Security Directory

A

AVF (Association Végétarienne de France)

vegetarisme.fr

59

The Association Végétarienne de France (AVF) is a well-established French non-profit organization dedicated to promoting vegetarianism and supporting the transition to plant-based diets. The website serves as a comprehensive platform offering educational resources, advocacy campaigns, community engagement, and an online shop. AVF maintains a strong digital presence with multiple related domains and active social media channels, reinforcing its position as a key player in the vegetarian advocacy space in France. Technically, the website is built on a modern WordPress CMS with WooCommerce integration for e-commerce capabilities. It employs a variety of contemporary web technologies including Bootstrap, jQuery, Leaflet.js for maps, and Google services for analytics and tag management. The site demonstrates good mobile optimization and SEO practices, although performance is moderate and some accessibility features could be enhanced. From a security perspective, the site uses HTTPS and integrates Google reCAPTCHA to protect forms. While some standard security headers are not explicitly visible, no critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. The absence of WHOIS data limits domain registration trust assessment, but the website's content and business information support its legitimacy. Overall, AVF's website is a professional, content-rich platform with a solid security posture and good privacy practices. It effectively supports the organization's mission and community engagement efforts.

D

Dansk Vegetarisk Forening

vegetarisk.dk

43

Dansk Vegetarisk Forening is a Danish non-profit organization dedicated to supporting vegetarians, vegans, and advocates of a green lifestyle. The organization offers memberships, political advocacy, education, and information services to its community. It holds a leading position in Denmark's vegetarian movement and maintains a strong digital presence with comprehensive content and active social media engagement. The website is built on WordPress using modern themes and plugins, ensuring good SEO and mobile responsiveness. Security measures such as HTTPS, security headers, and cookie consent mechanisms are properly implemented, reflecting a mature security posture. However, the site lacks explicit security policies and vulnerability disclosure information, which could enhance trust and preparedness. Overall, the website is professional, trustworthy, and well-aligned with its mission, with recommendations to improve incident response transparency and accessibility features.

V

Vegane Gesellschaft Österreich

vegan.at

54

Vegane Gesellschaft Österreich is a well-established non-profit organization dedicated to promoting vegan and plant-based nutrition in Austria. The website serves as an educational and community platform offering resources such as events, recipes, nutritional information, and advocacy tools. It holds a strong market position as a leading vegan society in Austria with a consistent brand presence and active social media engagement. Technically, the site is built on Drupal 7 with modern JavaScript libraries and analytics tools like Matomo and Google Tag Manager, reflecting a mature digital infrastructure. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and cookie consent mechanisms but lacks some advanced security headers and explicit incident response information. Overall, the site demonstrates a high level of trustworthiness and compliance with GDPR, making it a credible and safe resource for its audience.

I

Infenso d.o.o.

infenso.hr

44

Infenso d.o.o. is a Croatian technology company specializing in system integration, network equipment design and implementation, IoT solutions, application development, and advanced 3D visualization. Established in 2013, the company targets businesses and organizations seeking digital transformation and integration services. Their market position is that of a niche technology integrator within Croatia, leveraging modern digital tools and platforms to deliver tailored solutions. The website reflects a professional and consistent brand image with good content quality and relevant business information. Technically, the site is built on WordPress with Elementor, utilizing a modern tech stack including jQuery, Google Analytics, and various JavaScript libraries for enhanced user experience. Performance and mobile optimization are good, though accessibility could be improved. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, but lacks explicit security policies and vulnerability disclosures. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

G

Gradsko društvo Crvenog križa Beli Manastir

gdck-belimanastir.hr

42

Gradsko društvo Crvenog križa Beli Manastir is a local branch of the Croatian Red Cross focused on humanitarian aid, first aid education, blood donation, and volunteer coordination within the Beli Manastir community. The organization operates as a small non-profit entity with a clear mission to support vulnerable populations and promote community health and safety. Their market position is that of a trusted regional humanitarian organization affiliated with the national Croatian Red Cross and supported by European solidarity programs. Technically, the website is built on WordPress with a modern but moderate tech stack including Google Analytics and accessibility tools. The site is mobile optimized and SEO friendly, providing a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS and anonymized analytics, though it lacks some advanced security headers and explicit incident response information. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the website is professional, trustworthy, and serves its community well, but could improve in security and privacy transparency.

K

Komwag, podnik čistoty a údržby města, a.s.

komwag.cz

50

Komwag, podnik čistoty a údržby města, a.s., is a large Czech company providing comprehensive municipal services across the Czech Republic, including waste management, green maintenance, and cleaning services primarily targeting municipalities, government bodies, and private sector clients. The company positions itself as a reliable and professional service provider with a broad portfolio and a strong local presence. The website reflects a mature digital presence with clear branding, extensive service descriptions, and accessible contact information. Technically, the site uses modern web technologies including the cPilot CMS, UIkit framework, and integrates Google Tag Manager for analytics. It is well optimized for mobile devices and demonstrates good SEO and accessibility practices. Security-wise, the site enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data, but lacks explicit security policies or incident response contacts. The absence of WHOIS data limits domain trust assessment, but the professional website and contact details support legitimacy. Overall, the site is secure, compliant with privacy regulations, and professionally maintained, though improvements in security transparency and WHOIS data availability are recommended.

