Security Directory

P

Paimio

paimio.fi

60

Paimio.fi is the official website of the city of Paimio, a modern municipality in southwestern Finland. The site serves residents, local businesses, and visitors by providing comprehensive municipal services and information. The website is well-positioned as a local government authority, focusing on public service delivery and community engagement. The content is professionally presented, with clear descriptions of the city's offerings and a consistent branding approach. Technically, the website is built on WordPress and utilizes common web technologies such as jQuery, DustPress, and Cookiebot for cookie consent management. It integrates Google Tag Manager and Google Analytics for visitor tracking and performance monitoring. The site demonstrates good SEO practices, mobile optimization, and basic accessibility features, contributing to a positive user experience. From a security perspective, the website enforces HTTPS and includes several security headers, reflecting a good security posture. The cookie consent mechanism complies with GDPR requirements, although explicit privacy and terms of service policies are not found in the provided content. No vulnerabilities or suspicious activities were detected, indicating a secure and trustworthy platform. Overall, Paimio.fi presents a reliable and professional municipal website with moderate technical sophistication and a solid security foundation. Strategic improvements include publishing comprehensive privacy and terms of service policies and enhancing accessibility and contact information transparency.

L

Liedon kaupunki

lieto.fi

63

Lieto.fi is the official website of the city of Lieto, Finland, providing comprehensive municipal services information, tourism, cultural events, and administrative resources. The site targets residents and visitors, offering clear navigation to services such as social care, education, urban planning, and leisure activities. The business model is that of a local government entity focused on public service delivery and community engagement. The website reflects a stable market position as a trusted municipal authority with a longstanding domain registration dating back to 1991. Technically, the site is built on WordPress with modern web technologies including Matomo analytics and Google Tag Manager, ensuring good performance, mobile responsiveness, and accessibility. Hosting appears to be managed by Elisa Oyj, a Finnish telecom provider, with reliable DNS infrastructure. The site employs HTTPS with strong SSL configuration and includes a cookie consent mechanism aligned with GDPR requirements. From a security perspective, the website demonstrates good practices such as encrypted connections and privacy-aware analytics. However, it lacks explicit security policy documentation and incident response information, which could be improved to enhance transparency and preparedness. No critical vulnerabilities or suspicious content were detected. The WHOIS data is fully consistent with the website's municipal identity, showing no privacy protection or obfuscation, which supports trustworthiness. Overall, lieto.fi is a professionally maintained government website with solid technical and privacy compliance foundations. Strategic improvements could focus on enhancing security documentation and publishing vulnerability disclosure policies to further strengthen its security posture and public trust.

Mustasaaren Toimintakeskus is a community activity center operated by Helsingin seurakuntayhtymä, a Finnish organization based in Helsinki. The website serves local community members by providing information about community activities and services. The domain has been registered since 2007, indicating a stable presence. The website's technical infrastructure is based on standard web technologies including HTML5, CSS3, Bootstrap 3.3.5, and uses fonts like Roboto and FontAwesome icons. Hosting is associated with Elisa Oyj, a Finnish telecom provider. Security posture is basic with no advanced security headers detected and no visible HTTPS enforcement details in the provided data. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is minimal, limited to registrant address from WHOIS data. Overall, the site is functional but lacks modern security and privacy best practices.

A

Allegion

isonas.com

84

Allegion, through its ISONAS brand, offers advanced IP-to-the-door access control solutions targeting commercial security markets. The website reflects a mature enterprise presence with a focus on simplifying access control technology for integrators and facility managers. The technical infrastructure leverages Adobe Experience Manager CMS, modern JavaScript libraries, and integrates marketing and analytics tools such as Adobe Analytics and Marketo, indicating a digitally mature platform. Security posture is strong with HTTPS enforcement, security headers, and anti-bot measures like reCAPTCHA, though explicit incident response and vulnerability disclosure information are absent. Overall, the website is professional, secure, and compliant with privacy regulations, supporting Allegion's market position as a leading access control provider.

S

Service national de la jeunesse

animateur.lu

57

Animateur.lu is an official government portal operated by the Service national de la jeunesse in Luxembourg, targeting current and prospective youth animators. The site provides comprehensive resources including training, certifications, event listings, and material lending to support youth animation activities. It holds a strong market position as a trusted government resource with consistent branding and clear navigation. Technically, the website is built on WordPress with a modern stack including WooCommerce for e-commerce capabilities, Contact Form 7 for forms, and Complianz for GDPR compliance. The site uses Matomo analytics hosted on its own server, enhancing privacy compliance. Security posture is good with HTTPS enforced and cookie consent implemented, though security headers could be improved. Overall, the website is professional, accessible, and trustworthy, serving its audience effectively.

B

BEE SECURE

bee-secure.lu

57

BEE SECURE is a government-backed digital safety awareness platform based in Luxembourg, focused on educating children, youth, parents, and educators about responsible and safe use of digital technologies. The platform offers a variety of services including awareness campaigns, a helpline, a stopline for reporting illegal content, educational resources, and youth consultations. It is co-financed by the European Union and operated in partnership with national agencies such as the police and justice departments. The website is professionally designed, content-rich, and well-structured primarily in French, targeting a broad audience concerned with digital safety. Technically, the website is built on WordPress, utilizing modern web technologies such as jQuery and FontAwesome, and employs Matomo analytics hosted locally in Luxembourg to ensure privacy compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although there is room for improvement in publishing explicit security policies and incident response information. From a security perspective, no critical vulnerabilities or exposed sensitive data were detected. The use of Matomo analytics with local hosting aligns with GDPR compliance. However, the absence of WHOIS data due to a malformed query reduces domain transparency and trust from a registration standpoint. Overall, the platform appears legitimate and trustworthy based on content and government affiliations. Strategically, BEE SECURE should focus on enhancing domain registration transparency, publishing security and incident response policies, and maintaining rigorous audits of third-party scripts to sustain and improve its security posture and user trust.

