Security Directory

J

Jätelautakunta Kolmenkierto

kolmenkierto.fi

67

Jätelautakunta Kolmenkierto is a Finnish governmental waste management authority serving 13 municipalities. The organization provides regulatory oversight and services related to waste management, including waste fees, composting notifications, and waste regulations. The website is professionally designed, targeting residents and municipal stakeholders within its service area. It operates under the parent organization Hämeenlinnan kaupunki and maintains a consistent brand presence online. Technically, the website is built on WordPress CMS with modern plugins such as Yoast SEO and Cookiebot for privacy compliance. It uses Matomo analytics to respect user privacy and implements HTTPS with good SSL configuration. The site is mobile-optimized and accessible, with good SEO practices in place. From a security perspective, the site enforces HTTPS and cookie consent but lacks a dedicated security policy or incident response information. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear cookie categories and GDPR adherence. The domain registration aligns well with the website's governmental nature, enhancing trustworthiness. Overall, the website presents a low-risk profile with good privacy and security practices. Strategic recommendations include publishing a security policy, adding incident response contacts, and enhancing security headers to further strengthen the security posture.

A

Association des Agences Marketing et Communication | MarkCom

markcom.lu

56

MarkCom is a well-established non-profit association representing 29 leading marketing and communication agencies in Luxembourg since 1995. The organization promotes excellence, best practices, training, and advocacy for agencies and advertisers. The website is professionally designed, mobile-optimized, and rich in relevant content including events, tools, and news updates. Technically, the site is built on WordPress with modern plugins and performance optimizations, hosted via EuroDNS. Security posture is strong with HTTPS, security headers, and consent management, though explicit security policies and incident response information are absent. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the domain registration and hosting details align with the business profile, indicating legitimacy and trustworthiness.

P

Parasta Lapsille ry

parastalapsille.fi

60

Parasta Lapsille ry is a well-established Finnish non-profit organization focused on child welfare and family well-being. The organization offers camps, weekend activities, and volunteer opportunities to support children and families, emphasizing multicultural inclusion. The website reflects a mature digital presence with clear branding, comprehensive content, and active social media engagement. Technically, the site is built on WordPress with modern plugins and is hosted behind Cloudflare, ensuring good performance and security. Privacy compliance is robust, featuring GDPR-aligned cookie consent and a detailed privacy policy. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the domain WHOIS data aligns well with the organization's identity, supporting high legitimacy and trust.

Luxembourg for Finance is a government-related agency focused on the development and promotion of Luxembourg's financial services industry. Established in 2008, it serves as a key player in identifying new business opportunities and supporting the financial sector's growth. The website reflects a professional and consistent brand image, targeting financial industry stakeholders and investors interested in Luxembourg's market. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates analytics tools including Google Analytics and Piwik PRO. It employs Google Tag Manager and reCAPTCHA for enhanced tracking and security. The site is mobile-optimized and demonstrates good SEO practices, though accessibility features could be improved. From a security perspective, the site uses HTTPS and has implemented cookie consent mechanisms to comply with GDPR. However, it lacks visible security headers and explicit security or incident response policies on the site. The absence of WHOIS domain registration data raises concerns about domain transparency and legitimacy, although the professional content and social media presence mitigate some risk. Overall, the website presents a moderate risk profile with good content quality and technical implementation but requires improvements in privacy transparency, contact information availability, and domain registration clarity. Strategic recommendations include publishing comprehensive privacy and terms of service policies, enhancing security headers, and verifying domain registration details to strengthen trust and compliance.

K

Kultur | lx – Arts Council Luxembourg

kulturlx.lu

58

Kultur | lx – Arts Council Luxembourg is a governmental cultural promotion organization dedicated to supporting artists and promoting Luxembourg's cultural creation. The website serves as a comprehensive platform for cultural news, events, funding opportunities, and resources, targeting artists, cultural professionals, and the general public interested in Luxembourg's arts scene. The organization holds a strong national position as the official arts council, supported by government partnerships and a clear mission to foster cultural development. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates Google services like Tag Manager and reCAPTCHA. Accessibility features and GDPR-compliant cookie management via Axeptio demonstrate digital maturity and compliance. The site is mobile-optimized and well-structured, providing a positive user experience. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though the absence of explicit security headers and incident response information suggests room for improvement. No vulnerabilities or exposed sensitive data were detected. The lack of WHOIS data limits domain trust verification, but the professional presentation and official branding mitigate concerns. Overall, the website is a trustworthy, well-maintained digital presence for a government cultural entity, with recommendations to enhance security headers and incident response transparency to further strengthen its security posture.

R

Research Luxembourg

researchluxembourg.org

63

Research Luxembourg is a collaborative initiative representing major public research institutions in Luxembourg, supported by the Ministry of Higher Education and Research. The website serves as a portal for research news, career opportunities, and industry collaborations, positioning itself as a key national research platform. Technically, the site is built on WordPress with modern JavaScript libraries and SEO optimizations, delivering a professional and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers and incident response information could be improved. Overall, the domain and website present a trustworthy and credible presence aligned with public research objectives.

