High-risk security reports

H

Hammaslaboratorio Horelli

horelli.fi

45

Hammaslaboratorio Horelli is a specialized dental laboratory operating in Finland with locations in Lappeenranta and Lahti. The company focuses on manufacturing high-quality dental prosthetic products including implant prosthetics, crowns, bridges, and partial dentures. Their services cater primarily to dental professionals and patients requiring custom dental solutions. The website reflects a small but professional business with clear contact information and a focus on craftsmanship and technology. Technically, the site is built on WordPress using modern plugins such as Yoast SEO and WP Google Maps, ensuring good SEO and user experience. The site is mobile optimized and uses HTTPS for secure communication. Security posture is good with no visible vulnerabilities, though security headers could be improved. Privacy compliance is addressed with a linked privacy policy document, though cookie consent mechanisms are minimal. Overall, the website is trustworthy, professional, and well-maintained, supporting the company's local market position.

S

Skydent Oy

skydent.fi

42

Skydent Oy operates a modern dental laboratory located in Tampere, Finland, specializing in a wide range of prosthetic dental solutions including fixed and removable prosthetics and digital CAD-CAM services. The company targets dental professionals and patients requiring high-quality dental prosthetics, positioning itself as a local expert with advanced technology such as 3Shape scanners. The website reflects a small-sized healthcare business with a professional and consistent brand presence, providing clear service descriptions and contact details. Technically, the website is built on WordPress with modern plugins like Yoast SEO and uses Bootstrap for responsive design. It integrates Google Analytics for visitor tracking and demonstrates moderate performance and good mobile optimization. However, some accessibility features are basic, and there is room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site uses HTTPS with good SSL configuration and avoids exposing sensitive data. The absence of security headers and lack of an incident response or security policy page are areas for enhancement. Privacy compliance is partially met with a privacy policy present, but no cookie consent mechanism is detected, which is important for GDPR compliance. Overall, the website is trustworthy and professional with no signs of malicious content or blocking mechanisms. Strategic recommendations include implementing security headers, adding cookie consent, and establishing incident response contacts to strengthen security and compliance posture.

J

Janne Rauhala

jannerauhala.fi

46

Janne Rauhala's website serves as a personal brand platform for an entrepreneur focused on business innovation, mentoring, and real estate concept design primarily in Finland. The site positions Janne as a niche entrepreneur with a regional presence, supported by recent press coverage and active social media profiles. The business model appears to revolve around consultancy and entrepreneurial services targeting Finnish business professionals and startups. Technically, the website is built on WordPress 6.8 using the GeneratePress theme and Yoast SEO plugin, indicating a modern and SEO-optimized infrastructure. The site is mobile-friendly and performs moderately well, with good accessibility and structured data implementation enhancing search engine visibility. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks security headers and formal policies such as privacy, cookie, or incident response disclosures, which are important for compliance and trust. No vulnerabilities or malicious indicators were detected. Overall, the website is professional and trustworthy with good business credibility but would benefit from enhanced privacy compliance and security best practices to improve its risk posture and user trust.

K

Karlevy Oy

karlevy.fi

44

Karlevy Oy is a Finnish small manufacturing company specializing in ecological and high-quality acoustic curtains. The company offers tailored acoustic curtain solutions and related accessories, emphasizing sustainability, quality, and customer service. Their market position is niche-focused within Finland, targeting both business and consumer segments seeking acoustic solutions. The website is built on a modern WordPress CMS with WooCommerce for e-commerce capabilities, integrating popular plugins such as Yoast SEO and Jetpack. The technical infrastructure is solid with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though security headers and incident response policies are absent. Privacy compliance is partially met with a privacy policy present but lacking a cookie consent mechanism. Overall, the website is professional, trustworthy, and well-maintained, supporting the company's business goals effectively.

S

Stance

hannatuominen.fi

45

The website www.hannatuominen.fi represents a Finnish small business named Stance, operated by Hanna Tuominen, offering personal and corporate leadership coaching and development services. The business has a clear niche in leadership and management coaching, leveraging frameworks such as LMI and DISC. The website is professionally designed using WordPress with modern technologies including Bootstrap and Google reCAPTCHA, providing a good user experience and mobile optimization. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is solid with HTTPS and form protections, but could be improved by adding security headers and a vulnerability disclosure policy. Contact information is clearly presented, enhancing business credibility. Overall, the site is trustworthy and well-positioned in its market segment.

K

Karteko Oy

karteko.fi

44

Karteko Oy is a Finnish small business specializing in industrial maintenance services, including conveyor maintenance, welding, installation, and agricultural machinery repair. The company also offers logistics and driver rental services, targeting industrial and agricultural sectors in Finland. The website presents a professional image with clear contact information and service descriptions, supporting its market position as a local service provider. Technically, the site is built on WordPress using modern themes and plugins, with good SEO and mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and formal policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and transparency.

S

Suomen Opetuskaluste Oy

opetuskaluste.fi

45

Suomen Opetuskaluste Oy is a Finnish family-owned company specializing in educational furniture and presentation equipment, operating since 1987. The company positions itself as a trusted provider with decades of experience, targeting educational institutions and professionals in Finland. Their product range includes whiteboards, blackboards, notice boards, and various teaching accessories. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their market segment. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile optimization and SEO practices. However, some security best practices such as security headers and explicit privacy policies are missing. The site uses HTTPS and integrates Google Analytics and Google Tag Manager with IP anonymization, indicating moderate attention to user privacy. Overall, the security posture is adequate but could be improved with better compliance and incident response disclosures.

