Security Directory

H

heap studio

heap.lu

50

Heap studio is a small creative digital agency based in Luxembourg specializing in web development, design, branding, and consulting services. The company positions itself as a success-oriented studio focused on delivering purposeful and targeted results for clients, primarily businesses and organizations seeking digital creative solutions. Their portfolio showcases a variety of projects emphasizing brand identity, UX/UI design, and front-end and back-end development. Technically, the website is built on WordPress with modern tools such as Yoast SEO and GSAP animations, hosted by Infomaniak, a reputable provider. The site demonstrates good mobile optimization, SEO practices, and a professional design, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is trustworthy and professional but could improve in compliance and security transparency.

L

Liedon kaupunki

lieto.fi

63

Lieto.fi is the official website of the city of Lieto, Finland, providing comprehensive municipal services information, tourism, cultural events, and administrative resources. The site targets residents and visitors, offering clear navigation to services such as social care, education, urban planning, and leisure activities. The business model is that of a local government entity focused on public service delivery and community engagement. The website reflects a stable market position as a trusted municipal authority with a longstanding domain registration dating back to 1991. Technically, the site is built on WordPress with modern web technologies including Matomo analytics and Google Tag Manager, ensuring good performance, mobile responsiveness, and accessibility. Hosting appears to be managed by Elisa Oyj, a Finnish telecom provider, with reliable DNS infrastructure. The site employs HTTPS with strong SSL configuration and includes a cookie consent mechanism aligned with GDPR requirements. From a security perspective, the website demonstrates good practices such as encrypted connections and privacy-aware analytics. However, it lacks explicit security policy documentation and incident response information, which could be improved to enhance transparency and preparedness. No critical vulnerabilities or suspicious content were detected. The WHOIS data is fully consistent with the website's municipal identity, showing no privacy protection or obfuscation, which supports trustworthiness. Overall, lieto.fi is a professionally maintained government website with solid technical and privacy compliance foundations. Strategic improvements could focus on enhancing security documentation and publishing vulnerability disclosure policies to further strengthen its security posture and public trust.

R

Riesa Consultative Oy

riesa.io

56

Riesa Consultative Oy is a Finnish consulting company specializing in accessibility and equality services. The company positions itself as Finland's leading accessibility expert, offering services such as the Accessibility Index and urban environment accessibility consulting. Their target audience includes organizations seeking to improve accessibility and inclusivity. The website is professionally designed, well-structured, and provides clear information about services and client references, supporting a strong market position in the accessibility consulting niche. Technically, the website is built on WordPress with modern SEO and analytics tools including Yoast SEO, Google Analytics, and Google Tag Manager. The site is mobile-optimized and demonstrates good accessibility practices. Hosting and DNS are managed with Cloudflare, ensuring reliable performance and security. The site uses HTTPS with a valid SSL certificate, though DNSSEC is not enabled. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms compliant with GDPR. However, it lacks visible security policies, incident response contacts, and advanced security headers. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business profile, using privacy protection services reasonably. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic improvements include enabling DNSSEC, publishing security policies, and enhancing security headers to further strengthen the security posture.

E

Ekokompassi

ekokompassi.fi

75

Ekokompassi is a Finnish non-profit organization providing an industry-independent environmental management system tailored to organizations with expert assistance. The website reflects a focused service offering in environmental consultancy, targeting organizations seeking to improve their environmental practices. The domain is well-established since 2009 and registered transparently under Suomen luonnonsuojeluliitto ry, reinforcing trust and legitimacy. Technically, the site is built on WordPress with modern SEO and analytics tools, including Google Analytics, Hotjar, and Cookiebot for consent management. Security posture is good with HTTPS enforced and standard security practices, though DNSSEC is not implemented and no explicit security or incident response policies are published. Privacy compliance is basic with a cookie consent mechanism but lacks a clearly visible privacy policy or terms of service on the homepage. Overall, the site is professional, accessible, and trustworthy, with room for improvement in privacy transparency and DNS security.

O

Open House Praha, z. ú.

openhousepraha.cz

62

Open House Praha, z. ú. is a Czech non-profit organization dedicated to promoting architecture and urban culture through its annual Open House festival and year-round guided tours. The organization opens over 120 normally inaccessible buildings and spaces in Prague to the public, attracting a large audience and fostering community engagement. The website reflects a mature digital presence with comprehensive content, strong branding, and active social media integration. Technically, the site is built on WordPress with modern JavaScript libraries and includes analytics and marketing tools such as Google Analytics and Facebook Pixel. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers are missing and no explicit security or incident response policies are published. WHOIS data is unavailable, which slightly impacts trust but the organization's transparency and partner endorsements mitigate concerns. Overall, the site is professional, trustworthy, and well-positioned in its niche.

A

aria-studio.cz

aria-studio.cz

43

Aria-Studio.cz is a small Czech web design and development studio operated by Pavel Kovanda and Aleš Rubáš, offering services including web presentation creation, graphics, and web programming. The business has been active since 2004 and targets small businesses and individuals seeking professional web presence solutions. The website is built on WordPress using the Fluida theme and Elementor page builder, reflecting a moderate level of technical maturity with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks security headers and formal privacy/cookie policies, indicating room for compliance improvement. WHOIS data is unavailable, which reduces domain trustworthiness, but the website content and business information appear consistent and professional. Overall, the site presents a trustworthy small business with a solid digital presence but should address privacy and security best practices to enhance compliance and trust.