B

Byznysakce.cz

mestoprobyznys.cz

62

Byznysakce.cz operates a specialized platform focused on comparative research and event organization related to business conditions in Czech cities and municipalities. The website serves as a hub for publishing research results, press releases, and hosting events that support local governments and entrepreneurs. The platform leverages Zoho Backstage for event management and integrates various modern web technologies including Ember.js and Google Tag Manager. The site is well-structured, mobile-optimized, and presents a professional image with consistent branding and reputable partners. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers are missing and no cookie consent mechanism is implemented, which may affect privacy compliance. The absence of WHOIS data is a notable transparency gap but does not detract significantly from the overall legitimacy of the site. Strategic recommendations include enhancing privacy compliance, adding security headers, and publishing incident response policies to strengthen trust and security culture.

K

Komwag, podnik čistoty a údržby města, a.s.

2protigraffiti.cz

50

The website 2protigraffiti.cz represents a public service initiative managed by Komwag, a municipal cleaning and maintenance company, focused on graffiti removal in Prague 2. The project has been active since 2010 and serves both private and public property owners, providing anti-graffiti treatments and ongoing maintenance. The site is well-structured, professionally designed, and provides clear contact information and partnership links, reflecting a strong local government collaboration. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and the cPilot CMS platform, with UIkit framework for UI components. It uses Google Tag Manager for analytics and has implemented service workers for progressive web app capabilities. The site is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured content. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR. However, explicit security headers and a published security policy or incident response contacts are absent, representing areas for improvement. No vulnerabilities or suspicious content were detected, and the domain registration data aligns well with the website's public service nature. Overall, the website presents a low-risk profile with a solid business credibility and technical foundation. Strategic enhancements in security policy transparency and incident response readiness would further strengthen its posture.

N

Nadační fond Dvojka srdcem

dvojkasrdcem.cz

44

Nadační fond Dvojka srdcem is a Czech non-profit foundation focused on providing social and financial assistance to residents of Prague 2, particularly families and individuals in need. The foundation offers support such as financial contributions for school supplies, extracurricular activities, and aid for individuals with health challenges. The website presents beneficiary stories and donation progress, reinforcing transparency and community engagement. Technically, the site is built on WordPress with modern plugins and integrates Google Analytics and Tag Manager for tracking. Hosting is provided by a Czech hosting provider, aligning with the foundation's local focus. Security posture is generally good with HTTPS enforced and no exposed sensitive data, but lacks some security headers and formal privacy and cookie policies, which are important for GDPR compliance. Overall, the site is professional, trustworthy, and well-structured, though improvements in privacy compliance and security headers are recommended.

V

Viešoji įstaiga Architektūros fondas

archfondas.lt

50

Architektūros fondas is a Lithuanian non-profit organization established in 2004, dedicated to promoting architectural culture, education, and community engagement. The organization operates various cultural and educational projects, including mentorship programs and international collaborations, targeting a broad audience interested in architecture and culture. The website is professionally designed, content-rich, and well-structured, supporting the organization's mission and outreach efforts. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses several JavaScript libraries for enhanced user experience. It employs SEO best practices and is mobile-optimized. Security-wise, the site uses HTTPS and GDPR-compliant cookie consent mechanisms, though explicit security headers and policies are not evident. Overall, the site demonstrates a mature digital presence with good privacy compliance and trustworthy business information.

Z

Zdravotnické zařízení městské části Praha 4

zzpraha4.cz

53

Zdravotnické zařízení městské části Praha 4 is a public contributory organization operating childcare groups, home babysitting, and other family services in Prague 4. The website serves as an information portal for parents and clients, providing updates, downloadable documents, and contact information. The organization holds a quality certification for childcare groups, indicating a reputable position in the local government sector. Technically, the website is built on WordPress with modern technologies such as jQuery, Bootstrap, Google Maps API, and Google Tag Manager, ensuring a responsive and user-friendly experience. Security posture is generally good with HTTPS enforced, but lacks some security headers and cookie consent mechanisms, which are recommended for compliance and enhanced protection. Overall, the site is safe, professional, and trustworthy, though the absence of WHOIS data slightly reduces domain trustworthiness. Strategic improvements in security headers, privacy compliance, and incident response documentation would strengthen the site's security and compliance profile.

S

Sport Na Františku

sportnafrantisku.cz

45

Sport Na Františku operates a well-established sports complex located in the heart of Prague 1, offering a variety of sports facilities and activities primarily targeting children, schools, and the general public. The website presents a professional and user-friendly interface with detailed information about sports programs, pricing, and event hosting options. Technically, the site is built on WordPress with modern JavaScript libraries and includes cookie consent management and Google Tag Manager integration, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and some privacy controls, but lacks advanced security headers and published security policies. The absence of WHOIS data limits full domain legitimacy verification, representing a moderate risk. Overall, the site is trustworthy and well-positioned in its local market but would benefit from enhanced compliance documentation and security hardening.