H

Hämeen Kylät ry

hameenkylat.fi

46

Hämeen Kylät ry is a Finnish regional non-profit association dedicated to promoting village and resident activities in the Kanta-Häme region. Established in 1998, it serves as an advocacy and cooperation body for local communities, aiming to foster vibrant and pleasant living environments close to nature. The website reflects this mission with relevant content, active social media integration, and regular updates on projects and news. Technically, the site is built on WordPress with modern plugins such as Yoast SEO, Jetpack, and Contact Form 7, indicating a mature digital infrastructure. The site is mobile-optimized and SEO-friendly, though performance is moderate. Security posture is good with HTTPS enforced and no exposed sensitive data, but lacks some advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professionally maintained, serving its community-focused mission effectively.

P

Parasta Lapsille ry

lomakeskuspukkila.fi

46

Lomakeskus Pukkila is a Finnish hospitality and event service provider operating since 2010, offering accommodation, meeting and party facilities, and outdoor activities such as school camps and canoe rentals. The business operates under the non-profit organization Parasta Lapsille ry, supporting child welfare activities. The website is professionally designed, mobile-optimized, and provides clear contact and service information. Technically, it uses Joomla CMS with Yootheme framework, integrates Google Maps and social media, and employs marketing automation tools like Mautic. Security posture is good with HTTPS and cookie consent, though security headers could be enhanced. WHOIS data confirms legitimacy and transparency, matching the business profile and location. Overall, the site is trustworthy, compliant with GDPR, and well-positioned in its local hospitality niche.

A

ArtCloud Oy

artcloud.fi

46

ArtCloud Oy is a Finnish company specializing in digital services including web development, software solutions, media production, and advertising. The company targets businesses and organizations in Finland seeking customized digital and media services. Their website reflects a professional and consistent brand image with comprehensive service offerings and active client engagement through blog articles and social media integration. Technically, the site is built on WordPress with modern plugins for SEO, GDPR compliance, and social media feeds, hosted likely by Louhi Net Oy. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though some security headers could be improved. Overall, the website and domain registration data align well, indicating a trustworthy and legitimate business presence.

E

Ealys

ladesirade-vence.fr

39

The website www.ladesirade-vence.fr represents a small hospitality business offering a vacation villa rental in Vence, France. The site provides detailed information about the villa, including accommodation capacity, amenities, and local attractions, targeting tourists and vacationers seeking a premium holiday experience on the Côte d'Azur. The business appears to be a niche local operator with a professional online presence but limited public business registration transparency. Technically, the website employs a modern front-end stack including Bootstrap, jQuery, and various UI libraries, delivering a visually appealing and mobile-optimized experience. However, there is no evidence of a CMS or advanced backend platform. Performance is moderate with good SEO basics but lacks advanced analytics or tracking tools. From a security perspective, the site lacks visible security headers and cookie consent mechanisms, and WHOIS data is not publicly available, which is common for small businesses but reduces transparency. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is minimal, with a basic privacy policy page but no cookie banner or GDPR explicit consent. Overall, the website is functional and professional but would benefit from enhanced security practices, improved privacy compliance, and greater transparency in business and domain registration information to increase trustworthiness and regulatory adherence.

The domain kuntapalvelut.fi is registered to Wildfrost Oy, a Finnish company established in 2007. The website content is extremely minimal, consisting only of a short text snippet with no metadata, forms, or meaningful content. This suggests the site is either under construction or abandoned. The WHOIS data is consistent and legitimate, showing a long-standing registration with no privacy protection, which supports trust in the domain ownership. However, the lack of website content and absence of security or privacy policies significantly reduce the site's credibility and usability. Technically, no modern web technologies, security headers, or HTTPS information are available, indicating a poor technical posture. Overall, the site presents a high risk from a security and compliance perspective due to its minimalism and lack of standard protections.

K

Kanta-Hämeen Muistiyhdistys ry

muistiaina.fi

37

Kanta-Hämeen Muistiyhdistys ry is a Finnish non-profit organization dedicated to supporting individuals with memory disorders, their families, and those interested in memory health. The organization offers counseling, peer support, volunteer opportunities, educational courses, and community events primarily in the Kanta-Häme region. Their website reflects a well-established entity with a domain registered since 2008, consistent with their operational history. The site provides comprehensive information about their services, events calendar, and membership options, targeting patients, caregivers, and healthcare professionals.

Häme Events is a regional event listing platform operated by Hämeen Maakuntaliitto, a Finnish regional government entity. The website provides a searchable calendar of events in the Kanta-Häme region and offers an open API for integrating event data into other services. The platform targets residents and visitors interested in local events, supporting community engagement and regional promotion. The business model centers on providing free access to event information and facilitating event submissions. Technically, the website uses a custom-built platform with modern JavaScript libraries such as jQuery, Semantic UI, and various UI enhancement plugins. It integrates multiple analytics services including Google Analytics, Matomo, and Facebook SDK. Hosting appears to be on Amazon AWS infrastructure, indicated by the AWS nameservers. The site is mobile optimized and has basic SEO and accessibility features, though content quality is minimal and mostly functional. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks important security headers like Content-Security-Policy and X-Frame-Options, and does not provide privacy or cookie policies, which impacts GDPR compliance. No contact emails or phone numbers are visible on the site, limiting user support and incident response transparency. The WHOIS data confirms the domain is registered to the regional government organization, with consistent registration details and no privacy protection, supporting legitimacy. Overall, the website is a functional regional event platform with moderate technical maturity and a solid legitimacy profile. Security and privacy compliance can be improved by adding policies, security headers, and contact information. Enhancing content richness and user engagement features would also increase value and trust.