A

Associazione Nazionale Ufficiali Aeronautica

anua.it

58

The Associazione Nazionale Ufficiali Aeronautica (ANUA) is a non-profit organization dedicated to supporting members of the Italian Air Force and promoting their interests. The website serves as an information hub with news, events, and resources for its members and the broader Aeronautica Militare community. It maintains a professional online presence with consistent branding and regularly updated content. Technically, the site is built on WordPress using modern plugins such as Elementor and Yoast SEO, ensuring good SEO and mobile responsiveness. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is well addressed with clear policies and GDPR adherence. Overall, the site is trustworthy and well-maintained, serving its niche audience effectively.

S

Switch

switch.com

57

Switch is a global technology company specializing in the design, construction, and operation of ultra-advanced data centers that enable powerful technology ecosystems. The company positions itself as a world-renowned leader in the data center industry, targeting technology enterprises and organizations requiring high-performance infrastructure solutions. The website reflects a mature digital presence with professional design and comprehensive content focused on their core business offerings. Technically, the site is built on WordPress using the Divi theme and integrates multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag, indicating a sophisticated approach to user engagement and data collection. Security-wise, the site uses HTTPS and Google reCAPTCHA for form protection, but lacks visible security headers and published security policies, which are areas for improvement. The absence of WHOIS data for the domain www.switch.com is a notable gap, reducing trust from a domain registration perspective despite the professional website content. Overall, the site demonstrates strong business credibility and technical implementation but would benefit from enhanced privacy compliance and security transparency.

O

On Stéitsch

onsteitsch.lu

48

On Stéitsch is an annual cultural and art festival organized by the Luxembourg National Youth Service, targeting young people under 30 years old. The website serves as an official platform to promote the event, providing information about dates, participation, and past editions. It is positioned as a government-affiliated event with a focus on youth culture and arts. The site uses WordPress CMS with plugins such as Yoast SEO and Ninja Forms, indicating a moderate level of digital maturity and standard web infrastructure. The technical setup includes modern JavaScript libraries and responsive design elements, ensuring good user experience across devices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though additional security headers could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website reflects a trustworthy and professional government event site with good compliance to privacy regulations. The lack of WHOIS data limits domain registration insights, but the site’s content and branding strongly support its legitimacy.

IN:CUBATOR is a small non-profit organization based in Luxembourg that supports youth initiatives and non-profit organizations by providing a comprehensive support package including coworking spaces, guidance, workshops, networking, and financial assistance. The website is built on WordPress using Elementor and presents a professional and consistent brand image targeted at young people up to 29 years old and youth sector organizations. Technically, the site uses modern web technologies but lacks some advanced security headers and privacy compliance features. The absence of WHOIS data limits domain trust analysis, but the presence of clear contact information and relevant content supports its legitimacy. Security posture is moderate with HTTPS enabled but missing some best practices. Privacy and cookie policies are not found, indicating compliance gaps.

B

BEE SECURE

bee-secure.lu

57

BEE SECURE is a government-backed digital safety awareness platform based in Luxembourg, focused on educating children, youth, parents, and educators about responsible and safe use of digital technologies. The platform offers a variety of services including awareness campaigns, a helpline, a stopline for reporting illegal content, educational resources, and youth consultations. It is co-financed by the European Union and operated in partnership with national agencies such as the police and justice departments. The website is professionally designed, content-rich, and well-structured primarily in French, targeting a broad audience concerned with digital safety. Technically, the website is built on WordPress, utilizing modern web technologies such as jQuery and FontAwesome, and employs Matomo analytics hosted locally in Luxembourg to ensure privacy compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although there is room for improvement in publishing explicit security policies and incident response information. From a security perspective, no critical vulnerabilities or exposed sensitive data were detected. The use of Matomo analytics with local hosting aligns with GDPR compliance. However, the absence of WHOIS data due to a malformed query reduces domain transparency and trust from a registration standpoint. Overall, the platform appears legitimate and trustworthy based on content and government affiliations. Strategically, BEE SECURE should focus on enhancing domain registration transparency, publishing security and incident response policies, and maintaining rigorous audits of third-party scripts to sustain and improve its security posture and user trust.

J

Jugendpräis

jugendprais.lu

60

Jugendpräis is a government-organized platform in Luxembourg dedicated to recognizing and promoting youth projects. Managed by the Service national de la jeunesse, it serves as a biennial award event highlighting diverse youth initiatives. The website targets youth groups and organizations, providing visibility and recognition through awards and public engagement. The platform enjoys strong partnerships with governmental and European entities, as well as media support from RTL Luxembourg. Technically, the website is built on WordPress, leveraging popular plugins such as Yoast SEO for search optimization and Complianz for GDPR cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. The infrastructure is secure with HTTPS enforced, though security headers could be enhanced. From a security perspective, the site shows a mature posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and an opt-in consent mechanism. However, explicit security policies and incident response contacts are not present, which could be improved to enhance trust and readiness. Overall, Jugendpräis presents a professional, trustworthy, and well-maintained digital presence aligned with its governmental and non-profit mission. Strategic improvements in security headers and incident response transparency would further strengthen its security posture and stakeholder confidence.

