and more than 50 Magento extensions, positioning itself as a reputable provider in the e-commerce technology sector. Technically, the website is built on Magento 2 with modern JavaScript libraries such as jQuery and Owl Carousel, and leverages Cloudflare for DNS services. The site demonstrates good performance, mobile optimization, and SEO practices. Security is well addressed with HTTPS, multiple security headers, and domain status protections, although DNSSEC is not enabled. The site integrates marketing and analytics tools like Facebook Pixel, Google Tag Manager, and Hotjar, indicating moderate user tracking. From a security posture perspective, Magefan shows maturity with enforced HTTPS, domain lock statuses, and no visible vulnerabilities. However, the absence of explicit privacy, cookie, and security policies, as well as incident response contacts, represents compliance gaps, especially under GDPR and related regulations. No suspicious or malicious content is detected, and the site is safe for general audiences. Overall, Magefan presents a professional and trustworthy e-commerce solutions provider with solid technical infrastructure and business credibility. Strategic improvements in privacy compliance and security transparency would further enhance their risk profile and customer trust.

The website zhuk.cc is a personal blog primarily focused on technology topics, especially Joomla extensions, Oracle, Java, and various hobbies. It serves a niche audience of developers and technology enthusiasts interested in Joomla components and related software. The site offers technical articles, extension releases, and community forums, positioning itself as a resource hub for Joomla users. The business model revolves around content publishing and software extension distribution, with demonstration sites and forums supporting user engagement. Technically, the site is built on WordPress 6.8.1 using the Total theme and incorporates multiple JavaScript libraries such as jQuery, Owl Carousel, and Font Awesome. The platform is moderately optimized for performance and mobile use, with basic SEO and accessibility features. The site is fully accessible over HTTPS, indicating good SSL configuration, but lacks advanced security headers and privacy compliance mechanisms. From a security perspective, the site shows a moderate security posture with HTTPS enabled and no exposed sensitive data. However, it lacks explicit security headers, privacy and cookie policies, and incident response contacts, which are important for compliance and trust. No WAF or blocking mechanisms are detected, and the site content is safe for general audiences with no adult or questionable material. Overall, the site is a well-maintained personal technology blog with good content quality and business credibility but has room for improvement in privacy compliance and security best practices. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and providing clear contact information for security incidents to enhance trust and compliance.

C

Croatian Climate Change Panel

solarniklaster.org

45

The Croatian Climate Change Panel operates the solarniklaster.org website as a specialized platform focused on renewable energy, sustainable technologies, and climate change awareness primarily targeting Croatian and regional audiences. The site offers news, expert articles, multimedia content, and educational resources to support green energy transition efforts. Technically, the website uses a standard modern tech stack including Bootstrap, jQuery, and analytics tools, hosted on a domain registered since 2015 with privacy protection. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is basic with policies present but no explicit cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site is a credible, niche informational resource with room for security and privacy improvements.

Otok Krk energija d.o.o. is a Croatian limited liability company focused on producing and supplying renewable energy, primarily solar, to achieve energy independence for the island of Krk. The company is relatively new, founded in 2019, and is owned by the local municipality of Baška with plans to include other local government units as co-owners. Their business model centers on local investment and sustainable energy production, positioning themselves as a key player in the regional green energy market. The website reflects this mission with content in Croatian and some English, targeting local residents, investors, and governmental bodies interested in renewable energy projects. Technically, the website uses common web technologies such as Bootstrap, jQuery, and popular carousel libraries, with integration of Google Analytics and Facebook SDK for tracking and marketing purposes. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security posture is moderate; HTTPS is used but no explicit security headers or incident response policies are published. Privacy and cookie policies exist but lack active consent mechanisms. Overall, the website is professional and trustworthy but could improve in security and privacy compliance. Recommendations include implementing security headers, adding cookie consent, publishing incident response information, and enhancing contact transparency.

L

LU-CIX

lu-cix.lu

60

LU-CIX is a Luxembourg-based Internet Exchange Point founded in 2009, providing open and neutral peering and connectivity services to networks and content providers in Luxembourg and Europe. The organization operates as a non-profit entity, focusing on interconnecting critical networks in a secure and trusted environment. Their key services include public peering, route servers, blackholing, partner IX peering, and VoIP-X services, positioning them as a central telecommunications infrastructure player in Luxembourg. Technically, the website is built on WordPress CMS with modern JavaScript libraries such as jQuery and Owl Carousel, and uses Matomo for privacy-conscious analytics. The site is mobile-optimized with good SEO practices and moderate performance. Security-wise, the site enforces HTTPS and uses secure form submission techniques but lacks some security headers and a cookie consent mechanism, which are recommended for enhanced security and compliance. The security posture is solid but could be improved by adding explicit security policies, incident response contacts, and cookie consent to align better with GDPR requirements. The absence of WHOIS data limits domain trust verification, but the website content and business presence indicate a legitimate and professional operation. Overall, LU-CIX presents a trustworthy and professional digital presence with room for security and privacy enhancements to strengthen compliance and user trust.

