Security Directory

Q

Quba Digital Ltd

quba.co.uk

65

Quba Digital Ltd is a UK-based digital technology consultancy and services provider with over 20 years of experience. They specialize in digital transformation, offering consultancy, project delivery, replatforming, support, and hosting services. The company partners with leading technology platforms such as Umbraco, Kentico, Contentful, and BigCommerce, positioning itself as a trusted partner for ambitious organizations seeking to modernize their digital presence. Their market position is reinforced by a strong client portfolio and multiple industry certifications including ISO 27001 and Cyber Essentials. Technically, the website demonstrates a mature digital infrastructure leveraging modern analytics tools like Google Analytics, Hotjar, Microsoft Clarity, and LinkedIn Insight. The site is well-optimized for performance, mobile responsiveness, and accessibility, with a professional design and clear navigation. Security best practices are observed with HTTPS enforcement, anti-forgery cookies, and a comprehensive cookie consent mechanism. However, explicit security headers could be verified and an incident response contact page is absent. From a security posture perspective, the site shows good maturity with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong with clear privacy and cookie policies, GDPR compliance indicators, and user consent mechanisms. Business credibility is high, supported by clear contact information, professional content, client testimonials, and multiple trust certifications. Overall, the website is safe, professional, and trustworthy with a high AI score of 85. The main limitation is the lack of WHOIS data due to query quota restrictions, which limits domain registration trust analysis. Strategic recommendations include verifying security headers, publishing incident response information, and adding vulnerability disclosure mechanisms to further enhance security transparency.

Y

YMCA England & Wales

ymca.org.uk

54

YMCA England & Wales is a well-established non-profit organization dedicated to supporting young people across England and Wales through a broad spectrum of services including health and wellbeing, family and youth work, housing, training, and support. The organization has a strong market presence and a clear mission to empower youth, supported by a professional and well-structured website that reflects its community-oriented business model. The website is designed to engage multiple audiences including young people, donors, volunteers, and partners. Technically, the website is built on WordPress 7.0, leveraging modern JavaScript libraries such as jQuery, Swiper.js, and AOS for enhanced user experience. It integrates key analytics and marketing tools including Google Analytics, Microsoft Clarity, Facebook Pixel, and Google Tag Manager, demonstrating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with comprehensive metadata and structured data enhancing search visibility. From a security perspective, the site enforces HTTPS with a good SSL configuration and employs cookie consent mechanisms compliant with GDPR. It uses Google reCAPTCHA to mitigate bot attacks and integrates a consent management platform (CookieYes) for privacy compliance. However, there is room for improvement in implementing additional security headers and publishing explicit security policies or incident response contacts. Overall, the website presents a low-risk profile with strong business credibility, good privacy compliance, and a secure technical foundation. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and improving incident response transparency to further strengthen trust and security posture.

A

Alfred H Knight

ahkgroup.com

55

Alfred H Knight is a well-established company with over 140 years of experience providing independent inspection, analytical, and technical consultancy services to support global trade in commodities such as metals, minerals, solid fuels, and agricultural products. The company positions itself as a trusted partner in the industry, supported by ISO certifications and a professional online presence. The website is built on WordPress and integrates modern technologies and analytics tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly available. The absence of WHOIS data limits domain trust verification but does not detract from the professional business presentation. Overall, the website is secure, privacy compliant, and professionally maintained, serving a business audience effectively.

A

Apodi

apodi.co.uk

60

Apodi is a UK-based healthcare services provider specializing in facilitating access to medicines and healthcare services, primarily serving pharmaceutical companies, healthcare professionals, and patients. Their offerings include market insight services, specialist healthcare professional (HCP) services, homecare, recruitment, HR and development, and a patient portal. The company positions itself as a trusted partner with strong industry certifications and a focus on improving patient outcomes through innovative healthcare solutions. The website reflects a professional and consistent brand image with clear navigation and comprehensive service descriptions. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and various UI/UX enhancement libraries. It is mobile-optimized and implements GDPR-compliant cookie consent mechanisms. Analytics tools such as Google Analytics and planned LinkedIn analytics are integrated with user consent. However, some security best practices like security headers are not visibly implemented, representing an area for improvement. From a security perspective, the site uses HTTPS with a strong SSL configuration and does not expose sensitive data. The cookie consent mechanism and privacy policy indicate good privacy compliance. The absence of a dedicated security policy or incident response contact reduces transparency. WHOIS data for the domain is unavailable or indicates the domain queried is not registered, which slightly impacts trust from a domain legitimacy standpoint but does not detract from the professional presentation and certifications. Overall, Apodi's website demonstrates a solid business and technical foundation with good security and privacy practices. Strategic improvements in security headers, incident response transparency, and domain registration clarity would enhance trust and security posture further.

M

Molesey Metal Works Ltd

moleseymetalworksltd.co.uk

44

Molesey Metal Works Ltd is a well-established, third-generation metal fabrication and welding company based in West Molesey, Surrey, serving local areas including Esher, Kingston, and Walton-on-Thames. The company offers a broad range of metalworking services including bespoke metalwork, structural steelwork, and architectural metalwork, targeting private, commercial, and industrial clients. Their business model focuses on custom fabrication with direct delivery and strong customer relationships, supported by a skilled team with City & Guilds qualifications and liability insurance. The website reflects a professional and trustworthy business with positive client testimonials and a history of work for prestigious clients such as royal households.