B

BookAthon

bookathon.lu

62

BookAthon is a youth-focused creative initiative based in Luxembourg, organizing 24-hour hackathons where young participants aged 14 to 27 collaboratively create children's books for ages 0 to 4. Supported by professional authors, illustrators, and graphic designers, the event fosters creativity and cultural engagement among youth. The website is professionally designed using WordPress and integrates modern technologies such as Gravity Forms for data collection, Yoast SEO for optimization, and Complianz for GDPR-compliant cookie management. Analytics are handled via Matomo, ensuring privacy-conscious tracking. Security posture is strong with HTTPS enforced and anti-spam measures in place, though explicit security headers could be improved. The site complies with GDPR and provides clear privacy and cookie policies. Contact information is transparent, including a contact email and physical address linked to the Service national de la jeunesse (SNJ). Overall, BookAthon presents a trustworthy, well-managed digital presence aligned with its educational and cultural mission.

H

Hartman Videoproducties

hartmanvideo.nl

34

Hartman Videoproducties is a small media production company based in the Netherlands, specializing in video production, photography, livestreaming, and videopodcasts. The company presents a professional online presence with a well-structured WordPress website built using Elementor, showcasing their services and portfolio. The domain is relatively new, registered in 2022, consistent with the business's founding date, and secured with DNSSEC and HTTPS. However, the website lacks critical compliance elements such as privacy and cookie policies, which are essential for GDPR adherence. No incident response or security policies are published, and no analytics or tracking tools are detected, indicating a minimal data collection approach. Contact information is clearly provided, enhancing business credibility.

K

Kappa Data

kappadata.eu

68

Kappa Data is a value-added distributor specializing in innovative network connectivity, security, and IoT solutions. Established in 1998 and operating across five countries with 75 employees, the company serves resellers and end customers by providing technical support and knowledge sharing. The website reflects a professional and consistent brand presence with clear navigation and relevant business content. Technically, the site is built on WordPress with Elementor and Yoast SEO, leveraging modern web technologies and providing good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies are absent. Privacy and cookie policies are present, indicating basic GDPR compliance. Overall, the site is trustworthy and well-maintained, supporting the company's regional market position.

K

Kappa Data France

exer.fr

57

Kappa Data France is a value-added IT distributor specializing in network infrastructure and security solutions, serving businesses and IT resellers primarily in France and neighboring countries. The company has a strong market presence with over 20 years of experience and offers a portfolio of reliable IT products, technical expertise, and training services. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with modern performance optimizations and uses Cloudflare DNS services. Security posture is solid with HTTPS enabled and no obvious vulnerabilities, but lacks published security policies and incident response information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and well-positioned but would benefit from enhanced compliance and security transparency.

K

Kappa Data

kappadata.pl

68

Kappa Data is a value-added distributor (VAD) specializing in networking, security, and IoT solutions primarily serving the Polish market. The company offers technical and sales support, ongoing training, and consulting services, partnering with reputable manufacturers to deliver innovative IT solutions to businesses and institutions. The website reflects a professional and consistent brand presence with multilingual support and a focus on IT infrastructure and cybersecurity expertise. Technically, the site is built on WordPress with modern performance optimizations such as lazy loading and asynchronous script loading. Security posture is generally good with HTTPS enforced, but lacks explicit security headers and formal privacy or cookie policies. WHOIS data is unavailable from the Polish registry, which slightly impacts trust but the website content and structure support legitimacy. Overall, the site is well-positioned in its market segment with room for improvement in privacy compliance and security transparency.

K

Kappa Data

kappadata.nl

74

Kappa Data is a well-established Value-Added Distributor specializing in IT network, security, and IoT solutions primarily serving B2B IT partners in the Netherlands, Belgium, France, and Poland. Founded in 1998, the company has over two decades of experience and offers a broad portfolio including network infrastructure, security, IoT connectivity, training, and technical services. Their market position is solid within the regional IT distribution sector, supported by a professional and multilingual web presence. Technically, the website is built on WordPress using modern plugins and optimization tools, delivering moderate performance and good mobile responsiveness. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and published security policies is noted. Privacy compliance is lacking as no privacy or cookie policies are found, representing a compliance risk. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

L

Lobby X

lobbyx.army

55

Lobby X is a Ukrainian employment and recruiting platform focused on supporting progress and victory in Ukraine. The platform targets Ukrainian job seekers and employers, likely with a focus on government or military-related employment. Technically, the website is built on WordPress using Bootstrap and jQuery, hosted with Cloudflare DNS and registered via GoDaddy with privacy protection. The site uses modern tracking tools like Google Analytics and Facebook Pixel. Security posture is moderate with HTTPS enabled but lacks advanced security headers and policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is functional and professionally designed but would benefit from enhanced privacy and security measures.

S

Syndicat Intercommunal de Gestion Informatique

sigi.lu

59

The Syndicat Intercommunal de Gestion Informatique (SIGI) is a government IT syndicate based in Luxembourg that provides IT solutions and support services to local municipalities. The website presents a professional image with clear navigation, comprehensive privacy and cookie policies, and a focus on supporting Luxembourg communes in their missions. Technically, the site is built on WordPress using the Divi theme and incorporates modern plugins such as the Modern Events Calendar and Matomo for analytics, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though the absence of explicit security policies and incident response contacts suggests room for improvement. The lack of WHOIS data transparency limits the ability to fully verify domain legitimacy, but the website content and structure align with a credible public sector entity. Overall, the site is well-maintained, GDPR compliant, and serves its target audience effectively.