Fahrgastschifffahrt Rügen operates as a regional passenger shipping service provider on Germany's largest island, Rügen. The company offers scenic tours along the coastline, including visits to national parks and the car-free island of Hiddensee, targeting tourists and visitors seeking nature and cultural experiences. The website is built on the Contao CMS platform, utilizing jQuery and GLightbox for interactive elements, and is hosted on servers associated with kasserver.com. The site demonstrates good mobile optimization and basic accessibility features, with a clear navigation structure and professional design. From a security perspective, the website enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks visible advanced security headers and explicit security or incident response policies. No forms or analytics scripts were detected, indicating minimal data collection and tracking. The WHOIS data shows partial consistency with the business, though registrant details are limited. Overall, the site presents a low-risk profile with a good security posture but could benefit from enhanced security headers and clearer compliance documentation. Strategically, the business is well-positioned in the regional tourism transportation sector with a clear service offering. The website supports this with relevant content and trust indicators such as an impressum and privacy policy. There is room for improvement in transparency regarding terms of service, incident response, and security certifications to further enhance trust and compliance.

E

ESTRAMBÒTIC

estrambotic.cat

47

ESTRAMBÒTIC operates a specialized website offering outdoor escape room and group orientation games primarily targeting municipalities, educational centers, associations, and private groups in Spain. The business leverages theatrical and technological elements, including web apps, to deliver immersive and personalized experiences. The company has a consistent brand presence and active social media channels, supporting its market positioning as a local experiential activity provider. Technically, the website is built on WordPress with Elementor and uses modern plugins for SEO and GDPR compliance. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS and reCAPTCHA, but could be improved by enabling DNSSEC and adding security headers and incident response information. Privacy compliance is strong with a comprehensive cookie policy and consent mechanism. Overall, the website is professional, trustworthy, and well-aligned with its business goals.

V

Vegan Society Luxembourg A.S.B.L.

vegansociety.lu

47

Vegan Society Luxembourg is a small non-profit organization dedicated to promoting veganism in Luxembourg and Europe through education, events, and community engagement. Their website offers membership options, donation capabilities, and resources to support their mission. The organization maintains an active social media presence and provides clear contact information, enhancing their community outreach and trustworthiness. Technically, the website is built on WordPress using popular plugins such as WooCommerce and Elementor, delivering a good user experience with moderate performance and mobile optimization. Security posture is adequate with HTTPS enabled, but lacks some advanced security headers and visible incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. WHOIS data is unavailable, which limits domain legitimacy verification and slightly reduces trust. Overall, the site is professional and trustworthy but could improve in security and privacy transparency.

U

Udruženje Sloboda za životinje

sloboda-za-zivotinje.org

43

Udruženje Sloboda za životinje is a Serbian non-profit organization dedicated to animal rights, vegan lifestyle promotion, and education on plant-based nutrition. Established in 2003, it has a strong presence in Serbia with a focus on creating a world free from animal exploitation and suffering. The organization engages in direct animal aid, educational campaigns, volunteer programs, and operates an online store for promotional products. Their website reflects a mature digital presence using WordPress and Elementor, with multilingual support and social media integration. Security posture is adequate with HTTPS and cookie consent mechanisms, though improvements in DNSSEC and security headers are recommended. Overall, the site is trustworthy, professionally maintained, and compliant with privacy regulations.

C

Centro Vegetariano - Associação APV

centrovegetariano.org

43

Centro Vegetariano - Associação APV is a Portuguese non-profit organization dedicated to promoting vegetarianism and veganism through educational content, community engagement, and resource provision. The website serves as a reference point for vegetarian and vegan communities in Portugal, offering articles, recipes, directories, and nutritional tools. With a claimed history of 23 years, it holds a respected position in its niche market. Technically, the website is built with basic HTML, CSS, and JavaScript without advanced frameworks or CMS, resulting in moderate performance and basic mobile optimization. Security posture is average, lacking modern security headers and explicit HTTPS confirmation. Privacy and cookie policies are absent, which impacts compliance and trust. Overall, the site is safe, content-rich, and moderately credible but would benefit from enhanced security and privacy measures.

V

Vegan Society of Ireland

vegansociety.ie

44

The Vegan Society of Ireland is a small non-profit organization dedicated to promoting veganism as an ethical and sustainable lifestyle in Ireland. It evolved from the Vegetarian Society of Ireland, rebranding in 2022 to focus exclusively on vegan advocacy. The website serves as an authoritative platform offering membership, discounts, volunteer opportunities, events, and educational resources. The target audience includes the Irish public interested in animal rights, sustainability, and veganism. Technically, the site is built on WordPress with common plugins such as Contact Form 7 and integrates Google Analytics for visitor tracking. Hosting and domain registration are managed by Blacknight Solutions, an Irish provider, aligning with the organization's geographic focus. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is limited due to the absence of explicit privacy and cookie policies, which should be addressed to meet GDPR standards. Overall, the website is professional, trustworthy, and content-rich, but could improve in privacy transparency and security hardening.