I

Ian Hitchman Fabrications Ltd

ianhitchmanfabrications.co.uk

50

Ian Hitchman Fabrications Ltd is a small, established steel fabrication business based in Troon, UK, with over 40 years of experience specializing in bespoke metalwork including gates, railings, handrails, and industrial metal projects. The company targets residential and industrial clients primarily in Ayrshire and Glasgow. The website is professionally designed with clear navigation and good mobile optimization, reflecting a mature digital presence. Technically, the site uses modern frameworks such as Bootstrap and jQuery, with analytics and tag management implemented via Google services. Security posture is adequate with HTTPS and a Content Security Policy header, but lacks some advanced security headers and explicit incident response information. Privacy compliance is well addressed with a privacy policy and cookie consent mechanism. However, the domain WHOIS data is unavailable and shows an error indicating the domain cannot be registered, which raises concerns about domain legitimacy despite the professional website content. Overall, the site is trustworthy from a business and content perspective but would benefit from clarifying domain registration and enhancing security disclosures.

R

Rent Dream Car

rentdreamcar.pl

37

Rent Dream Car is a specialized car rental company based in Warsaw, Poland, offering luxury, sports, premium, and SUV vehicles for short and long-term rental. The company emphasizes professional customer service, transparent rental agreements, and a modern, well-maintained fleet. Their market position is strong locally with a focus on high-end clientele seeking premium automotive experiences. Technically, the website is built on WordPress with modern plugins and tracking tools, optimized for SEO and mobile use. Security posture is good with HTTPS and reCAPTCHA, though improvements like DNSSEC and enhanced security headers are recommended. Privacy compliance is basic with cookie consent and a privacy policy present. Overall, the business demonstrates credibility and trustworthiness with clear contact details and positive customer reviews.

B

bilic

bilic.io

58

Bilic is a technology company specializing in AI-driven agents designed to enhance finance security and compliance processes. Their platform leverages advanced AI, including Large Language Models, to automate and improve transaction monitoring, customer due diligence, risk assessment, anti-money laundering compliance, fraud detection, and regulatory checks. The company positions itself as an innovative player in the finance compliance sector, supported by notable partners such as AWS and Barclay. The website presents a professional and consistent brand image with clear messaging targeted at financial institutions and compliance professionals. Technically, the website is built using modern web technologies including React, Bootstrap, and integrates third-party services like Calendly for demos, Hotjar for analytics, and Google Tag Manager. The site is mobile optimized and performs moderately well, with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and secure form handling, though some security headers are missing and no explicit security policy or incident response information is provided. Overall, the security posture is good with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy, cookie, and terms policies, including a cookie consent mechanism. The lack of WHOIS registrant data is mitigated by the professional site presentation and active social presence, indicating a legitimate and privacy-conscious startup. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.

Elternverein Merenschwand is a small, non-profit community organization dedicated to supporting parents and children in the Merenschwand area of Switzerland. The website serves as an informational hub for community events, educational talks, and parent resources, emphasizing family engagement and local participation. The organization positions itself as a trusted local entity with a focus on community cohesion and family support services. Technically, the website is built on the ClubDesk CMS platform, utilizing modern JavaScript libraries such as jQuery, Owl Carousel, and Featherlight for interactive features. The site is mobile-optimized and includes accessibility considerations, though these could be enhanced further. Security posture is moderate, with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit incident response information. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though improvements in security policies and contact transparency are recommended.

R

RingCentral Events (formerly Hopin)

hopin.com

69

RingCentral Events, formerly known as Hopin, is a leading SaaS platform specializing in virtual events and webinars. The company offers a comprehensive suite of services including custom branding, engagement features, virtual event venues, and high-quality streaming capabilities. Positioned strongly in the technology sector, RingCentral Events targets businesses and marketing teams seeking to create engaging online event experiences. The platform benefits from RingCentral's acquisition, enhancing its market position and expanding its product ecosystem with subsidiaries like Session and StreamYard. Technically, the website is built on modern web technologies including Webflow CMS, Google Tag Manager, and various JavaScript libraries such as Swiper.js and AOS for animations. Hosting and DNS services are managed via Cloudflare, ensuring fast performance and reliable uptime. The site is mobile-optimized with good accessibility and SEO practices, providing an excellent user experience. From a security perspective, the website enforces HTTPS and employs domain status protections to prevent unauthorized changes. However, DNSSEC is not enabled, and there is no visible security policy or incident response contact information published. Tracking scripts from Google and LinkedIn are present without an explicit cookie consent mechanism, indicating room for improvement in privacy compliance. Overall, the website demonstrates high professionalism, trustworthiness, and business credibility. The domain registration data aligns well with the company's history and branding, supporting legitimacy. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and implementing a clear cookie consent banner to enhance compliance and user trust.