C

CMD Solutions

cmd.solutions

54

CMD Solutions is an IT service provider specializing in hosting, mail, phone, fiber, backup, and milestone services. The company appears to target business clients seeking reliable IT and telecommunications solutions. The website is built on WordPress using the Divi theme, with multilingual support for French, English, and German. The technical infrastructure includes common plugins for SEO, analytics, and GDPR compliance, hosted via EuroDNS S.A. The site demonstrates moderate performance and good mobile optimization but lacks some advanced accessibility features. Security posture is adequate with HTTPS enabled and domain transfer protection, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partial, with a cookie consent mechanism but no explicit privacy policy or terms of service found. Contact is primarily via a web form, with no direct email or phone contacts visible. Overall, the website is professional and trustworthy but could enhance transparency and security practices.

O

Orne THD

ornethd.net

63

Orne THD is a local public telecommunications operator based in France, founded in 2015. The company provides fiber optic internet, TV, and telephony services primarily targeting residential and professional customers in specific French departments (54 and 57). The website presents a professional image with clear branding and consistent content focused on its key services. The domain registration data aligns well with the company's founding date and business claims, supporting its legitimacy. Technically, the website is built on WordPress using popular plugins such as LayerSlider and Revolution Slider, with jQuery and Google reCAPTCHA integrated for enhanced user experience and security. The site is moderately performant, mobile-optimized, and SEO-friendly, though accessibility features are basic. Hosting is likely provided by OVH sas, inferred from the registrar information. From a security perspective, the website uses HTTPS and implements Google reCAPTCHA, but lacks DNSSEC and security headers, which are recommended to improve security posture. There is no visible privacy policy, cookie policy, or vulnerability disclosure information, indicating compliance gaps with GDPR and best practices. Contact information is clearly provided, but no dedicated security or incident response contacts are found. Overall, the website is trustworthy and professional but would benefit from enhanced security measures and compliance documentation to improve user trust and regulatory adherence.

L

lux-airport

lux-airport.lu

53

Luxembourg Airport operates as a key regional transportation hub offering passenger and cargo air services with over 100 destinations and 14 airlines. The airport provides comprehensive services including parking, transport options, shopping, dining, and special assistance, targeting travelers and business passengers. The website demonstrates a mature digital presence with multilingual support, modern technologies, and strong branding consistency. Technical infrastructure is based on WordPress with integrations for analytics, accessibility, and cookie compliance. Security posture is solid with HTTPS and privacy mechanisms, though explicit security headers and incident response policies are absent. WHOIS data is unavailable, limiting domain trust verification, but the professional website and official social media presence support legitimacy. Overall, the airport's digital platform is well-structured, user-friendly, and compliant with GDPR, serving its audience effectively.

J

JT-Line Oy

jt-line.fi

45

JT-Line Oy is a Finnish small-sized transportation company specializing in ferry and charter cruise services in the Helsinki archipelago. The company operates authentic paddle steamer ferries and water buses, emphasizing sustainable travel by using renewable biofuels and promoting inclusivity. Their market position is niche but well-defined, targeting tourists, families, and groups seeking maritime experiences in the Helsinki region. The website reflects a professional and consistent brand image with clear service offerings and certifications such as Sustainable Travel Finland and Ekokompassi. Technically, the site is built on WordPress with modern SEO and analytics tools integrated, including Google Tag Manager and Facebook Pixel, supported by a GDPR-compliant cookie consent mechanism. Security posture is good with HTTPS enforced, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and privacy compliance is well addressed. Contact information is comprehensive, supporting business credibility.

H

Hämeenlinna

hameenlinna.fi

68

Hämeenlinna's official website serves as a comprehensive digital portal for the city, providing extensive information and services related to housing, education, wellbeing, culture, tourism, and economic development. The site targets residents, visitors, and businesses, positioning itself as a trusted municipal resource. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Cookiebot, ensuring good SEO and privacy compliance mechanisms. The use of Matomo and Google Analytics indicates a mature approach to user analytics, although privacy policy documentation is lacking. Security posture is strong with HTTPS and cookie consent, but could be improved with additional security headers and published policies. Overall, the site is professional, well-branded, and trustworthy, reflecting the city's stature and commitment to digital service delivery.

O

Oulun seudun liikenne

oulunjoukkoliikenne.fi

66

Oulun seudun liikenne operates as a regional public transportation authority in Finland, providing bus schedules, ticketing, and travel information primarily for the Oulu region. The website serves residents and travelers with relevant transit data and customer service resources. The business model focuses on public transport facilitation with digital tools such as the OSL app and integration with partner services like Waltti for ticket purchases. Technically, the website is built on WordPress, leveraging modern web technologies including jQuery, Google Tag Manager, and Cookiebot for consent management. The site demonstrates good SEO and accessibility practices with responsive design and clear navigation. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Privacy compliance is partially met with a detailed cookie consent mechanism but lacks a clearly accessible privacy policy or terms of service. Overall, the website is professional, trustworthy, and well-aligned with its public service mission, though improvements in transparency and security documentation are recommended.