Energetska zadruga "Otok Krk" is a small Croatian energy cooperative focused on promoting renewable energy and energy independence on the island of Krk. The cooperative provides consulting, project support, collective purchasing, and education services to local residents and businesses. Their website reflects a community-oriented business model with clear contact information and active social media presence. Technically, the site uses common web technologies such as jQuery, Bootstrap, and Owl Carousel, providing a moderate performance and good mobile optimization. Security posture is moderate with HTTPS usage but lacks explicit security headers and incident response policies. Privacy compliance is basic with privacy and cookie policies present but no consent mechanism. Overall, the website is professional and trustworthy, with a legitimacy score supported by consistent WHOIS data and domain age.

S

Schweizer Skischule Lenk

lenksportundevents.ch

44

Schweizer Skischule Lenk is an official ski school located in the Adelboden-Lenk ski region of Switzerland, offering ski and snowboard lessons for all skill levels, including specialized children's courses and winter events. The business is positioned as a local expert in winter sports education, targeting ski enthusiasts and families visiting the Berner Oberland region. Their business model is service-oriented with online booking capabilities, supported by a professional and consistent brand presence. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries such as jQuery and Owl Carousel. It employs HTTPS with anonymized IP tracking in Google Analytics and includes a cookie consent mechanism compliant with GDPR. The site demonstrates good mobile optimization and SEO practices, although some security headers are missing, which could be improved. From a security perspective, the site uses HTTPS and cookie consent but lacks explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business location and claims, enhancing trustworthiness. Overall, the website is secure, compliant, and professionally maintained. The overall risk is low, with recommendations focusing on enhancing security headers, adding incident response details, and maintaining up-to-date third-party libraries to further strengthen security posture and compliance.

B

Bikeschule Klosters

bikeschuleklosters.ch

49

Bikeschule Klosters is a well-established mountain bike school located in Klosters/Davos, Switzerland, with a history dating back to 1931. The company offers a broad range of bike courses, camps, workshops, and private guiding services tailored for children, youth, and adults. Their business model focuses on experiential outdoor education and recreation, supported by an online booking platform. The website reflects a professional and consistent brand image with clear contact information and partner affiliations, positioning them as a trusted local service provider in the biking community. Technically, the website is built on TYPO3 CMS, utilizing modern web technologies such as jQuery, Owl Carousel, and Google Tag Manager for analytics. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with compressed assets and responsive design elements enhancing user experience. From a security perspective, the site enforces HTTPS with IP anonymization for analytics and a comprehensive cookie consent mechanism. However, it lacks explicit security headers and publicly available security or incident response policies. No vulnerabilities or exposed sensitive data were detected, indicating a solid security posture for a small business. Overall, the website is safe, professional, and trustworthy, with no adult or questionable content. The domain registration data aligns well with the business claims, reinforcing legitimacy. Strategic improvements could focus on enhancing security headers, publishing security policies, and expanding incident response transparency to further strengthen trust and compliance.

A

Arosa Bikeschool

arosa-bikeschool.ch

54

Arosa Bikeschool is a specialized local service provider offering bike lessons and guided bike experiences for children and adults in the Arosa mountain region of Switzerland. The business emphasizes family-friendly services including group and private lessons, camps, workshops, and children's animation. Their market position is that of a trusted local bike school with a family destination certification, supported by clear contact channels and online booking capabilities. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates Google Analytics and reCAPTCHA for analytics and security. The site is mobile-optimized and provides a good user experience with clear navigation and content relevance. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks some advanced security headers such as CSP and HSTS. Privacy compliance is strong with a comprehensive privacy policy and cookie consent banner. WHOIS data aligns well with the business claims, showing transparency and legitimacy. Overall, the website is professional, trustworthy, and suitable for its target audience.

A

Angerer Alpin- + Skischule

ski-alpinschule.at

52

Angerer Alpin- + Skischule is a small alpine sports school based in Dorfgastein, Austria, offering year-round ski, snowboard, and alpine courses for children and adults. The business maintains a professional online presence with a TYPO3 CMS-powered website featuring multilingual support and an integrated online booking system. The company holds certifications and partnerships that enhance its market credibility. Technically, the website uses modern web technologies and provides a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements could be made by adding security headers and explicit security policies. Overall, the website is trustworthy, compliant with GDPR, and well-positioned in its regional hospitality sector.