I

Icareus Oy

icareus.com

59

Icareus Oy is a Finnish company specializing in premium online video and TV cloud solutions, serving broadcasters, media companies, sports organizations, enterprises, and public organizations globally. Established in 2001, it has a strong market presence with customers in over 60 countries. The company offers a comprehensive suite of products including OTT platforms, broadcast service management, HbbTV solutions, and addressable TV advertising. The website reflects a mature digital infrastructure built on WordPress with modern plugins and integrations for analytics and marketing. Security posture is good with HTTPS and cookie consent mechanisms, though improvements such as CSP headers and a security.txt file are recommended. Privacy compliance is well addressed with clear policies and GDPR adherence. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

B

Business Finland

businessfinland.com

58

Business Finland is a government agency dedicated to promoting business, investment, and innovation in Finland. The website serves as a comprehensive portal for businesses and investors interested in Finnish markets, offering information on trade, export, and investment opportunities. The site positions itself as a gateway to Finland's stable and innovative economy, targeting international business audiences. Technically, the website employs a modern tech stack including Episerver CMS, jQuery, Microsoft Application Insights, and Google Tag Manager, ensuring a robust digital presence with good performance and mobile optimization. Security-wise, the site enforces HTTPS and uses anti-forgery cookies, but lacks some advanced security headers and explicit incident response contacts. Privacy compliance is strong with a detailed cookie consent mechanism and clear privacy and terms of use documentation. Overall, the website is professional, trustworthy, and well-maintained, though the absence of WHOIS data and explicit security policies suggests areas for improvement in transparency and security posture.

B

Bageterie Boulevard

bbbox.cz

60

BBBOX is an online food delivery and catering service affiliated with the Bageterie Boulevard brand, targeting corporate clients and individuals in the Czech Republic. The website offers snack boxes and catering solutions for meetings and events, positioning itself as a convenient and quality-focused service. The business is operated by Lithio spol. s r.o., a company credited in the website metadata and footer. The site is well-branded and professionally designed, with clear navigation and multilingual support.

B

BB Domů

bbdomu.cz

72

BB Domů is a Czech Republic-based retail business specializing in courier delivery services, enabling customers to have their orders delivered directly to their doorsteps. The website is built using modern web technologies including React and Next.js, with integrations for analytics and tracking such as Google Tag Manager and Smartlook. The site demonstrates a good level of technical maturity with proper HTTPS enforcement and security headers, contributing to a secure browsing experience. However, the absence of explicit privacy and terms of service policies, as well as contact information, indicates areas for improvement in compliance and user trust. Overall, the website is functional and professional but would benefit from enhanced transparency and accessibility features.

D

Didaktikon

didaktikon.cz

63

Didaktikon is an educational and popularization center affiliated with Charles University in the Czech Republic, established in 2021. It offers science exhibitions and workshops primarily targeting school children, teachers, and the general public interested in science education. The website reflects a well-structured and professionally branded presence consistent with its academic partnerships and mission. Technically, the site uses common web technologies such as jQuery, Bootstrap, and Matomo analytics, hosted likely on university infrastructure. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks published security policies and security headers. Privacy compliance is basic with no explicit privacy policy found on the main page. Overall, the site is safe, accessible, and trustworthy for its intended audience.

T

Tele2

tele2.com

72

Tele2 is a prominent telecommunications company focused on providing smart connectivity solutions and enabling business transformation through advanced infrastructure. The website reflects a professional and modern digital presence with responsive design and accessibility features. The technical infrastructure includes standard web technologies and integration with Google Tag Manager for analytics and OneTrust for cookie consent management. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks visible security headers and explicit security policies. The absence of WHOIS data is a notable gap, slightly impacting trustworthiness. Overall, the site is functional and professional but could improve transparency and security disclosures.

E

Eräs Teatteri

erasteatteri.fi

57

Eräs Teatteri is a small, community-focused amateur theater group based in Hämeenlinna, Finland. The organization offers theatrical performances, club activities for adults interested in theater, and venue rental services. The website reflects a local cultural entity with a clear focus on engaging the community through arts and performances. The business model is non-profit and community-oriented, targeting general audiences interested in theater and cultural events. The website is professionally presented with consistent branding and clear contact information, supporting trust and engagement.

S

Suomen kansallismuseo

kansallismuseo.fi

56

Suomen kansallismuseo operates as Finland's national museum authority, managing multiple museum sites and castles across the country. The website provides comprehensive information about exhibitions, events, visitor services, and contact details, targeting a broad audience including families, tourists, and culture enthusiasts. The institution holds a strong market position as a government cultural entity offering educational and heritage services.