S

Service National de la Jeunesse (SNJ)

chalets.lu

54

Chalets.lu is an official Luxembourg government-affiliated website providing comprehensive information and booking options for youth accommodations including chalets, camping grounds, and youth hostels across Luxembourg. The platform targets youth groups, families, and tourists seeking affordable lodging options, positioning itself as a trusted government resource. The website leverages WordPress CMS with modern technologies such as Bootstrap, jQuery, and Google Maps API to deliver a responsive and accessible user experience. Privacy compliance is robust, featuring a detailed cookie policy with opt-in consent mechanisms aligned with GDPR requirements. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not publicly available. Overall, the site demonstrates a high level of professionalism, trustworthiness, and technical maturity suitable for its government service role.

A

Aittakoodi Oy

synergybus.fi

44

SynergyBus, operated by Aittakoodi Oy, is a Finnish web platform specializing in connecting taxi and bus companies with customers seeking chartered transportation services. The platform aggregates over 15,000 annual booking requests, positioning itself as a leading service in the Finnish transportation sector. The website offers features such as daily email notifications of new requests, the ability to advertise available fleet capacity, and tools to foster long-term customer relationships. The business targets transportation operators and customers within Finland, emphasizing efficiency and market reach.

R

Rideer Nordic Oy

tilausajot.net

52

Tilausajot.net, operated by Rideer Nordic Oy, is a well-established Finnish online platform specializing in competitive bidding for charter taxi and bus transportation services. Founded in 2011, it serves a broad audience including private individuals, companies, and associations across Finland. The platform facilitates efficient request and offer management, supported by a growing network of transportation providers. Technically, the website employs modern web technologies including Bootstrap, jQuery, Google Maps API, and Cloudflare for security and performance. It integrates comprehensive analytics and marketing tools such as Google Analytics, Facebook Pixel, and Hotjar, balanced with a detailed cookie consent mechanism ensuring GDPR compliance. Security posture is strong with HTTPS enforced and Cloudflare protection, though some security headers could be improved. The domain registration is consistent and transparent, reinforcing business legitimacy. Overall, the site presents a professional, trustworthy, and user-friendly service with good privacy and security practices.

P

PoriExpress

poriexpress.fi

48

PoriExpress is a Finnish regional transportation company specializing in affordable bus travel primarily between Pori and Helsinki, as well as seasonal travel packages to Lapland (Ylläs). The company targets general consumers seeking economical and convenient bus travel options and related accommodation services through partnerships. The website is professionally designed using WordPress with modern SEO and content management plugins, providing a good user experience and clear navigation. Technical infrastructure is solid with HTTPS and standard WordPress technologies, though some security headers are missing. Contact information is clearly provided, but privacy compliance could be improved with cookie consent mechanisms and more detailed security policies. Overall, the site is trustworthy and well-positioned in its niche.

L

Luxembourg House of Cybersecurity g.i.e.

cswl.lu

58

The website represents the CYBERSECURITY Week Luxembourg 2025, a national campaign coordinated by the Luxembourg House of Cybersecurity. It aims to promote cybersecurity awareness and foster collaboration within the Luxembourg cybersecurity ecosystem through key events such as the Luxembourg GRC Conference and hack.lu. The campaign targets cybersecurity professionals and the wider community interested in cybersecurity topics. The website content is well-structured, professionally designed, and consistent with the organization's branding. Technically, the site uses modern web technologies including React, Bootstrap, and FontAwesome, with good mobile optimization and moderate performance. The site is served over HTTPS with no visible security vulnerabilities or exposed sensitive data. However, some security best practices like security headers and cookie consent mechanisms are missing or not visible in the provided content. From a security posture perspective, the site demonstrates a good baseline with HTTPS and no evident vulnerabilities. The presence of legal and data protection notices in PDF format indicates attention to compliance, though explicit security policies and incident response information are absent. The WHOIS data aligns well with the website's claims, showing consistent registration and no privacy protection, enhancing trustworthiness. Overall, the website is a credible, professional platform for cybersecurity awareness events in Luxembourg, with room for improvement in privacy compliance and security policy transparency.

Lahden seudun liikenne operates as the official public transportation authority for the Lahti region in Finland, providing comprehensive bus route information, timetables, ticketing options, and customer service. The website serves as a key digital touchpoint for residents and visitors seeking transit information. The company holds a solid market position as a regional transport provider with a clear focus on accessibility and user convenience. Technically, the website is built on WordPress and leverages modern web technologies including jQuery, Google Tag Manager, and Cookiebot for consent management. The site demonstrates good performance, mobile optimization, and accessibility features, ensuring a positive user experience across devices. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed through a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the website reflects a mature digital infrastructure supporting a trusted public service entity.

M

Museum of the Rockies

museumoftherockies.org

56

Museum of the Rockies is a well-established cultural and educational institution located in Bozeman, US, focusing on natural history, cultural exhibits, and astronomy. The website presents a professional and informative platform targeting a general audience interested in museum experiences and educational programs. The domain has been registered since 2000, reflecting a stable and legitimate presence. Technically, the website employs modern tracking and analytics tools such as Google Analytics, Facebook Pixel, and Sojern, hosted on Montana State University DNS infrastructure, indicating a reliable hosting environment. However, the site lacks visible privacy and cookie policies, which impacts its compliance posture. Security-wise, HTTPS is properly implemented, but the absence of security headers and vulnerability disclosure mechanisms suggests room for improvement. Overall, the website is trustworthy and professionally maintained but should enhance privacy compliance and security best practices to reduce risk and improve user trust.

