Security Directory

L

LUGA

luga.lu

0

LUGA is a cultural event organizer hosting an ephemeral urban garden exhibition in Luxembourg from May to October 2025. The website serves as an information and engagement platform for visitors, volunteers, and partners, showcasing event details, locations, and news. The site is well designed, multilingual, and optimized for SEO and accessibility, reflecting a mature digital presence. Technically, it leverages WordPress CMS, Cloudflare for DNS and CDN, and integrates modern analytics and consent management tools, indicating a good level of digital maturity. Security posture is solid with HTTPS, security headers, and cookie consent, though explicit security policies and incident response contacts are absent. Overall, the site is trustworthy, professional, and compliant with GDPR requirements.

O

Ordre des Architectes et des Ingénieurs-Conseils

oai.lu

0

The Ordre des Architectes et des Ingénieurs-Conseils (OAI) is a professional association representing architects, consulting engineers, urban planners, interior architects, and landscape architects in Luxembourg. Established by law in 1989, it serves as a regulatory and support body for these professions, offering services such as training, publications, member directories, and event organization. The website is well-structured, professionally designed, and targets both professionals and clients in the architecture and engineering sectors. It maintains a strong presence on multiple social media platforms, enhancing its outreach and engagement. Technically, the website employs modern web technologies including the Dojo Toolkit, Bootstrap, and advanced search integrations with Typesense and InstantSearch.js. It uses HTTPS with good SSL configuration, though it lacks some security headers that could enhance protection. The site is mobile-optimized and provides a moderate level of performance and accessibility. Analytics are implemented via Piwik/Matomo, indicating a moderate level of user tracking. From a security and compliance perspective, the site does not display explicit privacy or cookie consent mechanisms, which may impact GDPR compliance. No contact information for incident response or data protection officers is evident. The WHOIS data is unavailable due to malformed queries or registry restrictions, which slightly reduces trustworthiness but does not negate the professional presentation and content quality. Overall, the OAI website is a credible and professional platform serving its niche audience effectively. Strategic improvements in privacy compliance, security headers, and transparency of contact information would enhance its security posture and regulatory adherence.

F

Fondation Sommer

fondation-sommer.lu

0

Fondation Sommer is a Luxembourg-based non-profit organization dedicated to supporting educational, cultural, and intercultural projects. The foundation operates primarily through grant funding and project support, targeting non-profit organizations and educational institutions within Luxembourg and its vicinity. The website is professionally designed using WordPress with Bootstrap and Font Awesome, supporting multilingual content via WPML. The technical infrastructure is modern and includes performance optimizations such as WP Rocket. Security posture is adequate with HTTPS enforced and some security best practices observed, though explicit security headers and incident response information are lacking. Privacy and cookie policies are not found, indicating a gap in compliance with GDPR requirements. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced privacy and security disclosures.

W

Worldsoft AG

worldsoft-partner.website

0

Worldsoft-Partner.website is a German-language franchise platform operated by Worldsoft AG, a Swiss company established in 2000. The website offers a turnkey business concept for individuals and entrepreneurs to start their own internet agency, leveraging Worldsoft's 20+ years of experience and a large customer base. The business model focuses on creating mobile-optimized websites quickly using proprietary tools, supported by online training, marketing materials, and personal coaching. Technically, the site uses a modern JavaScript stack with multiple analytics and marketing integrations, including Google Analytics, Facebook Pixel, LinkedIn Insight, Hotjar, and Elfsight widgets. The website is mobile-optimized and well-structured, providing a professional user experience. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and visible security headers. Privacy compliance is partially met with a privacy policy linked externally but lacks a cookie consent mechanism. Overall, the domain registration is consistent with the business claims, indicating legitimacy and trustworthiness.

A

Aurora Systems Inc.

specadsystems.com

0

AD Systems, a division of Aurora Systems Inc. under the parent company Allegion, specializes in commercial sliding and swinging door systems designed for healthcare, commercial offices, education, and hospitality sectors. Their product offerings emphasize acoustic isolation, space-saving design, and customized solutions tailored to professional environments. The website reflects a mature B2B business model targeting architects and facility planners with comprehensive design tools and resources. Technically, the site is built on Adobe Experience Manager with integrations of modern marketing and analytics tools such as Marketo and Adobe Helix RUM. Security posture is strong with HTTPS, reCAPTCHA, and responsible disclosure links, though explicit security policies and incident response details are absent. The WHOIS data is missing, which raises some concerns about domain registration transparency, but the professional branding and parent company association mitigate trust issues. Overall, the website is well-designed, user-friendly, and compliant with privacy regulations, making it a credible digital presence for the business.

A

App Elevate

appelevate.cz

0

App Elevate is a small technology company specializing in rapid development of interactive applications across multiple platforms including web, Android, iOS, and macOS. The company emphasizes close client collaboration and offers prototype trials to attract customers. The website is professionally designed with clear navigation and good mobile optimization, hosted on Cloudflare infrastructure. The technical stack includes Bootstrap, jQuery, Font Awesome, and Google Fonts, reflecting a modern front-end approach. Security posture is moderate with Cloudflare protection but lacks explicit security headers and privacy policies, indicating areas for improvement. Contact information is clearly presented, enhancing business credibility. Overall, the website is safe, professional, and aligned with the domain registration data, but would benefit from enhanced privacy compliance and security hardening.