D

Dansk Vegetarisk Forening

vegetarisk.dk

43

Dansk Vegetarisk Forening is a Danish non-profit organization dedicated to supporting vegetarians, vegans, and advocates of a green lifestyle. The organization offers memberships, political advocacy, education, and information services to its community. It holds a leading position in Denmark's vegetarian movement and maintains a strong digital presence with comprehensive content and active social media engagement. The website is built on WordPress using modern themes and plugins, ensuring good SEO and mobile responsiveness. Security measures such as HTTPS, security headers, and cookie consent mechanisms are properly implemented, reflecting a mature security posture. However, the site lacks explicit security policies and vulnerability disclosure information, which could enhance trust and preparedness. Overall, the website is professional, trustworthy, and well-aligned with its mission, with recommendations to improve incident response transparency and accessibility features.

I

Infenso d.o.o.

infenso.hr

44

Infenso d.o.o. is a Croatian technology company specializing in system integration, network equipment design and implementation, IoT solutions, application development, and advanced 3D visualization. Established in 2013, the company targets businesses and organizations seeking digital transformation and integration services. Their market position is that of a niche technology integrator within Croatia, leveraging modern digital tools and platforms to deliver tailored solutions. The website reflects a professional and consistent brand image with good content quality and relevant business information. Technically, the site is built on WordPress with Elementor, utilizing a modern tech stack including jQuery, Google Analytics, and various JavaScript libraries for enhanced user experience. Performance and mobile optimization are good, though accessibility could be improved. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, but lacks explicit security policies and vulnerability disclosures. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

M

Medialab Varaždin

medialab.hr

45

Medialab Varaždin is a Croatian IT service provider specializing in modern web development, server and NAS maintenance, and IT infrastructure management. Founded in 2016, the company targets businesses seeking reliable technology solutions to support their operations. The website reflects a professional and consistent brand presence with clear messaging about their services and partnerships with local companies. Technically, the site is built on WordPress using popular plugins such as Yoast SEO and WPBakery Page Builder, hosted on Totohost servers. The site is mobile optimized and SEO friendly but lacks some advanced accessibility features. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though it lacks security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and stability.

G

Gradsko društvo Crvenog križa Valpovo

crvenikrizvalpovo.hr

42

Gradsko društvo Crvenog križa Valpovo is a local branch of the Croatian Red Cross focused on humanitarian aid, blood donation, social support, and community health initiatives. The organization serves the local community in Valpovo, Croatia, providing essential services to vulnerable populations and coordinating volunteer efforts. Their website reflects a well-established non-profit with consistent branding and clear communication of their mission and services. Technically, the website is built on WordPress using Elementor, with modern libraries such as jQuery and Swiper.js, hosted by CARNET, a reputable Croatian academic network. The site is mobile-optimized and accessible, with good SEO practices and a moderate performance profile. Security-wise, the site uses HTTPS and common security plugins but lacks explicit security headers and a cookie consent mechanism, which are recommended for improved compliance and protection. Overall, the domain registration data aligns well with the organization's profile, indicating legitimacy and trustworthiness.

G

Gradsko društvo Crvenog križa Đakovo

gdcrvenikrizdjakovo.hr

44

Gradsko društvo Crvenog križa Đakovo is a local branch of the Croatian Red Cross focused on providing humanitarian aid, social services, health-related activities, and volunteer coordination within the Đakovo region. The organization operates as a non-profit entity with a clear community-oriented mission, offering services such as first aid training, blood donation campaigns, and disaster response. Their website reflects this mission with relevant content and official documentation, targeting the general public and volunteers in the local area. Technically, the website is built on WordPress with common plugins such as MasterSlider and Bootstrap for responsive design. The site is hosted under Croatian academic network infrastructure (CARNET), ensuring local presence and reliability. The website demonstrates good mobile optimization and accessibility features, although SEO and advanced technical optimizations are basic. No advanced analytics or tracking tools are detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS properly but lacks several security headers and advanced protections such as anti-CSRF tokens on forms. There is no visible cookie consent mechanism, which is a GDPR compliance gap. The WHOIS data is consistent with the organization's location and purpose, enhancing trustworthiness. No critical vulnerabilities or suspicious indicators are found, but improvements in security policies and technical safeguards are recommended. Overall, the website is a trustworthy and functional digital presence for a small non-profit humanitarian organization. Strategic enhancements in security posture and privacy compliance would further strengthen their digital maturity and user trust.

Gradsko društvo Crvenog križa Donji Miholjac is a local branch of the Croatian Red Cross, established in 2012, providing humanitarian aid, blood donation campaigns, social services such as home assistance, and community support activities. The organization targets local community members, volunteers, and donors, operating as a non-profit entity with a strong local presence and partnerships with municipal and regional government bodies. The website reflects this mission with relevant content, news updates, and event information.