I

Ilmatieteen laitos

ilmastokatsaus.fi

52

Ilmastokatsaus is an official publication of the Finnish Meteorological Institute, providing authoritative climate and weather information focused on Finland. The website serves a broad audience including researchers, meteorologists, and the general public interested in climate data and analysis. It offers digital magazines, monthly and seasonal climate reviews, and research letters. Technically, the site is built on WordPress with modern plugins and frameworks such as Bootstrap and jQuery, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response contacts are absent. Privacy compliance is weak due to missing explicit privacy and cookie policies. Overall, the site is trustworthy and professionally maintained, reflecting its government affiliation.

A

Autokomplex Menčík

autokomplex.cz

44

Autokomplex Menčík is a reputable automotive dealership specializing in Škoda vehicles, operating primarily in the Czech Republic with two main branches in Prague and Benátky nad Jizerou. The company offers a comprehensive range of services including new and used car sales, servicing, fleet management, insurance, and car washing. Their market position is that of a regional authorized dealer with a strong local presence and partnerships with various sports and community organizations. Technically, the website employs modern front-end technologies such as jQuery, Bootstrap, and Owl Carousel, providing a good user experience with mobile optimization and clear navigation. However, the absence of WHOIS data and security headers slightly diminishes the overall trustworthiness and security posture. Privacy and cookie policies are present and indicate GDPR compliance, enhancing user trust. Overall, the website is professional, content-rich, and well-branded, though improvements in security practices and domain registration transparency are recommended.

N

Nemocnice Na Homolce

homolka.cz

53

Nemocnice Na Homolce is a prominent public healthcare institution directly managed by the Ministry of Health of the Czech Republic. The hospital specializes in cardiovascular, neurological, diagnostic, and other specialized medical programs, serving patients and medical professionals primarily within the Czech Republic. The website reflects a well-structured and professional digital presence with comprehensive information, including contact details, social media links, and detailed service descriptions. The hospital holds JCI certification, indicating adherence to international healthcare quality standards. Technically, the website employs a modern technology stack including jQuery, Glide.js, Owl Carousel, and Klaro for cookie consent management. It integrates Google Analytics and Meta Pixel for analytics and marketing purposes. The site is mobile-optimized, accessible, and SEO-friendly, although no CMS or hosting provider details were identified. Performance is moderate with good user experience and navigation clarity. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers such as CSP or HSTS. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data for the domain is a notable concern, reducing domain registration trustworthiness, although the website content and government affiliation strongly support legitimacy. Overall, the website is professional, secure, and compliant with privacy regulations, but would benefit from enhanced domain registration transparency and improved security header implementation to strengthen trust and security posture.

C

CEMEX

cemex.cz

66

CEMEX CZ is a leading manufacturer and supplier of construction materials in the Czech Republic, offering products such as concrete, cement, aggregates, and flooring solutions. The website reflects a mature digital presence with comprehensive product and service information, supported by a modern CMS platform (Liferay) and integration of analytics and cookie consent tools. The site is well-structured, mobile-optimized, and provides clear contact channels including phone and forms. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. The absence of WHOIS data reduces domain registration trust signals but the website content and branding strongly indicate legitimacy. Overall, the site is professional, trustworthy, and serves its target audience effectively.

Sdružení obcí Orlicko is a regional association of municipalities in the Czech Republic focused on supporting tourism, transportation, and regional development across 28 communities. The website serves as an information hub for residents and visitors, providing event calendars, news updates, and regional resources. The organization positions itself as a local government partner fostering community growth and tourism promotion. Technically, the website is built on the IPO CMS platform, utilizing jQuery, Owl Carousel, Google reCAPTCHA, and Matomo analytics, indicating a moderate level of digital maturity. The site is mobile-optimized and includes accessibility considerations, though some improvements could be made. Security posture is adequate with HTTPS and form protections but lacks advanced security headers and explicit security policies. The absence of WHOIS data reduces domain trust slightly but the professional presentation and official contact details support legitimacy. Overall, the site is a reliable regional government resource with room for enhanced security and compliance documentation.

D

Dahasl s.r.o.

dahasl.cz

49

Dahasl s.r.o. is a Czech-based company specializing in the supply and installation of low-voltage technologies and security systems. The company positions itself as a traditional and reliable provider with extensive experience, offering comprehensive services from project design to maintenance and servicing of electrotechnical systems. Their target audience primarily includes businesses and organizations requiring advanced security and technology solutions. The website reflects a medium-sized enterprise with a professional online presence, including client references and statistical indicators of business activity. Technically, the website employs a standard modern technology stack including Bootstrap, jQuery, and various UI libraries, with a cookie consent mechanism and Google Analytics integrated with consent controls. The site is mobile-optimized and well-structured, though no CMS or hosting provider details are evident. Performance is moderate, and SEO practices appear adequate. From a security perspective, the site uses HTTPS (assumed though not explicitly confirmed), includes a cookie consent banner, and loads analytics scripts conditionally based on user consent. However, no explicit security headers or published security policies were detected, and no incident response or vulnerability disclosure information is available. The WHOIS data is unavailable, likely due to privacy protection, which limits transparency but does not inherently indicate risk. Overall, the website is professional and trustworthy with good privacy compliance and business credibility. The lack of WHOIS data and explicit security policies suggests areas for improvement in transparency and security posture. The risk level is moderate with no critical vulnerabilities detected in the analysis.