K

Kuopio

kuopio.fi

68

Kuopio.fi is the official website of the city of Kuopio, Finland, serving as a comprehensive portal for municipal information, public services, and community engagement. The site targets residents, visitors, and local businesses, providing access to city news, events, and administrative resources. The website positions itself as a trusted government authority with a focus on transparency and accessibility. Technically, the site is built on WordPress CMS, utilizing modern web technologies including jQuery, Matomo analytics for privacy-conscious user tracking, and Cookiebot for GDPR-compliant cookie consent management. The infrastructure supports good mobile optimization and accessibility standards, ensuring a positive user experience across devices. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms that respect user privacy. While explicit security headers are not fully evident, no critical vulnerabilities or exposed sensitive data were detected. The domain registration aligns well with the municipal identity, reinforcing trustworthiness. Overall, Kuopio.fi demonstrates a solid digital maturity with good content quality, privacy compliance, and security posture. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and improving visible contact information to further strengthen user trust and compliance.

J

JULKISEN SANAN NEUVOSTON KANNATUSYHDISTYS RY

vastuullistajournalismia.fi

57

The website vastuullistajournalismia.fi is operated by the Finnish association JULKISEN SANAN NEUVOSTON KANNATUSYHDISTYS RY and focuses on promoting responsible journalism and media ethics in Finland. It provides educational resources, information on journalistic rights, and links to the Public Word Council. The site targets Finnish-speaking students, teachers, and media professionals interested in journalism ethics. The business model is non-profit and educational, with a niche market position in Finnish media ethics education. Technically, the site is built on WordPress using the UIkit framework and jQuery libraries. It uses Typekit fonts and has a moderate performance profile with basic mobile optimization. The hosting and domain registrar are Moonhill Oy, a Finnish provider. The site lacks advanced SEO and accessibility features but maintains a consistent branding and navigation structure. From a security perspective, the site uses HTTPS but lacks important security headers and does not have configured analytics or privacy policies, indicating room for improvement in compliance and security posture. No vulnerabilities or suspicious patterns were detected. The WHOIS data is transparent and consistent with the website's mission, enhancing trustworthiness. Overall, the site is a safe, basic educational resource with moderate technical and security maturity. Strategic improvements in privacy compliance, security headers, and analytics configuration would enhance its security posture and user trust.

S

Suomen Tietotoimisto Oy

lehtikuva.fi

56

Lehtikuva.fi is the digital presence of Suomen Tietotoimisto Oy, Finland's largest photo agency with a history dating back to 1951. The company specializes in news and editorial photography, focusing on Finnish and Nordic themes, and operates a comprehensive image licensing platform. The website reflects a mature digital infrastructure with multilingual support and modern web technologies. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, although some security headers could be enhanced. Privacy compliance is well addressed with clear policies and GDPR-aligned consent. Overall, the site projects professionalism and trustworthiness suitable for media professionals and content buyers.

S

Saunia

saunia.cz

53

Saunia.cz is a Czech Republic-based wellness and sauna service provider offering sauna experiences and relaxation services. The website is professionally designed using WordPress CMS and integrates modern marketing and analytics tools such as Google Analytics, Microsoft Clarity, and Cookiebot for GDPR compliance. The site targets general audiences interested in wellness and sauna activities. Technically, the site uses common JavaScript libraries and plugins to enhance user experience and social sharing capabilities. Security posture is good with HTTPS enabled and cookie consent implemented, though additional security headers could improve protection. The absence of WHOIS data reduces domain transparency and trust slightly, but the website content and structure indicate a legitimate business presence. Privacy policy and terms of service pages were not detected in the provided content, which is a compliance gap. Overall, the site is functional, user-friendly, and compliant with basic privacy regulations.

F

Form Factory s.r.o.

formfactory.cz

62

Form Factory s.r.o. operates a regional fitness business in the Czech Republic offering memberships, group exercise classes, and wellness services including sauna and relaxation. The company promotes a mobile app for easy club access and class reservations, targeting fitness enthusiasts and general public interested in health and wellness. The website is built on WordPress with modern SEO and tracking tools, providing a professional and user-friendly experience. Security posture is good with HTTPS and cookie consent, but lacks some security headers and explicit privacy policies. WHOIS data is unavailable, which reduces transparency and trustworthiness, but the website content and branding are consistent and professional.

A

Association Luxembourg Alzheimer

ala.lu

45

Association Luxembourg Alzheimer is a well-established non-profit organization based in Luxembourg, dedicated to supporting people affected by dementia and their families. The organization offers a comprehensive range of services including counseling, a 24/7 helpline, ambulatory care, day centers, and a specialized care home. Their website reflects a strong commitment to accessibility and user support, with multilingual options and detailed service information. The organization maintains an active presence on social media platforms such as Facebook, LinkedIn, and Instagram, enhancing community engagement and outreach. Technically, the website is built on WordPress with modern plugins like Yoast SEO and accessibility tools, ensuring good SEO and compliance with accessibility standards. The site uses Matomo for analytics, indicating a privacy-conscious approach to user tracking. Performance and mobile optimization are good, though some improvements could be made in hosting transparency and performance metrics. From a security perspective, the site enforces HTTPS and provides a cookie consent mechanism with granular user control, aligning with GDPR requirements. However, it lacks published privacy policies, terms of service, and explicit security or incident response policies, which are important for compliance and user trust. No critical vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and well-aligned with its mission, but would benefit from enhanced privacy and security disclosures to improve compliance and user confidence.