C

Crveni Križ Darda

hck-darda.hr

41

Općinsko društvo Crvenog križa Darda is a local branch of the Croatian Red Cross dedicated to humanitarian and community services such as blood donation, first aid training, youth engagement, and health awareness. The website serves as an informational platform targeting local community members and volunteers. Technically, the site is built on an older WordPress platform with common plugins like Yoast SEO and Contact Form 7, hosted under Croatian academic network infrastructure. While the site is functional and well-structured, it uses outdated software versions that may pose security risks. Security posture is moderate with HTTPS enabled but lacks modern security headers and explicit privacy or cookie policies. The domain registration data is consistent with the organization's identity and location, indicating legitimacy. Overall, the website is trustworthy but would benefit from technical and compliance improvements.

G

Gradsko društvo Crvenog križa Beli Manastir

gdck-belimanastir.hr

42

Gradsko društvo Crvenog križa Beli Manastir is a local branch of the Croatian Red Cross focused on humanitarian aid, first aid education, blood donation, and volunteer coordination within the Beli Manastir community. The organization operates as a small non-profit entity with a clear mission to support vulnerable populations and promote community health and safety. Their market position is that of a trusted regional humanitarian organization affiliated with the national Croatian Red Cross and supported by European solidarity programs. Technically, the website is built on WordPress with a modern but moderate tech stack including Google Analytics and accessibility tools. The site is mobile optimized and SEO friendly, providing a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS and anonymized analytics, though it lacks some advanced security headers and explicit incident response information. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the website is professional, trustworthy, and serves its community well, but could improve in security and privacy transparency.

The website www.zlatyerb.cz serves as the official platform for the Zlatý erb competition, a long-standing Czech national contest recognizing the best municipal web portals. The site provides detailed information about the competition, including news updates, results, partner acknowledgments, and resources for municipalities. The target audience primarily consists of local governments and public administration entities seeking to improve their web presence. The business model is non-profit and focused on promoting digital excellence in municipal websites. The site is supported by multiple partners and sponsors, indicating a well-established position in its niche.

Kryt Folimanka is a public underground shelter located in Prague 2, serving as the largest shelter in the district with capacity for 1300 people. The website provides information about the shelter, public tours, and related tourist services. The site is maintained by a government or municipal entity, indicated by the nature of the content and sector classification. Technically, the website uses a traditional web stack including Bootstrap, jQuery, and Google Analytics, hosted by Wedos. The site is accessible, uses HTTPS, and has moderate performance and mobile optimization. However, it lacks critical privacy and cookie policies, and no contact information is provided, which impacts compliance and user trust. Security posture is adequate with HTTPS but missing security headers and formal policies. Overall, the site is functional and informative but could improve in privacy compliance and security best practices.

N

Nadační fond Dvojka srdcem

dvojkasrdcem.cz

44

Nadační fond Dvojka srdcem is a Czech non-profit foundation focused on providing social and financial assistance to residents of Prague 2, particularly families and individuals in need. The foundation offers support such as financial contributions for school supplies, extracurricular activities, and aid for individuals with health challenges. The website presents beneficiary stories and donation progress, reinforcing transparency and community engagement. Technically, the site is built on WordPress with modern plugins and integrates Google Analytics and Tag Manager for tracking. Hosting is provided by a Czech hosting provider, aligning with the foundation's local focus. Security posture is generally good with HTTPS enforced and no exposed sensitive data, but lacks some security headers and formal privacy and cookie policies, which are important for GDPR compliance. Overall, the site is professional, trustworthy, and well-structured, though improvements in privacy compliance and security headers are recommended.

C

Centrum sociálních služeb Praha 2

cssp2.cz

48

Centrum sociálních služeb Praha 2 is a Czech Republic-based public social services organization founded in 2002 by the Prague 2 municipal district. It provides a broad range of social and healthcare services targeted at seniors, disabled individuals, chronically ill patients, caregivers, and families with children. The organization operates locally with a medium-sized footprint and offers services including home care, health care, day centers, and residential facilities. The website reflects a professional and consistent brand presence with clear navigation and relevant content for its audience. Technically, the site uses a proprietary CMS (VismoWeb5), modern web standards, and is hosted under a Czech registrar and hosting provider, ensuring good performance and mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and incident response information are lacking. Privacy compliance is basic with cookie and accessibility statements but no explicit consent mechanism. WHOIS data confirms the domain's legitimacy and long-term operation, matching the organization's history. Overall, the website is trustworthy, safe, and well-suited for its public service mission.

K

Knihovna na Vinohradech

knv.cz

44

Knihovna na Vinohradech is a public library serving the Vinohrady district in Prague, Czech Republic. The website provides information about library services, events, exhibitions, and access to an online catalog. The institution operates as a non-profit entity affiliated with the local municipality (Městská část Praha 2). The site targets the general public and local community members interested in cultural and educational resources. Technically, the website is built on WordPress, utilizing common plugins such as MonsterInsights for analytics and SlideDeck for content presentation. Hosting is provided by Wedos, a Czech hosting provider, consistent with the domain registration data. The website design is basic but functional, with moderate performance and limited mobile optimization.

L

Lietuvos kultūros institutas

lithuanianculture.lt

43

Lietuvos kultūros institutas (LKI) is a Lithuanian government-funded cultural institute established in 2015 under the Ministry of Culture. Its primary mission is to promote Lithuanian culture internationally through various projects, literary dissemination, and cultural attaché partnerships. The website serves as an official portal providing news, project information, and resources for cultural stakeholders and the public. The site is well-branded, consistent, and targets cultural institutions, artists, and international partners. Technically, the site is built on WordPress with modern plugins and libraries, hosted by a Lithuanian provider, and optimized for accessibility and mobile use. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. Overall, the site reflects a professional government entity with high trustworthiness and good digital maturity.