C

College Park Tutors

collegeparktutors.com

56

College Park Tutors is a specialized tutoring service focused on providing one-on-one academic support to students at the University of Maryland (UMD). Established in 2013, the company offers expert tutoring in STEM subjects such as calculus, physics, engineering, and statistics. Their business model centers on connecting vetted tutors with students for personalized sessions, both online and in-person, emphasizing flexibility and course-specific expertise. The website reflects a strong local market position with clear branding and trust signals including testimonials and detailed course offerings. Technically, the website is built on the UserFrosting CMS framework and leverages modern web technologies including jQuery, Bootstrap, Google Analytics, Facebook Pixel, and Google reCAPTCHA for security and analytics. The site is mobile-optimized with good SEO practices and moderate performance. Hosting is inferred to be via NameCheap, consistent with the domain registrar information. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and integrates reCAPTCHA to protect forms. However, it lacks DNSSEC and security headers such as Content-Security-Policy and X-Frame-Options, which are recommended for enhanced protection. Privacy compliance is basic; while a privacy policy and terms of service are present, there is no cookie consent mechanism, which may be a GDPR compliance gap. Overall, the website is professional, trustworthy, and well-suited for its educational audience. The domain registration data aligns well with the business history, supporting legitimacy. Strategic recommendations include implementing DNSSEC, adding security headers, and introducing a cookie consent banner to improve privacy compliance and security posture.

Restopolis is a Luxembourg-based service provider specializing in school and university catering. The website offers multilingual content targeting students, adults, and visitors, providing menu consultation, booking, and account management services. The platform integrates with IAM for secure user access and supports sustainable food procurement initiatives. Technically, the site is built on ASP.NET WebForms using the DNN CMS, leveraging modern JavaScript libraries and Google services for analytics and security. Security posture is good with HTTPS and reCAPTCHA, though explicit security headers are missing. Privacy compliance is basic with a cookie consent banner and privacy policy available. WHOIS data is unavailable, limiting domain trust verification, but the website's professional appearance and government affiliations support legitimacy.

W

Waltti Solutions

waltti.fi

66

Waltti Solutions Oy is a Finnish company specializing in digital ticketing and payment solutions for public transportation. Their offerings include a mobile ticketing app, travel card management, and contactless payment integration, serving multiple Finnish cities. The company holds a strong market position as a leading provider in this niche, with a business model targeting both end-users and municipal transport authorities. The website reflects a mature digital presence with good content quality and user experience, supporting their business objectives effectively. Technically, the site is built on WordPress with modern libraries and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent compliance, though some security headers could be improved. Overall, the domain registration data aligns well with the business, indicating high legitimacy and trust. The site is free from blocking or WAF challenges, allowing full content access and analysis.

S

Saaristolautat.fi

saaristolautat.fi

43

Saaristolautat.fi is a specialized informational website providing ferry routes and schedules for the Finnish archipelago, including the Turku archipelago and Åland Islands. The site targets travelers and residents needing up-to-date ferry information for over 40,000 islands serviced by approximately 50 ferries and 200 docks. The business model is primarily informational, serving as a public utility platform rather than a commercial enterprise. The website is relatively small in scale, founded in 2017, and operates with a niche focus on regional transportation. Technically, the website employs a modern web stack including HTML5, CSS3, JavaScript with jQuery, Bootstrap for responsive design, FontAwesome for icons, and integrates Google Maps API for route visualization. Hosting appears to be provided by Domainhotelli, a Finnish hosting provider. The site is mobile optimized and has good SEO practices, though accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, the site lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance given its European audience. No contact information or incident response details are provided, limiting transparency and trust. The WHOIS data shows the domain is registered to a private person rather than an organization, which is somewhat inconsistent with the public service nature of the site but not necessarily suspicious. No WAF or blocking mechanisms are detected, and the site content is fully accessible. Overall, the website is functional and provides valuable regional transportation information but would benefit from improved security practices, privacy compliance, and clearer business contact details to enhance trust and regulatory adherence.

L

Luxembourg House of Cybersecurity

lhc.lu

71

Luxembourg House of Cybersecurity (LHC) serves as the central hub for cybersecurity resilience in Luxembourg, hosting key national centers such as CIRCL and NC3. The organization focuses on fostering innovation, collaboration, and capacity building in cybersecurity through various services including acceleration programs, community meet-ups, and standards development. The website reflects a professional and government-aligned entity with a clear mission to enhance Luxembourg's cybersecurity posture. Technically, the website employs modern web technologies including React, Bootstrap, and Leaflet, with privacy-conscious analytics via Matomo. The site is hosted on Luxembourg-based infrastructure (Restena) and demonstrates good mobile optimization and user experience. However, some technical improvements are recommended, such as implementing security headers and cookie consent mechanisms. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks explicit security headers and a published security policy. Incident response is facilitated through links to CIRCL's reporting portal. Privacy compliance is partial, with a privacy policy available but no cookie consent banner. Overall, the site presents a strong security posture appropriate for a government-related cybersecurity entity. The overall risk is low, with recommendations focusing on enhancing privacy compliance, security headers, and accessibility to further strengthen trust and regulatory adherence.