V

Visit Naantali

visitnaantali.com

55

Visit Naantali operates as the official tourism website for the Naantali region in Finland, providing comprehensive information about local attractions, events, accommodations, and activities. The site targets tourists and visitors seeking to explore Naantali, positioning itself as a trusted and authoritative source for travel planning in the area. The business model focuses on tourism promotion and visitor engagement through digital content and booking facilitation. Technically, the website is built on WordPress with modern technologies including Bootstrap 5 for responsive design, Yoast SEO for search optimization, and Cookiebot for GDPR-compliant cookie consent management. The infrastructure includes Google Tag Manager and Matomo Analytics for tracking and performance monitoring. The site demonstrates good mobile optimization and accessibility features, though some accessibility aspects could be enhanced. From a security perspective, the website enforces HTTPS and employs clientTransferProhibited status on the domain to prevent unauthorized transfers. Cookie consent is actively managed, and no critical vulnerabilities or exposed sensitive data were detected. However, DNSSEC is not enabled, and additional HTTP security headers could be implemented to strengthen security posture further. Overall, the website presents a professional, trustworthy, and user-friendly platform for tourism promotion with a solid technical foundation and good privacy compliance. The absence of explicit privacy policy and terms of service pages in the scanned content is a gap that should be addressed to improve compliance and user trust.

Š

Škola kreativní fotografie s.r.o.

nauctesefotit.cz

44

Škola kreativní fotografie s.r.o. is a private photography school based in Prague, Czech Republic, offering a variety of photography courses, workshops, and certification programs primarily targeting photography enthusiasts and students preparing for art schools. The website is professionally designed using WordPress with modern plugins and technologies such as Yoast SEO and Google reCAPTCHA, ensuring a secure and user-friendly experience. However, the absence of WHOIS data and privacy/cookie policies indicates areas for improvement in transparency and compliance. The site demonstrates good security posture with HTTPS and form protections but lacks some security headers and formal privacy documentation. Overall, the business appears legitimate and well-established with a strong local presence and partnerships, though domain registration details should be clarified to enhance trust.

O

Open House Europe

openhouseeurope.org

47

Open House Europe is a non-profit cultural organization founded in 2023 and coordinated by the Public institution Architektūros fondas in Lithuania. It operates a network of architecture festivals across Europe, focusing on themes such as sustainability, accessibility, inclusion, and future heritage. The organization engages the public through events, volunteer programs, and annual summits, supported by European cultural funding and media partnerships. The website reflects a professional and consistent brand presence with rich content targeting architecture enthusiasts and the general public interested in urban heritage. Technically, the website is built on WordPress with modern technologies including Bootstrap, jQuery, and Lottie animations. It uses Yoast SEO for optimization and integrates Google Analytics and MailerLite for marketing and analytics. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the site uses HTTPS with a valid SSL certificate and employs secure form handling with nonce tokens. However, DNSSEC is not enabled, and security headers are not explicitly detected. There is no visible security or incident response policy, and no cookie consent mechanism is implemented, which may impact GDPR compliance. The WHOIS data is consistent with the organization's claims, showing a legitimate and recently registered domain. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation but could improve in privacy compliance and security best practices to enhance trust and regulatory adherence.

H

Hrvatski Crveni križ Društvo Crvenog križa Osječko-baranjske županije

dckobz.hr

48

Hrvatski Crveni križ Društvo Crvenog križa Osječko-baranjske županije is a regional humanitarian non-profit organization operating in Croatia's Osječko-baranjska županija. The organization focuses on community support, youth engagement, first aid training, disaster response, blood donation, and social welfare activities. Their website reflects a well-structured and content-rich platform that communicates their mission, projects, and news effectively to the general public and stakeholders. The organization maintains a consistent brand presence and provides multiple contact channels including email, phone, and a contact form, supported by active social media profiles.

A

AllSides Education Fund

allsideseducationfund.org

64

AllSides Education Fund is a nonprofit organization dedicated to strengthening democratic society by enhancing media literacy, providing balanced news access, and fostering constructive conversations across political divides. Founded in 2015 as a joint initiative of AllSides, Living Room Conversations, and the Mediators Foundation, it offers educational resources, scholarships, and grants primarily targeting educators and community leaders. The website serves as a platform to promote these services and facilitate donations and grant applications. Technically, the website is built on WordPress using modern plugins such as Yoast SEO and GiveWP for donations, with a responsive design optimized for accessibility and SEO. Hosting is supported by Amazon AWS infrastructure, and the site employs Google Tag Manager for analytics and tracking. While the site uses HTTPS and has domain transfer protections, it lacks DNSSEC and some security headers, indicating room for security improvements. From a security perspective, the site demonstrates a moderate security posture with no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies and incident response information, along with missing DNSSEC, suggests potential compliance and security gaps. Privacy policies and cookie policies are present but do not include explicit consent mechanisms, which may affect GDPR compliance. Overall, the website is professional, trustworthy, and well-aligned with its nonprofit educational mission. Strategic recommendations include enhancing DNS security, implementing security headers, and improving privacy compliance mechanisms to strengthen trust and security posture.