C

CVS Development s.r.o.

publix.cz

40

CVS Development s.r.o. is a small Czech IT service provider specializing in analytical work, information systems, integration, database and mobile applications, web development, and infrastructure management. The company targets businesses and organizations in need of IT and web solutions, operating primarily in the Prague region. The website is built on an older ASP.NET Web Forms platform with Telerik controls and uses PubliX CMS. The technical infrastructure includes legacy JavaScript libraries and basic SEO and accessibility features. Security posture is moderate with HTTPS usage but lacks modern security headers and uses outdated JavaScript libraries, posing potential vulnerabilities. No privacy or cookie policies are present, indicating compliance gaps. Contact information is clearly provided, but no social media presence or security policies are published. The domain is mature and consistent with the business history, registered since 2002 with a reputable Czech registrar. Overall, the website is functional but basic in design and security, with room for modernization and compliance improvements.

H

HMP - Mestska policie hl. m. Prahy

mppraha.info

42

The website mppraha.info is the official online presence of the Municipal Police of Prague, Czech Republic. It serves as an information portal for residents and visitors, providing details about police units, contact information, news updates, recruitment, and public safety services. The site is well-branded with official logos and consistent municipal police identity, targeting a general audience interested in public safety and municipal services in Prague. The business model is government public service with a large organizational size and established presence since 2014. Technically, the site is built on Joomla CMS with modern web technologies including jQuery, Leaflet for interactive maps, and Revolution Slider for visual content. It integrates social media platforms such as Facebook, Twitter, YouTube, and Instagram, and uses Google Analytics for visitor tracking. The site is mobile-optimized with good navigation and content relevance, though accessibility features are basic. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. Cookie consent is implemented, indicating some level of privacy compliance, but no explicit privacy policy or terms of service were found on the homepage. No incident response or vulnerability disclosure information is provided. Suspicious hidden links to adult content domains were detected in hidden HTML elements, likely spam injections, but these are not visible to users. Overall, the website is trustworthy and professional, with a strong business credibility score. Recommendations include enabling DNSSEC, adding security headers, publishing a privacy policy, and monitoring third-party scripts for vulnerabilities to improve security posture and compliance.

S

Sport Na Františku

sportnafrantisku.cz

45

Sport Na Františku operates a well-established sports complex located in the heart of Prague 1, offering a variety of sports facilities and activities primarily targeting children, schools, and the general public. The website presents a professional and user-friendly interface with detailed information about sports programs, pricing, and event hosting options. Technically, the site is built on WordPress with modern JavaScript libraries and includes cookie consent management and Google Tag Manager integration, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and some privacy controls, but lacks advanced security headers and published security policies. The absence of WHOIS data limits full domain legitimacy verification, representing a moderate risk. Overall, the site is trustworthy and well-positioned in its local market but would benefit from enhanced compliance documentation and security hardening.

C

CROCODILE Bageterie Boulevard

bb-fransiza.cz

40

The website bb-fransiza.cz represents the franchising arm of Bageterie Boulevard, a well-established hospitality brand operating in the Czech Republic and Central Europe. The site offers detailed information about franchise opportunities, the step-by-step process for prospective franchisees, and direct contact with the franchise manager. The business is positioned as a strong group with over 3 billion CZK turnover and more than 35 years of market experience, supported by robust production and logistics infrastructure. The target audience is potential franchise partners seeking to operate Bageterie Boulevard outlets. Technically, the website uses modern frontend technologies including Bootstrap, jQuery, Swiper, and Google reCAPTCHA v3 for form security. The site is mobile optimized and provides a good user experience with clear navigation and professional branding. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, though security headers are not detected and no explicit security policy or vulnerability disclosure is present. Privacy compliance is partially met with a GDPR consent checkbox and a privacy policy page, but lacks a cookie consent mechanism and terms of service. Overall, the site is trustworthy and professionally maintained, supporting the business credibility of the franchising offer.

D

Dům dětí a mládeže hlavního města Prahy

ddmpraha.cz

44

Dům dětí a mládeže hlavního města Prahy is a well-established public institution founded in 1998, providing educational and leisure activities for children and youth in Prague. The organization operates multiple branches offering clubs, camps, events, rentals, and educational programs, targeting children, youth, parents, and educators. It is funded and overseen by the city of Prague, positioning it as a key local educational service provider with a strong community presence. Technically, the website employs a modern tech stack including Bootstrap, jQuery, FontAwesome, and Matomo analytics, ensuring a responsive and user-friendly experience. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. Hosting and domain registration are consistent and reliable, managed by REG-GRANSY since 1998. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism aligned with GDPR requirements. However, explicit security headers and incident response policies are not publicly visible, indicating room for improvement in security posture. The use of Matomo analytics reflects a privacy-conscious approach to user tracking. Overall, the website is professional, trustworthy, and safe for general audiences, with no adult or questionable content. The domain's long history and consistent WHOIS data reinforce its legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility and SEO to further strengthen the site's digital maturity and compliance.