L

LU-CIX

lu-cix.lu

60

LU-CIX is a Luxembourg-based Internet Exchange Point founded in 2009, providing open and neutral peering and connectivity services to networks and content providers in Luxembourg and Europe. The organization operates as a non-profit entity, focusing on interconnecting critical networks in a secure and trusted environment. Their key services include public peering, route servers, blackholing, partner IX peering, and VoIP-X services, positioning them as a central telecommunications infrastructure player in Luxembourg. Technically, the website is built on WordPress CMS with modern JavaScript libraries such as jQuery and Owl Carousel, and uses Matomo for privacy-conscious analytics. The site is mobile-optimized with good SEO practices and moderate performance. Security-wise, the site enforces HTTPS and uses secure form submission techniques but lacks some security headers and a cookie consent mechanism, which are recommended for enhanced security and compliance. The security posture is solid but could be improved by adding explicit security policies, incident response contacts, and cookie consent to align better with GDPR requirements. The absence of WHOIS data limits domain trust verification, but the website content and business presence indicate a legitimate and professional operation. Overall, LU-CIX presents a trustworthy and professional digital presence with room for security and privacy enhancements to strengthen compliance and user trust.

Z

ZONER, s.r.o.

zonercloud.com

73

ZonerCloud, operated by ZONER, s.r.o., is a Slovakia-based cloud services provider specializing in high-performance virtual private servers (VPS), managed hosting, email hosting, cloud storage, and AI/GPU server rentals. The company positions itself as a market leader in VPS performance within its region, leveraging partnerships with VMware and Microsoft to deliver reliable and scalable cloud infrastructure solutions. Their offerings target businesses and developers seeking affordable, powerful, and flexible cloud computing resources with rapid deployment times and strong uptime guarantees. Technically, the website demonstrates a mature digital infrastructure using modern web technologies such as Bootstrap, jQuery, and various UI/UX libraries. It integrates analytics and marketing tools including Google Analytics, Google Tag Manager, and Facebook Pixel, alongside a live chat support system. The site is well-optimized for mobile devices, features comprehensive cookie consent mechanisms, and employs HTTPS with a DigiCert SSL certificate, indicating a strong commitment to security and privacy. From a security perspective, while the site enforces HTTPS and uses secure forms with CSRF tokens, it lacks publicly available formal security policies or incident response disclosures. No critical vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS registrant data slightly reduces trust but is mitigated by the professional presentation and trust signals such as certifications and partner logos. Overall, ZonerCloud presents a trustworthy and professional cloud service platform with strong business credibility and technical maturity. Strategic improvements in transparency around security policies and incident response, as well as WHOIS data availability, would further enhance trust and compliance posture.

Energetska zadruga "Otok Krk" is a small Croatian energy cooperative focused on promoting renewable energy and energy independence on the island of Krk. The cooperative provides consulting, project support, collective purchasing, and education services to local residents and businesses. Their website reflects a community-oriented business model with clear contact information and active social media presence. Technically, the site uses common web technologies such as jQuery, Bootstrap, and Owl Carousel, providing a moderate performance and good mobile optimization. Security posture is moderate with HTTPS usage but lacks explicit security headers and incident response policies. Privacy compliance is basic with privacy and cookie policies present but no consent mechanism. Overall, the website is professional and trustworthy, with a legitimacy score supported by consistent WHOIS data and domain age.

H

hack.lu

hack.lu

60

hack.lu is an established cybersecurity conference held annually in Luxembourg, focusing on computer security, privacy, and information technology. The 2025 edition marks its 19th occurrence, indicating a long-standing presence in the security community. The conference offers talks, workshops, trainings, and CTF competitions, targeting security professionals, researchers, and privacy advocates. The website reflects a professional and consistent brand image, supported by reputable partners and sponsors.

MalwareTech.com is the personal cybersecurity research and blog site of Marcus Hutchins, a recognized expert in malware analysis, vulnerability research, and threat intelligence. The site offers in-depth technical articles, opinions, and original research targeting cybersecurity professionals and enthusiasts. It is a well-established platform with a domain age dating back to 2013, reflecting a mature presence in the cybersecurity community. The website is hosted on Cloudflare infrastructure, uses modern web technologies including Bootstrap and jQuery, and is optimized for mobile devices with good accessibility and SEO practices. Security posture is solid with HTTPS enforced and domain transfer protections in place, though some security headers and DNSSEC are not enabled. Privacy and cookie policies are absent, representing a compliance gap. Contact is provided via a web form, and social media links are extensive across major platforms. Overall, the site is professional, trustworthy, and content-rich, but could improve privacy compliance and explicit security disclosures.

S

Select2

select2.org

55

Select2.org is the official documentation website for Select2, a popular open source jQuery plugin that enhances HTML select boxes with features such as searching, tagging, remote data support, and infinite scrolling. The website serves primarily web developers and software engineers seeking to implement or customize Select2 in their projects. It is maintained by named individuals and hosted by NextGI, reflecting a small but focused open source project. The site is built on GravCMS and uses modern frontend technologies including jQuery, FontAwesome, and syntax highlighting libraries. Google Analytics and Google Tag Manager are used for visitor tracking, though no cookie consent mechanism or privacy policy is present, indicating potential compliance gaps. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. No contact information or formal security policies are published, limiting direct communication channels. Overall, the website is professional, content-rich, and trustworthy for its target audience but would benefit from improved privacy and security disclosures.

The website www.palautevayla.fi serves as a customer service and feedback platform for transportation services in Finland. It targets Finnish-speaking users seeking to provide feedback or obtain information related to public transportation. The site is positioned as an essential public sector service portal, offering key services such as customer feedback submission and information search. The business model is focused on public service facilitation rather than commercial activities. Technically, the website employs AngularJS and Bootstrap frameworks, indicating a moderately modern frontend infrastructure. The site is hosted securely with HTTPS and demonstrates good SSL configuration. Performance and mobile optimization are adequate, though accessibility features could be improved. SEO is basic but functional. From a security perspective, the site enforces HTTPS and includes some security headers, but lacks advanced headers like CSP and HSTS. No vulnerabilities or exposed sensitive data were detected. However, the absence of a security.txt file and explicit privacy or cookie policies indicates room for compliance improvement. Overall, the website is trustworthy and professionally maintained, but would benefit from enhanced privacy compliance and clearer contact information to improve user trust and regulatory adherence.