O

OpenExchange

open-exchange.net

65

OpenExchange is a professional service provider specializing in managed virtual meetings and events for corporate clients, including investor relations, corporate engagement, and institutional banking sectors. Founded in 2011, the company has established a strong market presence with a medium-sized operation based in the United States. Their website reflects a mature digital infrastructure leveraging WordPress CMS, integrated marketing and analytics tools such as HubSpot, Google Tag Manager, and multiple tracking pixels, indicating a sophisticated approach to customer engagement and data collection. Security posture is solid with HTTPS enabled, domain transfer protection, and some security best practices observed, though there is room for improvement in DNSSEC and explicit security policies. Overall, the website is professional, well-branded, and trustworthy, targeting business audiences seeking high-quality virtual event solutions.

H

Hrvatske vode

voda.hr

54

Hrvatske vode is the official Croatian government agency responsible for managing water resources, flood protection, and related environmental projects. The website serves as a comprehensive portal providing information, public notices, project details, and access to e-services primarily targeting Croatian citizens, government bodies, and professionals in water management. The agency is well-established with a domain registered since 2011 and operates transparently with clear contact information and public tenders. Technically, the site is built on Drupal 10, uses modern web technologies, and integrates Google Analytics with privacy-conscious configurations. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

C

Construction Management

constructionmanagement.co.uk

64

Construction Management is a professional UK-based construction industry magazine affiliated with the Chartered Institute of Building (CIOB). It provides construction news, technical articles, CPD modules, job listings, and digital editions targeting construction professionals and stakeholders. The website is published by Atom Publishing and holds a strong market position as the official CIOB magazine. The content is rich, relevant, and professionally presented, catering to a medium-sized audience within the construction and real estate sectors. The business model is primarily media and advertising-based with subscription options.

G

GALÉN - SYMPOSION s.r.o.

gsymposion.cz

46

Galén Symposion is a Czech Republic-based company specializing in organizing medical conferences, congresses, symposia, and professional seminars since 2000. Their website reflects a focused business model targeting healthcare professionals and institutions, offering event management and VIP services. The site is professionally designed with consistent branding and clear navigation, supporting their market position as an established event organizer in the healthcare sector. Technically, the website uses legacy JavaScript libraries such as jQuery 1.8.3 and jQuery UI, alongside modern tools like AOS for animations and Google Fonts for typography. Google Analytics and Adsense are integrated for analytics and advertising purposes. While HTTPS is enabled, the absence of security headers and the use of outdated libraries present moderate security risks. The cookie consent mechanism is implemented, but no explicit privacy policy or terms of service pages were found, indicating partial privacy compliance. WHOIS data is missing, which reduces domain trustworthiness, though the website content and branding suggest a legitimate business. Overall, the website scores moderately well in content quality, technical implementation, and business credibility but has room for improvement in security posture and privacy compliance.

E

EGE Elektro-Großhandel Einkauf GmbH

ege-bonn.de

44

EGE Elektro-Großhandel Einkauf GmbH is a well-established German community of electrical wholesalers with over 50 years of experience. The company focuses on providing quality products, personalized service, and attractive purchasing conditions to electrical trade and industry partners across Germany. Their website reflects a professional and consistent brand image, emphasizing trust and partnership. Technically, the site is built on TYPO3 CMS with Bootstrap 5, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and secure login forms, but lacks explicit security headers and published security policies. Privacy compliance is supported by a clear privacy and cookie policy with consent mechanisms. Overall, the website is trustworthy and professionally maintained, with room for improvement in security transparency and technical hardening.

S

Slovenski regionalno razvojni sklad

srrs.si

38

Slovenski regionalno razvojni sklad (SRRS) is a Slovenian public financial institution established in 2020, focused on providing favorable financing and subsidies to support regional development, agriculture, entrepreneurship, local infrastructure, and non-profit organizations across Slovenia. The institution operates multiple financial product programs tailored to different sectors and prioritizes sustainability, green transition, and social responsibility. The website reflects a professional and comprehensive digital presence with clear communication channels and extensive program information. Technically, the site is built on WordPress with modern JavaScript libraries and integrates Google Analytics, reCAPTCHA, and accessibility features, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement and reCAPTCHA protection on forms, though explicit security headers could be more visible. Privacy compliance is well addressed with a comprehensive GDPR policy and cookie consent mechanisms. Overall, SRRS presents a trustworthy and authoritative online presence aligned with its government-backed mission.

D

Département de la Marne

marne.fr

56

The Département de la Marne website serves as the official digital portal for the regional government of the Marne department in France. It provides comprehensive information about the department's missions, actions, elected officials, and public services. The site targets residents and stakeholders within the region, offering resources such as contact information, news, tourism details, and access to administrative procedures. The website maintains a professional and consistent brand image aligned with government standards. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Matomo for analytics. It employs accessibility features and cookie consent management, ensuring compliance with basic privacy norms. The site is mobile-optimized and uses HTTPS, contributing to a secure and user-friendly experience. However, some advanced security headers and explicit privacy policies are not evident, indicating areas for improvement. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits full trust verification, but the official .fr domain and government affiliation support legitimacy. Overall, the site presents a moderate to high security posture with room for enhanced transparency and policy documentation. Strategically, the website effectively supports the department's public service mission, providing clear navigation and relevant content. It integrates social media channels to extend outreach and engagement. Recommendations include publishing detailed privacy and security policies, implementing additional security headers, and establishing a vulnerability disclosure process to strengthen trust and compliance.