Sherpas TECH, s.r.o. is a Czech-based technology and marketing company specializing in retention marketing and technology integration services. The company offers a range of services including email marketing strategy, technology implementation for retention marketing, data engineering in CRM systems, and advanced customer analytics. Their website reflects a professional and consistent brand image, targeting B2B clients seeking to optimize marketing performance through technology. The company demonstrates a solid market position supported by client references and a clear business focus. Technically, the website employs modern tools such as Google Analytics, Google Tag Manager, and CookieScript for consent management, indicating a mature digital infrastructure. The site is built likely on the Nette Framework, with responsive design and good SEO practices. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site uses HTTPS with no visible critical vulnerabilities. Cookie consent is implemented with opt-in mechanisms, and forms include anti-bot measures. However, there is no publicly available security policy or incident response information, which could be improved to enhance trust and compliance. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR cookie consent requirements. Strategic recommendations include publishing security and incident response policies, enhancing security headers, and improving accessibility. The domain WHOIS data aligns well with the website content, supporting legitimacy and trustworthiness.

T

Tabernas 21, s.r.o.

citybee.cz

0

CityBee.cz is a Czech online media platform focused on providing curated event listings, venue recommendations, and cultural tips primarily for Prague residents and visitors. The website operates under the company Tabernas 21, s.r.o., established around 2012, and positions itself as a trusted local guide with editorial content and advertising services. The platform integrates advertising partnerships and offers business registration services for local venues. Technically, the site uses legacy JavaScript libraries like jQuery 1.8.3, Google Tag Manager, and Facebook SDK, with a moderate performance profile and basic mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks modern security headers and uses outdated libraries, which could pose risks. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for media businesses. Overall, the site is professional, content-rich, and safe for general audiences.

S

StavbaWeb

stavbaweb.cz

0

StavbaWeb is a Czech-language online platform dedicated to sharing information about construction products, architectural projects, and companies in the architecture and construction sectors. It serves as a niche media outlet providing news, project showcases, and industry insights primarily targeting architects, construction professionals, and related stakeholders in the Czech Republic. The website features a modern WordPress-based infrastructure with various plugins supporting GDPR compliance and user engagement. It integrates Google Tag Manager and Facebook SDK for analytics and marketing purposes. Security posture is moderate with HTTPS enforced and some security plugins in place, but lacks explicit security headers and published security policies. The absence of WHOIS data limits domain trust assessment, though the site appears professional and well-maintained. Privacy compliance is partial, with cookie consent implemented but no clear privacy policy page found. Overall, the site is a credible resource within its industry niche but would benefit from enhanced transparency and security documentation.

C

Czech Union of the Deaf, z.ú.

cun.cz

0

The Czech Union of the Deaf, z.ú. is a well-established non-profit organization dedicated to supporting the deaf community in the Czech Republic. Their website presents a clear and professional overview of their services, including activation services, sign language interpreting, simultaneous transcription, educational courses, and publications. The organization maintains multiple regional branches and active social media presence, indicating a strong community engagement and outreach. Technically, the website is built on WordPress with WooCommerce integration for e-commerce functionality, leveraging common web technologies such as jQuery and Google Fonts. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks advanced security headers and explicit privacy or cookie policies, which are important for compliance and trust. The absence of WHOIS data is a notable concern, reducing domain registration transparency and trustworthiness. Overall, the website is functional, trustworthy, and serves its community well, but could improve in privacy compliance and security best practices.

C

cropmark.

cropmark.com

0

Cropmark is a well-established full-service creative studio operating primarily in Luxembourg and Brussels, offering a broad range of branding, corporate design, editorial design, web design, development, SEO, and strategic communication services. The company targets businesses and organizations seeking professional creative solutions, leveraging over 20 years of industry experience. The website reflects a professional and consistent brand image with rich content and clear navigation, supporting its market position as a trusted creative agency in its region. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates analytics tools such as Google Analytics and Matomo. It uses HTTPS for secure communications and content delivery networks for optimized image serving. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured data. However, there is no detected CMS or hosting provider information. From a security perspective, the site benefits from HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance. The absence of WHOIS registration data for the domain is a notable concern, although the website content and contact information support legitimacy. Overall, Cropmark's website is professional and trustworthy, but improvements in privacy compliance and domain registration transparency are recommended to enhance security posture and regulatory adherence.

Luxembourg for Finance is a government-related agency focused on the development and promotion of Luxembourg's financial services industry. Established in 2008, it serves as a key player in identifying new business opportunities and supporting the financial sector's growth. The website reflects a professional and consistent brand image, targeting financial industry stakeholders and investors interested in Luxembourg's market. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates analytics tools including Google Analytics and Piwik PRO. It employs Google Tag Manager and reCAPTCHA for enhanced tracking and security. The site is mobile-optimized and demonstrates good SEO practices, though accessibility features could be improved. From a security perspective, the site uses HTTPS and has implemented cookie consent mechanisms to comply with GDPR. However, it lacks visible security headers and explicit security or incident response policies on the site. The absence of WHOIS domain registration data raises concerns about domain transparency and legitimacy, although the professional content and social media presence mitigate some risk. Overall, the website presents a moderate risk profile with good content quality and technical implementation but requires improvements in privacy transparency, contact information availability, and domain registration clarity. Strategic recommendations include publishing comprehensive privacy and terms of service policies, enhancing security headers, and verifying domain registration details to strengthen trust and compliance.

