Security Directory

B

Business Finland

businessfinland.fi

0

Business Finland is a Finnish government agency dedicated to fostering growth by supporting Finnish companies in internationalization and innovation funding. The website serves as an authoritative portal for Finnish businesses seeking funding and international growth opportunities. It reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its target audience. The technical infrastructure leverages modern technologies including Azure hosting, Google Tag Manager, and Cookiebot for consent management, indicating a well-maintained and secure platform. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response contacts are not prominently published. Overall, the website demonstrates a high level of professionalism and trustworthiness suitable for a government entity.

Helsingin seurakuntayhtymä operates as a major religious and community service organization in Helsinki, Finland, providing a range of social and religious services to local residents and church members. The organization is well-established, with a domain registered since 2003, reflecting a stable presence in the community. The website serves as an informational and service portal, primarily in Finnish, targeting local audiences with clear contact and policy information. Technically, the website employs a modern but somewhat dated technology stack including Bootstrap 3 and standard web technologies like HTML5, CSS3, and JavaScript. Hosting and domain services are provided by Elisa Oyj, a reputable Finnish telecom provider. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the website enforces HTTPS and includes standard security headers, though DNSSEC is not implemented. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place, aligning with GDPR requirements. However, explicit security policies and incident response contacts are not published. Overall, the website demonstrates a solid security posture and business credibility appropriate for a public non-profit organization. Strategic recommendations include implementing DNSSEC, publishing a vulnerability disclosure or security.txt file, enhancing accessibility, and maintaining regular security audits to ensure ongoing compliance and protection.

Yahoo is a major global internet brand operating a portfolio of websites and applications including Yahoo, AOL, Engadget, Rivals, In The Know, and Makers. The analyzed page is a Finnish language consent management interface for GDPR compliance, allowing users to accept or reject cookies and manage privacy settings. The business model centers on advertising and content delivery, targeting general internet users with a broad range of digital services. The website demonstrates consistent branding and good content quality aligned with Yahoo's corporate identity. Technically, the site uses standard web technologies including JavaScript and CSS, with some proprietary Yahoo libraries such as YAHOO.i13n.Rapid for analytics. The page is moderately optimized for performance and mobile devices, though accessibility and SEO could be improved. Security measures include CSRF tokens in forms, but no explicit security headers were detected in the provided data. The SSL configuration could not be assessed from the data but is expected to be standard for Yahoo domains. From a security and compliance perspective, the site shows good GDPR compliance with clear privacy and cookie policies linked, and a consent mechanism implemented. No contact or incident response information was found on this page, which is typical for a consent layer. The domain WHOIS data for the subdomain is not separately registered, which is normal for subdomains under a large corporate domain. Overall, the site is trustworthy and safe, with no adult or malicious content detected. Strategically, Yahoo should enhance security headers and accessibility features, improve SEO metadata, and consider publishing clear security and incident response policies linked from consent pages to strengthen trust and compliance posture.

D

DRUŠTVO CRVENOG KRIŽA ZAGREBAČKE ŽUPANIJE

dck-zagrebacka-zupanija.hr

0

The website represents the Croatian Red Cross Society of Zagreb County, a regional non-profit organization dedicated to humanitarian aid, blood donation, and volunteering. It serves the general public in Zagreb County and provides information and services aligned with the Red Cross mission. The site is built on a WordPress platform using modern themes and plugins, including Elementor and Modern Events Calendar Lite, indicating a moderate level of digital maturity. Accessibility features and GDPR-compliant cookie consent mechanisms are implemented, reflecting attention to user experience and privacy. Security posture is good with HTTPS enabled and no visible vulnerabilities, though some security headers could be improved. Overall, the site is trustworthy and professionally maintained, with clear branding and consistent content.

D

Društvo Crvenog križa Varaždinske županije

dck-vz.hr

0

Društvo Crvenog križa Varaždinske županije is a regional branch of the Croatian Red Cross, providing humanitarian aid, first aid training, blood donation campaigns, and volunteer coordination primarily for the Varaždin County community. The website is built on WordPress with common plugins such as Yoast SEO and Contact Form 7, featuring a modern design and good mobile responsiveness. Security posture is solid with HTTPS enforced and Google reCAPTCHA protecting forms, though additional HTTP security headers could improve defenses. Privacy compliance is evident with a cookie consent banner and a privacy policy page aligned with GDPR requirements. Contact information including emails, phone, and physical address is clearly presented, enhancing business credibility.