3

3 LAN, d.o.o. M.Sobota

mikk.si

38

MIKK is a youth information and cultural club based in Murska Sobota, Slovenia, operating since 2007. The organization focuses on providing cultural events and informational services to the local youth and community. The website serves as a digital platform to promote these activities and engage with its audience. Technically, the site is built on WordPress using the Metrolo Premium theme and several common plugins such as Jetpack and EventON Lite, indicating a moderate level of digital maturity. The site is mobile optimized and uses HTTPS, but lacks some advanced security headers and explicit privacy and security policies. Security posture is adequate but could be improved with better header implementation and formalized incident response information. Overall, the site is functional and trustworthy for its community role but would benefit from enhanced privacy compliance and security transparency.

M

Marati maja

maratimaja.ee

10

Marati maja is a commercial real estate project centered on a historic textile factory building located at Tartu maantee 63 in Tallinn, Estonia. The website presents the building's history, sustainability credentials including BREEAM certification, and modern office rental offerings. The project is owned by LHV Pensionifondid and managed in partnership with Colliers, with architectural and construction partners named. The site targets businesses seeking office space in a landmark building with modern amenities and flexible leasing options. Technically, the website is built on WordPress with modern JavaScript libraries, responsive design, and integrated contact forms. Security posture is adequate with HTTPS and no exposed sensitive data, but lacks security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanism. Overall, the site is professional and trustworthy but could improve compliance and security practices.

A

Avenue Mall

avenuemall.hr

52

Avenue Mall is a well-established retail shopping center located in Zagreb, Croatia, offering a wide range of retail stores, food and beverage outlets, and entertainment options. The website reflects a medium-sized business with a strong local market presence and a focus on customer engagement through promotions, events, and a loyalty program. Technically, the site employs modern web technologies including jQuery UI, Slick Slider, and integrates marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in security headers and incident response transparency. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website is professional, user-friendly, and trustworthy, supporting the business's retail and hospitality operations effectively.

M

MR Studio Information Technologies

proon.tech

10

Proon.tech is a Slovak-based technology company offering an integrated SaaS platform for project management, CRM, and business activity management. The platform consolidates multiple business tools into a single solution aimed at improving efficiency and reducing operational costs for small to medium-sized enterprises. The company is positioned as a niche regional provider with a focus on Slovak and EU markets, supported by a development partner MR Studio Information Technologies. The website presents a professional and consistent brand image with clear business messaging and client references. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, and various UI enhancement libraries. It uses Google Analytics and Facebook SDK for tracking and marketing purposes, with a compliant cookie consent mechanism in place. Hosting is provided via Websupport.sk, a known Slovak hosting provider. The site is mobile optimized and SEO friendly, though some accessibility features are basic. From a security perspective, the site enforces HTTPS and uses cookie consent for privacy compliance. However, it lacks DNSSEC and explicit security headers, and no dedicated security or incident response policies are published. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data is transparent and consistent with the business claims, enhancing trustworthiness. Overall, Proon.tech demonstrates a solid business and technical foundation with good privacy compliance and moderate security posture. Strategic improvements in security headers, DNSSEC, and explicit security policies would enhance its security maturity and trust further.

D

Devlev, s.r.o.

devlev.sk

63

Devlev, s.r.o. is a Slovak-based architecture and design firm specializing in architecture, urbanism, interior design, 3D scanning, and visualization services. Established in 2013, the company has completed over 500 projects, positioning itself as a reputable local service provider with a strong portfolio and positive client testimonials. The website reflects a professional and modern digital presence with clear navigation, comprehensive service descriptions, and active social media engagement. Technically, the site employs modern web technologies including Vue.js, Google Tag Manager, and service workers, ensuring good performance and mobile optimization. Security measures such as HTTPS, CSRF tokens, Google reCAPTCHA, and cookie consent mechanisms are implemented, though additional security headers and a formal security policy could enhance the posture further. Overall, the site demonstrates strong GDPR compliance and business credibility, making it a trustworthy platform for prospective clients.

I

Ing. Zuzana Balková EKO-IN®

eko-in.sk

47

EKO IN, operated by Ing. Zuzana Balková, is a Slovak-based environmental consultancy and training provider specializing in legislative compliance, audits, and support related to environmental and waste management laws. The website presents a professional and focused business offering services primarily to Slovak businesses and individuals seeking expertise in environmental legislation. The site is well-structured with clear navigation and modern frontend technologies, providing a good user experience and mobile optimization. However, it lacks critical privacy and cookie policies, security headers, and analytics transparency, which impacts its overall security and compliance posture. No blocking or WAF mechanisms were detected, indicating full accessibility. Contact information is clearly provided, but no phone numbers or social media links are present.

C

Capexus

capexus.sk

54

Capexus SK is a Slovak company specializing in custom commercial interior design and build services. Operating since 2011 and part of the Esco Slovensko group, it offers a comprehensive portfolio including architecture, workplace consultancy, acoustics, building technologies, and project documentation. The company has a strong market presence, evidenced by awards such as the Office Roka 2022 for Healthy Office. The website reflects a mature digital infrastructure built on WordPress with modern technologies and performance optimizations. Security posture is solid with HTTPS, DNSSEC, and best practices in place, though explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site projects professionalism, trustworthiness, and business credibility.