K

Kultur | lx – Arts Council Luxembourg

kulturlx.lu

0

Kultur | lx – Arts Council Luxembourg is a governmental cultural promotion organization dedicated to supporting artists and promoting Luxembourg's cultural creation. The website serves as a comprehensive platform for cultural news, events, funding opportunities, and resources, targeting artists, cultural professionals, and the general public interested in Luxembourg's arts scene. The organization holds a strong national position as the official arts council, supported by government partnerships and a clear mission to foster cultural development. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates Google services like Tag Manager and reCAPTCHA. Accessibility features and GDPR-compliant cookie management via Axeptio demonstrate digital maturity and compliance. The site is mobile-optimized and well-structured, providing a positive user experience. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though the absence of explicit security headers and incident response information suggests room for improvement. No vulnerabilities or exposed sensitive data were detected. The lack of WHOIS data limits domain trust verification, but the professional presentation and official branding mitigate concerns. Overall, the website is a trustworthy, well-maintained digital presence for a government cultural entity, with recommendations to enhance security headers and incident response transparency to further strengthen its security posture.

R

Research Luxembourg

researchluxembourg.org

0

Research Luxembourg is a collaborative initiative representing major public research institutions in Luxembourg, supported by the Ministry of Higher Education and Research. The website serves as a portal for research news, career opportunities, and industry collaborations, positioning itself as a key national research platform. Technically, the site is built on WordPress with modern JavaScript libraries and SEO optimizations, delivering a professional and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers and incident response information could be improved. Overall, the domain and website present a trustworthy and credible presence aligned with public research objectives.

L

Luxinnovation

luxinnovation.lu

0

Luxinnovation is Luxembourg's national innovation agency dedicated to empowering companies to innovate and fostering a sustainable and digital economy. The website reflects a mature digital presence with comprehensive content targeting startups, businesses, and research organizations. The technical infrastructure leverages modern web technologies, including Tailwind CSS, Alpine.js, Kentico CMS, and integrates multiple analytics and marketing tools such as Matomo, Google Tag Manager, Facebook Pixel, and LinkedIn Insight. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Privacy compliance is partial, with cookie consent implemented but lacking a visible privacy policy or terms of service. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

V

Visit Turku Archipelago Oy

visitturku.fi

0

Visit Turku Archipelago Oy operates the official tourism website for Turku and its archipelago, providing comprehensive information on local attractions, dining, accommodation, and events. The website serves both tourists and local residents, positioning itself as a trusted source for travel inspiration and practical information. The business model focuses on promoting regional tourism and supporting local partners through digital content and event listings. Technically, the site employs modern web technologies including Google Tag Manager, Google Maps API, and Vimeo for multimedia content, hosted with Azure DNS services. The site is mobile-optimized and accessible, with good SEO practices and a clear navigation structure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the domain registration data aligns well with the business, indicating legitimacy and trustworthiness. Strategic recommendations include enhancing security headers, publishing explicit security policies, and adding a vulnerability disclosure channel to further strengthen trust and compliance.

N

National Library of Finland (University of Helsinki)

finna.fi

0

Finna.fi is a Finnish national search portal operated by the National Library of Finland under the University of Helsinki. It aggregates cultural heritage, scientific, and educational materials from archives, libraries, museums, and other institutions, providing a comprehensive resource for researchers, educators, and the general public. The website is well-established since 2012 and holds a strong market position as a trusted government/non-profit service. Technically, the site uses modern frameworks such as VuFind and Solr, with Cloudflare DNS and Matomo analytics, ensuring fast performance, mobile optimization, and good accessibility. Security posture is strong with HTTPS, nonce-based CSP, and cookie consent mechanisms, though DNSSEC is not implemented and no explicit security policy or incident response contacts are published. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

T

Trimble

asiointi.fi

0

The website upa.trimble.com/fi-fi/ratkaisut/asiointi serves as a Finnish regional portal for Trimble's Utilities & Public Administration division. Trimble is a global technology company specializing in advanced solutions for sectors such as energy, public administration, and utilities. The site targets Finnish utilities and public sector organizations, offering digital transformation and operational efficiency solutions. The business model is B2B, focusing on providing software and technology services to utility companies and government entities. The website branding and content align well with Trimble's global identity, indicating a strong market position in the regional sector. Technically, the website employs modern web technologies including React, Webpack, and integrates multiple marketing and analytics tools such as Google Tag Manager, Google Analytics, Marketo Munchkin, and Leadfeeder. The site is moderately optimized for performance and mobile use, with basic accessibility features. However, explicit security headers and privacy policies are not evident in the provided HTML snapshot, suggesting areas for improvement in compliance and security transparency. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML. No WAF or blocking mechanisms were detected, and no vulnerabilities were apparent from the content. However, the absence of visible security headers and privacy/cookie policies reduces the overall security posture score. Incident response and vulnerability disclosure information are also missing, which could be enhanced to improve trust and compliance. Overall, the website is professional, trustworthy, and aligned with Trimble's business objectives. The main risks relate to privacy compliance and security transparency, which can be addressed by adding clear policies and security headers. The domain WHOIS data for the subdomain is not available, which is typical, but the main domain trimble.com is well-established and legitimate, supporting the site's credibility.