S

Suomen Tykistö-, Pioneeri- ja Viestimuseoyhdistys ry

museomilitaria.fi

57

Museo Militaria is a Finnish non-profit organization operating one of the largest war and military history museums in Finland, located in Hämeenlinna. The museum offers diverse exhibitions, educational programs, guided tours, and a retail e-commerce platform targeting families, history enthusiasts, and school groups. The website is professionally designed with clear navigation and multilingual support, reflecting a mature digital presence. Technically, the site uses modern frameworks like Bootstrap, integrates multiple analytics and marketing tools, and employs secure payment processing via Paytrail. Security posture is good with HTTPS enforced and cookie consent implemented, though it lacks explicit security headers and a dedicated security policy page. Overall, the website is trustworthy, compliant with GDPR, and provides comprehensive contact and policy information.

F

FRS GmbH & Co. KG

frs.world

71

FRS GmbH & Co. KG is a well-established international ferry operator with a history dating back to 1866. The company operates approximately 70 vessels worldwide, providing passenger and freight ferry services across Europe, North Africa, North America, and the Middle East. Their business model includes diversified maritime services such as offshore logistics, port management, crewing, and maritime consultancy, positioning them as a leading specialist in the ferry shipping industry. The website reflects a professional and consistent brand presence with comprehensive information about their subsidiaries and services. Technically, the website is built on TYPO3 CMS, employs modern web technologies including responsive design and WebP images, and integrates Google Tag Manager for analytics. The site is mobile-optimized and accessible, with clear navigation and SEO-friendly metadata. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though security headers and explicit security policies are not evident. The WHOIS data is privacy protected, limiting transparency on domain registration details; however, the website's professional presentation, linked subsidiaries, and social media presence support its legitimacy. No WAF or blocking mechanisms were detected, and the site content is safe for general audiences. Overall, FRS demonstrates a mature digital presence aligned with its business stature, though improvements in security policy transparency and security headers could enhance trust and compliance further.

B

Bild.ua

bild.ua

61

Bild.ua is a Ukrainian real estate portal specializing in listings of new residential complexes across Ukraine. The platform offers a unique reliability index for new buildings, helping buyers make informed decisions. It targets property buyers and investors seeking trustworthy information about developers and new construction projects. The website is well-positioned in the Ukrainian real estate market with a medium-sized operation founded in 2013. Technically, the site uses modern web technologies including React and Redux, and integrates analytics tools such as Google Analytics and Facebook Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS and security headers implemented, though it lacks explicit security policies and incident response contacts. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the site is legitimate, professional, and trustworthy, with room for improvement in privacy and security transparency.

V

Venuu Oy

venuu.fi

62

Venuu Oy operates Venuu.fi, Finland's largest and most popular online platform for booking event venues, catering, and related event services. Established in 2013, the company offers over 6500 venues for various occasions including meetings, weddings, parties, and sauna evenings. The platform targets event organizers and venue owners, providing a marketplace that simplifies venue discovery and booking. The website demonstrates a mature market position with strong brand recognition and partnerships with major Finnish companies. Technically, the site is built on a modern Rails framework with integration of analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Segment Analytics. Hosting is managed via AWS infrastructure, ensuring reliable performance and scalability. Security posture is solid with HTTPS enforced and CSRF protections in place, though some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional, user-friendly, and trustworthy, supporting a medium-sized business in the hospitality sector.

D

Digia Oyj

digia.com

63

Digia Oyj is a well-established Finnish software and service company founded in 1997, specializing in digital transformation, AI, analytics, and cybersecurity services. The company targets businesses and organizations seeking to leverage technology for smarter business operations and sustainable futures. Their market position is strong in Finland with a large company size and a comprehensive service portfolio. The website is professionally designed, mobile-optimized, and uses HubSpot CMS with modern marketing and analytics tools. Security posture is good with HTTPS enforced and clientTransferProhibited domain status, though DNSSEC is not enabled and some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Contact is primarily via web forms, with no direct emails or phone numbers publicly listed. Overall, the website reflects a credible, professional, and trustworthy business presence.

P

Parasta Lapsille ry

parastalapsille.fi

60

Parasta Lapsille ry is a well-established Finnish non-profit organization focused on child welfare and family well-being. The organization offers camps, weekend activities, and volunteer opportunities to support children and families, emphasizing multicultural inclusion. The website reflects a mature digital presence with clear branding, comprehensive content, and active social media engagement. Technically, the site is built on WordPress with modern plugins and is hosted behind Cloudflare, ensuring good performance and security. Privacy compliance is robust, featuring GDPR-aligned cookie consent and a detailed privacy policy. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the domain WHOIS data aligns well with the organization's identity, supporting high legitimacy and trust.

P

ProAgria

proagria.fi

58

ProAgria is a Finnish company specializing in expert services and knowledge to enhance the competitiveness of agriculture and rural business operations. The company offers a broad range of services including management, finance, accounting, crop production, animal production, and sustainable development. Positioned as a leading service provider in Finland's agricultural sector, ProAgria targets farms and rural enterprises seeking professional consulting and development support. The website reflects a mature digital presence with a modern CMS (Craft CMS), responsive design, and structured data for SEO. The technical infrastructure includes modern JavaScript frameworks and delayed Google Tag Manager loading to optimize performance. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit cookie consent mechanisms and published security policies are absent. Overall, the site is professional, trustworthy, and well-aligned with the business's market position and audience.