C

Citizenconnect.us

citizenconnect.us

60

Citizen Connect is a small non-profit platform focused on nonpartisan civic engagement and political healing in the United States. It aggregates resources, events, and educational content from over 600 organizations to help Americans find ways to strengthen democracy. The website is built on a modern WordPress infrastructure with integrations such as Google Analytics and Tag Manager, hosted with GoDaddy and using Cloudflare DNS services. The platform demonstrates good technical maturity with responsive design and clear navigation, though it lacks published privacy and cookie policies, which impacts compliance. Security posture is solid with HTTPS and domain protections, but DNSSEC is not enabled and no explicit incident response or vulnerability disclosure information is provided. Overall, the site is trustworthy and professional but could improve privacy compliance and security transparency.

T

The Audiencers

theaudiencers.com

70

The Audiencers is a specialized B2B media community platform founded in 2022, focused on supporting publishing professionals with expertise in audience engagement, conversion, and retention. The platform offers case studies, newsletters, events, and subscription services, positioning itself as a niche player in the media industry. The business is linked to Poool, a known player in paywall and engagement technology, enhancing its credibility and market positioning. Technically, the website is built on WordPress with modern tools like Elementor and Kadence Blocks, integrating analytics and marketing tools such as Google Analytics, HubSpot, and Stripe for payments. The site is mobile-optimized and uses structured data for SEO, reflecting a mature digital infrastructure. Security-wise, the site uses HTTPS and domain transfer protection but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is partially implemented with a cookie consent mechanism but lacks explicit privacy and terms of service pages. Overall, the website is professional, trustworthy, and safe for general audiences, with room for improvement in privacy and security transparency.

S

Suomen Tietotoimisto Oy

stt.fi

51

Suomen Tietotoimisto Oy (STT) is a historically significant Finnish news agency, established in 1887, providing comprehensive news, image, and communication services. The company holds a strong market position as one of Finland's leading and most trusted media organizations, serving a broad audience including media houses, organizations, and the general public. Their digital presence is professional, with a well-structured website offering multilingual support and extensive content. Technically, the site leverages modern technologies such as WordPress, Google Tag Manager, and Matomo Analytics, ensuring good performance and SEO optimization. Security measures include HTTPS, reCAPTCHA, and cookie consent management, though there is room for improvement in DNSSEC and explicit security policies. Overall, STT demonstrates a mature digital infrastructure and a strong commitment to privacy compliance, making it a credible and trustworthy media entity.

W

Waltti Solutions

waltti.fi

66

Waltti Solutions Oy is a Finnish company specializing in digital ticketing and payment solutions for public transportation. Their offerings include a mobile ticketing app, travel card management, and contactless payment integration, serving multiple Finnish cities. The company holds a strong market position as a leading provider in this niche, with a business model targeting both end-users and municipal transport authorities. The website reflects a mature digital presence with good content quality and user experience, supporting their business objectives effectively. Technically, the site is built on WordPress with modern libraries and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent compliance, though some security headers could be improved. Overall, the domain registration data aligns well with the business, indicating high legitimacy and trust. The site is free from blocking or WAF challenges, allowing full content access and analysis.

A

Agile Partner

agilepartner.net

54

Agile Partner is a medium-sized technology company based in Luxembourg, specializing in custom software development and agile transformation services. With over 18 years of experience and a team of approximately 50 professionals, the company targets businesses seeking tailored digital solutions and agile coaching to support their digital transformation. The website is professionally designed, multilingual (French and English), and provides clear information about their services, certifications, and contact details. Technically, the site is built on WordPress and leverages modern JavaScript libraries and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and HubSpot, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and no visible sensitive data exposure, though the absence of security headers and explicit security policies suggests room for improvement. The lack of WHOIS domain registration data is a notable concern, reducing trust in domain legitimacy despite the professional presentation. Overall, the website is functional, secure, and business-focused, but would benefit from enhanced transparency in domain registration and security documentation.

L

LU-CIX

lu-cix.lu

60

LU-CIX is a Luxembourg-based Internet Exchange Point founded in 2009, providing open and neutral peering and connectivity services to networks and content providers in Luxembourg and Europe. The organization operates as a non-profit entity, focusing on interconnecting critical networks in a secure and trusted environment. Their key services include public peering, route servers, blackholing, partner IX peering, and VoIP-X services, positioning them as a central telecommunications infrastructure player in Luxembourg. Technically, the website is built on WordPress CMS with modern JavaScript libraries such as jQuery and Owl Carousel, and uses Matomo for privacy-conscious analytics. The site is mobile-optimized with good SEO practices and moderate performance. Security-wise, the site enforces HTTPS and uses secure form submission techniques but lacks some security headers and a cookie consent mechanism, which are recommended for enhanced security and compliance. The security posture is solid but could be improved by adding explicit security policies, incident response contacts, and cookie consent to align better with GDPR requirements. The absence of WHOIS data limits domain trust verification, but the website content and business presence indicate a legitimate and professional operation. Overall, LU-CIX presents a trustworthy and professional digital presence with room for security and privacy enhancements to strengthen compliance and user trust.