T

Timmi Software Oy

timmi.fi

0

Timmi Software Oy is a Finnish software company specializing in time management and smart infrastructure solutions for public sector and healthcare organizations. With over 30 years of experience, they serve more than 100 Finnish companies and public institutions, offering products like Smart City and Smart Hospital software. Their market position is strong within Finland, supported by trusted client references and a focus on integration and ease of use. Technically, the website is built on Webflow with modern analytics and consent tools, demonstrating digital maturity and good performance. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent, though explicit security policies and headers could be improved. Overall, the company presents a professional, trustworthy online presence with clear contact channels and compliance with GDPR.

C

Cloudpermit Oy

lupapiste.fi

0

Lupapiste, operated by Cloudpermit Oy, is a Finnish government-related online platform providing comprehensive services for construction permits and related permit acquisition processes. The platform targets Finnish residents and businesses involved in construction, offering a streamlined digital service including permit applications and an e-commerce store for permit documents. The website integrates official Finnish identity verification via Suomi.fi, enhancing trust and security for users. Technically, the website employs standard modern web technologies including HTML5, CSS3, and JavaScript, with a third-party LeadDesk chat widget for customer support. The site is mobile-optimized and presents a professional design with clear navigation. However, some technical improvements are needed, such as fixing the anti-CSRF token implementation and adding security headers to strengthen the security posture. Security-wise, the site enforces HTTPS and uses strong authentication mechanisms but lacks visible security headers and a cookie consent mechanism, which are important for GDPR compliance. No critical vulnerabilities were detected, but the placeholder anti-CSRF token suggests a potential security misconfiguration. Overall, the security posture is moderate but can be improved with targeted measures. The overall risk assessment is low, with the website appearing legitimate, trustworthy, and professionally maintained. Strategic recommendations include fixing security token implementation, enhancing privacy compliance with cookie consent, and publishing explicit security and incident response policies to improve transparency and user trust.

Kulutus-Web is a demonstration website for CGI's utility consumption management service, primarily targeting Finnish utility providers and their customers. The site offers a preview of the service but does not support actual meter reading input or report viewing. The business model is focused on service demonstration rather than direct customer interaction or transactions. The website is minimalistic, with basic content and limited technical sophistication. Technically, the site uses minimal JavaScript and static HTML with no detected CMS or advanced frameworks. The hosting and DNS infrastructure is managed through standard registrar services, but no HTTPS or security headers are evident, indicating a low level of digital maturity. The site lacks privacy, cookie, and terms of service policies, and no contact or business information is provided, limiting user trust and compliance. From a security perspective, the absence of HTTPS and security headers is a significant weakness. No vulnerabilities or malicious content were detected, but the lack of privacy and security policies and contact channels reduces the site's security posture. The domain is well aged and registered through a reputable registrar, which supports legitimacy, but the site itself is a basic demo with limited business credibility. Overall, the site scores low to moderate on content quality, technical implementation, and security posture, with critical gaps in privacy compliance and business credibility. Strategic improvements in security, privacy, and user engagement are recommended to enhance trust and compliance.

Ramboll Group is a leading international design and consultancy firm specializing in sustainable solutions across private and public sectors worldwide. With over 18,000 experts, Ramboll delivers engineering, environmental, and construction consulting services focused on creating positive societal impact. The website reflects a mature digital presence with modern technologies such as Next.js, React, and Chakra UI, supported by advanced analytics and consent management tools. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although the absence of a public security policy and incident response contact is noted. The missing WHOIS data is unusual but does not detract significantly from the overall trustworthiness given the professional branding and comprehensive content. Strategic recommendations include publishing explicit security and incident response policies and verifying domain registration details for completeness.

L

Liana Technologies Oy

liana.fi

0

Liana Technologies Oy is a Finnish technology company specializing in digital marketing and communication tools under the Liana®Cloud product family. The company targets marketing and communication teams, offering SaaS solutions such as marketing automation, email marketing, webinar hosting, and analytics. The website reflects a professional and consistent brand image with a focus on digital marketing efficiency. Technically, the site employs modern web technologies including jQuery, Bootstrap, Matomo analytics, and integrates third-party services like Stripe for payments and Pipedrive for chatbot functionality. Security posture is strong with HTTPS enforced, cookie consent implemented, and privacy-respecting analytics in use. However, explicit privacy policies and terms of service pages were not found in the provided content, indicating room for improvement in compliance transparency. Overall, the website is well-designed, mobile-optimized, and trustworthy, with a moderate to high security maturity level.

S

Synology Inc.

sy.to

0

Synology Inc. is a well-established technology company specializing in data management, storage, backup, and cloud solutions. The company offers a broad portfolio of products including NAS and SAN storage systems, backup and recovery solutions, surveillance systems, networking devices, and productivity software. Positioned as a global leader in the data storage industry, Synology targets both business and individual users seeking scalable and secure data management platforms. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding consistent with its market position. Technically, the website employs modern web technologies such as Vue.js and jQuery, integrates Google Tag Manager and LiveChat for analytics and customer engagement, and demonstrates good performance and mobile optimization. The site is well-structured with proper SEO and accessibility considerations, indicating a high level of digital maturity. From a security perspective, Synology demonstrates strong commitment through HTTPS enforcement, detailed security policies, a secure development lifecycle, supply chain risk management, and a public bounty program. Cookie consent mechanisms and privacy policies align with GDPR compliance, enhancing user trust. No critical vulnerabilities or security issues were detected in the analysis. Overall, the website presents a low-risk profile with strong business credibility, technical robustness, and privacy compliance. Strategic recommendations include publishing a security.txt file to facilitate vulnerability reporting and explicitly listing a Data Protection Officer contact to further enhance compliance transparency.