C

Center for Sustainable Energy

energycenter.org

70

The Center for Sustainable Energy is a well-established nonprofit organization focused on advancing decarbonization through sustainable, equitable, and resilient transportation, buildings, and communities. Their services include program implementation, advisory, incentive management, policy analysis, and outreach, supported by their proprietary software platform Caret® for electric vehicle policy. The organization targets government agencies, utilities, policymakers, and clean energy stakeholders, positioning itself as a national leader in clean energy program management. Technically, the website is built on Drupal 10 with modern frameworks such as Bootstrap and FontAwesome, and integrates analytics and marketing tools like Google Analytics, Google Tag Manager, and Marketo. The site is mobile-optimized, accessible, and SEO-friendly, hosted likely via GoDaddy infrastructure. Performance is moderate with good technical implementation. From a security perspective, the site uses HTTPS and follows some best practices like external link security attributes, but lacks visible security headers and a cookie consent mechanism, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. The WHOIS data shows a long-established domain with privacy protection appropriate for a nonprofit. Overall, the website is professional, trustworthy, and content-rich, with minor gaps in privacy compliance and security headers. Strategic recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, and publishing security policies to enhance trust and compliance.

W

Wojta Foto

wojta-foto.cz

46

Wojta Foto is a niche photography website specializing in speedway sports event photography, primarily serving audiences in the Czech Republic and Poland. The site showcases galleries of speedway races and related events, targeting speedway fans and photography enthusiasts. The business operates as a small entity founded in 2010, with a focus on content publishing and portfolio showcasing. Technically, the website is built on WordPress using common plugins such as NextGEN Gallery and Jetpack, hosted by Wedos, a Czech hosting provider. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but it lacks security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is safe for general audiences and maintains a moderate level of professionalism and trustworthiness.

M

Météo-France

meteofrance.yt

61

Météo-France Mayotte is the official regional meteorological service providing comprehensive weather forecasts, cyclone tracking, marine weather, and climatology information for Mayotte. The website serves residents, visitors, and government agencies with up-to-date meteorological data and alerts. Technically, the site is built on Drupal CMS with modern JavaScript libraries such as Leaflet for mapping and integrates consent management via Didomi, ensuring GDPR compliance in cookie handling. The site is mobile-optimized and accessible, with good SEO practices. Security posture is strong with HTTPS and consent mechanisms, though explicit security policies and vulnerability disclosures are absent. Overall, the domain registration is consistent with the official nature of the site, and no blocking or WAF challenges were detected.

Palmetto Podiatry Associates, LLC is a small healthcare provider specializing in comprehensive foot and ankle care based in Columbia, South Carolina. Established in 1999, the practice offers a range of podiatric services including surgical and non-surgical treatments. The website reflects a professional and consistent brand presence with clear contact information and trust indicators such as certifications and local awards. Technically, the site uses standard web technologies like jQuery and FontAwesome, with good mobile optimization and accessibility features via the UserWay widget. However, the absence of WHOIS data for the domain raises some concerns about domain registration transparency. Security posture is moderate with HTTPS implied but lacking explicit security headers and vulnerability disclosures. Privacy compliance is basic, with a HIPAA policy linked but no cookie consent or detailed privacy policy page. Overall, the site is functional and trustworthy from a business perspective but could improve in security and privacy transparency.

Y

Young Survival Coalition

youngsurvival.org

64

Young Survival Coalition is a well-established nonprofit organization founded in 1999, dedicated to supporting young women aged 40 and under diagnosed with breast cancer. The organization provides comprehensive educational resources, peer support, advocacy, and fundraising initiatives to empower and assist its target audience. The website reflects a strong market position as a trusted leader in this specialized healthcare support sector, with clear branding and consistent messaging tailored to young breast cancer survivors and their support networks. Technically, the website employs a modern CMS (FusionCMS), integrates widely used analytics and tracking tools such as Google Analytics and Facebook Pixel, and is hosted with Cloudflare DNS services, ensuring good performance and security. The site is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. However, there is room for improvement in security headers and cookie consent mechanisms to enhance privacy compliance. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protections in place. The WHOIS data aligns well with the organization's identity, reinforcing legitimacy. No critical vulnerabilities or suspicious activities were detected. The site lacks explicit incident response or security policy disclosures, which could be enhanced to improve transparency and preparedness. Overall, the website is professional, trustworthy, and serves its mission effectively. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent for GDPR compliance, and publishing clear security and incident response policies to further strengthen security posture and user trust.

3

37th International Conference on Alpine Meteorology (ICAM)

icam2025.hr

51

The website for the 37th International Conference on Alpine Meteorology (ICAM) presents a well-structured and content-rich platform for the upcoming scientific conference scheduled in Poreč, Croatia in late 2025. It targets researchers and professionals in mountain meteorology and climate science, offering detailed event information, registration, and abstract submission functionalities via partner platforms. The site demonstrates a moderate level of digital maturity with modern web technologies and responsive design, although it lacks key privacy and security policy disclosures. The security posture is adequate with HTTPS and Cloudflare DNS, but could be improved by adding security headers and incident response information. Overall, the domain registration aligns with the event's geographic focus but shows an unusual future creation date, likely due to event timing. Strategic improvements in privacy compliance and contact transparency would enhance trust and compliance.