The website www.fotostart.cz serves as a platform for the FOTOSTART photography competition, primarily targeting photography enthusiasts in the Czech Republic. It provides information about annual contests, winners, exhibitions, and related photo education resources. The site is small-scale and community-focused, with consistent branding and good content relevance. Technically, it uses older JavaScript libraries such as jQuery 1.11.2 and the Nette framework, with basic mobile optimization and accessibility features. Security posture is limited due to lack of visible HTTPS enforcement details, absence of security headers, and outdated libraries. No privacy or cookie policies are present, which impacts compliance and user trust. The WHOIS data is missing, which raises concerns about domain legitimacy, though the website content appears genuine and niche-focused. Overall, the site is functional and informative but requires improvements in security, privacy compliance, and domain transparency.

M

MINISTRY OF EDUCATION

gov.gh

34

The Ministry of Education Ghana operates as the national government authority responsible for education policy, reform, and implementation in Ghana. The website serves as an official communication channel to disseminate information about education reforms, virtual learning initiatives, and government projects. It targets a broad audience including students, educators, policymakers, and the general public interested in education in Ghana. Technically, the site is built on WordPress with modern plugins such as Elementor and Revolution Slider, and uses Google Analytics for visitor tracking. The site is mobile optimized and presents a professional design consistent with government branding. Security-wise, the site uses HTTPS and has no visible exposed sensitive data, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the domain registration is consistent with the government entity, indicating high legitimacy.

N

Naivistit Iittalassa -säätiö SR

naivistit.fi

49

Naivistit Iittalassa -säätiö is a Finnish cultural foundation dedicated to organizing naive art exhibitions and related events in Iittala, Finland. The website serves as a portal for visitors and art enthusiasts to learn about current and upcoming exhibitions, purchase art, and engage with the naive art community. The organization maintains a clear market niche focused on naive art, supported by a small but consistent digital presence and multilingual accessibility. The website is professionally designed with good content quality and clear navigation, targeting a general audience interested in art and culture. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, Yoast SEO, and GDPR-compliant cookie management. Hosting is provided by Hostaan Oy, a Finnish hosting provider. The site demonstrates good mobile optimization and moderate performance. Security measures include HTTPS enforcement and Google reCAPTCHA integration, though some security headers are missing. Privacy compliance is well addressed with clear policies and consent mechanisms. The security posture is solid for a small cultural foundation, with no critical vulnerabilities detected. The WHOIS data confirms legitimacy with consistent registrant information matching the website content and a domain age appropriate for the foundation's history. No suspicious patterns or privacy protection obfuscation are present. Overall, the website is trustworthy, secure, and compliant with relevant regulations. Strategic recommendations include enhancing security headers, maintaining plugin updates, and considering a dedicated security policy page to further improve trust and compliance. The website effectively supports the foundation's mission and provides a reliable digital platform for its audience.

I

Iittala Village

iittalavillage.fi

46

Iittala Village is a cultural and tourism-focused website representing a regional artisan and design village in Hämeenlinna, Finland. It aggregates information about local attractions, events, shops, and cultural heritage related to glassmaking and artisan crafts. The website targets tourists and visitors interested in Finnish design and culture, providing comprehensive event listings, visitor information, and local business promotion. Technically, the site is built on WordPress with Elementor and uses modern plugins for SEO and privacy compliance. It is hosted by a reputable registrar and uses HTTPS with good security practices. Privacy and cookie policies are implemented with GDPR compliance in mind. The security posture is solid with no critical vulnerabilities detected. Overall, the site is professional, trustworthy, and well-maintained, serving as a valuable resource for cultural tourism in the region.

M

MyIntegration

myintegration.fi

48

MyIntegration is a Finnish-based company with an online presence focused on integration services, as indicated by the website title and branding. The website is built on WordPress and employs a modern technology stack including popular plugins such as Yoast SEO, Smart Slider 3, and Cookiebot for cookie consent management. The site supports multiple languages, indicating a target audience that is international or multilingual. The business appears to be small-sized with a consistent brand image and a moderate level of trust signals, including a Facebook social media presence. Technically, the website is well-structured with proper SEO meta tags and uses HTTPS with an excellent SSL configuration. The use of Matomo analytics shows a commitment to privacy-friendly tracking. However, the site lacks visible security headers and does not publish a privacy policy or terms of service, which are important for compliance and user trust. No direct contact information is found on the homepage, which may affect user confidence. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism compliant with GDPR. There are no visible vulnerabilities or exposed sensitive data. The absence of a security policy and incident response contacts suggests room for improvement in security transparency and readiness. Overall, the website is functional, moderately secure, and privacy-conscious but would benefit from enhanced compliance documentation and clearer contact information to improve trust and professionalism.

E

Ealys

ealys.com

41

Ealys is a French web development agency specializing in the creation, redesign, and maintenance of websites and web applications, primarily serving clients in the North-East region of France including Metz, Nancy, and Strasbourg. With over 20 years of experience, the company targets a diverse clientele ranging from SMEs to large groups and institutional clients. Their service offerings include website creation, web application development, hosting, security, and audits, positioning them as a comprehensive digital solutions provider in their regional market. The website reflects a professional and consistent brand image with clear service descriptions and client references. Technically, the site employs modern web technologies such as HTML5, CSS3, jQuery, and popular plugins like Revolution Slider and Fancybox, ensuring a responsive and user-friendly experience. Google Analytics is used for visitor tracking, and a cookie consent mechanism is implemented, indicating basic privacy compliance. Security-wise, the site uses HTTPS and follows some best practices but lacks advanced security headers and explicit incident response or vulnerability disclosure policies. The domain registration data is consistent with the business claims, showing a long-established presence without privacy protection, which supports legitimacy. Overall, the website is well-structured, professional, and trustworthy, though there is room for improvement in security and compliance documentation.