CIRCUS DESIGN s.r.o. is a Czech Republic-based UX agency specializing in user experience design, user research, consulting, prototyping, and design services. The company has a clear market position supported by a portfolio of reputable clients and active community engagement through events like UX Circus. Their website reflects a professional and consistent brand image targeting businesses seeking UX expertise. Technically, the site uses modern frameworks such as Bootstrap and jQuery, with integration of analytics tools like Google Analytics and Hotjar, indicating a moderate level of digital maturity. However, the absence of explicit privacy and cookie policies suggests gaps in compliance. Security posture is moderate with HTTPS usage but lacks visible security headers and vulnerability disclosures. WHOIS data is unavailable, limiting domain legitimacy verification, but the business information on the site appears credible and transparent. Overall, the website is well-designed and functional but would benefit from enhanced security and privacy practices.

F

Fondation Restena

my.lu

0

The website my.lu/fr is the official platform managed by Fondation Restena for registering and managing .lu domain names. It offers two modes of domain management: classical paper forms and a modern online platform launched in June 2023. The site targets individuals and organizations in Luxembourg seeking .lu domain services. The business is positioned as the official registrar for .lu domains, providing trusted and secure domain management services. Technically, the site is built on Drupal 10 with modern frontend technologies including lazy loading images and Font Awesome icons. It is mobile optimized and accessible with good SEO practices. Security posture is solid with HTTPS and secure forms, though explicit security headers and policies are not published. Privacy and cookie policies are not found, indicating room for compliance improvement. WHOIS data confirms the legitimacy of the domain and its management by Fondation Restena. Overall, the site is professional, trustworthy, and safe for general audiences.

P

Poutapilvi

poutapilvi.fi

0

Poutapilvi is a Finnish digital agency specializing in digital service design, WordPress and WooCommerce development, and content marketing support. The company positions itself as a reliable partner for businesses and organizations seeking professional web solutions, emphasizing accessibility, usability, and customer service excellence. Their market presence is supported by multiple references and a high credit rating, indicating strong business credibility. Technically, the website is built on WordPress with a modern tech stack including Algolia search, Matomo analytics, and Google Tag Manager. The site demonstrates excellent performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though the absence of explicit security policies and incident response contacts suggests room for improvement. No critical vulnerabilities or suspicious indicators were found, supporting a high trust level. Overall, Poutapilvi presents a professional, secure, and privacy-conscious digital presence suitable for its target audience. Strategic enhancements in security transparency and incident readiness would further strengthen their position.

L

Liedon Innovaatiokampus Oy

liedoninnovaatiokampus.fi

0

Liedon Innovaatiokampus Oy is a municipally owned innovation campus located in Lieto, Finland, established in 2023. It serves as a collaborative platform bringing together various business services, employment, education, logistics, and capital solutions to support local business growth and networking. The website reflects a regional government entity focused on fostering innovation and business development within the community. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and cookie consent, hosted likely by Elisa Oyj. The site is well-structured, mobile-optimized, and provides clear navigation and relevant content for its target audience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the domain registration details align well with the business identity, indicating high legitimacy and trustworthiness.

L

Etusivu | Liedon Lämpö

liedonlampo.fi

0

Liedon Lämpö appears to be a small Finnish company operating in the energy sector, likely providing heating-related services or products. The website is built on the Wix platform and uses Wix's Thunderbolt framework and standard JavaScript libraries. The site content is minimal, lacking detailed business descriptions, contact information, or compliance documentation. Technically, the site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS and some JavaScript hardening but missing important security headers and explicit privacy or cookie policies. Overall, the site presents a moderate risk profile due to limited transparency and compliance information.

M

Mealdoo

mealdoo.com

0

The website mealdoo.com presents minimal accessible content, primarily a basic Angular-based landing page with no visible business description, contact information, or policies. The domain is relatively new, registered in late 2022, consistent with a startup or new business. The technical infrastructure includes modern frontend technology (Angular 18.2.13) and hosting likely on AWS, but lacks visible security headers or HTTPS confirmation in the provided data. No privacy or cookie policies are present, indicating low privacy compliance. The absence of contact details and business information reduces trustworthiness and business credibility. Overall, the site appears to be in an early development or placeholder state with limited user engagement features.

S

Seravo

seravo.com

0

Seravo is a Finnish company specializing in premium managed WordPress hosting services, focusing on site speed, security, and automatic updates with continuous 24/7 monitoring. The company positions itself as a niche provider targeting WordPress site owners and agencies seeking reliable and secure hosting solutions. Their business model is subscription-based, emphasizing high-quality service and compliance with industry standards such as ISO 27001 and GDPR. The website reflects a professional and consistent brand image with comprehensive business and security information.