C

College Magazine, LLC

collegemagazine.com

65

College Magazine, LLC operates a professional online media platform focused on providing college-related content authored by students nationwide. The website offers comprehensive guides on colleges, majors, internships, career advice, and student life, positioning itself as a niche educational media outlet. The platform leverages a modern WordPress infrastructure with advanced SEO and analytics tools, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement and privacy management tools, though explicit privacy and terms pages are missing, which should be addressed to improve compliance and trust. WHOIS data is unavailable or privacy protected, slightly impacting domain trust but not detracting from the professional presentation and content quality. Overall, the site is a credible resource for college students and prospective applicants.

EZProvider Networks Inc. operates the website www.ezp.net, providing web hosting services primarily focused on the Vancouver and Canadian market. Their offerings include shared hosting, VPS hosting, and dedicated server hosting, targeting businesses and individuals seeking reliable and fast Canadian-based hosting solutions. The company positions itself as a local, customer-focused provider emphasizing performance and support. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, Yoast SEO, and Google Analytics, indicating a moderate level of digital maturity. The site is mobile optimized and performs well with clear navigation and professional design. Security posture is adequate with HTTPS enforced and use of Google reCAPTCHA; however, the absence of security headers and cookie consent mechanisms indicates room for improvement. The lack of WHOIS data for the domain is a notable concern, impacting trust and legitimacy assessments. Overall, the website is functional and professional but would benefit from enhanced security practices and privacy compliance measures.

L

Luxembourg - Let's Make It Happen (LMIH)

lmih.lu

47

Luxembourg - Let's Make It Happen (LMIH) is an official government-backed platform designed to inspire and connect actors involved in promoting Luxembourg internationally. The website offers a rich selection of multimedia tools, branding guidelines, and partnership opportunities to support the promotion of Luxembourg's values and talents. It targets both national and international audiences including ministries, public administrations, businesses, and associations. The platform is positioned as a central resource for Luxembourg's national branding efforts, leveraging modern web technologies and a multilingual approach to maximize reach and engagement. Technically, the website is built on WordPress 6.8.1 with a modern tech stack including Yoast SEO, jQuery, Select2, Swiper.js, and Matomo analytics for privacy-conscious tracking. It employs HTTPS with good SSL configuration and integrates Google reCAPTCHA v2 for form security. Accessibility features and SEO optimizations are well implemented, contributing to a positive user experience across devices. However, explicit privacy and cookie policy pages are not detected in the provided content, which is a compliance gap. From a security perspective, the site follows best practices such as HTTPS enforcement and CAPTCHA protection on forms. The use of Matomo analytics and Axeptio cookie consent indicates a privacy-aware approach. Nonetheless, the absence of security headers and vulnerability disclosure policies suggests room for improvement in security posture. No vulnerabilities or suspicious activities were detected in the analysis. Overall, the website presents a professional, trustworthy, and well-structured platform aligned with its government branding mission. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, and establishing a vulnerability disclosure mechanism to enhance compliance and security maturity.

H

heap studio

heap.lu

50

Heap studio is a small creative digital agency based in Luxembourg specializing in web development, design, branding, and consulting services. The company positions itself as a success-oriented studio focused on delivering purposeful and targeted results for clients, primarily businesses and organizations seeking digital creative solutions. Their portfolio showcases a variety of projects emphasizing brand identity, UX/UI design, and front-end and back-end development. Technically, the website is built on WordPress with modern tools such as Yoast SEO and GSAP animations, hosted by Infomaniak, a reputable provider. The site demonstrates good mobile optimization, SEO practices, and a professional design, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is trustworthy and professional but could improve in compliance and security transparency.

R

Ruskon kunta

rusko.fi

49

Ruskon kunta is the official municipal government entity for the Rusko region in Finland, providing a comprehensive digital platform for residents and stakeholders. The website offers extensive information on local government services, community events, employment, education, and wellbeing. It serves as a key communication channel for municipal announcements and public engagement. The technical infrastructure is based on a modern WordPress CMS with integrated SEO and accessibility features, hosted with Azure DNS and secured with DNSSEC and HTTPS. The site demonstrates good privacy compliance with clear cookie consent mechanisms and a comprehensive privacy policy. Security posture is strong with no critical vulnerabilities detected, although some security headers could be enhanced. Overall, the website is trustworthy, professionally maintained, and aligned with the official registrant data, reflecting a mature and credible municipal digital presence.

V

Volontaires.lu

volontaires.lu

52

Volontaires.lu is a Luxembourg-based volunteer service platform aimed at engaging youth in meaningful volunteer projects both locally and internationally. The website serves as an informational hub providing access to volunteer programs, mission listings, and training opportunities. It appears to be affiliated with government or official entities, supported by the presence of government logos and social media channels. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and uses Google Tag Manager and Matomo for analytics and marketing. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks visible security headers and explicit privacy or terms of service pages, which are areas for improvement. The WHOIS data is unavailable due to a malformed query, which slightly reduces trustworthiness but does not negate the legitimacy suggested by the content and branding. Overall, the site is professional and trustworthy but could enhance compliance and security transparency.