H

Hradecká kulturní a vzdělávací společnost s.r.o.

hradecko.info

46

The website hradecko.info represents a regional non-profit destination management organization focused on promoting tourism and cultural heritage in the Hradec Králové region of the Czech Republic. The organization operates key tourist attractions such as the White Tower, Bílá věž, and Kostel sv. Mikuláše, and collaborates closely with local government and tourism partners. The business model is centered on sustainable tourism development, funded by membership fees and local tourism taxes. Technically, the website is built on a Joomla CMS platform with a modern front-end stack including Bootstrap, jQuery, and various UI libraries. The site is mobile-optimized with good navigation and SEO practices, though some accessibility features are basic. Hosting is provided by Webglobe, and the domain is relatively new but consistent with the organization's founding date. From a security perspective, the site shows no immediate vulnerabilities or exposed sensitive data, but lacks advanced security headers and DNSSEC is not enabled. HTTPS status is unknown from provided data and should be verified. Privacy compliance is partially addressed with a GDPR document available, and cookie consent mechanisms appear implemented. Contact information is clearly provided, but no incident response or security policy pages are present. Overall, the website is trustworthy and professionally maintained with a clear business purpose. Strategic improvements in security headers, HTTPS enforcement, and explicit security policies would enhance the security posture and compliance. The site is safe for general audiences with no adult or questionable content detected.

R

Riga Investment and Tourism Agency

liveriga.com

57

The LiveRiga website serves as the official digital platform for the Riga Investment and Tourism Agency, promoting Riga as a vibrant capital city of Latvia with opportunities for tourism, investment, events, and work relocation. The site is well-structured, visually appealing, and targets a broad audience including tourists, investors, event organizers, and professionals considering relocation. The technical infrastructure leverages modern web technologies such as jQuery, Bootstrap, and Google reCAPTCHA, ensuring a responsive and interactive user experience. Security measures include HTTPS enforcement and cookie consent mechanisms, though some security headers and policies are not explicitly published. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which should be verified to ensure trustworthiness. Overall, the website demonstrates a strong digital presence with good privacy compliance and user engagement through social media and newsletter subscriptions.

B

Biskupství brněnské

biskupstvi.cz

53

The website www.biskupstvi.cz serves as the official online presence of the Brno Diocese, a religious non-profit organization in the Czech Republic. It provides comprehensive information about diocesan activities, events, news, pastoral services, charity, and education. The site targets the Catholic community, clergy, and parishioners in the Brno region, offering resources and contact channels to support their spiritual and community needs. The business model is centered on community service and information dissemination rather than commercial activities. Technically, the website employs modern web technologies including Bootstrap for responsive design, jQuery, Owl Carousel for interactive elements, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. Media assets are hosted on Microsoft Azure Blob Storage, indicating a reliable hosting infrastructure. The site is mobile-optimized with good SEO practices and basic accessibility features. From a security perspective, the site enforces HTTPS, includes multiple security headers, and uses secure forms with validation. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a visible cookie consent mechanism and does not publish security or incident response policies, which are recommended for compliance and transparency. Overall, the website is trustworthy, professionally maintained, and serves its community well. The absence of public WHOIS data is typical for Czech domains managed by CZ NIC and does not detract from the site's legitimacy. Strategic improvements include implementing cookie consent, publishing security policies, and enhancing accessibility to further strengthen compliance and user trust.

S

Statutární město Hradec Králové

hk800.cz

49

The website hk800.cz is the official digital platform for the 800th anniversary celebrations of the city of Hradec Králové in the Czech Republic. It serves as a comprehensive resource for cultural events, exhibitions, and community engagement activities related to the milestone. The site is operated by the city government, providing authoritative and trustworthy information to residents and visitors. The business model is centered on governmental and cultural event promotion, supported by partnerships with local businesses and media. The website demonstrates a consistent brand identity aligned with the city’s heritage and celebration theme. Technically, the site is built on Joomla CMS with a modern tech stack including Bootstrap, jQuery, and various JavaScript libraries for enhanced user experience such as carousels and lazy loading. It integrates Google Analytics, Google Tag Manager, and Facebook Pixel for analytics and marketing purposes, all managed with a cookie consent mechanism ensuring GDPR compliance. Hosting and domain registration are consistent with Czech providers, and the site shows good mobile optimization and SEO practices. From a security perspective, the website enforces HTTPS and uses cookie consent banners to comply with privacy regulations. While explicit security headers are not fully visible in the provided data, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website’s purpose and geographic location, indicating legitimacy. However, the site lacks explicit security policies or incident response contacts, which could be improved. Overall, the website is a well-structured, professional, and trustworthy platform for the city’s anniversary celebrations. It balances user experience, privacy compliance, and technical soundness effectively, though there is room for enhancement in security policy transparency and advanced security headers implementation.