O

Oulun yliopisto

oulu.fi

75

Oulun yliopisto is a large, internationally active research university based in Finland, providing higher education and producing scientific knowledge and solutions. The website reflects a mature digital presence built on Drupal 10, integrating modern analytics and consent management tools such as Google Analytics, Matomo, and CookieInformation. The site is well-structured, mobile-optimized, and accessible, with clear navigation and professional design. Security posture is strong with HTTPS enforced and Cloudflare used for hosting and protection, although explicit security policies and incident response contacts are not published. Privacy compliance is robust, featuring a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the domain registration and website content are consistent and trustworthy, representing a legitimate educational institution.

M

Martat

martat.fi

62

Martat is a Finnish non-profit organization dedicated to promoting home and family wellbeing and the appreciation of household management. The website serves as a comprehensive portal for membership, educational courses, events, publications, and community engagement. It targets Finnish households and families interested in sustainable and responsible living. The organization has a strong national presence with local chapters and a variety of services including international aid projects. Technically, the site is built on WordPress with WooCommerce and integrates modern JavaScript libraries and third-party services for analytics, feedback, and chat support. The site is well-optimized for SEO, mobile-friendly, and accessible. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response policies are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

R

Rideer Nordic Oy

synergybus.se

42

SynergyBus, operated by Rideer Nordic Oy, is an online platform specializing in connecting taxi and bus companies with customers seeking transportation services in the Nordic region. The website positions itself as a leading marketplace for order traffic, offering a large volume of daily offer requests and facilitating business growth for transport providers. The platform's business model revolves around generating and managing transportation service quotes, targeting primarily taxi and bus operators. The company is relatively young, founded in 2022, and maintains a consistent brand presence with trust certifications and EU co-funding indicators. Technically, the website employs a modern tech stack including Bootstrap for responsive design, jQuery, FontAwesome icons, and integrates multiple analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and Ahrefs Analytics. The site is mobile-optimized with good SEO practices but lacks some accessibility features and advanced security headers. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks DNSSEC, security headers, and formal privacy or cookie policies, which are important for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security governance. The WHOIS data is consistent with the business claims, showing a legitimate domain registration without privacy protection, appropriate domain age, and active status. Overall, SynergyBus presents a professional and functional online presence with solid business credibility but requires enhancements in privacy compliance and security best practices to strengthen its risk posture and regulatory adherence.

R

Ridee Nordic Oy

bokabuss.nu

52

Bokabuss.nu is a Swedish transportation service platform that enables users to request and compare quotes for bus and minibus transportation across Sweden. The company, operated by Ridee Nordic Oy, has been active since 2011 and maintains a medium-sized presence in the Nordic transportation market. The website is professionally designed with a clear user journey for submitting transport requests and accessing operator offers. Technically, the site uses modern frameworks such as Bootstrap and jQuery, integrates Google Analytics and marketing tools, and employs Cloudflare for hosting and security. The cookie consent mechanism is comprehensive and GDPR compliant, reflecting a mature approach to privacy. Security posture is good with HTTPS enforced, though some security headers could be improved and DNSSEC is not enabled. No critical vulnerabilities or suspicious patterns were detected. Overall, the site is trustworthy, professional, and well-positioned in its market niche.

L

LUGA

luga.lu

63

LUGA is a cultural event organizer hosting an ephemeral urban garden exhibition in Luxembourg from May to October 2025. The website serves as an information and engagement platform for visitors, volunteers, and partners, showcasing event details, locations, and news. The site is well designed, multilingual, and optimized for SEO and accessibility, reflecting a mature digital presence. Technically, it leverages WordPress CMS, Cloudflare for DNS and CDN, and integrates modern analytics and consent management tools, indicating a good level of digital maturity. Security posture is solid with HTTPS, security headers, and cookie consent, though explicit security policies and incident response contacts are absent. Overall, the site is trustworthy, professional, and compliant with GDPR requirements.

W

Worldsoft AG

worldsoft-partner.website

60

Worldsoft-Partner.website is a German-language franchise platform operated by Worldsoft AG, a Swiss company established in 2000. The website offers a turnkey business concept for individuals and entrepreneurs to start their own internet agency, leveraging Worldsoft's 20+ years of experience and a large customer base. The business model focuses on creating mobile-optimized websites quickly using proprietary tools, supported by online training, marketing materials, and personal coaching. Technically, the site uses a modern JavaScript stack with multiple analytics and marketing integrations, including Google Analytics, Facebook Pixel, LinkedIn Insight, Hotjar, and Elfsight widgets. The website is mobile-optimized and well-structured, providing a professional user experience. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and visible security headers. Privacy compliance is partially met with a privacy policy linked externally but lacks a cookie consent mechanism. Overall, the domain registration is consistent with the business claims, indicating legitimacy and trustworthiness.