A

Ad Fontes Media

adfontesmedia.com

62

Ad Fontes Media is a specialized media analysis company known for its Media Bias Chart®, which rates news sources for bias and reliability. The company operates primarily in the media sector, targeting general audiences, educators, advertisers, and publishers. Their business model revolves around subscription-based data services and media ratings, positioning them as a niche player with recognized authority in media bias analysis. Technically, the website is built on a modern WordPress platform using Elementor and WooCommerce, hosted by DreamHost, and integrates marketing and analytics tools such as HubSpot, Google Analytics, and Facebook Pixel. The site demonstrates good SEO and mobile optimization, with structured data enhancing search visibility. Security-wise, the site uses HTTPS with a good SSL configuration and domain transfer protection, but lacks DNSSEC and some security headers, which are recommended for enhanced protection. Privacy compliance is strong, with visible cookie consent and a comprehensive privacy policy. Overall, the website is professional, trustworthy, and well-maintained, with no signs of malicious activity or adult content.

Л

Лабораторія цифрової безпеки

dslua.org

62

Лабораторія цифрової безпеки is a Ukrainian non-profit organization specializing in digital security and the protection of digital rights. The organization supports journalists, human rights defenders, and civil activists in Ukraine by providing expertise in digital security and advocating for human rights in the digital environment through policy influence. The website is professionally designed using WordPress and Elementor, with a clear focus on content relevant to its target audience. Social media integration is strong, enhancing outreach and engagement. Technically, the website employs modern web technologies including WordPress CMS, Elementor page builder, and Cloudflare DNS services. HTTPS is properly configured, ensuring secure communications. However, DNSSEC is not enabled, and security headers are absent, indicating room for improvement in security hardening. The site performs moderately well with good mobile optimization and basic accessibility features. From a security perspective, the site demonstrates a reasonable posture with HTTPS and domain registration protections in place. The absence of privacy and cookie policies, security headers, and explicit contact information for security incidents or data protection officers represents compliance gaps. No vulnerabilities or suspicious patterns were detected in the WHOIS data or site content. Overall, the site is trustworthy but would benefit from enhanced transparency and security practices. The risk assessment is moderate with recommendations to implement DNSSEC, security headers, privacy and cookie policies with consent mechanisms, and publish incident response contacts. These steps would improve compliance with GDPR and other data protection regulations, strengthen security posture, and enhance user trust.

I

International Partnership for Human Rights (IPHR)

iphronline.org

55

International Partnership for Human Rights (IPHR) is a Brussels-based independent NGO founded in 2008, focusing on human rights advocacy and support in Central Asia, Eastern Europe, and the South Caucasus. The organization empowers local civil society groups, conducts research and reporting on human rights violations, and engages in advocacy with international institutions. Their website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on WordPress, hosted on SiteGround, and uses modern SEO and GDPR compliance tools. Security posture is good with HTTPS and domain transfer protections, though DNSSEC is not enabled and some security headers appear missing. No direct contact emails or phone numbers are publicly listed, relying on contact forms and social media channels. Overall, the site is professional, trustworthy, and safe for general audiences.

D

Deutsch-Ukrainische Gesellschaft

deutsch-ukrainische-gesellschaft.de

52

The Deutsch-Ukrainische Gesellschaft (DUG) is a small non-profit organization dedicated to fostering and deepening German-Ukrainian relations across politics, science, culture, and civil society. The organization offers expert dialogues, publications, cultural events, and exchange programs to promote mutual understanding and support Ukraine's integration into European and Euro-Atlantic structures. The website reflects a professional and consistent brand image, targeting stakeholders interested in German-Ukrainian cooperation. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, Contact Form 7, and GDPR Cookie Compliance, ensuring good SEO and privacy compliance. The site uses HTTPS with Google reCAPTCHA for form security and includes a cookie consent mechanism, indicating a mature digital infrastructure. Performance and mobile optimization are good, though some security headers could be improved. From a security perspective, the site demonstrates solid practices including HTTPS enforcement and GDPR compliance. However, no explicit security policy or incident response contacts are published, and security headers are not detected, suggesting room for enhancement. No vulnerabilities or suspicious content were found. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations, serving its niche audience effectively. Strategic improvements in security headers and transparency around security policies would further strengthen its posture.

L

Lobby X

thelobbyx.com

60

Lobby X is a Ukrainian employment platform and recruiting agency focused on supporting job seekers and employers, with a special emphasis on veterans and military personnel. The company operates a professional website with a clear business model centered on job listings, recruitment services, and career consultations. Their market position is niche but important within Ukraine, supporting progress and victory through employment. Technically, the website is built on WordPress with modern front-end technologies including Bootstrap, jQuery, and Lottie animations, and integrates Google services such as reCAPTCHA and Tag Manager. The site is mobile optimized and SEO friendly, though accessibility is basic. Security posture is adequate with HTTPS and CAPTCHA protections, but lacks DNSSEC and security headers, which are recommended for improvement. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. Strategic recommendations include enhancing security headers, enabling DNSSEC, and improving privacy compliance to strengthen trust and security.