S

Service national de la jeunesse

animateur.lu

57

Animateur.lu is an official government portal operated by the Service national de la jeunesse in Luxembourg, targeting current and prospective youth animators. The site provides comprehensive resources including training, certifications, event listings, and material lending to support youth animation activities. It holds a strong market position as a trusted government resource with consistent branding and clear navigation. Technically, the website is built on WordPress with a modern stack including WooCommerce for e-commerce capabilities, Contact Form 7 for forms, and Complianz for GDPR compliance. The site uses Matomo analytics hosted on its own server, enhancing privacy compliance. Security posture is good with HTTPS enforced and cookie consent implemented, though security headers could be improved. Overall, the website is professional, accessible, and trustworthy, serving its audience effectively.

J

Jugendpräis

jugendprais.lu

60

Jugendpräis is a government-organized platform in Luxembourg dedicated to recognizing and promoting youth projects. Managed by the Service national de la jeunesse, it serves as a biennial award event highlighting diverse youth initiatives. The website targets youth groups and organizations, providing visibility and recognition through awards and public engagement. The platform enjoys strong partnerships with governmental and European entities, as well as media support from RTL Luxembourg. Technically, the website is built on WordPress, leveraging popular plugins such as Yoast SEO for search optimization and Complianz for GDPR cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. The infrastructure is secure with HTTPS enforced, though security headers could be enhanced. From a security perspective, the site shows a mature posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and an opt-in consent mechanism. However, explicit security policies and incident response contacts are not present, which could be improved to enhance trust and readiness. Overall, Jugendpräis presents a professional, trustworthy, and well-maintained digital presence aligned with its governmental and non-profit mission. Strategic improvements in security headers and incident response transparency would further strengthen its security posture and stakeholder confidence.

S

Service national de la jeunesse

colonies.lu

57

The website colonies.lu is an official government-operated portal managed by the Service national de la jeunesse in Luxembourg. It serves as a centralized platform aggregating a wide variety of leisure activities such as weekends, camps, and colonies organized by multiple partner organizations. The portal targets children and youth in Luxembourg, providing event listings, registration capabilities, and practical information. The site is well-branded with consistent government logos and clear navigation, reflecting a professional and trustworthy presence. Technically, the site is built on WordPress 6.8.1 with modern plugins including Yoast SEO and Complianz GDPR for privacy compliance. It uses Bootstrap for responsive design and integrates Google Maps for location services. The site demonstrates good mobile optimization, accessibility features, and SEO practices. Analytics are handled via Matomo with anonymized statistics, respecting user privacy. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism with opt-in for non-essential cookies. However, it lacks explicit HTTP security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analysis. The domain registration data aligns well with the website’s government affiliation and Luxembourg location, indicating high legitimacy. Overall, colonies.lu is a well-maintained, secure, and privacy-conscious government portal providing valuable services to youth in Luxembourg. Strategic improvements include adding security headers, publishing a security policy, and providing incident response contact information to enhance trust and compliance.

S

Service national de la jeunesse

echwellechkann.lu

61

The website echwellechkann.lu is an official Luxembourg government youth engagement platform managed by the Service national de la jeunesse. It provides a portal for young people to discover activities, engagement offers, and projects to organize their free time. The platform is positioned as a trusted government resource with clear contact information and official branding. Technically, the site is built on WordPress with modern plugins and uses Matomo analytics for privacy-conscious tracking. The site is well-structured, mobile-optimized, and SEO-friendly, though performance is moderate. Security posture is good with HTTPS enforced and no exposed sensitive data, but lacks advanced security headers and published security policies. Privacy compliance is partial due to the absence of a dedicated privacy policy page, though cookie consent is implemented. Overall, the site is trustworthy, safe, and professionally maintained, serving its government and youth audience effectively.

P

PoriExpress

poriexpress.fi

48

PoriExpress is a Finnish regional transportation company specializing in affordable bus travel primarily between Pori and Helsinki, as well as seasonal travel packages to Lapland (Ylläs). The company targets general consumers seeking economical and convenient bus travel options and related accommodation services through partnerships. The website is professionally designed using WordPress with modern SEO and content management plugins, providing a good user experience and clear navigation. Technical infrastructure is solid with HTTPS and standard WordPress technologies, though some security headers are missing. Contact information is clearly provided, but privacy compliance could be improved with cookie consent mechanisms and more detailed security policies. Overall, the site is trustworthy and well-positioned in its niche.

The website antydot.info operates as an independent Ukrainian investigative journalism platform managed by the Асоціація УМДПЛ. It focuses on critical coverage of the law enforcement system, anti-corruption efforts, and justice reforms in Ukraine. The site offers a variety of content types including news, investigations, analytics, videos, and lectures, targeting a Ukrainian-speaking audience interested in governance and human rights issues. The business model aligns with a non-profit media outlet providing public interest journalism. Technically, the site is built on WordPress 4.8.25 with common web technologies such as jQuery and Slick Carousel. It integrates multiple analytics tools including Google Analytics and Yandex Metrika, and uses Disqus for comments. Hosting is provided by Hosting Ukraine LLC, consistent with the domain's Ukrainian focus. The site is mobile-optimized and SEO-friendly with structured data and meta tags, though accessibility features are basic. From a security perspective, the site uses HTTPS but lacks DNSSEC and important security headers, which are recommended for enhanced protection. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. Tracking scripts are used without visible consent mechanisms. The WHOIS data shows a stable domain registration since 2016 with a reputable Ukrainian registrar, supporting legitimacy. Overall, the site is a credible and professionally maintained media platform with good content quality and moderate technical maturity. Security and privacy compliance require improvements to reduce risk and enhance user trust. Strategic recommendations include implementing security headers, enabling DNSSEC, publishing privacy and cookie policies, and adding user consent mechanisms for tracking.