Palmetto Podiatry Associates, LLC is a healthcare provider specializing in comprehensive foot and ankle care, serving the Columbia, SC area since 1999. The website content reflects a well-established local medical practice with professional services ranging from routine podiatric care to surgical interventions. The business is positioned as a trusted healthcare provider with recognized certifications and awards, targeting local patients seeking specialized foot and ankle treatment. Technically, the website employs standard web technologies including jQuery, FontAwesome, and an accessibility widget to enhance user experience. The site is mobile-optimized and demonstrates good SEO practices, though it lacks some modern security headers and cookie consent mechanisms. The WHOIS data for the domain wetpetsdothan.com is missing, and the website content actually corresponds to a different domain, indicating a possible misconfiguration or domain aliasing issue. From a security perspective, the site uses HTTPS and links to a HIPAA policy, indicating awareness of healthcare data privacy requirements. However, the absence of WHOIS registration data for the domain and missing security headers reduce the overall security posture. No incident response or vulnerability disclosure policies are published, and no tracking or analytics scripts are detected, which limits data privacy concerns but also reduces marketing insights. Overall, the website is professional and trustworthy in content and design but suffers from domain registration inconsistencies and lacks some security and privacy best practices. Strategic improvements in domain registration clarity, security headers, and privacy compliance would enhance trust and security posture.

C

Center for Sustainable Energy

theapostolicchurch.org

60

The Clean Vehicle Grants Project website serves as the official information portal for the California Clean Vehicle Rebate Project (CVRP), administered by the Center for Sustainable Energy on behalf of the California Air Resources Board. It provides comprehensive resources including eligibility guidelines, rebate application access, FAQs, and program updates targeted at California residents and businesses interested in electric vehicle incentives. The site is positioned as an authoritative source within the clean energy and transportation sectors, supporting California's sustainability goals. Technically, the website is built on Drupal 10, leveraging modern web technologies and integrations such as Google Analytics, Google Tag Manager, and social media pixels for marketing and analytics purposes. The site is hosted behind Cloudflare DNS and CDN services, ensuring reliable delivery and moderate performance. Mobile optimization and accessibility features are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs domain registration protections but lacks DNSSEC and advanced security headers, which are recommended for enhanced security posture. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism. Contact information is clearly provided with multilingual support, enhancing trust and accessibility. Overall, the website demonstrates a solid business credibility and technical foundation with room for improvement in security hardening and privacy compliance. The domain registration details align well with the business purpose, supporting legitimacy and trustworthiness.

Palmetto Podiatry Associates, LLC is a small healthcare provider specializing in comprehensive foot and ankle care in Columbia, South Carolina. Established in 1999, the practice offers a range of podiatric services including surgical and non-surgical treatments. The website presents a professional image with clear business information, contact details, and trust indicators such as professional certifications and awards. Technically, the site uses modern web technologies like jQuery and FontAwesome, and includes an accessibility widget to enhance compliance. However, there is no cookie consent mechanism or explicit privacy policy beyond a HIPAA PDF, and no visible security headers were detected. The WHOIS data for the analyzed domain palmettopodiatry.com is missing, indicating a domain mismatch or unregistered domain, which reduces trustworthiness. Overall, the site is safe, well-structured, and suitable for its target audience but could improve in privacy compliance and security transparency.

Kamelot.cz operates as a regional cultural and advertising monthly magazine serving the Czech regions of Kladno, Karlovy Vary, and Liberec. The website provides information on local culture, sports, and services, with a business model centered on free distribution supported by advertising revenue. The site targets local residents and businesses seeking regional event information and advertising opportunities. Technically, the website employs common web technologies including jQuery, Bootstrap, FontAwesome, and Google Analytics, indicating a moderate level of digital maturity. The site is mobile optimized and presents a professional design with clear navigation. Security posture is moderate; HTTPS is used, but security headers and privacy compliance elements such as privacy and cookie policies are missing, representing compliance gaps. The absence of WHOIS data limits domain legitimacy verification, though the website content and contact information suggest a legitimate business presence. Overall, the site is safe for general audiences and functions well as a regional media outlet.

Z

ZAK TV

zaktv.cz

48

ZAK TV is a regional television broadcaster serving the Plzeňský and Karlovarský regions of the Czech Republic. The website offers live streaming of current broadcasts, an archive of programs, and services such as advertising and studio rental. The business operates as a small media entity with a consistent brand presence and active social media channels. Technically, the site uses a mix of legacy and modern web technologies including jQuery, Fancybox, AOS, and Clappr for video playback, supported by Google Analytics and Hotjar for analytics and user behavior tracking. While the site is accessible and professionally designed, it lacks critical privacy and cookie policies, which impacts GDPR compliance. Security posture is moderate with no visible security headers and no explicit SSL/TLS configuration details provided. Overall, the site is functional and credible but would benefit from enhanced security and privacy measures.

A

Autokomplex Menčík

autokomplex.cz

44

Autokomplex Menčík is a reputable automotive dealership specializing in Škoda vehicles, operating primarily in the Czech Republic with two main branches in Prague and Benátky nad Jizerou. The company offers a comprehensive range of services including new and used car sales, servicing, fleet management, insurance, and car washing. Their market position is that of a regional authorized dealer with a strong local presence and partnerships with various sports and community organizations. Technically, the website employs modern front-end technologies such as jQuery, Bootstrap, and Owl Carousel, providing a good user experience with mobile optimization and clear navigation. However, the absence of WHOIS data and security headers slightly diminishes the overall trustworthiness and security posture. Privacy and cookie policies are present and indicate GDPR compliance, enhancing user trust. Overall, the website is professional, content-rich, and well-branded, though improvements in security practices and domain registration transparency are recommended.