V

Visit Naantali

visitnaantali.com

0

Visit Naantali operates as the official tourism website for the Naantali region in Finland, providing comprehensive information about local attractions, events, accommodations, and activities. The site targets tourists and visitors seeking to explore Naantali, positioning itself as a trusted and authoritative source for travel planning in the area. The business model focuses on tourism promotion and visitor engagement through digital content and booking facilitation. Technically, the website is built on WordPress with modern technologies including Bootstrap 5 for responsive design, Yoast SEO for search optimization, and Cookiebot for GDPR-compliant cookie consent management. The infrastructure includes Google Tag Manager and Matomo Analytics for tracking and performance monitoring. The site demonstrates good mobile optimization and accessibility features, though some accessibility aspects could be enhanced. From a security perspective, the website enforces HTTPS and employs clientTransferProhibited status on the domain to prevent unauthorized transfers. Cookie consent is actively managed, and no critical vulnerabilities or exposed sensitive data were detected. However, DNSSEC is not enabled, and additional HTTP security headers could be implemented to strengthen security posture further. Overall, the website presents a professional, trustworthy, and user-friendly platform for tourism promotion with a solid technical foundation and good privacy compliance. The absence of explicit privacy policy and terms of service pages in the scanned content is a gap that should be addressed to improve compliance and user trust.

Rek.ai, operated by Sandskogen AI Aktiebolag, is a Swedish technology company specializing in AI-driven website personalization solutions. Founded in 2018, the company targets businesses seeking to enhance user engagement through personalized web experiences. The website reflects a professional and consistent brand image, with content primarily in Swedish and localized language options. Their market position is that of a niche AI personalization provider within the Scandinavian region, offering services centered on AI-powered personalization and analytics.

G

Grade Solutions Oy

kuntarekry.fi

0

Kuntarekry.fi is a Finnish job portal specializing in open municipal sector job listings across Finland. Operated by Grade Solutions Oy, the platform offers thousands of job opportunities and facilitates job application submissions for Finnish job seekers. The website is professionally designed with good SEO and mobile optimization, targeting a national audience interested in municipal employment. Technically, the site uses standard web technologies including HTML5, CSS3, and JavaScript, with integrations to Google APIs for performance and resource loading. Security posture is adequate with HTTPS enabled and Google site verification present; however, the absence of security headers and privacy policies indicates room for improvement in compliance and security best practices. Overall, the domain registration is consistent and trustworthy, matching the business entity and country. The site is safe for general audiences with no adult or explicit content detected.

T

THEMESPRIDE

themespride.com

0

THEMESPRIDE operates as a specialized e-commerce platform offering premium WordPress themes and theme bundles primarily targeting web developers, designers, and businesses seeking professional website templates. The company leverages the Shopify platform to deliver a streamlined shopping experience, supported by integrations with marketing and analytics tools such as Google Tag Manager, Facebook Pixel, Klaviyo, and Judge.me for customer reviews. The website presents a professional design with clear navigation and mobile optimization, enhancing user experience and engagement. From a technical perspective, THEMESPRIDE utilizes a modern tech stack centered around Shopify's Dawn theme, supported by JavaScript libraries like jQuery and various third-party scripts for analytics and marketing. The site benefits from Shopify's hosting infrastructure, ensuring fast performance and reliable uptime. Security measures include HTTPS enforcement and the use of hCaptcha for form protection, alongside a cookie consent mechanism compliant with GDPR requirements. However, explicit security headers and a dedicated security policy are absent, representing areas for improvement. The security posture is generally sound with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed through comprehensive privacy and cookie policies, though incident response and vulnerability disclosure information are lacking. The absence of WHOIS data due to privacy protection or unregistered status slightly diminishes trust but is common among small e-commerce businesses. Overall, THEMESPRIDE demonstrates a mature digital presence with room to enhance transparency and security best practices. Strategically, THEMESPRIDE should focus on implementing explicit security headers, publishing a security policy, and establishing incident response contacts to bolster trust and compliance. Regular audits of third-party scripts and enhanced transparency on data retention will further strengthen their security and privacy posture. These steps will support sustained growth and customer confidence in a competitive market.

L

Home | Luxembourg. Our Common Ground.

luxembourg-ourcommonground.lu

0

The website 'Luxembourg. Our Common Ground.' serves as a cultural and promotional platform highlighting Luxembourg's diversity, multilingualism, and inclusive society. It targets a general audience interested in Luxembourg's heritage, culture, and tourism. The site features rich multimedia content including images, videos, and interactive galleries, supported by modern web technologies such as Typekit fonts, Glide.js carousels, and lazy loading for performance optimization. Cookie consent is managed via CookieYes, indicating some level of privacy compliance. However, the absence of explicit privacy policy, terms of service, and contact information limits transparency and user trust. The WHOIS data is unavailable due to a malformed domain query, which reduces confidence in domain legitimacy but does not necessarily indicate malicious intent. Overall, the site is professionally designed and well-branded, with strong cultural and tourism messaging.

T

TSC

tsc.lv

0

TSC is a Latvian-based service provider specializing in the repair of mobile phones, tablets, smartwatches, laptops, electric scooters, and audio equipment. The company targets general consumers in Latvia seeking device repair services. The website is professionally designed with consistent branding and provides clear information about its services, primarily in Latvian. The business operates in the technology sector with a small company size and a local market focus. Technically, the website employs modern technologies including Bootstrap for responsive design, Google Tag Manager for analytics, and Cookiebot for cookie consent management. The site uses HTTPS with good SSL configuration and includes security headers, indicating a solid technical foundation. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the website demonstrates good practices such as enforced HTTPS, cookie consent mechanisms, and no visible exposure of sensitive data. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure information. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the website presents a trustworthy and professional online presence with moderate technical maturity and good privacy compliance. Strategic improvements could focus on enhancing accessibility, publishing security policies, and adding incident response information to strengthen security posture and user trust.