S

SPRAVBYTKOMFORT, a.s.

spravbytkomfort.sk

44

SPRAVBYTKOMFORT, a.s. is a Slovak company specializing in property management and the supply of central heating and hot water services primarily in the Prešov region. The website serves as a customer portal offering information on property management, heat supply, billing, and emergency services. The company maintains a moderate market position as a regional utility and property management provider. The site is built on a CMS platform with a modern tech stack including jQuery, Bootstrap, and various UI libraries, ensuring good mobile responsiveness and user experience. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. Contact information is limited to a phone number, with no company email or social media links prominently displayed. Overall, the website is professional and functional but could improve privacy compliance and security practices.

M

MHB B.V.

mhb.us

57

MHB B.V. is a well-established Dutch manufacturer specializing in ultra-slim steel windows, doors, and facades, with a heritage dating back to 1667. The company positions itself as a global leader in innovative steel profile systems, offering handcrafted, thermally broken steel solutions tailored to both interior and exterior architectural projects. Their business model emphasizes co-creation and customization, targeting architects, builders, and high-end property developers. The website reflects a professional and consistent brand image, supported by certifications and a strong social media presence. Technically, the website is built on WordPress with modern frameworks and libraries such as Bootstrap, MDBootstrap, and AOS for animations. Performance optimizations are in place via WP Rocket, and SEO is enhanced using Yoast SEO Premium. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site uses HTTPS and integrates Google reCAPTCHA v3 to protect forms from abuse. While no critical vulnerabilities were detected, the absence of certain security headers and a formal security policy page suggests room for improvement. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms, aligning with GDPR requirements. Overall, MHB's digital presence is strong, trustworthy, and professionally managed, with minor recommendations to enhance security posture and transparency. The domain registration data corroborates the company's legitimacy and long-standing market presence.

M

MHB B.V.

mhb.eu

57

MHB B.V. is a Dutch family-owned manufacturing company with a 350-year heritage specializing in ultra-slim steel windows, doors, and facade systems. The company positions itself as a niche leader offering high-quality, thermally broken steel profile systems tailored for both interior and exterior architectural projects. Their business model emphasizes craftsmanship, innovation, and full project lifecycle management from design to installation, targeting architects, builders, and discerning clients globally. The website reflects a strong brand identity consistent with their market position and heritage. Technically, the website is built on WordPress with modern front-end technologies including Bootstrap, MDBootstrap, and AOS for animations. Performance optimizations are in place via WP Rocket, and Google Tag Manager is used for analytics and marketing. The site is mobile-optimized and SEO-friendly, though accessibility features could be enhanced. Security measures include HTTPS enforcement and Google reCAPTCHA v3 integration, but additional security headers and explicit security policies are recommended. From a security perspective, the site demonstrates good practices with no visible vulnerabilities or exposed sensitive data. However, the absence of explicit incident response or vulnerability disclosure policies suggests room for improvement in security transparency and readiness. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, MHB.eu is a professional, trustworthy website representing a reputable manufacturing business with a strong digital presence. Strategic recommendations include enhancing security headers, adding incident response information, and improving accessibility to further strengthen their security posture and compliance.

S

SPL-XDEMAT

maelis.info

47

Maelis.info is the official website for the MAELIS application, a service provided by SPL-XDEMAT aimed at facilitating local community engagement through a smartphone app. The app offers practical information, alerts, incident reporting, and access to local public services and associations. The website is professionally designed with clear navigation and mobile optimization, targeting French local government citizens and community members. The business model focuses on providing a digital platform for local government communication and citizen participation. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and libraries such as jQuery and AOS for animations. It supports mobile platforms with links to iOS and Android app stores. While the site performs moderately well and is mobile-optimized, there is room for improvement in accessibility and security headers. No CMS or hosting provider details are evident. From a security perspective, the site lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance and user trust. The WHOIS data is privacy protected, which is common but reduces transparency. No forms or sensitive data collection points are present on the main page, reducing immediate risk exposure. Overall, the security posture is moderate but could be enhanced with standard best practices. The overall risk assessment is low, with no signs of malicious content or suspicious behavior. Strategic recommendations include implementing security headers, adding cookie consent, improving privacy disclosures, and providing clear contact information for security incidents to enhance trust and compliance.

P

PACE-VET

pace-vet.eu

39

PACE-VET is an educational project focused on developing a digital platform for the recognition and validation of vocational competencies in the event technology sector. The website presents detailed project information, objectives, and schedules, targeting vocational learners, employers, and education providers. The platform aims to facilitate micro-credential certification to improve labor market adaptability. Technically, the website is built on WordPress with modern plugins and libraries, offering a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy but could improve in security and privacy transparency.

A

ArhivPRO d.o.o.

eindigo.net

56

ArhivPRO d.o.o. is a Croatian technology company specializing in digital archiving and cataloguing solutions, primarily through their INDIGO platform. The platform targets institutions such as libraries, archives, museums, and schools, enabling them to digitize, manage, and publish diverse materials including books, photographs, and multimedia. The company demonstrates a strong market position in the cultural heritage and education sectors, supported by client references and EU project funding. Technically, the website employs modern web technologies and responsive design, providing a professional user experience. Security posture is moderate with HTTPS usage but lacks visible security headers and formal privacy/cookie policies. The WHOIS data is privacy protected due to GDPR, which is justified given the nature of the business. Overall, the website and business present a trustworthy and professional image with room for improvement in privacy and security transparency.