D

DBP, s.r.o.

divadlobolkapolivky.cz

54

Divadlo Bolka Polívky is a well-established theatre company based in Brno, Czech Republic, operating since 2001. The company offers a variety of theatrical performances, concerts, exhibitions, and cultural events targeting a general audience interested in arts and culture. Their business model centers on ticket sales and event hosting, supported by a professional online presence. The website reflects a consistent brand image and provides clear contact and social media information, enhancing trust and engagement. Technically, the website is built on WordPress with common libraries such as jQuery, Owl Carousel, and LightGallery. It integrates marketing and analytics tools including Google Tag Manager, Google Analytics, and Facebook Pixel. The site is hosted behind Cloudflare DNS and CDN services, ensuring good availability and SSL encryption. Mobile optimization and user experience are good, though some technical aspects like accessibility and SEO could be improved. From a security perspective, the site uses HTTPS and cookie consent mechanisms, but lacks explicit security headers and uses an outdated jQuery version, which could pose vulnerabilities. No incident response or security policy pages were found, indicating room for improvement in security governance. Privacy compliance is basic but present, with GDPR-aligned cookie and privacy policies. Overall, the website is professional and trustworthy with moderate technical maturity and security posture. Strategic improvements in security headers, library updates, and enhanced compliance documentation would strengthen the site’s resilience and user trust.

R

Raab Computer s.r.o.

auditfamilyfriendlycommunity.cz

59

The Audit Family Friendly Community website serves as a national portal supporting municipal and regional efforts to improve family-friendly living conditions in the Czech Republic. The site is managed or developed by Raab Computer s.r.o., a small company specializing in web solutions. The portal provides information about the audit program, regional partners, and news updates, targeting municipalities, regional governments, and families. The business model is non-profit/governmental support with a focus on community development and audit facilitation. Technically, the website uses a traditional web stack including jQuery, FontAwesome, and several UI libraries such as Fancybox and Owl Carousel. The site is mobile-optimized with good navigation and content structure, though no CMS or hosting provider details are evident. Performance is moderate with room for improvement in accessibility and SEO. Security headers and SSL configuration details are not provided, but cookie consent mechanisms are implemented. From a security perspective, the site shows basic compliance with privacy regulations, including a privacy policy and cookie consent banner. However, WHOIS data is unavailable, which raises concerns about domain registration transparency. No explicit security policies, incident response contacts, or vulnerability disclosures are found. The site does not expose sensitive data or use vulnerable libraries visibly, but security headers and SSL details should be verified and enhanced. Overall, the website is professional and trustworthy in content and design but lacks transparency in domain registration and some security best practices. Strategic recommendations include verifying domain WHOIS data, enhancing security headers and SSL configuration, and adding explicit security and incident response policies to improve trust and compliance.

K

Košice Región Turizmus

kosiceregion.com

65

Košice Región Turizmus operates a comprehensive tourism portal dedicated to promoting the Košice region in Slovakia. The website offers rich content including destination guides, cultural and natural attractions, event information, and travel tips aimed at tourists and visitors. The organization positions itself as a regional tourism authority, providing valuable resources to enhance visitor experience and regional visibility. The site supports multiple languages, enhancing accessibility for international tourists. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates popular analytics and marketing tools such as Google Tag Manager, Hotjar, and Facebook Pixel. The site is mobile optimized and demonstrates good SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though it lacks some security headers and formal privacy and terms of service documentation. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, but the website content and branding appear professional and trustworthy. Overall, the site is a well-maintained regional tourism platform with moderate technical maturity and good user experience.