The website www.kn.lt is currently inaccessible due to a Cloudflare security challenge page that requires human verification via Turnstile captcha. This prevents access to any meaningful content or business information. The WHOIS query for the domain failed, returning an invalid domain name error, indicating possible registration or configuration issues. No metadata, privacy policies, contact information, or business details are available for analysis. The technical infrastructure is protected by Cloudflare services, but no further technical or security details can be assessed due to the blocked content. Overall, the site lacks publicly accessible information, which severely limits trust and credibility assessments.

Š

Škola kreativní fotografie s.r.o.

nauctesefotit.cz

0

Škola kreativní fotografie s.r.o. is a private photography school based in Prague, Czech Republic, offering a variety of photography courses, workshops, and certification programs primarily targeting photography enthusiasts and students preparing for art schools. The website is professionally designed using WordPress with modern plugins and technologies such as Yoast SEO and Google reCAPTCHA, ensuring a secure and user-friendly experience. However, the absence of WHOIS data and privacy/cookie policies indicates areas for improvement in transparency and compliance. The site demonstrates good security posture with HTTPS and form protections but lacks some security headers and formal privacy documentation. Overall, the business appears legitimate and well-established with a strong local presence and partnerships, though domain registration details should be clarified to enhance trust.

K

Kampus Hybernská

kampushybernska.cz

0

Kampus Hybernská is a cultural and educational hub located in Prague, focusing on fostering creativity, innovation, and academic collaboration. The website showcases a variety of events including lectures, performances, exhibitions, and workshops aimed at students, artists, researchers, and the general public. The platform is supported by partnerships with the Prague city government and Charles University, enhancing its credibility and community impact. Technically, the site is built on Webflow with modern JavaScript libraries and includes analytics and marketing tools such as Google Analytics and Facebook Pixel. Security posture is strong with HTTPS and security headers in place, complemented by GDPR-compliant privacy and cookie policies. However, the absence of WHOIS data limits domain trust verification. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for a medium-sized educational and cultural institution.

H

HESTIA

hest.cz

0

HESTIA is a Czech non-profit organization established in 2001, specializing in volunteer services, coordination, and educational programs. The website presents a well-structured platform offering multiple volunteer programs, corporate volunteering initiatives, and training courses. It targets volunteers, non-profit organizations, companies interested in corporate social responsibility, donors, and media. The organization maintains partnerships with government bodies and foundations, enhancing its credibility and market position within the Czech Republic's volunteer sector. Technically, the website uses a custom CMS (Toolkit) hosted by ECN Studio, with integration of Google Analytics and Google Tag Manager for visitor tracking. The site is mobile-optimized with good navigation and content quality. However, some technical improvements are recommended, including the implementation of security headers and enhanced accessibility features. From a security perspective, the site uses HTTPS (implied by external Google Analytics scripts loaded over HTTPS), has a cookie consent mechanism compliant with GDPR, and does not expose sensitive data. There is no visible security or incident response policy, and no contact emails or phone numbers are provided on the homepage, which could be improved for transparency and user trust. Overall, the website is professional, trustworthy, and serves its non-profit mission effectively. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and providing clearer contact information to improve user confidence and compliance posture.

A

AI • DESIGN

aidesign.cz

0

AI • DESIGN is a small architectural design firm based in the Czech Republic, specializing in residential, interior, staircase, public, and private building projects. The website is professionally designed using the Squarespace platform, featuring clear navigation and good mobile optimization. The firm highlights significant projects such as the new Žižkov Center and a cultural and congress center in Zlín, indicating active engagement in notable architectural developments. Technically, the site employs modern web technologies and enforces HTTPS with HSTS, reflecting a good security baseline. However, the absence of visible privacy policies, cookie consent mechanisms, and contact information limits compliance and transparency. The WHOIS data is unavailable, likely due to privacy protection, which is common for small businesses but reduces domain trust verification. Overall, the website presents a professional image with moderate trustworthiness but would benefit from enhanced privacy and compliance disclosures.

C

Czech Repubrick

czechrepubrick.cz

0

Czech Repubrick is a small retail and educational business focused on Lego products, exhibitions, and educational programs for schools and companies. The website is built on the Wix platform, featuring a professional design and moderate technical maturity. It uses standard web technologies including JavaScript, jQuery, Google Analytics, and Poptin for marketing and analytics. Security posture is moderate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published privacy policies. The absence of WHOIS registrant data reduces transparency and trustworthiness. Overall, the website is accessible and content is family-friendly, targeting Lego enthusiasts and educational institutions.

C

CANS Global

cans.com

0

CANS Global is a small Czech Republic-based e-commerce company specializing in natural sparkling alpine water with real fruit juice. The company emphasizes purity and natural ingredients, targeting general consumers interested in healthy beverage options. The website is built on the Shopify platform, leveraging modern web technologies and analytics tools such as Google Analytics and Microsoft Clarity. The site is well-designed, mobile-optimized, and provides a good user experience, although it lacks some standard compliance documents such as privacy policy and terms of service. Security posture is adequate with HTTPS and domain protections but could be improved by enabling DNSSEC and publishing security policies. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

E

ekolo.cz s.r.o.

ekolo.cz

0

Ekolo.cz s.r.o. operates a leading Czech e-commerce and physical retail platform specializing in electric bicycles and related accessories. Established in 2007, the company has built a strong market position with over 18 years of experience, offering a wide range of products including over 700 e-bike variants from 16 manufacturers. Their services include sales, rental, and servicing of e-bikes, targeting cycling enthusiasts and urban commuters primarily in the Czech Republic. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive product information. Technically, the site leverages modern JavaScript libraries such as Swiper.js, Google Tag Manager, and integrates security features like Google reCAPTCHA to protect user interactions. Hosting is inferred to be on DigitalOcean with CDN support for performance. Security posture is strong with HTTPS enforced and secure form handling, though some HTTP security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies, GDPR adherence, and consent mechanisms. Contact information is transparent and includes multiple channels. Overall, the site demonstrates high professionalism, trustworthiness, and digital maturity.