H

Hrvatski Crveni križ Društvo Crvenog križa Osječko-baranjske županije

dckobz.hr

0

Hrvatski Crveni križ Društvo Crvenog križa Osječko-baranjske županije is a regional humanitarian non-profit organization operating in Croatia's Osječko-baranjska županija. The organization focuses on community support, youth engagement, first aid training, disaster response, blood donation, and social welfare activities. Their website reflects a well-structured and content-rich platform that communicates their mission, projects, and news effectively to the general public and stakeholders. The organization maintains a consistent brand presence and provides multiple contact channels including email, phone, and a contact form, supported by active social media profiles.

H

Hrvatski Crveni križ - Gradsko društvo Crvenog križa Čakovec

crveni-kriz-cakovec.hr

0

The website www.crveni-kriz-cakovec.hr represents the Gradsko društvo Crvenog križa Čakovec, a local branch of the Croatian Red Cross. It provides humanitarian services including blood donation campaigns, volunteer coordination, social and health programs, and emergency response. The organization is well-established with a domain registered since 2009 and operates primarily in Croatia. The website targets the general public, volunteers, and vulnerable groups within the region. Technically, the site is built on WordPress with a modern plugin ecosystem, including accessibility and cookie consent tools, ensuring compliance with GDPR and accessibility standards. Security posture is good with HTTPS enforced and cookie consent mechanisms, though additional security headers could enhance protection. The site uses Google Analytics for user tracking with moderate privacy compliance. Overall, the website is professional, trustworthy, and serves as a reliable information and engagement platform for the Croatian Red Cross local branch.

D

Društvo Crvenog križa Krapinsko-zagorske županije

dckkzz-krapina.hr

0

Društvo Crvenog križa Krapinsko-zagorske županije is a regional non-profit humanitarian organization serving the Krapinsko-zagorska County in Croatia. The organization coordinates local Red Cross societies and provides key services such as blood donation campaigns, social welfare activities, emergency response, and addiction prevention programs. It also manages EU-funded projects to enhance its infrastructure and outreach. The website reflects a well-structured and content-rich platform that supports community engagement and transparency. Technically, the website is built on WordPress 6.8.1 with a modern tech stack including jQuery and several plugins for event management and content display. The site is mobile-optimized and uses HTTPS, ensuring secure communication. However, some security headers are not explicitly detected, and there is no cookie consent mechanism, which could be improved for better privacy compliance. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and nonce usage in AJAX calls. The absence of exposed sensitive data and vulnerabilities in the visible content is positive. The WHOIS data is privacy protected, which is common for non-profits, but limits transparency. No incident response or security policies are published, which could be a gap in organizational security posture. Overall, the website is professional, trustworthy, and serves its community well. Strategic improvements in privacy compliance and security headers would enhance its security posture and regulatory adherence.

D

Društvo Crvenog križa Istarske županije

hck-istra.hr

0

Društvo Crvenog križa Istarske županije is a well-established regional humanitarian non-profit organization based in Croatia, focusing on blood donation, first aid, disaster response, and community social programs. With over 30 years of operation, it holds a strong market position in Istria County, supported by volunteers and partnerships. The website reflects a professional and consistent brand image, providing clear information and contact details to its audience. Technically, the site uses modern open-source libraries and frameworks like Bootstrap and jQuery, ensuring good mobile responsiveness and user experience. Security posture is moderate with room for improvement in HTTP security headers and documented security policies. Privacy compliance is strong, featuring GDPR-aligned privacy and cookie policies. Overall, the website is trustworthy, safe, and serves its community-focused mission effectively.

L

Living Room Conversations

livingroomconversations.org

0

Living Room Conversations is a US-based non-profit organization established in 2011, dedicated to fostering community dialogue and understanding through structured conversations. Their website serves as a platform to provide resources and frameworks to individuals and organizations interested in facilitating meaningful conversations. The organization operates in the non-profit sector with a focus on community engagement and education. Technically, the website is built on WordPress using popular plugins such as Elementor and GiveWP, hosted on SiteGround, and employs Google Analytics for visitor tracking. The site is mobile-optimized and presents a professional design with good navigation and content relevance. Security-wise, the site enforces HTTPS and has domain protections in place but lacks advanced security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is trustworthy and functional but would benefit from enhanced privacy and security disclosures.