H

Horolezecké centrum Brno s.r.o.

klajda.cz

54

Horolezecké centrum Brno s.r.o. operates a network of climbing walls and offers climbing courses and safety training primarily in Brno, Czech Republic. The company also runs an equipment shop and provides specialized training and equipment inspections. The website reflects a small but professional local business focused on climbing enthusiasts and safety education. The presence of multiple locations and partner affiliations indicates a well-established local market position. Technically, the website uses modern frontend technologies including Bootstrap, Font Awesome, jQuery, and Google Tag Manager for analytics. The site is mobile-optimized with good navigation and content relevance. However, there is no detected CMS or advanced backend framework visible. Hosting appears to be provided by SPWeb, a Czech hosting provider. From a security perspective, the site uses HTTPS and includes no visible sensitive data exposure. However, it lacks security headers and explicit privacy or cookie policies, which are compliance gaps. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact information support legitimacy. No WAF or blocking mechanisms were detected, and no adult or explicit content is present. Overall, the site is a good representation of a small local business with moderate technical maturity and some security and compliance improvements needed. The domain registration opacity is a concern and should be addressed to improve trust.

Brutal Assault is a well-established metal music festival based in the Czech Republic, operating since 2005. The festival is hosted in a historic 18th-century military fortress and features a large lineup of metal artists. The website supports multiple languages and offers ticket sales, accommodation booking, and merchandise shopping, targeting metal music fans and festival attendees. The business model revolves around event organization and e-commerce related to the festival experience. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google Tag Manager, with a custom CMS backend. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is strong with HTTPS enforced and secure forms, though some HTTP security headers are missing and no explicit security policy or incident response information is published. Privacy compliance is good with a cookie consent banner and a privacy policy page. Contact information is clearly provided, enhancing business credibility. Overall, the site is trustworthy and professionally maintained.

B

Bytový podnik mesta Košice, s.r.o.

bpmk.sk

42

Bytový podnik mesta Košice, s.r.o. is a municipal company operating since 2003, providing property management and related services in Košice, Slovakia. The website serves as an information portal for clients and partners, offering updates, contact information, and service details. The company holds a stable market position as a local municipal enterprise with a medium-sized operational scale. Technically, the website employs a moderate tech stack including Bootstrap 4 and jQuery 3.2.1, with standard marketing and analytics tools such as Google Tag Manager and Facebook Pixel. Security posture is adequate with HTTPS and DNSSEC enabled, but lacks explicit security headers and uses an older jQuery version, which could pose risks. Privacy compliance is addressed with cookie consent and a privacy policy, though terms of service and incident response policies are absent. Overall, the site is professional, trustworthy, and accessible, with room for security and compliance improvements.

S

SIA Area IT

area.lv

34

Area IT is a Latvian-based small technology company specializing in web hosting, domain registration, and email hosting services. Established in 2009, the company targets private individuals and small to medium-sized businesses primarily within Latvia. Their website is professionally designed, offering a range of hosting solutions including WordPress and WooCommerce hosting, with competitive pricing and clear service descriptions. The company maintains a strong local market position supported by customer testimonials and transparent contact information. Technically, the website is built on WordPress with Elementor, leveraging modern JavaScript libraries and frameworks such as jQuery, Owl Carousel, and Swiper for enhanced user experience. The site is mobile-optimized and employs HTTPS with free SSL certificates for all hosted domains, indicating a commitment to secure communications. Performance is moderate with room for improvement in accessibility and SEO. From a security perspective, the site enforces HTTPS and provides automated daily backups, but lacks explicit security headers and a formal security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial; while a comprehensive privacy policy and terms of service exist, there is no visible cookie consent mechanism, which may pose GDPR compliance risks. Overall, Area IT presents a trustworthy and professional online presence with a solid business foundation. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance their security posture and regulatory compliance, further strengthening customer trust.

W

Wink

wink.cz

42

Wink.cz is a Czech advertising agency operating since 2001, offering media and advertising services primarily targeted at a general audience in the Czech Republic. The website presents basic business information with a focus on event promotion, particularly music concerts, but lacks detailed contact or policy information. Technically, the site is built on Drupal CMS and uses common web libraries such as jQuery, Bootstrap, and Font Awesome, indicating a moderate level of digital maturity. However, the site shows limited mobile optimization and basic SEO practices. Security posture is minimal with no detected security headers or privacy policies, and no visible analytics or tracking mechanisms, which may reflect a low level of data collection but also a lack of compliance transparency. Overall, the site is functional but would benefit from enhanced security, privacy compliance, and richer business information to improve trust and professionalism.

Daldehog Poland Sp. z o.o. is a medium-sized general contractor specializing in industrial and commercial construction projects in Poland and neighboring regions. With approximately 30 years of market presence, the company offers comprehensive construction services including retail and service buildings, industrial facilities, and automotive centers. The website reflects a professional and consistent brand image targeting business clients in the construction and real estate sectors. Technically, the site uses standard web technologies with moderate performance and good mobile optimization but lacks advanced CMS or modern frameworks. Security posture is adequate with HTTPS enabled but missing important security headers and explicit privacy and terms policies. Contact information is clearly presented with multiple regional offices and verified company emails and phone numbers. No social media presence or advanced analytics tools were detected. Overall, the website is trustworthy and business credible but could improve privacy compliance and security best practices.