3

Pizza your way | 360 Pizza

360pizza.com

0

360 Pizza operates an e-commerce platform focused on pizza ordering and courier shipping services. The website presents a modern, visually consistent brand with a focus on user experience and mobile optimization. The business appears to be established since 2005, with a domain age supporting its longevity. The technical infrastructure leverages modern web technologies including React with Next.js, Mapbox for mapping, and multiple analytics platforms such as Google Analytics, TikTok, Facebook, and Smartlook. Cookie consent is managed via Cookiebot, indicating some level of privacy compliance awareness. However, explicit privacy policies, terms of service, and contact information are not found on the analyzed page, which may impact user trust and regulatory compliance. Security posture is generally good with HTTPS enforced and domain transfer protection enabled, but DNSSEC is not enabled, and security headers beyond domain status are not explicitly identified. Overall, the website is functional and professional but could improve transparency and compliance documentation.

B

Bageterie Boulevard

bb.cz

0

Bageterie Boulevard is a well-established fast casual gourmet sandwich and food service chain primarily operating in the Czech Republic with some presence in Slovakia. The company offers a variety of freshly prepared sandwiches and related products, emphasizing quality and speed. Their business model includes physical retail locations, online ordering platforms, catering services, and franchise opportunities. The website reflects a mature digital presence with multiple branches listed, a mobile app promotion, and loyalty programs. Technically, the site uses a mix of legacy and modern web technologies including jQuery, Google Maps API, and various marketing and analytics tools such as Google Analytics, Facebook Pixel, and Cookiebot for consent management. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and vulnerability disclosure policies are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, supporting a large retail hospitality business.

M

Městská část Praha 4

praha4.cz

0

Městská část Praha 4 operates as the official municipal government website for the Prague 4 district in the Czech Republic. It provides residents and visitors with comprehensive information on local government services, news, events, and public resources. The site targets local citizens and stakeholders, offering key services such as online forms, contact directories, event calendars, and public announcements. The website is well-positioned as a trusted source of municipal information with a consistent brand and clear communication channels including social media integration. Technically, the website is built on legacy ASP.NET WebForms technology with Telerik UI components and uses older versions of jQuery. It employs security scripts like Barracuda and FingerprintJS for visitor identification and basic protection. Hosting and domain registration are managed by Active24, a reputable provider. Performance and mobile optimization are moderate, with room for modernization and improved accessibility. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, but lacks modern security headers such as CSP and X-Frame-Options. The use of outdated JavaScript libraries presents potential vulnerabilities. No explicit security or incident response policies are published. Overall, the security posture is adequate but could benefit from updates and enhanced controls. The domain WHOIS data is consistent with the website's municipal nature, showing a long-established registration since 1998 without privacy protection, reinforcing legitimacy. No suspicious or malicious content was detected, and the site is safe for general audiences. Strategic recommendations include updating technical components, enhancing security headers, and improving privacy and accessibility compliance to strengthen trust and resilience.

O

Open House Europe

openhouseeurope.org

0

Open House Europe is a non-profit cultural organization founded in 2023 and coordinated by the Public institution Architektūros fondas in Lithuania. It operates a network of architecture festivals across Europe, focusing on themes such as sustainability, accessibility, inclusion, and future heritage. The organization engages the public through events, volunteer programs, and annual summits, supported by European cultural funding and media partnerships. The website reflects a professional and consistent brand presence with rich content targeting architecture enthusiasts and the general public interested in urban heritage. Technically, the website is built on WordPress with modern technologies including Bootstrap, jQuery, and Lottie animations. It uses Yoast SEO for optimization and integrates Google Analytics and MailerLite for marketing and analytics. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the site uses HTTPS with a valid SSL certificate and employs secure form handling with nonce tokens. However, DNSSEC is not enabled, and security headers are not explicitly detected. There is no visible security or incident response policy, and no cookie consent mechanism is implemented, which may impact GDPR compliance. The WHOIS data is consistent with the organization's claims, showing a legitimate and recently registered domain. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation but could improve in privacy compliance and security best practices to enhance trust and regulatory adherence.

A

ANEXIA® Internetdienstleistungs GmbH

backboneeurope.com

0

Anexia Internetdienstleistungs GmbH operates Backbone Europe, a major network infrastructure project enhancing connectivity and DDoS protection across key European cities. The company provides IT services including software development, hosting, and network solutions primarily targeting enterprise customers. The website reflects a mature digital presence with modern technologies and interactive content, supporting a professional brand image. Security posture is moderate with HTTPS usage and domain transfer protection, but lacks DNSSEC and explicit security headers. Privacy compliance is partial, with a privacy policy linked externally but no cookie consent mechanism visible. Overall, the site is trustworthy and business-focused, with room for improvement in security and privacy transparency.