A

AllSides Education Fund

allsideseducationfund.org

0

AllSides Education Fund is a nonprofit organization dedicated to strengthening democratic society by enhancing media literacy, providing balanced news access, and fostering constructive conversations across political divides. Founded in 2015 as a joint initiative of AllSides, Living Room Conversations, and the Mediators Foundation, it offers educational resources, scholarships, and grants primarily targeting educators and community leaders. The website serves as a platform to promote these services and facilitate donations and grant applications. Technically, the website is built on WordPress using modern plugins such as Yoast SEO and GiveWP for donations, with a responsive design optimized for accessibility and SEO. Hosting is supported by Amazon AWS infrastructure, and the site employs Google Tag Manager for analytics and tracking. While the site uses HTTPS and has domain transfer protections, it lacks DNSSEC and some security headers, indicating room for security improvements. From a security perspective, the site demonstrates a moderate security posture with no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies and incident response information, along with missing DNSSEC, suggests potential compliance and security gaps. Privacy policies and cookie policies are present but do not include explicit consent mechanisms, which may affect GDPR compliance. Overall, the website is professional, trustworthy, and well-aligned with its nonprofit educational mission. Strategic recommendations include enhancing DNS security, implementing security headers, and improving privacy compliance mechanisms to strengthen trust and security posture.

C

CFL multimodal

cfl-mm.lu

0

CFL multimodal is a Luxembourg-based logistics and transportation company specializing in rail freight, multimodal hubs, and comprehensive logistics services. It operates as part of the CFL Group, providing sustainable and efficient freight solutions across Europe. The website reflects a professional and well-structured digital presence with clear service offerings and a focus on environmental responsibility. Technically, the site uses modern web technologies including jQuery, Bootstrap, FontAwesome, and integrates analytics tools such as Google Tag Manager and Matomo. The security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security headers and policies are not evident. The absence of WHOIS data limits domain trust assessment, but the overall business credibility is supported by consistent branding and social media presence. Privacy compliance is well addressed with GDPR-aligned policies and cookie management.

S

SNCB-NMBS International

b-europe.com

0

SNCB-NMBS International operates a professional online platform for booking international train travel across Europe, including services for Eurostar, TGV INOUI, ICE, and other major train operators. The website targets European travelers seeking convenient ticket purchasing and travel planning, offering additional services such as Interrail passes and special tickets for bikes and dogs. The platform is built on a modern technology stack including C#, JavaScript, and Sitecore CMS, with integration of Google and Facebook APIs and a robust consent management system for GDPR compliance. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are lacking. The absence of WHOIS domain registration data is a notable concern, potentially indicating a subdomain usage or incomplete WHOIS information. Overall, the website presents a trustworthy and user-friendly experience for its target audience, but would benefit from enhanced transparency in domain registration and security disclosures.

L

Liikenne- ja viestintävirasto Traficom

nytvalppaana.fi

0

Nyt valppaana is a Finnish government cybersecurity awareness campaign operated by Liikenne- ja viestintävirasto Traficom in collaboration with the Police and the Digital and Population Data Services Agency. The website provides comprehensive educational content aimed at helping the general public recognize common scams, protect personal data, and secure devices. The campaign is relatively new, with the domain registered in May 2024, aligning with the launch of this initiative. The site is well-branded, professionally designed, and offers clear navigation and relevant content in Finnish.

C

College Magazine, LLC

collegemagazine.com

0

College Magazine, LLC operates a professional online media platform focused on providing college-related content authored by students nationwide. The website offers comprehensive guides on colleges, majors, internships, career advice, and student life, positioning itself as a niche educational media outlet. The platform leverages a modern WordPress infrastructure with advanced SEO and analytics tools, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement and privacy management tools, though explicit privacy and terms pages are missing, which should be addressed to improve compliance and trust. WHOIS data is unavailable or privacy protected, slightly impacting domain trust but not detracting from the professional presentation and content quality. Overall, the site is a credible resource for college students and prospective applicants.

I

Indiana University Bloomington

indiana.edu

0

Indiana University Bloomington is the flagship campus of the Indiana University system, offering a comprehensive higher education experience with a strong emphasis on research, innovation, and academic freedom. The website reflects a mature digital presence with professional design, clear navigation, and relevant content targeting prospective and current students. The university leverages modern web technologies including Google Tag Manager and Siteimprove Analytics to monitor and optimize user experience. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure; however, explicit security headers and privacy policies are not evident in the provided content, indicating areas for improvement. The domain is a subdomain of iu.edu, which is consistent with institutional practices, though WHOIS data for the subdomain is unavailable. Overall, the site is trustworthy, professional, and safe for general audiences.