Sherpas TECH, s.r.o. is a Czech-based technology and marketing company specializing in retention marketing and technology integration services. The company offers a range of services including email marketing strategy, technology implementation for retention marketing, data engineering in CRM systems, and advanced customer analytics. Their website reflects a professional and consistent brand image, targeting B2B clients seeking to optimize marketing performance through technology. The company demonstrates a solid market position supported by client references and a clear business focus. Technically, the website employs modern tools such as Google Analytics, Google Tag Manager, and CookieScript for consent management, indicating a mature digital infrastructure. The site is built likely on the Nette Framework, with responsive design and good SEO practices. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site uses HTTPS with no visible critical vulnerabilities. Cookie consent is implemented with opt-in mechanisms, and forms include anti-bot measures. However, there is no publicly available security policy or incident response information, which could be improved to enhance trust and compliance. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR cookie consent requirements. Strategic recommendations include publishing security and incident response policies, enhancing security headers, and improving accessibility. The domain WHOIS data aligns well with the website content, supporting legitimacy and trustworthiness.

T

Tabernas 21, s.r.o.

citybee.cz

58

CityBee.cz is a Czech online media platform focused on providing curated event listings, venue recommendations, and cultural tips primarily for Prague residents and visitors. The website operates under the company Tabernas 21, s.r.o., established around 2012, and positions itself as a trusted local guide with editorial content and advertising services. The platform integrates advertising partnerships and offers business registration services for local venues. Technically, the site uses legacy JavaScript libraries like jQuery 1.8.3, Google Tag Manager, and Facebook SDK, with a moderate performance profile and basic mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks modern security headers and uses outdated libraries, which could pose risks. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for media businesses. Overall, the site is professional, content-rich, and safe for general audiences.

S

StavbaWeb

stavbaweb.cz

51

StavbaWeb is a Czech-language online platform dedicated to sharing information about construction products, architectural projects, and companies in the architecture and construction sectors. It serves as a niche media outlet providing news, project showcases, and industry insights primarily targeting architects, construction professionals, and related stakeholders in the Czech Republic. The website features a modern WordPress-based infrastructure with various plugins supporting GDPR compliance and user engagement. It integrates Google Tag Manager and Facebook SDK for analytics and marketing purposes. Security posture is moderate with HTTPS enforced and some security plugins in place, but lacks explicit security headers and published security policies. The absence of WHOIS data limits domain trust assessment, though the site appears professional and well-maintained. Privacy compliance is partial, with cookie consent implemented but no clear privacy policy page found. Overall, the site is a credible resource within its industry niche but would benefit from enhanced transparency and security documentation.

Luxembourg for Finance is a government-related agency focused on the development and promotion of Luxembourg's financial services industry. Established in 2008, it serves as a key player in identifying new business opportunities and supporting the financial sector's growth. The website reflects a professional and consistent brand image, targeting financial industry stakeholders and investors interested in Luxembourg's market. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates analytics tools including Google Analytics and Piwik PRO. It employs Google Tag Manager and reCAPTCHA for enhanced tracking and security. The site is mobile-optimized and demonstrates good SEO practices, though accessibility features could be improved. From a security perspective, the site uses HTTPS and has implemented cookie consent mechanisms to comply with GDPR. However, it lacks visible security headers and explicit security or incident response policies on the site. The absence of WHOIS domain registration data raises concerns about domain transparency and legitimacy, although the professional content and social media presence mitigate some risk. Overall, the website presents a moderate risk profile with good content quality and technical implementation but requires improvements in privacy transparency, contact information availability, and domain registration clarity. Strategic recommendations include publishing comprehensive privacy and terms of service policies, enhancing security headers, and verifying domain registration details to strengthen trust and compliance.

K

Kultur | lx – Arts Council Luxembourg

kulturlx.lu

58

Kultur | lx – Arts Council Luxembourg is a governmental cultural promotion organization dedicated to supporting artists and promoting Luxembourg's cultural creation. The website serves as a comprehensive platform for cultural news, events, funding opportunities, and resources, targeting artists, cultural professionals, and the general public interested in Luxembourg's arts scene. The organization holds a strong national position as the official arts council, supported by government partnerships and a clear mission to foster cultural development. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates Google services like Tag Manager and reCAPTCHA. Accessibility features and GDPR-compliant cookie management via Axeptio demonstrate digital maturity and compliance. The site is mobile-optimized and well-structured, providing a positive user experience. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though the absence of explicit security headers and incident response information suggests room for improvement. No vulnerabilities or exposed sensitive data were detected. The lack of WHOIS data limits domain trust verification, but the professional presentation and official branding mitigate concerns. Overall, the website is a trustworthy, well-maintained digital presence for a government cultural entity, with recommendations to enhance security headers and incident response transparency to further strengthen its security posture.