N

Naprawek

naprawek.pl

47

Naprawek is a Polish nationwide service platform offering a wide range of home repair, maintenance, and technical services. The website provides users with easy access to qualified professionals across many service categories, including appliance repair, plumbing, electrical work, cleaning, and more. The platform emphasizes convenience with 24/7 service request forms and phone contact, catering to residential customers throughout Poland. The business model focuses on connecting customers with local specialists, supported by user reviews and flexible service scheduling. Technically, the website uses modern web technologies including Google Analytics and Tag Manager for tracking, and a custom CMS developed by zstudio.pl. The site is mobile-optimized and features good SEO practices, though accessibility features are basic. Performance is moderate, with a clean and professional design that supports user navigation and service discovery. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers are not detected, and there is no visible dedicated security policy or incident response contact. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, Naprawek presents a trustworthy and professional online presence for a service marketplace in Poland. Strategic improvements in security headers and incident response transparency could further enhance trust and compliance. The site is safe for general audiences and does not contain any adult or questionable content.

E

Expo Dekor Kft.

expodekor.hu

41

Expo Dekor Kft. is a Hungarian company specializing in comprehensive digital printing and event decoration services. Established in 2006, the company offers a wide range of printing solutions including large format printing, direct board printing, roll printing, plotter cutting, and graphic design services. Their website presents a professional portfolio showcasing various products and services targeted at business clients, event organizers, and private customers. The company maintains active partnerships with advertising agencies and event organizers, positioning itself as a reliable local service provider in Hungary. Technically, the website is built on WordPress with SEO and portfolio plugins, delivering a good user experience with moderate performance and mobile optimization. Security posture is solid with HTTPS and security headers implemented, though privacy and cookie policies are missing, indicating room for compliance improvement. Overall, the site is trustworthy and professional, with clear contact information and a consistent brand presence.

M

Markers

markers.pl

57

Markers is a small Polish company specializing in the production and sale of cable and wire markers, serving industrial sectors such as automation, industrial automation, maintenance, and energy. The website presents a professional and consistent brand image with clear product offerings including printers, flat profiles for printing, heat shrink sleeves, and various types of labels and markers. The company maintains a social media presence on Facebook and highlights compliance with industry standards such as railway norms. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, jQuery, and Owl Carousel, with Google Fonts for typography. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS but lacks visible security headers and explicit privacy or security policies, which are areas for improvement. No WHOIS data is available, likely due to privacy protection, but the website content and business focus appear legitimate and professional. Overall, the site scores moderately well on content quality, technical implementation, and business credibility, but privacy compliance and security posture could be enhanced.

S

SB un Partneri

sbunpartneri.lv

68

SB un Partneri is a Latvian retail company specializing in door, window, and facade fittings, along with functional hardware solutions such as access control and fire safety equipment. The company targets construction professionals and end consumers within Latvia, offering a comprehensive product catalog through an e-commerce platform built on Magento. The website demonstrates a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site employs modern web technologies including Magento 2, jQuery, and New Relic for performance monitoring, ensuring a stable and responsive user experience. Security measures such as HTTPS enforcement and security headers are in place, although explicit security policies and incident response contacts are not publicly available. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site reflects a trustworthy and professional business with moderate to high digital maturity.

澳

澳門特別行政區政府

gov.mo

70

The website www.gov.mo is the official portal of the Macau Special Administrative Region Government, providing authoritative information on government departments, public services, legal regulations, tourism, and news. It targets Macau residents, visitors, and businesses seeking official government information. The site is multilingual, supporting Traditional and Simplified Chinese, Portuguese, and English, reflecting Macau's linguistic diversity. The business model is government service delivery and information dissemination, positioning itself as the primary official source for Macau SAR government-related content. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, Owl Carousel, and uses analytics tools such as Google Analytics, Google Tag Manager, and Matomo. The site is mobile-optimized, accessible, and SEO-friendly, with good performance characteristics. Security is well implemented with HTTPS and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is basic with clear privacy and cookie policies but lacks explicit GDPR compliance indicators. Security posture is solid with encrypted connections and no exposed sensitive data. However, the absence of a published security policy or incident response contact and lack of vulnerability disclosure mechanisms are areas for improvement. Overall, the site is trustworthy, professional, and serves its government function effectively. The risk assessment is low, with no signs of malicious content or security issues. Strategic recommendations include enhancing security headers, publishing a security policy and incident response contacts, and implementing a vulnerability disclosure program to further strengthen trust and security culture.