V

vseosaunovani.cz

vseosaunovani.cz

0

The website vseosaunovani.cz is a niche informational platform focused on sauna bathing, its health benefits, traditions, and local sauna recommendations primarily targeting the Czech Republic audience. The site operates as a content and blog platform, providing articles and advice related to sauna culture and wellness. It is built on the Wix platform, leveraging Wix's CMS and hosting infrastructure, with integrations such as Google Tag Manager and Cookiebot for analytics and cookie consent management. Technically, the site demonstrates moderate performance and good mobile optimization, though accessibility and SEO could be improved. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and incident response information. The absence of WHOIS data and privacy policy reduces trust and compliance confidence. Overall, the site is functional and professional but would benefit from enhanced transparency and security practices.

S

Saunia

saunia.sk

0

Saunia operates as a regional sauna and wellness service provider primarily targeting customers seeking relaxation and health benefits through sauna experiences. The website presents a professional and consistent brand image, with content focused on promoting their sauna worlds and wellness offerings. The company appears to be established in the Czech Republic, serving a general audience interested in wellness and leisure. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, Cookiebot for consent management, and various plugins for social sharing and popups. The site is mobile-optimized and includes structured data for SEO and organization information, indicating a mature digital presence. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible advanced security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy compliance is supported by cookie disclosures and consent but lacks a clearly accessible privacy policy page in the provided content. Overall, the website is trustworthy and professionally maintained, with no blocking or WAF interference detected. The absence of WHOIS data limits domain registration insights but does not detract from the site's apparent legitimacy. Strategic recommendations include enhancing security headers, publishing privacy and security policies, and adding vulnerability disclosure information to improve trust and compliance.

S

Saunia

saunia.de

0

Saunia operates as a regional wellness and sauna service provider primarily targeting customers in the Czech Republic and neighboring countries. The website presents a professional and well-structured digital presence, leveraging WordPress CMS and integrating multiple marketing and analytics tools such as Google Analytics, Microsoft Clarity, and Cookiebot for consent management. The business focuses on delivering sauna experiences and wellness services, positioning itself as a trusted brand in the hospitality sector. However, the absence of publicly available WHOIS data and explicit privacy or terms of service pages slightly detracts from the overall trustworthiness. Technically, the site is well-optimized for mobile devices and SEO, though there is room for improvement in accessibility and security header implementation. The security posture is solid with HTTPS enforced and no visible vulnerabilities, but could benefit from enhanced transparency through published security policies and vulnerability disclosure mechanisms.

S

Saunia AT, s.r.o.

saunia.at

0

Saunia AT, s.r.o. is preparing to launch its Austrian website as an extension of the established Saunia wellness brand from the Czech Republic. The current website is a placeholder with minimal content, primarily targeting investors and redirecting users to the Czech site. The business focuses on wellness and sauna services, aiming to establish a presence in Austria. Technically, the site uses basic web technologies including jQuery and Slick carousel, with moderate performance and basic mobile optimization. Security posture is limited with no advanced headers or policies published, and privacy compliance is minimal due to absence of privacy and cookie policies. Overall, the site is functional but lacks comprehensive content and security features, reflecting an early stage of digital maturity.

Veganopolis is a Croatian non-profit online platform operated by the association Prijatelji životinja, dedicated to promoting veganism and plant-based lifestyles. The website offers a variety of community and educational services including a vegan product guide, a 30-day vegan challenge, vegan buddy support, nutritionist advice, cooking workshops, and vegan restaurant listings. The target audience is primarily Croatian-speaking individuals interested in veganism and animal rights. The platform positions itself as a niche non-profit resource with a focus on community engagement and education. Technically, the website uses a traditional tech stack including jQuery 1.10.2, Bootstrap, and Google Fonts. It is mobile optimized with good navigation and content quality, though some technologies are outdated. No CMS or hosting provider details are evident. The site lacks advanced security headers and explicit privacy or terms of service pages, though it includes a cookie consent banner. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS (assumed), employs POST methods for forms, and does not expose sensitive data. However, the absence of security headers and use of an outdated jQuery version present moderate risks. The WHOIS data is missing or indicates the domain is unregistered, which is inconsistent with the active website and raises concerns about domain legitimacy. Overall, the security posture is moderate but could be improved with better policies and technical controls. The overall risk is moderate with recommendations to verify domain registration status, implement security headers, update libraries, and publish privacy and security policies. The site is safe for general audiences and serves a clear non-profit mission with good business credibility.