P

PayFast (Pty) Ltd

paygate.co.za

69

PayFast (Pty) Ltd operates a secure and scalable online payment gateway primarily serving businesses in South Africa. The company offers a comprehensive payment processing platform designed to support merchants with efficient and reliable payment solutions. Their market position is solid within the regional fintech space, leveraging modern web technologies and integrations to provide a seamless user experience. The website reflects a mature digital infrastructure with WordPress CMS, SEO optimization, and multiple analytics and marketing tools integrated. Security posture is good with HTTPS enforced and domain registration consistent with the business identity, though some security headers and policies could be improved. Privacy compliance is evident with clear privacy and cookie policies and GDPR considerations. Overall, the business credibility is high with consistent branding and trust signals such as social media presence and structured data.

T

The Giving Block

thegivingblock.com

70

The Giving Block is a specialized platform empowering nonprofits to accept cryptocurrency, stocks, and donor-advised fund (DAF) donations. Founded in 2018, it has established itself as a leading service provider in the nonprofit crypto donation space, offering secure and compliant donation forms tailored to the needs of nonprofits and their donors. The website reflects a professional and consistent brand image, targeting nonprofits and crypto donors with clear messaging and structured data to enhance search visibility. Technically, the website is built on WordPress using the Divi theme, supplemented by a variety of marketing and analytics tools including HubSpot, Google Analytics, Microsoft Clarity, and Hotjar. The domain is registered with GoDaddy and uses Cloudflare for DNS, indicating a robust hosting and domain management setup. Mobile optimization and SEO practices are good, though accessibility features are basic. From a security perspective, HTTPS is enabled and domain status flags protect against unauthorized changes. However, the site lacks explicit security headers, published security policies, and vulnerability disclosure mechanisms. Privacy compliance is limited due to the absence of visible privacy and cookie policies or consent mechanisms. The extensive use of tracking and marketing scripts suggests a moderate to extensive user tracking level, which should be balanced with stronger privacy disclosures. Overall, the site is credible and professionally managed but would benefit from enhanced privacy and security transparency to improve compliance and user trust. Strategic recommendations include enabling DNSSEC, publishing comprehensive privacy and cookie policies, implementing security headers, and establishing a vulnerability disclosure program.

K

Kappa Data

kappadata.be

74

Kappa Data is a value-added IT distributor specializing in networking infrastructure, security, and IoT solutions primarily serving business customers in Belgium and surrounding markets. The company offers a broad portfolio of products and services including technical expertise, training, and events. The website is professionally designed, multi-lingual, and optimized for performance and mobile devices, reflecting a mature digital presence. Security posture is solid with HTTPS and no visible vulnerabilities, though the absence of published privacy and cookie policies indicates room for compliance improvement. WHOIS data is restricted, which is common for business privacy but limits transparency. Overall, the site presents a trustworthy and credible business with a good technical foundation.

CEES HARTMAN is a small Dutch business specializing in website creation, online marketing, photography, and video production services. The company uses WordPress as its platform and collaborates closely with clients to design websites that reflect their branding and needs. The website showcases a portfolio of client projects, indicating a focus on small to medium-sized clients. Technically, the website is built on a modern WordPress stack with Elementor and the Customizr theme, providing a responsive and user-friendly experience. However, the site lacks privacy and cookie policies, and no explicit contact emails or phone numbers are provided, which may affect user trust and compliance. Security posture is moderate with HTTPS enabled but missing important security headers. Overall, the site is professional and safe but could improve in privacy compliance and security best practices.

U

Upbooking

upbooking.lu

48

Upbooking is a Luxembourg-based online platform dedicated to the recycling and exchange of used school books, promoting environmental sustainability and offering incentives such as vouchers for new book purchases. The platform targets students and families within Luxembourg, supported by government initiatives as evidenced by the presence of the Luxembourg government logo. Technically, the website is built on WordPress with a custom theme, uses modern tools like Google Tag Manager and Axeptio for cookie consent, and implements good accessibility features. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is strong with comprehensive policies and cookie consent mechanisms in place. Overall, the website is professional, trustworthy, and well-aligned with its educational and governmental mission.

U

UDICE

udice.org

54

UDICE is a French alliance of 13 major universities focused on promoting research excellence, enhancing higher education performance, and developing attractive innovation ecosystems. The website presents a professional and consistent brand image, targeting academic institutions and stakeholders in higher education and research. The business model is non-profit and collaborative, positioning UDICE as a key player in the French academic landscape. Technically, the website is built on WordPress using Elementor and Yoast SEO, with integration of Google Analytics and Tag Manager for user tracking. The site is mobile-optimized and performs moderately well, though accessibility features are basic. The SSL configuration is excellent, ensuring secure HTTPS connections. Security posture is generally good with HTTPS enforced and no exposed sensitive data, but lacks security headers and a formal security policy or incident response information. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected, which is a gap given GDPR relevance. Overall, the site is trustworthy and professional, though transparency is reduced by the absence of WHOIS data and limited security disclosures. Strategic improvements in security headers, privacy compliance, and incident response communication would enhance the site's security maturity and user trust.

E

EPICUR Alliance

epicur.education

56

EPICUR Alliance is a consortium of nine European higher education institutions collaborating to provide innovative educational programs, research initiatives, and regional ecosystem engagement. The website serves as a multilingual portal offering information on educational offers, research projects, events, and partner universities. The technical infrastructure is based on WordPress with modern web technologies including Bootstrap, jQuery, and Matomo analytics, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although additional security headers could enhance protection. Privacy compliance is well addressed with GDPR-aligned policies and consent banners. Overall, the website reflects a professional and trustworthy educational alliance with a strong digital presence.