L

Lapin Lumilomat Oy

lapinlumilomat.fi

45

Lapin Lumilomat Oy operates a hospitality business specializing in vacation apartment rentals and travel packages in the Ylläs region of Finland. The company targets tourists seeking quality accommodation and local experiences in Äkäslompolo and surrounding areas. The website presents a professional and consistent brand image with clear business information and contact details, supporting a trustworthy market position as a regional hospitality provider. Technically, the website is built on WordPress with a modern tech stack including jQuery, FontAwesome, and Google Fonts, hosted by Hostingpalvelu. The site is mobile-optimized, fast-loading, and SEO-friendly, though accessibility features are basic. Security posture is good with HTTPS enforced, but lacks advanced security headers and formal incident response disclosures. Security-wise, the site shows no critical vulnerabilities or exposed sensitive data. Privacy policies and terms of service are present and GDPR compliant, but cookie consent mechanisms are missing, which could be improved. No WAF or blocking mechanisms interfere with content access, allowing full analysis. Overall, the website is a well-maintained digital asset for a small hospitality business with solid business credibility and technical implementation. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance trust and compliance.

R

Rideer Nordic Oy

synergybus.se

42

SynergyBus, operated by Rideer Nordic Oy, is an online platform specializing in connecting taxi and bus companies with customers seeking transportation services in the Nordic region. The website positions itself as a leading marketplace for order traffic, offering a large volume of daily offer requests and facilitating business growth for transport providers. The platform's business model revolves around generating and managing transportation service quotes, targeting primarily taxi and bus operators. The company is relatively young, founded in 2022, and maintains a consistent brand presence with trust certifications and EU co-funding indicators. Technically, the website employs a modern tech stack including Bootstrap for responsive design, jQuery, FontAwesome icons, and integrates multiple analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and Ahrefs Analytics. The site is mobile-optimized with good SEO practices but lacks some accessibility features and advanced security headers. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks DNSSEC, security headers, and formal privacy or cookie policies, which are important for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security governance. The WHOIS data is consistent with the business claims, showing a legitimate domain registration without privacy protection, appropriate domain age, and active status. Overall, SynergyBus presents a professional and functional online presence with solid business credibility but requires enhancements in privacy compliance and security best practices to strengthen its risk posture and regulatory adherence.

O

Ordre des Architectes et des Ingénieurs-Conseils

oai.lu

46

The Ordre des Architectes et des Ingénieurs-Conseils (OAI) is a professional association representing architects, consulting engineers, urban planners, interior architects, and landscape architects in Luxembourg. Established by law in 1989, it serves as a regulatory and support body for these professions, offering services such as training, publications, member directories, and event organization. The website is well-structured, professionally designed, and targets both professionals and clients in the architecture and engineering sectors. It maintains a strong presence on multiple social media platforms, enhancing its outreach and engagement. Technically, the website employs modern web technologies including the Dojo Toolkit, Bootstrap, and advanced search integrations with Typesense and InstantSearch.js. It uses HTTPS with good SSL configuration, though it lacks some security headers that could enhance protection. The site is mobile-optimized and provides a moderate level of performance and accessibility. Analytics are implemented via Piwik/Matomo, indicating a moderate level of user tracking. From a security and compliance perspective, the site does not display explicit privacy or cookie consent mechanisms, which may impact GDPR compliance. No contact information for incident response or data protection officers is evident. The WHOIS data is unavailable due to malformed queries or registry restrictions, which slightly reduces trustworthiness but does not negate the professional presentation and content quality. Overall, the OAI website is a credible and professional platform serving its niche audience effectively. Strategic improvements in privacy compliance, security headers, and transparency of contact information would enhance its security posture and regulatory adherence.

V

Visit Turku Archipelago Oy

visitturku.fi

44

Visit Turku Archipelago Oy operates the official tourism website for Turku and its archipelago, providing comprehensive information on local attractions, dining, accommodation, and events. The website serves both tourists and local residents, positioning itself as a trusted source for travel inspiration and practical information. The business model focuses on promoting regional tourism and supporting local partners through digital content and event listings. Technically, the site employs modern web technologies including Google Tag Manager, Google Maps API, and Vimeo for multimedia content, hosted with Azure DNS services. The site is mobile-optimized and accessible, with good SEO practices and a clear navigation structure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the domain registration data aligns well with the business, indicating legitimacy and trustworthiness. Strategic recommendations include enhancing security headers, publishing explicit security policies, and adding a vulnerability disclosure channel to further strengthen trust and compliance.

L

Liedon Innovaatiokampus Oy

liedoninnovaatiokampus.fi

45

Liedon Innovaatiokampus Oy is a municipally owned innovation campus located in Lieto, Finland, established in 2023. It serves as a collaborative platform bringing together various business services, employment, education, logistics, and capital solutions to support local business growth and networking. The website reflects a regional government entity focused on fostering innovation and business development within the community. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and cookie consent, hosted likely by Elisa Oyj. The site is well-structured, mobile-optimized, and provides clear navigation and relevant content for its target audience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the domain registration details align well with the business identity, indicating high legitimacy and trustworthiness.