E

Edhotels OÜ

edhotels.com

54

ED Hotels (Edhotels OÜ) is a small Estonian company specializing in web design and a proprietary hotel sales and management system called BOUK. The company targets hospitality providers such as hotels, guest apartments, and other accommodation services primarily in Estonia and neighboring countries. Their market position is that of an established regional player with a decade-plus history and a loyal client base. Technically, the website is built on WordPress with modern analytics and marketing integrations including Google Tag Manager, Facebook Pixel, Hotjar, and MailerLite, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS registration data is a notable concern for domain legitimacy, but the professional website content and client testimonials support business credibility. Overall, the site is well-designed, user-friendly, and compliant with GDPR requirements.

Muzej Međimurja Čakovec is a well-established regional museum in Croatia, offering a broad range of cultural, historical, and artistic exhibits. The website reflects a mature digital presence with detailed content about museum collections, exhibitions, and educational programs. The institution targets general audiences including tourists, researchers, and local visitors. Technically, the website uses modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, hosted on a Croatian hosting provider. Security posture is adequate with HTTPS enabled but lacks some security headers and formal privacy and cookie policies, which are important for compliance and trust. Overall, the site is professional and trustworthy but could improve privacy compliance and security best practices.

D

Digital Poland Foundation

aipoland.org

61

AI Poland is a non-profit initiative under the Digital Poland Foundation focused on promoting and developing the Polish AI ecosystem. The website serves as a hub for information, events, research, and partnerships related to AI in Poland, targeting businesses, researchers, and policymakers. The initiative enjoys strong market positioning supported by reputable partners and ambassadors from leading technology companies. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery, Swiper.js, and Bootstrap, hosted behind Cloudflare for performance and security. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS and cookie consent mechanisms, though it lacks advanced security headers and published security policies. Privacy compliance is well addressed with accessible privacy and cookie policies. Overall, the website is trustworthy and professional, with no signs of malicious content or vulnerabilities.

P

Positive Groupe France

sarbacane.com

66

Sarbacane, a brand under Positive Groupe France, is a well-established French company founded in 2007 specializing in digital marketing communication solutions. Their flagship offering, Sarbacane Suite, provides a comprehensive set of tools including email marketing, SMS campaigns, marketing automation, CRM, landing pages, chatbots, and transactional messaging APIs. The company targets businesses and organizations seeking to optimize their marketing efforts with a SaaS subscription model complemented by personalized consulting and support services. Sarbacane holds a strong market position as a leading French provider with recognized certifications and a consistent brand presence.

I

Ideogen AG

ideogen.com

49

Ideogen AG is a Switzerland-based pharmaceutical partner specializing in specialty therapeutics, orphan and rare disease care, and medical concierge services. The company targets healthcare professionals, biotech and pharmaceutical companies, and patient advocacy groups primarily across Europe, CIS, and MENA regions. Their business model focuses on providing managed access programs, regulatory support, and lifecycle management for specialty medicines. The website reflects a medium-sized, well-established company with a clear market niche and professional branding. Technically, the website employs modern JavaScript libraries such as jQuery, Bootstrap, Slick Carousel, and animation frameworks like AOS and WOW.js, indicating a mature digital infrastructure. Hosting and DNS are managed via Cloudflare, ensuring reliable performance and security. The site is mobile optimized with good SEO and accessibility basics, though some improvements are possible. From a security perspective, HTTPS is enforced, and no sensitive data is exposed. However, the absence of security headers and explicit incident response policies suggests room for improvement. Privacy compliance is adequate with clear privacy and cookie policies, though a cookie consent mechanism is missing. Contact information is comprehensive, enhancing business credibility. Overall, the website is professional, trustworthy, and well-aligned with the company's business objectives. Strategic recommendations include enhancing security headers, implementing cookie consent, publishing incident response details, and adding vulnerability disclosure information to strengthen security posture and compliance.

Ř

Řízení letového provozu České republiky, s. p.

rlp.cz

61

Řízení letového provozu České republiky, s. p. is a state enterprise responsible for providing air traffic management services in the Czech Republic. The organization offers a broad range of services including aeronautical information management, drone safety information, free route airspace management, ATM training through CANI, flight inspection services, and pilot training via the Czech Aviation Training Centre (CATC). The website serves as a comprehensive portal for information, news, career opportunities, and service offerings targeted at aviation professionals, airspace users, and the general public interested in Czech aviation. The company holds recognized certifications such as EFQM and maintains partnerships with key European and international aviation organizations.

V

Verra

verra.cz

66

Verra is a Czech Republic based e-commerce company specializing in premium dietary supplements aimed at supporting hormonal balance and fertility for both men and women. Founded in 2020, the company positions itself as a premium provider leveraging the latest clinical studies to formulate its products. The website is built on the Shopify platform, utilizing modern web technologies and third-party integrations for marketing, analytics, and customer reviews. The digital infrastructure is robust, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and GDPR compliance mechanisms in place, although explicit security headers and incident response policies are not publicly documented. Overall, Verra presents a trustworthy and professional online presence with a clear focus on health and wellness e-commerce.