L

Luxinnovation

luxinnovation.lu

79

Luxinnovation is Luxembourg's national innovation agency dedicated to empowering companies to innovate and fostering a sustainable and digital economy. The website reflects a mature digital presence with comprehensive content targeting startups, businesses, and research organizations. The technical infrastructure leverages modern web technologies, including Tailwind CSS, Alpine.js, Kentico CMS, and integrates multiple analytics and marketing tools such as Matomo, Google Tag Manager, Facebook Pixel, and LinkedIn Insight. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Privacy compliance is partial, with cookie consent implemented but lacking a visible privacy policy or terms of service. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

V

Visit Turku Archipelago Oy

visitturku.fi

44

Visit Turku Archipelago Oy operates the official tourism website for Turku and its archipelago, providing comprehensive information on local attractions, dining, accommodation, and events. The website serves both tourists and local residents, positioning itself as a trusted source for travel inspiration and practical information. The business model focuses on promoting regional tourism and supporting local partners through digital content and event listings. Technically, the site employs modern web technologies including Google Tag Manager, Google Maps API, and Vimeo for multimedia content, hosted with Azure DNS services. The site is mobile-optimized and accessible, with good SEO practices and a clear navigation structure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the domain registration data aligns well with the business, indicating legitimacy and trustworthiness. Strategic recommendations include enhancing security headers, publishing explicit security policies, and adding a vulnerability disclosure channel to further strengthen trust and compliance.

T

Trimble

asiointi.fi

62

The website upa.trimble.com/fi-fi/ratkaisut/asiointi serves as a Finnish regional portal for Trimble's Utilities & Public Administration division. Trimble is a global technology company specializing in advanced solutions for sectors such as energy, public administration, and utilities. The site targets Finnish utilities and public sector organizations, offering digital transformation and operational efficiency solutions. The business model is B2B, focusing on providing software and technology services to utility companies and government entities. The website branding and content align well with Trimble's global identity, indicating a strong market position in the regional sector. Technically, the website employs modern web technologies including React, Webpack, and integrates multiple marketing and analytics tools such as Google Tag Manager, Google Analytics, Marketo Munchkin, and Leadfeeder. The site is moderately optimized for performance and mobile use, with basic accessibility features. However, explicit security headers and privacy policies are not evident in the provided HTML snapshot, suggesting areas for improvement in compliance and security transparency. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML. No WAF or blocking mechanisms were detected, and no vulnerabilities were apparent from the content. However, the absence of visible security headers and privacy/cookie policies reduces the overall security posture score. Incident response and vulnerability disclosure information are also missing, which could be enhanced to improve trust and compliance. Overall, the website is professional, trustworthy, and aligned with Trimble's business objectives. The main risks relate to privacy compliance and security transparency, which can be addressed by adding clear policies and security headers. The domain WHOIS data for the subdomain is not available, which is typical, but the main domain trimble.com is well-established and legitimate, supporting the site's credibility.

T

Timmi Software Oy

timmi.fi

62

Timmi Software Oy is a Finnish software company specializing in time management and smart infrastructure solutions for public sector and healthcare organizations. With over 30 years of experience, they serve more than 100 Finnish companies and public institutions, offering products like Smart City and Smart Hospital software. Their market position is strong within Finland, supported by trusted client references and a focus on integration and ease of use. Technically, the website is built on Webflow with modern analytics and consent tools, demonstrating digital maturity and good performance. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent, though explicit security policies and headers could be improved. Overall, the company presents a professional, trustworthy online presence with clear contact channels and compliance with GDPR.

Ramboll Group is a leading international design and consultancy firm specializing in sustainable solutions across private and public sectors worldwide. With over 18,000 experts, Ramboll delivers engineering, environmental, and construction consulting services focused on creating positive societal impact. The website reflects a mature digital presence with modern technologies such as Next.js, React, and Chakra UI, supported by advanced analytics and consent management tools. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although the absence of a public security policy and incident response contact is noted. The missing WHOIS data is unusual but does not detract significantly from the overall trustworthiness given the professional branding and comprehensive content. Strategic recommendations include publishing explicit security and incident response policies and verifying domain registration details for completeness.

L

Liana Technologies Oy

liana.fi

65

Liana Technologies Oy is a Finnish technology company specializing in digital marketing and communication tools under the Liana®Cloud product family. The company targets marketing and communication teams, offering SaaS solutions such as marketing automation, email marketing, webinar hosting, and analytics. The website reflects a professional and consistent brand image with a focus on digital marketing efficiency. Technically, the site employs modern web technologies including jQuery, Bootstrap, Matomo analytics, and integrates third-party services like Stripe for payments and Pipedrive for chatbot functionality. Security posture is strong with HTTPS enforced, cookie consent implemented, and privacy-respecting analytics in use. However, explicit privacy policies and terms of service pages were not found in the provided content, indicating room for improvement in compliance transparency. Overall, the website is well-designed, mobile-optimized, and trustworthy, with a moderate to high security maturity level.