I

Ingroup

ingroup.lu

48

Ingroup is a prominent marketing and digital solutions provider based in Luxembourg, operating through multiple specialized brands that offer comprehensive communication, advertising, branding, media, and distribution services. The company positions itself as a major player in the Greater Region, targeting businesses seeking to maximize their visibility and impact through integrated 360° solutions. The website reflects a professional and consistent brand image with clear navigation and regularly updated news content. Technically, the site is built on WordPress with modern plugins and libraries, hosted by OVH, and optimized for mobile and SEO. Security measures include HTTPS, Google reCAPTCHA on contact forms, and a robust cookie consent mechanism, although some security headers and policies could be improved. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility.

D

Domainhotelli

domainhotelli.fi

56

Domainhotelli is a Finnish-based domain registrar and web hosting provider offering affordable and reliable services primarily targeting Finnish-speaking customers. The company emphasizes ease of use, local language support, and competitive pricing, positioning itself as a trusted local alternative in the domain and hosting market. Their key services include domain registration, DNS management, web hosting optimized for WordPress, and customer support in Finnish. The website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. Technically, the website runs on WordPress with modern plugins such as Yoast SEO and integrates third-party services like Google Tag Manager and Iubenda for cookie management. Hosting infrastructure is located in Finland, ensuring performance and compliance with local data regulations. Accessibility and user experience are well addressed, with clear navigation and responsive design. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent mechanisms. However, explicit security policies and incident response contacts are not published, and security headers are not evident in the HTML content. No vulnerabilities or suspicious activities were detected. WHOIS data aligns well with the business claims, showing transparency and legitimacy. Overall, Domainhotelli presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in security policy transparency and incident response communication would further enhance trust and compliance.

A

Adoraweb Agence Marketing Digital Luxembourg

adoraweb.lu

57

Adoraweb is a small, agile digital marketing agency based in Luxembourg, founded in 2013. The company specializes in providing digital marketing services including SEO, SEA, web design, and digital strategy consulting, targeting ambitious businesses in Luxembourg. Their market position is strengthened by unique agile marketing methodologies and a strong client portfolio. The website is professionally designed, content-rich, and optimized for user experience and SEO, reflecting a mature digital presence. Technically, the site is built on WordPress with modern JavaScript libraries and uses Cloudflare for DNS and likely CDN services. Security posture is solid with HTTPS and form protections, though explicit security headers and cookie consent mechanisms are missing. Analytics and tracking are extensive, leveraging Piwik PRO, Google Analytics, Facebook, and LinkedIn pixels. Overall, the website is trustworthy and professional, with clear contact information and certifications displayed. Recommendations include enhancing privacy compliance with cookie consent and security headers, and publishing security policies.

H

Hämeenlinna

hameenlinna.fi

68

Hämeenlinna's official website serves as a comprehensive digital portal for the city, providing extensive information and services related to housing, education, wellbeing, culture, tourism, and economic development. The site targets residents, visitors, and businesses, positioning itself as a trusted municipal resource. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Cookiebot, ensuring good SEO and privacy compliance mechanisms. The use of Matomo and Google Analytics indicates a mature approach to user analytics, although privacy policy documentation is lacking. Security posture is strong with HTTPS and cookie consent, but could be improved with additional security headers and published policies. Overall, the site is professional, well-branded, and trustworthy, reflecting the city's stature and commitment to digital service delivery.

A

Association Luxembourg Alzheimer

ala.lu

45

Association Luxembourg Alzheimer is a well-established non-profit organization based in Luxembourg, dedicated to supporting people affected by dementia and their families. The organization offers a comprehensive range of services including counseling, a 24/7 helpline, ambulatory care, day centers, and a specialized care home. Their website reflects a strong commitment to accessibility and user support, with multilingual options and detailed service information. The organization maintains an active presence on social media platforms such as Facebook, LinkedIn, and Instagram, enhancing community engagement and outreach. Technically, the website is built on WordPress with modern plugins like Yoast SEO and accessibility tools, ensuring good SEO and compliance with accessibility standards. The site uses Matomo for analytics, indicating a privacy-conscious approach to user tracking. Performance and mobile optimization are good, though some improvements could be made in hosting transparency and performance metrics. From a security perspective, the site enforces HTTPS and provides a cookie consent mechanism with granular user control, aligning with GDPR requirements. However, it lacks published privacy policies, terms of service, and explicit security or incident response policies, which are important for compliance and user trust. No critical vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and well-aligned with its mission, but would benefit from enhanced privacy and security disclosures to improve compliance and user confidence.