AnimaList is a Croatian non-profit newsletter platform operated by the animal rights association Prijatelji životinja. The website focuses on promoting veganism, animal welfare, and environmental sustainability through educational content, activism updates, and event announcements. The organization targets animal rights advocates and environmentally conscious individuals primarily in Croatia. Technically, the site is built on WordPress with common plugins and uses HTTPS, but lacks advanced security headers and privacy compliance features such as a privacy policy or cookie consent. The WHOIS data is privacy protected, which is typical for non-profits, but limits transparency. Overall, the website is functional, content-rich, and trustworthy but could improve in privacy compliance and security best practices.

C

cyber_Folks d.o.o.

cyberfolks.hr

0

CyberFolks d.o.o. is a Croatian technology company specializing in domain registration, web hosting, SSL certificates, and e-marketing services. Founded in 2019, it targets businesses, students, developers, and e-commerce operators with a comprehensive portfolio of hosting solutions including shared hosting, VPS, and specialized WordPress hosting. The company positions itself as a reliable and professional local provider with strong customer support and a focus on performance and security. Their website reflects a mature digital presence with modern technologies and clear branding. Technically, the site is built on WordPress with advanced performance optimizations such as LiteSpeed Cache, CloudLinux, and HTTP/2, ensuring fast and reliable service delivery. Security posture is strong with HTTPS, DDoS protection, daily backups retained for 90 days, and free SSL certificates. Privacy compliance is well addressed with GDPR-compliant cookie consent and a comprehensive privacy policy. No critical vulnerabilities or security issues were detected. Overall, CyberFolks demonstrates a solid business and technical foundation with a trustworthy online presence.

The website www.oipa.org represents the Organizzazione Internazionale Protezione Animali (OIPA), an international non-profit organization dedicated to animal protection and environmental advocacy. The organization is affiliated with several United Nations bodies and the European Commission, indicating a credible international presence. The website content is focused on promoting animal welfare, opposing vivisection, and encouraging vegetarian and vegan lifestyles. The site is simple and functional but lacks advanced technical features or modern CMS frameworks. No forms or contact details are provided, limiting direct engagement opportunities. From a technical perspective, the website shows basic implementation with no detected modern technologies or CMS. The performance and mobile optimization are moderate to basic, with no evidence of security headers or HTTPS enforcement in the provided data. The absence of privacy and cookie policies indicates a gap in compliance with data protection regulations such as GDPR. Security posture is minimal with no visible security best practices or incident response information. The WHOIS data is unavailable due to a malformed request, which reduces transparency and trustworthiness, although the website's UN affiliations and content suggest legitimacy. No advertising or analytics scripts were detected, indicating minimal user tracking. Overall, the website is safe for general audiences and serves as an informational platform for the NGO. However, improvements in security, privacy compliance, and technical modernization are recommended to enhance trust and user engagement.

I

International Anti-Fur Coalition

antifurcoalition.org

0

The International Anti-Fur Coalition (IAFC) operates as a global non-profit animal rights advocacy group focused on ending the fur trade through activism, education, and legislative efforts. Founded in 2006, it unites over 50 organizations worldwide to organize campaigns and promote anti-fur legislation. The website serves as an informational and campaign platform, targeting animal rights supporters and the general public concerned with ethical fashion. Technically, the website is built on the Shopify platform, leveraging standard web technologies such as jQuery, Facebook SDK, and embedded YouTube content. The site is mobile-optimized with moderate performance and basic SEO and accessibility features. Analytics and tracking are implemented via Shopify Analytics and Facebook Pixel, indicating moderate user tracking. From a security perspective, the site enforces HTTPS and uses hCaptcha for form protection, but lacks explicit security headers and detailed privacy or cookie policies. WHOIS data is unavailable, likely due to privacy protection, which is common for non-profit organizations. No critical vulnerabilities or malicious content were detected. Overall, the website presents a moderate risk profile with good content quality and business credibility but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

E

European Coalition to End Animal Experiments (ECEAE)

eceae.org

0

The European Coalition to End Animal Experiments (ECEAE) is a well-established non-profit umbrella organization founded in 1990, representing 18 animal protection and scientific organizations across Europe. Their mission focuses on abolishing animal experiments and promoting humane, animal-free research methods. The organization holds a recognized position with official stakeholder status in several EU bodies, enhancing their influence in policy and advocacy. The website reflects this mission with clear, relevant content targeted at animal welfare advocates, researchers, and policymakers. Technically, the website is built on Joomla CMS with a modern and responsive design, delivering a good user experience across devices. The infrastructure is moderate in performance, with no blocking or WAF challenges detected. However, some security best practices such as DNSSEC and security headers are missing, and no cookie consent mechanism is implemented, which is a compliance gap given GDPR relevance. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks published security policies or incident response contacts. The WHOIS data is transparent and consistent with the organization's identity and location, supporting legitimacy. Overall, the site is professional and trustworthy but could improve privacy compliance and security hardening. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent for GDPR compliance, and publishing security and incident response policies to enhance trust and compliance.