M

Maspex

maspex.ro

54

Maspex is a large food manufacturing and distribution company operating in Central and Eastern Europe, with a strong market position and a broad portfolio of food products. The website reflects a professional corporate presence with clear branding and relevant business content. The technical infrastructure is based on WordPress CMS with common web technologies such as jQuery and Google Tag Manager, indicating a mature digital presence. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although there is room for improvement in security headers and incident response transparency. Overall, the website is compliant with GDPR and provides a good user experience with moderate performance and mobile optimization.

G

GRUPA MASPEX Sp. z o.o.

akademiapuchatka.pl

65

Akademia Bezpiecznego Puchatka is a well-established Polish educational program focused on child safety, targeting first-grade primary school students and preschool children. It is operated under the parent company GRUPA MASPEX Sp. z o.o., a reputable entity in Poland. The program offers free educational materials, certification, and testing to schools and preschools, supported by official patronages including the Polish Police and regional education authorities. The website is professionally designed, content-rich, and highly relevant to its audience, with strong trust indicators such as testimonials and official endorsements. Technically, the website is built on WordPress and uses modern JavaScript libraries like jQuery and Owl Carousel. It is mobile-optimized and includes cookie consent mechanisms compliant with GDPR. While HTTPS is properly implemented, the site could improve its security posture by adding HTTP security headers and publishing a security policy or incident response contacts. Analytics are managed via Google Tag Manager, with moderate user tracking balanced by privacy compliance. Security-wise, the site shows good practices with secure forms and no visible vulnerabilities or exposed sensitive data. However, the absence of a security.txt file and explicit incident response information suggests room for maturity. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and trustworthiness. The risk profile is low, with no adult or questionable content detected. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility features to further strengthen the website's security and compliance posture.

G

Grupa Maspex Sp. z o.o.

przyjacielenatury.pl

60

Kubusiowi Przyjaciele Natury is a large-scale Polish educational program focused on ecological awareness for preschool children, parents, and teachers. Operated by Grupa Maspex Sp. z o.o., the program offers educational materials, activities, and surveys to promote environmental responsibility. The website serves as a central hub for program information, resources, and registration. It enjoys strong market positioning as one of the largest ecological education initiatives in Poland, supported by reputable partners such as Rekopol and GRID.

M

Maspex

mojlowicz.pl

62

The website mojlowicz.pl represents the Łowicz brand, a well-established family of fruit and vegetable products including jams, sauces, and ready meals, operated under the Maspex group. The site targets general consumers interested in food products and recipes, offering a professional and consistent brand experience. The business model focuses on manufacturing and retail within the food sector, with a strong market position in Poland. Technically, the website is built on WordPress, utilizing common libraries such as jQuery and Owl Carousel, and integrates Google Tag Manager for analytics. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, HTTPS is enforced, and cookie consent mechanisms are implemented, but there is room for improvement in security headers and incident response transparency. Overall, the site is legitimate, trustworthy, and compliant with GDPR requirements, though it lacks explicit contact emails and phone numbers on the homepage.

S

Studio Wyposażenia Wnętrz

studioww.pl

55

Studio Wyposażenia Wnętrz is a small, established Polish company based in Płock, specializing in custom office and school furniture since 1996. The company offers a broad range of furniture solutions including ergonomic chairs, metal cabinets, and window coverings, targeting businesses and institutions in the local region. Their market position is supported by long-term experience and authorized distributor status. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google APIs, providing a responsive and user-friendly experience. However, some accessibility and security best practices could be improved. Security posture is moderate with HTTPS enabled but lacking explicit security headers and formal vulnerability disclosure mechanisms. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced compliance and security measures.

D

DMScms

dms-cms.pl

48

DMScms is a Polish technology company specializing in proprietary Content Management System (CMS) solutions tailored for businesses seeking to build and manage websites and e-commerce platforms. The company positions itself with a solid portfolio of over 500 websites and 50 online stores, targeting small to medium-sized enterprises requiring customizable and scalable CMS tools. Their business model revolves around CMS software development, website design, and ongoing technical support, emphasizing individualized graphic projects and SEO optimization. Technically, the website is built with standard web technologies including HTML5, CSS3, JavaScript, and jQuery, incorporating the Owl Carousel plugin for interactive content display. The CMS appears custom-built, with moderate performance and good mobile optimization. However, accessibility and SEO optimizations are basic, and no advanced frameworks or hosting details are evident from the provided data. From a security perspective, the site lacks visible security headers and published security policies. The SSL/TLS status is unknown from the data, and no incident response or vulnerability disclosure information is provided. The cookie banner is present but does not enforce explicit consent, indicating partial GDPR compliance. Contact information is clearly available, enhancing business credibility, but the absence of privacy and terms of service documents represents a compliance gap. Overall, the website is professional and business-focused with moderate technical maturity and security posture. Strategic improvements in security practices, privacy compliance, and transparency would enhance trust and reduce risk exposure.