L

Littlepay

littlepay.com

73

Littlepay is a specialized payments infrastructure provider focused on transit and mobility sectors, offering modular systems for contactless open loop fare collection. The company positions itself as a key player in improving payment experiences for transit operators and mobility services. The website reflects a mature business with a professional digital presence, leveraging modern marketing and analytics tools such as HubSpot, Google Tag Manager, and Visual Website Optimizer. The technical infrastructure is built on WordPress, hosted with Amazon-related services, and employs HTTPS with a valid SSL certificate, ensuring secure communications. However, the site lacks explicit privacy and terms of service policies, which are critical for compliance and user trust. Security posture is generally good with domain protections in place, but could be improved by enabling DNSSEC and adding security headers. Overall, the website is professional and trustworthy but would benefit from enhanced transparency on privacy and security policies.

W

Wiener Städtische Versicherungsverein

airt.at

48

The website www.airt.at represents the cultural exhibition series "Architektur im Ringturm" managed by the Wiener Städtische Versicherungsverein, part of the Vienna Insurance Group. It serves as a platform to showcase architectural and cultural exhibitions primarily focused on Central and Eastern Europe. The site offers detailed information about current and past exhibitions, architecture talks, and historical context of the Ringturm building. It targets architecture and culture enthusiasts and operates as a free-entry exhibition series supported by sponsorships. Technically, the site is built on WordPress with modern plugins and libraries, including multilingual support and spam protection via Google reCAPTCHA. The website demonstrates good digital maturity with responsive design, SEO optimization, and accessibility considerations. Security posture is solid with HTTPS enforced and spam prevention on forms, though some security headers could be improved. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent banner with opt-in, and GDPR-aligned data collection practices. Overall, the site is professional, trustworthy, and well-maintained, reflecting the reputable parent organization. No critical security or compliance issues were detected.

I

International Partnership for Human Rights (IPHR)

iphronline.org

55

International Partnership for Human Rights (IPHR) is a Brussels-based independent NGO founded in 2008, focusing on human rights advocacy and support in Central Asia, Eastern Europe, and the South Caucasus. The organization empowers local civil society groups, conducts research and reporting on human rights violations, and engages in advocacy with international institutions. Their website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on WordPress, hosted on SiteGround, and uses modern SEO and GDPR compliance tools. Security posture is good with HTTPS and domain transfer protections, though DNSSEC is not enabled and some security headers appear missing. No direct contact emails or phone numbers are publicly listed, relying on contact forms and social media channels. Overall, the site is professional, trustworthy, and safe for general audiences.

3

33-тя окрема механізована бригада

33ombr.com

60

The website represents the official online presence of the 33rd Separate Mechanized Brigade of the Ukrainian Armed Forces. It provides comprehensive information about the brigade's history, structure, equipment, and recruitment opportunities, targeting Ukrainian citizens and supporters. The site is professionally designed with consistent branding and clear navigation, supporting its role as a trusted military information portal. Technically, it is built on WordPress with modern plugins and libraries, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is basic, lacking cookie consent mechanisms. Overall, the site is legitimate, trustworthy, and serves its informational and recruitment purposes effectively.

П

Принцип

pryncyp.com

63

The website www.pryncyp.org represents a Ukrainian non-profit legal advocacy center named "Принцип" focused on supporting military personnel and veterans through legal aid, policy advocacy, and educational initiatives. Founded in 2023 by Masі Nayem and Liubov Galan, the organization provides pro bono legal consultations, conducts analytical research, and promotes veteran policies. The site is professionally designed using WordPress CMS with multilingual support and integrates common web technologies such as jQuery, Swiper, and Select2. It leverages Google Analytics for user tracking and includes donation mechanisms via Patreon and Liqpay. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though the absence of security headers and explicit privacy/cookie policies indicates room for improvement. WHOIS data is unavailable, limiting domain trust verification, but the website's content, social media presence, and professional branding support its legitimacy. Overall, the site is well-positioned as a trusted resource for its target audience with moderate technical maturity and good user experience.

D

Deutsch-Ukrainische Gesellschaft

deutsch-ukrainische-gesellschaft.de

52

The Deutsch-Ukrainische Gesellschaft (DUG) is a small non-profit organization dedicated to fostering and deepening German-Ukrainian relations across politics, science, culture, and civil society. The organization offers expert dialogues, publications, cultural events, and exchange programs to promote mutual understanding and support Ukraine's integration into European and Euro-Atlantic structures. The website reflects a professional and consistent brand image, targeting stakeholders interested in German-Ukrainian cooperation. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, Contact Form 7, and GDPR Cookie Compliance, ensuring good SEO and privacy compliance. The site uses HTTPS with Google reCAPTCHA for form security and includes a cookie consent mechanism, indicating a mature digital infrastructure. Performance and mobile optimization are good, though some security headers could be improved. From a security perspective, the site demonstrates solid practices including HTTPS enforcement and GDPR compliance. However, no explicit security policy or incident response contacts are published, and security headers are not detected, suggesting room for enhancement. No vulnerabilities or suspicious content were found. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations, serving its niche audience effectively. Strategic improvements in security headers and transparency around security policies would further strengthen its posture.