H

Hostinec U Hubálků

uhubalku.cz

49

Hostinec U Hubálků is a Czech hospitality business specializing in traditional Czech cuisine, accommodation, event hosting, and catering services. The website presents a professional and comprehensive digital presence, showcasing menus, events, booking options, and an e-shop for homemade products. The business targets local and regional customers seeking quality dining and event experiences. Technically, the site is built on WordPress with the Divi theme and WooCommerce, integrating modern tools like Google Tag Manager and Facebook SDK for analytics and marketing. Security measures include HTTPS and Google reCAPTCHA on forms, though some security headers could be improved. Privacy compliance is strong with clear cookie consent and privacy policies. The absence of WHOIS data reduces domain trust but the website content and certifications support legitimacy. Overall, the site is well-designed, user-friendly, and trustworthy for its business domain.

O

Obec Orlické Záhoří

orlickezahori.eu

46

The website www.orlickezahori.eu is the official municipal site for the village of Orlické Záhoří in the Czech Republic. It serves as a comprehensive information portal for residents, visitors, and local businesses, providing news, event calendars, administrative contacts, public tenders, and tourism-related content including virtual tours. The site is positioned as a local government resource with a focus on community engagement and transparency. Technically, the website is built on Joomla CMS with Bootstrap 5 for responsive design, integrating third-party libraries such as Awesomplete for search and the Facebook SDK for social media integration. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security practices include HTTPS and CSRF tokens, but the absence of security headers and privacy/cookie policies indicates room for improvement. From a security perspective, the site shows a basic security posture with no critical vulnerabilities detected in the content. The domain WHOIS data is privacy protected, which is typical for .eu domains, and does not raise trust concerns given the official nature of the site. However, the lack of explicit privacy and cookie policies may pose compliance risks under GDPR. Overall, the site is trustworthy and professionally maintained, serving its intended audience well. Strategic recommendations include enhancing privacy compliance, implementing security headers, and improving accessibility and SEO to strengthen the site's security and user experience.

K

Královehradecký kraj

kr-kralovehradecky.cz

63

Královehradecký kraj operates an official regional government website providing comprehensive information about the regional administration, public services, news, and community resources. The site targets residents and stakeholders within the Královéhradecký region of the Czech Republic, offering key services such as contact directories, grant information, and cultural portals. The website is built on a modern Drupal 10 CMS platform, utilizing contemporary web technologies including Bootstrap and Google Tag Manager, ensuring a responsive and accessible user experience. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms compliant with GDPR, reflecting a mature privacy posture. However, the absence of security headers and a security.txt file indicates room for improvement in security best practices. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The lack of WHOIS data is unusual but likely due to registry or query limitations rather than malicious intent, given the official nature of the site. Overall, the website demonstrates a solid technical infrastructure and professional presentation consistent with government standards. It maintains good privacy compliance and user trust indicators, including clear contact information and social media engagement. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a vulnerability disclosure policy to further strengthen security posture.

C

Centrum pro rodinu a sociální péči

crsp.cz

46

CRSP Brno is a well-established non-profit organization based in the Czech Republic, dedicated to supporting families through educational, counseling, leisure, and spiritual programs. Founded in 1992 and affiliated with the Brno Diocese, it serves a broad audience including families, parents, and individuals facing challenging life situations. The organization offers a diverse range of services including courses, family support, and facility rentals, positioning itself as a trusted community resource. Technically, the website is built on WordPress using modern tools such as Elementor and Nimble Builder, with SEO and analytics integrations like Yoast SEO, Google Analytics, and Facebook Pixel. The site demonstrates good mobile optimization, accessibility, and performance, with proper use of HTTPS and security headers enhancing its security posture. Security-wise, the site follows best practices with encrypted connections and cookie consent mechanisms, though it lacks publicly available security policies or incident response contacts. The absence of WHOIS data reduces transparency but does not significantly detract from the site's legitimacy given its content and affiliations. Overall, the website presents a professional, trustworthy, and user-friendly platform for its target audience. Strategic improvements could include publishing explicit security and incident response policies, enhancing direct contact information, and addressing the WHOIS data gap to improve trust and compliance.

L

LK Brno-střed

kinobude.cz

42

The website kinobude.cz represents a local cultural event organizer operating an open-air summer cinema in Brno-střed, Czech Republic. The business focuses on providing outdoor film screenings during the summer season, targeting general audiences in the local community. The site is built on WordPress with a modern tech stack including Bootstrap and jQuery, and it supports multilingual content in Czech and English. The website is well-structured with good design quality and clear navigation, although it lacks some compliance documentation such as privacy and cookie policies. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but it lacks advanced security headers and incident response information. Overall, the domain registration is consistent with the business profile, indicating legitimacy and trustworthiness.

R

Raab Computer s.r.o.

auditfamilyfriendlycommunity.cz

59

The Audit Family Friendly Community website serves as a national portal supporting municipal and regional efforts to improve family-friendly living conditions in the Czech Republic. The site is managed or developed by Raab Computer s.r.o., a small company specializing in web solutions. The portal provides information about the audit program, regional partners, and news updates, targeting municipalities, regional governments, and families. The business model is non-profit/governmental support with a focus on community development and audit facilitation. Technically, the website uses a traditional web stack including jQuery, FontAwesome, and several UI libraries such as Fancybox and Owl Carousel. The site is mobile-optimized with good navigation and content structure, though no CMS or hosting provider details are evident. Performance is moderate with room for improvement in accessibility and SEO. Security headers and SSL configuration details are not provided, but cookie consent mechanisms are implemented. From a security perspective, the site shows basic compliance with privacy regulations, including a privacy policy and cookie consent banner. However, WHOIS data is unavailable, which raises concerns about domain registration transparency. No explicit security policies, incident response contacts, or vulnerability disclosures are found. The site does not expose sensitive data or use vulnerable libraries visibly, but security headers and SSL details should be verified and enhanced. Overall, the website is professional and trustworthy in content and design but lacks transparency in domain registration and some security best practices. Strategic recommendations include verifying domain WHOIS data, enhancing security headers and SSL configuration, and adding explicit security and incident response policies to improve trust and compliance.