S

Sofokus

sofokus.com

65

Sofokus is a Finnish digital business design and software development agency specializing in creating modern business concepts for ambitious clients. The company positions itself as a partner in digital business development, targeting businesses seeking innovative digital transformation and software solutions. The website is professionally designed, leveraging WordPress CMS and modern web technologies such as jQuery, AOS, and Google Tag Manager, indicating a mature digital infrastructure. Analytics tools like Google Analytics and Hotjar are used for user behavior insights, complemented by a comprehensive cookie consent mechanism powered by Cookiebot, reflecting attention to privacy compliance. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though the absence of explicit security headers and lack of published security policies suggest room for improvement. The WHOIS data is notably missing or inaccessible, which raises questions about domain registration legitimacy despite the professional web presence. Overall, the website is trustworthy and well-maintained but would benefit from enhanced transparency in privacy and security policies and verification of domain registration details.

B

Úvod

bonavitabody.cz

45

Bonavita.cz operates as a loyalty program platform primarily targeting consumers in the Czech Republic. The website facilitates the collection of loyalty points through a dedicated mobile application and allows users to redeem these points for rewards. The business model centers on incentivizing customer engagement and repeat purchases through partnerships with various retail brands. The site demonstrates a consistent brand presence and integrates social media channels to enhance user engagement. From a technical perspective, the website employs a modern frontend technology stack including Bootstrap 4.3.1, jQuery, Google reCAPTCHA v3, and various UI enhancement libraries such as Slick Carousel and AOS. The site is mobile-optimized and includes basic SEO and accessibility features. SSL is properly configured, ensuring secure communications. Security posture is moderate with HTTPS enforced and bot protection via reCAPTCHA. However, the absence of advanced security headers and explicit security policies indicates room for improvement. Privacy compliance is addressed through a cookie consent mechanism and a basic cookie policy page, aligning with GDPR requirements. No direct company contact emails or phone numbers are provided, which may impact user trust and support accessibility. Overall, the website presents a legitimate and functional loyalty program platform with a moderate security and privacy posture. The lack of WHOIS data due to privacy protection is common for small businesses and does not raise immediate concerns. Strategic enhancements in security headers, accessibility, and transparent contact information would strengthen the platform's trustworthiness and compliance.

I

Intima Clinic

intimaclinic.pl

54

Intima Clinic is a modern private medical clinic based in Kraków, Poland, specializing in gynecology, obstetrics, infertility treatment, aesthetic gynecology, urogynecology, physiotherapy, and endocrinology. The clinic offers over 50 medical procedures and consultations, targeting women seeking specialized healthcare services. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive service information. It includes GDPR-compliant privacy and cookie policies with an opt-in consent mechanism, reflecting a strong commitment to user privacy and regulatory compliance. Technically, the site is built on WordPress with modern libraries and plugins such as Yoast SEO and WP Rocket, hosted by cyber_Folks S.A. Security posture is good with HTTPS enabled and no obvious vulnerabilities, though some security headers could be improved. No WAF or blocking mechanisms interfere with content access. WHOIS data confirms a stable domain registration since 2014, consistent with the business's operational history. Overall, the site demonstrates a mature digital presence with good security and privacy practices.

P

Pozorování ptáků CZ

pozorovaniptaku.cz

47

Pozorovaniptaku.cz is a Czech Republic-based informational website dedicated to birdwatching. It offers detailed catalogs of water birds, locations for birdwatching, rare bird information, quizzes, and opportunities to observe birds with ornithologists. The site targets birdwatching enthusiasts and nature lovers within the Czech Republic, providing educational and community-oriented content. Technically, the website is built on WordPress using Oxygen Builder, Bootstrap 4, and JavaScript libraries such as Leaflet for interactive maps. It integrates Google Analytics for visitor tracking and uses Google Fonts for typography. The site is hosted by Aerohosting, a Czech hosting provider, and employs HTTPS for secure connections. Security posture is moderate, with HTTPS enabled but lacking security headers and visible privacy or cookie policies, indicating compliance gaps. No forms or contact emails are present on the homepage, limiting direct user engagement channels. Overall, the website is well-structured, SEO-optimized, and provides valuable content for its niche audience but would benefit from enhanced privacy compliance and security hardening.

S

Sundqvist AS

sundqvistnorge.no

63

Sundqvist AS is a Norwegian representative of Sundqvist AB, specializing in premium kitchen tools and accessories distributed across the Nordic and Baltic regions. Established in 1963, the company serves retailers and restaurant wholesalers with a portfolio of high-quality kitchen knives, glassware, and related products. The website reflects a professional retail business with clear branding and a focus on premium kitchenware. Technically, the site uses modern web technologies including Bootstrap and JavaScript libraries for enhanced user experience and responsiveness. Security posture is adequate with HTTPS and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. Overall, the site is trustworthy and well-positioned in its market segment, though the lack of publicly available WHOIS data slightly limits domain trust verification.

B

Bohemia

bohemiahokej.cz

42

The website www.bohemiahokej.cz is a Czech-language promotional platform centered around interactive hockey-themed games and contests sponsored by Bohemia Chips. It targets Czech consumers interested in hockey and promotional sweepstakes, offering prizes such as cars and branded merchandise. The site features multiple interactive games, user registration with consent for data processing, and social media integration. Technically, it employs modern JavaScript libraries and tracking tools like Google Tag Manager and Facebook Pixel, with a responsive design optimized for mobile devices. Security posture is generally good with HTTPS enforced and consent mechanisms in place, though minor backend PHP notices indicate some error handling issues. The absence of WHOIS data reduces domain trustworthiness, but the website content and branding appear professional and consistent with a legitimate marketing campaign.