L

Lobby X

thelobbyx.com

60

Lobby X is a Ukrainian employment platform and recruiting agency focused on supporting job seekers and employers, with a special emphasis on veterans and military personnel. The company operates a professional website with a clear business model centered on job listings, recruitment services, and career consultations. Their market position is niche but important within Ukraine, supporting progress and victory through employment. Technically, the website is built on WordPress with modern front-end technologies including Bootstrap, jQuery, and Lottie animations, and integrates Google services such as reCAPTCHA and Tag Manager. The site is mobile optimized and SEO friendly, though accessibility is basic. Security posture is adequate with HTTPS and CAPTCHA protections, but lacks DNSSEC and security headers, which are recommended for improvement. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. Strategic recommendations include enhancing security headers, enabling DNSSEC, and improving privacy compliance to strengthen trust and security.

U

Upbooking

upbooking.lu

48

Upbooking is a Luxembourg-based online platform dedicated to the recycling and exchange of used school books, promoting environmental sustainability and offering incentives such as vouchers for new book purchases. The platform targets students and families within Luxembourg, supported by government initiatives as evidenced by the presence of the Luxembourg government logo. Technically, the website is built on WordPress with a custom theme, uses modern tools like Google Tag Manager and Axeptio for cookie consent, and implements good accessibility features. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is strong with comprehensive policies and cookie consent mechanisms in place. Overall, the website is professional, trustworthy, and well-aligned with its educational and governmental mission.

W

Wiener Städtische Versicherungsverein

wst-versicherungsverein.at

48

Wiener Städtische Versicherungsverein is a medium-sized Austrian non-profit organization dedicated to promoting art, culture, and social engagement. The website reflects a well-established entity with a clear focus on cultural exhibitions, social initiatives, and community involvement. Their market position is that of a reputable cultural non-profit with partnerships in the arts and academic sectors. The website is built on a modern WordPress platform with relevant plugins for SEO and user interaction, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and headers. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, serving a general audience interested in cultural and social topics.

The website empl.io appears to be a small business or startup registered in the US since 2019. The site is built on WordPress using Bootstrap 3.3.4 and the Yoast SEO plugin, indicating a basic level of technical infrastructure. However, the content is minimal with no visible privacy, cookie, or terms of service policies, and no contact information is provided. The technical setup lacks modern security headers and DNSSEC is not enabled, which are areas for improvement. The security posture is basic with no detected vulnerabilities but also no advanced protections. Overall, the site presents a low level of business credibility and privacy compliance, limiting trustworthiness. Strategic improvements in security, privacy policies, and contact transparency are recommended to enhance the site's professionalism and compliance.

B

Blackfish

blackfish.co

57

Blackfish is a well-established 360° software development and design studio based in the Czech Republic, founded in 2017. The company positions itself as an industry leader in Denmark and the Czech Republic, offering a comprehensive range of services including brand identity, UX/UI design, front-end and back-end development, 3D visuals, motion design, and marketing strategy. Their clientele includes notable companies, supported by strong trust indicators such as Clutch awards and Deloitte recognition. Technically, the website is built on WordPress with modern analytics and tracking tools integrated, demonstrating a mature digital infrastructure. Security posture is good with HTTPS and domain protection, though improvements like enabling DNSSEC and adding security headers are recommended. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service on the homepage. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

Y

Young Survival Coalition

ysctourdepink.org

64

Young Survival Coalition (YSC) operates a dedicated wellness summit website targeting young adult breast cancer survivors and their support networks. The organization provides immersive wellness events blending physical, emotional, and social support activities. The website reflects a mature non-profit entity with a clear mission and community focus, supported by a consistent brand presence and multiple sponsorships. Technically, the site is built on WordPress with modern plugins and tracking tools, offering good performance and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, supporting a medium-sized non-profit with a strong community orientation.

Czecot.pl is a Polish-language tourism blog focused on travel and architectural attractions in the Czech Republic. The website provides informative articles and travel guides targeting general audiences interested in Czech tourism. The business operates as a small content-driven blog founded around 2019, with no evident commercial or e-commerce activities. Technically, the site is built on WordPress CMS with common plugins such as Yoast SEO, LayerSlider, and Contact Form 7, hosted by OVH SAS. The site is moderately optimized for mobile and SEO, with Google Analytics and Tag Manager integrated for visitor tracking. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is good with a privacy policy and cookie consent banner implemented. However, no contact information, terms of service, or incident response policies are present, limiting business credibility. Overall, the site is legitimate, safe, and functional but could improve security and transparency aspects.

S

Sabiedriba ar ierobezotu atbildibu "Lafivents"

lafi.lv

38

LAFI is a leading Latvian company specializing in building climate and technical solutions, with nearly 30 years of experience in the local and international markets. Their core services include installation and maintenance of heating, ventilation, and sewage systems, as well as building management. The company operates multiple subsidiaries, enhancing its service portfolio and market reach. The website reflects a professional and consistent brand image, targeting Latvian businesses and property owners seeking technical building solutions. Technically, the site is built on WordPress with modern SEO and analytics tools, providing a good user experience and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness.