W

WebHouse

setup.sk

64

The website setup.sk is a domain and web hosting control panel operated by WebHouse, a Slovak hosting provider established since 2003. The platform offers domain management, web hosting, DNS, email, SSL, FTP, and SSH services primarily targeting Slovak-speaking customers. The website is professionally designed with good navigation and mobile optimization, reflecting a mature digital infrastructure. Technically, it uses modern libraries such as jQuery and Bootstrap, integrates Cookiebot for cookie consent, and employs Google Analytics for traffic analysis. Security posture is solid with HTTPS and DNSSEC enabled, though it lacks some advanced security headers and explicit security policies. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms of service pages. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. The site is safe for general audiences and shows no signs of malicious content or blocking by WAFs.

Č

Česká asociace science center z.s.

sciencecentra.cz

59

The website www.sciencecentra.cz represents the Česká asociace science center z.s., a non-profit association promoting science centers and planetariums across the Czech Republic. The site provides educational content, visitor information, and promotes 9 institutions in 8 cities, targeting families, students, and educators interested in science. The business model is focused on non-commercial promotion and education, positioning itself as a leading national association in this sector. Technically, the website is built on WordPress 5.7.12 with Elementor and several plugins including Contact Form 7 and Complianz GDPR for cookie consent. The site uses modern web technologies such as Bootstrap and FontAwesome, and integrates Google Analytics for visitor tracking with consent mechanisms. The site is mobile optimized and has good SEO practices, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses a cookie consent banner, but lacks visible security headers like Content-Security-Policy. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data for the domain is unavailable, which slightly reduces trustworthiness, but the presence of clear contact information and social media links supports legitimacy. Overall, the website is well-structured, professional, and safe for general audiences. Recommendations include publishing a clear privacy policy and terms of service, adding security headers, and maintaining regular updates to plugins and WordPress core to enhance security and compliance.

H

Hvězdárna a planetárium Brno

festivalplanetbrno.cz

40

Festival planet Brno is a cultural and educational event organized by Hvězdárna a planetárium Brno, focusing on astronomy-themed inflatable models and community engagement. The website serves as an information hub for the festival, showcasing partners, live streams, and event details. The technical infrastructure is based on WordPress with modern themes and libraries, providing a responsive and user-friendly experience. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and privacy compliance documentation. The absence of WHOIS data limits domain trust assessment, though the presence of municipal partners and consistent branding supports legitimacy. Overall, the site is well-positioned as a local cultural event platform with room for improvement in privacy and security policies.

T

Turistické informačné centrum Nitra

nitra.eu

65

The website www.nitra.eu serves as the official tourism information center for the city of Nitra, Slovakia. Established in 1993, it provides comprehensive local information including guided tours, cultural events, practical visitor services, and sales of souvenirs. The site targets tourists and visitors interested in exploring Nitra and its surroundings, positioning itself as a trusted public service entity affiliated with local government. The content is well-structured, professionally presented, and rich in relevant information, supporting a positive user experience. From a technical perspective, the website employs modern web technologies such as Google Analytics, Google reCAPTCHA, Facebook SDK, and FontAwesome icons. It uses HTTPS for secure communication and demonstrates good mobile optimization and accessibility features. However, explicit security headers like Content-Security-Policy are not detected, and no CMS or hosting provider details are evident. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. The site uses reCAPTCHA to protect forms, but lacks published security policies or incident response contacts. Privacy compliance is basic; while a cookie consent mechanism is present, no dedicated privacy or cookie policy pages are found, which is a compliance gap. WHOIS data is privacy protected, limiting transparency but common for such domains. Overall, the website is trustworthy and professional, serving its public service role effectively. Strategic improvements include publishing clear privacy and cookie policies, enhancing security headers, and providing incident response information to strengthen compliance and security posture.

K

Knižnica pre mládež mesta Košice

kosicekmk.sk

43

Knižnica pre mládež mesta Košice is a public youth library based in Košice, Slovakia, providing a wide range of educational and cultural services including book lending, digital catalogs, events, and community projects. The website reflects a well-established institution with a clear focus on serving children, youth, and educators. The domain age and WHOIS data confirm the legitimacy and consistency of the organization. Technically, the website is built on Joomla CMS with Bootstrap and jQuery, offering a responsive and user-friendly experience. However, there is room for improvement in security headers and privacy compliance, particularly regarding cookie consent mechanisms. The site uses Google Analytics and Tag Manager for tracking, indicating moderate user tracking. Overall, the website is professional, trustworthy, and serves its target audience effectively.

T

The Invisible Mag

invisiblemag.sk

51

The Invisible Mag is a Slovak media platform established in 2022 that focuses on cultural, technological, and societal topics. It offers a variety of content formats including articles, podcasts, videos, and publications, targeting a general audience interested in these areas. The website positions itself as a niche cultural and tech media outlet within Slovakia, leveraging digital content to engage its audience. Technically, the website is built on WordPress 5.7.12 and integrates common analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. The site demonstrates good mobile optimization and SEO practices, with a moderate performance profile. The technical infrastructure is modern and standard for content publishing platforms. From a security perspective, the site enforces HTTPS and uses some security best practices but lacks several important security headers and a formal security policy or incident response contact. Privacy compliance is partially addressed with a comprehensive privacy policy and GDPR consent for personal data processing, but no cookie consent mechanism is present. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a trustworthy and professional media presence with moderate security and privacy compliance. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and compliance standing.