Č

České priority, z. ú.

ceskepriority.cz

67

České priority is a Czech non-profit think tank dedicated to supporting informed decision-making in public policy by integrating scientific knowledge and quality analysis. The organization collaborates with public administration, academic, non-profit, and research sectors to conduct research, provide support, and propose systemic changes. Their portfolio includes projects such as foresight, forecasting for policy (FORPOL), and strengthening analytical capacities in government. The website reflects a professional and consistent brand image with clear navigation and relevant content targeted at stakeholders in public policy and governance. Technically, the website is built on the Solidpixels CMS platform, utilizing modern JavaScript libraries and frameworks such as Swiper, Fancybox, and AOS for enhanced user experience. The site is mobile-optimized and employs HTTPS with good SSL configuration, though it lacks some security headers that could further harden its security posture. Cookie consent mechanisms are implemented, indicating awareness of privacy compliance, although explicit privacy and terms of service pages are not found. From a security perspective, the site demonstrates good practices with HTTPS and no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and vulnerability disclosure information suggests room for improvement. The WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is understandable for a non-profit entity. Overall, the site is trustworthy, professional, and serves its informational purpose effectively.

V

Výstaviště Praha

vystavistepraha.eu

63

Výstaviště Praha operates as the official online presence for the Prague Exhibition Grounds, offering comprehensive information about events, venue rental, sports, dining, and visitor services. The website targets a broad audience including local residents, tourists, families, and sports enthusiasts, positioning itself as a key information hub for activities at the venue. The business model revolves around venue management, event hosting, and supplementary services such as an e-shop and newsletter subscriptions. Technically, the site employs modern analytics and marketing tools with a strong emphasis on user consent and privacy compliance. The hosting infrastructure is stable and reputable, with good mobile optimization and SEO practices enhancing user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a professional and trustworthy digital presence aligned with its business objectives.

G

Ge-Baek Hosin Sool

filipinoma.cz

50

The website www.filipinoma.cz represents a small martial arts school specializing in Filipino martial arts (FMA) training in the Czech Republic. It offers detailed information about its training programs, events, tuition fees, and contact details. The business targets martial arts enthusiasts of all ages, including families, and operates primarily through in-person training sessions and seminars. The site content is well-structured and professionally presented, supporting the school's niche market position. Technically, the website is built on ASP.NET Web Forms with client-side enhancements using jQuery and AOS for animations. It integrates Google Analytics with a consent mechanism that denies ad and analytics storage by default, indicating some privacy awareness. The site is mobile-optimized with good navigation and content relevance, though accessibility features are basic. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit privacy or security policies. The WHOIS data is missing, which raises concerns about domain registration transparency and trustworthiness. No vulnerability disclosures or incident response contacts are provided. Overall, the security posture is moderate but could be improved with better policy disclosures and technical hardening. The overall risk is moderate with no critical issues detected. Strategic improvements in privacy policy publication, security headers, and WHOIS transparency would enhance trust and compliance.

W

Webthinx s.r.o.

cernovous.cz

46

Ekopark Černovous is a small ecological park and family-run business located in the Brdy hills of the Czech Republic. The business focuses on sustainable living, animal husbandry including chickens and bees, and local ecological responsibility. It offers ecological eggs, honey, and plans for future expansion into other animal products and local produce. The website is professionally designed using WordPress and Oxygen builder, with a clear navigation structure and mobile optimization. Social media presence on Instagram, Facebook, and YouTube supports community engagement. Contact information is clearly provided including phone numbers, email, physical address, and a contact form. However, the site lacks explicit privacy and cookie policies and does not implement a cookie consent mechanism, which impacts GDPR compliance.

Enno Makoschey Heizung- und Sanitär GmbH is a small German company specializing in heating and sanitary services, including installation, maintenance, and emergency services. The company positions itself as a reliable local specialist offering a broad range of services such as heating systems, bathroom renovations, solar thermal solutions, and funding consultation. The website reflects a professional business with clear service descriptions and contact information, targeting a general audience in Germany. Technically, the website uses modern JavaScript libraries and the Foundation framework, ensuring good mobile optimization and user experience. Security-wise, the site employs HTTPS and a cookie consent mechanism but lacks visible advanced security headers or explicit incident response policies. Overall, the website is trustworthy and well-maintained, though improvements in security headers and explicit policies could enhance its posture.

Gosau GbR is a small, specialized master craftsman company based in Oelixdorf, Germany, focusing on heating, ventilation, and sanitary services. The company offers a broad range of modern heating solutions including oil, gas, pellet, biomass, heat pumps, and solar energy systems, complemented by maintenance and customer service. Their market position is that of a trusted local provider emphasizing quality and customer care, supported by certifications such as a Stiftung Warentest award. Technically, the website is built on a modern stack using jQuery, Foundation framework, and various UI libraries, with good mobile optimization and SEO practices. Security posture is moderate with cookie consent implemented but lacking visible advanced security headers. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact information and social media presence. No critical security issues or content safety concerns were detected.