S

Synology Inc.

sy.to

76

Synology Inc. is a well-established technology company specializing in data management, storage, backup, and cloud solutions. The company offers a broad portfolio of products including NAS and SAN storage systems, backup and recovery solutions, surveillance systems, networking devices, and productivity software. Positioned as a global leader in the data storage industry, Synology targets both business and individual users seeking scalable and secure data management platforms. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding consistent with its market position. Technically, the website employs modern web technologies such as Vue.js and jQuery, integrates Google Tag Manager and LiveChat for analytics and customer engagement, and demonstrates good performance and mobile optimization. The site is well-structured with proper SEO and accessibility considerations, indicating a high level of digital maturity. From a security perspective, Synology demonstrates strong commitment through HTTPS enforcement, detailed security policies, a secure development lifecycle, supply chain risk management, and a public bounty program. Cookie consent mechanisms and privacy policies align with GDPR compliance, enhancing user trust. No critical vulnerabilities or security issues were detected in the analysis. Overall, the website presents a low-risk profile with strong business credibility, technical robustness, and privacy compliance. Strategic recommendations include publishing a security.txt file to facilitate vulnerability reporting and explicitly listing a Data Protection Officer contact to further enhance compliance transparency.

P

Poutapilvi

poutapilvi.fi

71

Poutapilvi is a Finnish digital agency specializing in digital service design, WordPress and WooCommerce development, and content marketing support. The company positions itself as a reliable partner for businesses and organizations seeking professional web solutions, emphasizing accessibility, usability, and customer service excellence. Their market presence is supported by multiple references and a high credit rating, indicating strong business credibility. Technically, the website is built on WordPress with a modern tech stack including Algolia search, Matomo analytics, and Google Tag Manager. The site demonstrates excellent performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though the absence of explicit security policies and incident response contacts suggests room for improvement. No critical vulnerabilities or suspicious indicators were found, supporting a high trust level. Overall, Poutapilvi presents a professional, secure, and privacy-conscious digital presence suitable for its target audience. Strategic enhancements in security transparency and incident readiness would further strengthen their position.

S

Seravo

seravo.com

78

Seravo is a Finnish company specializing in premium managed WordPress hosting services, focusing on site speed, security, and automatic updates with continuous 24/7 monitoring. The company positions itself as a niche provider targeting WordPress site owners and agencies seeking reliable and secure hosting solutions. Their business model is subscription-based, emphasizing high-quality service and compliance with industry standards such as ISO 27001 and GDPR. The website reflects a professional and consistent brand image with comprehensive business and security information.

V

Visit Naantali

visitnaantali.com

55

Visit Naantali operates as the official tourism website for the Naantali region in Finland, providing comprehensive information about local attractions, events, accommodations, and activities. The site targets tourists and visitors seeking to explore Naantali, positioning itself as a trusted and authoritative source for travel planning in the area. The business model focuses on tourism promotion and visitor engagement through digital content and booking facilitation. Technically, the website is built on WordPress with modern technologies including Bootstrap 5 for responsive design, Yoast SEO for search optimization, and Cookiebot for GDPR-compliant cookie consent management. The infrastructure includes Google Tag Manager and Matomo Analytics for tracking and performance monitoring. The site demonstrates good mobile optimization and accessibility features, though some accessibility aspects could be enhanced. From a security perspective, the website enforces HTTPS and employs clientTransferProhibited status on the domain to prevent unauthorized transfers. Cookie consent is actively managed, and no critical vulnerabilities or exposed sensitive data were detected. However, DNSSEC is not enabled, and additional HTTP security headers could be implemented to strengthen security posture further. Overall, the website presents a professional, trustworthy, and user-friendly platform for tourism promotion with a solid technical foundation and good privacy compliance. The absence of explicit privacy policy and terms of service pages in the scanned content is a gap that should be addressed to improve compliance and user trust.

T

THEMESPRIDE

themespride.com

68

THEMESPRIDE operates as a specialized e-commerce platform offering premium WordPress themes and theme bundles primarily targeting web developers, designers, and businesses seeking professional website templates. The company leverages the Shopify platform to deliver a streamlined shopping experience, supported by integrations with marketing and analytics tools such as Google Tag Manager, Facebook Pixel, Klaviyo, and Judge.me for customer reviews. The website presents a professional design with clear navigation and mobile optimization, enhancing user experience and engagement. From a technical perspective, THEMESPRIDE utilizes a modern tech stack centered around Shopify's Dawn theme, supported by JavaScript libraries like jQuery and various third-party scripts for analytics and marketing. The site benefits from Shopify's hosting infrastructure, ensuring fast performance and reliable uptime. Security measures include HTTPS enforcement and the use of hCaptcha for form protection, alongside a cookie consent mechanism compliant with GDPR requirements. However, explicit security headers and a dedicated security policy are absent, representing areas for improvement. The security posture is generally sound with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed through comprehensive privacy and cookie policies, though incident response and vulnerability disclosure information are lacking. The absence of WHOIS data due to privacy protection or unregistered status slightly diminishes trust but is common among small e-commerce businesses. Overall, THEMESPRIDE demonstrates a mature digital presence with room to enhance transparency and security best practices. Strategically, THEMESPRIDE should focus on implementing explicit security headers, publishing a security policy, and establishing incident response contacts to bolster trust and compliance. Regular audits of third-party scripts and enhanced transparency on data retention will further strengthen their security and privacy posture. These steps will support sustained growth and customer confidence in a competitive market.