H

Hotel Studánka

hotelstudanka.cz

44

Hotel Studánka is a well-established hospitality business located in the Czech Republic, offering a comprehensive range of services including accommodation, wellness treatments, restaurant dining, conference facilities, and event hosting such as weddings and cultural performances. The website reflects a strong regional market position with a focus on quality and customer experience. Technically, the site is built on WordPress with modern plugins and technologies, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and GDPR compliance evident through cookie consent mechanisms and privacy policies, although some security headers could be improved. Overall, the site presents a professional and trustworthy digital presence with clear contact information and active social media engagement.

E

ELLA-CS, s.r.o.

ellacs.eu

60

ELLA-CS, s.r.o. is a Czech-based manufacturer specializing in medical devices, particularly biodegradable stents for the gastrointestinal tract. The company targets healthcare professionals and patients worldwide, offering unique and life-saving stent products. Their business model includes direct manufacturing and OEM contract manufacturing, positioning them as a niche player with specialized products. The website reflects a professional and consistent brand image with clear messaging and a focus on healthcare. Technically, the site is built on WordPress with WooCommerce and Elementor, leveraging modern plugins and technologies. Performance and mobile optimization are good, though accessibility could be enhanced. Security posture is solid with HTTPS and reCAPTCHA integration, but lacks some security headers and explicit policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy business presence.

A

Aupark Hradec Králové

aupark.cz

46

Aupark Hradec Králové operates as a modern retail shopping center located near the main train station in Hradec Králové, Czech Republic. The website showcases a variety of stores, restaurants, events, and a loyalty program targeting local residents and visitors. The business positions itself as a regional lifestyle and shopping hub with a medium-sized market presence. Technically, the site is built on WordPress with modern plugins and libraries, offering good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers are missing and no incident response information is provided. The absence of WHOIS data reduces domain trustworthiness but the professional site content and active social media presence support legitimacy. Overall, the site is well-structured and user-friendly, serving its retail audience effectively.

K

Knihovna Bakov

knihovnabakov.cz

52

Knihovna Bakov is a local public library and museum located in Bakov nad Jizerou, Czech Republic. The institution offers a variety of cultural and educational services including book lending, audiobooks, internet access, copying services, and organizes events and exhibitions. The website is well-structured, providing detailed information about the library and museum, upcoming events, and recent news posts. The target audience primarily consists of local residents, visitors interested in regional history, and readers. The business model aligns with a public or non-profit cultural institution serving the community. Technically, the website is built on WordPress with common plugins such as Yoast SEO and Contact Form 7. It uses Google Analytics and Google Tag Manager for visitor tracking. The site is mobile-optimized and has good SEO practices. However, there is a lack of visible security headers and no explicit privacy or cookie policies, which are areas for improvement. HTTPS is properly implemented, ensuring secure communication. From a security perspective, the site shows a moderate security posture with no evident vulnerabilities in the HTML content. The absence of WHOIS data for the domain is a concern, reducing trustworthiness from a domain registration perspective. The site does not expose sensitive data and uses standard security practices but would benefit from enhanced security headers and compliance documentation. Overall, the website is a credible and professional representation of a local cultural institution but should address privacy compliance and domain registration transparency to improve trust and security posture.

K

Kraj sveta

krajsveta.sk

50

Kraj sveta is a regional tourism promotion website focused on the Košice region in Slovakia. It offers visitors curated local experiences, bucket lists, and accommodation booking options through trusted partners like Booking.com. The website targets tourists interested in exploring the region's natural, cultural, and gastronomic attractions. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Oxygen Builder, ensuring good SEO and mobile responsiveness. However, it lacks visible privacy and cookie policies despite using tracking technologies like Google Analytics and Facebook Pixel, which poses compliance risks. Security posture is moderate with HTTPS enabled but missing security headers and incident response information. Overall, the site is legitimate and professionally presented but would benefit from enhanced privacy compliance and security best practices.

S

Slovenská lesnícka komora

slsk.sk

53

Slovenská lesnícka komora is a Slovak non-profit, non-political, and self-governing institution established by law to represent the common interests of its members in forestry policy and development. The organization targets forestry professionals and stakeholders within Slovakia, providing advocacy, education, and informational services. The website reflects a professional presence with clear branding and relevant content focused on forestry activities, education, and news. Technically, the site is built on WordPress with modern plugins and is hosted by a reputable provider with DNSSEC and HTTPS properly configured. However, it lacks some security best practices such as security headers and formal privacy and cookie policies. The security posture is solid but could be improved with additional measures and transparency. Overall, the site is trustworthy, well-maintained, and serves its intended audience effectively.

E

Elkova

elkova.cz

57

Elkova is a Czech-based small business specializing in electrical installation services including both high and low voltage systems, security systems, video intercoms, fire protection, and photovoltaic solutions. Established in 2002, the company serves residential, commercial, and developer clients primarily in Prague and Central Bohemia. The website presents a professional image with clear service offerings, customer testimonials, and comprehensive contact information. Technically, the site is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for SEO, spam protection, and cookie consent. The site is mobile optimized and uses HTTPS with a valid SSL certificate, ensuring secure communications. Security posture is good but could be improved by adding explicit security headers and incident response information. Privacy compliance is evident with a GDPR-compliant privacy and cookie policy. Overall, the website is trustworthy and well-maintained, reflecting a legitimate and established business.