E

Eurogroup for Animals

eurogroupforanimals.org

0

Eurogroup for Animals is a pan-European non-profit advocacy organization dedicated to improving animal welfare and defending animal interests across Europe. The website serves as a platform to communicate their mission, campaigns, and policy initiatives to a broad audience including NGOs, policymakers, and the general public interested in animal welfare. The organization positions itself as a key voice in European animal advocacy with a focus on policy influence and public awareness. Technically, the website is built on Drupal 10, leveraging modern web technologies including Font Awesome for icons, Google Tag Manager for analytics, and Cookiebot for cookie consent management. The site demonstrates good digital maturity with mobile optimization, accessibility features, and a cookie consent mechanism that complies with GDPR requirements. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS and implements cookie consent with granular user controls. However, explicit security headers like Content-Security-Policy and X-Frame-Options were not detected in the provided data, suggesting an area for improvement. No vulnerabilities or exposed sensitive data were found. The WHOIS data is unavailable or privacy protected, which is typical for non-profit organizations and does not raise immediate concerns. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though it would benefit from enhanced security header implementation and clearer contact information. The risk profile is low, with no critical issues detected.

E

European Vegetarian Union

euroveg.eu

0

The European Vegetarian Union (EVU) is a well-established non-profit organization representing vegetarian and vegan associations across Europe. It focuses on advocacy, policy influence, and promoting plant-based diets with a clear emphasis on sustainability, health, and consumer protection. The website serves as a central hub for information, membership coordination, and news related to plant-based food systems in the EU. Technically, the site is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The presence of Matomo and Google Analytics shows moderate user tracking for analytics purposes. Security-wise, the site employs HTTPS and several security headers, but lacks publicly available security policies or incident response information. Privacy compliance is incomplete due to missing privacy and cookie policies. Overall, the site is professional, trustworthy, and serves its niche audience effectively, though it would benefit from enhanced privacy disclosures and direct contact information.

C

cyber_Folks d.o.o.

avalon.hr

0

CyberFolks d.o.o. is a Croatian technology company specializing in web hosting, domain registration, SSL certificates, and e-marketing services. Founded in 2019, it targets businesses, developers, and individuals in Croatia with a strong emphasis on performance, reliability, and customer support. The company positions itself as a trusted local provider with a comprehensive portfolio of hosting solutions including shared hosting, VPS, and specialized WordPress hosting. The website reflects a professional and modern digital presence with clear service offerings and customer testimonials that reinforce trust and credibility. Technically, the site is built on WordPress with modern technologies such as LiteSpeed, CloudLinux, and HTTP/2, ensuring fast performance and mobile optimization. Security practices include HTTPS enforcement, DDoS protection, and backup retention, although explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, CyberFolks demonstrates a mature digital infrastructure and a solid market position in the Croatian hosting sector.

T

The Vegan Catalog

thevegcat.com

0

The Vegan Catalog is an online niche retail platform focused on providing a comprehensive catalog of vegan products across multiple categories including food, cosmetics, pets, and household items. Founded in 2019, it serves a specialized audience interested in vegan lifestyle products, offering multilingual support and a mobile app to enhance accessibility. The website positions itself as a leading resource in the vegan product catalog space, emphasizing breadth and ease of product discovery. Technically, the website employs a modern JavaScript-based frontend with Matomo analytics for privacy-conscious user tracking. It uses cookie consent mechanisms and standard SEO practices, with a responsive design optimized for mobile devices. The hosting and domain registration are consistent and reputable, though the CMS appears custom or proprietary without common CMS footprints. From a security perspective, the site enforces HTTPS and uses clientTransferProhibited domain status to prevent unauthorized transfers. However, it lacks DNSSEC and advanced security headers, and does not publish a formal security policy or incident response contacts. Privacy compliance is well addressed with clear privacy and cookie policies, but contact information is minimal, limiting direct user support channels. Overall, the website is professionally designed and functional with moderate security posture and good privacy practices. Strategic improvements in security headers, DNSSEC, and incident response transparency would enhance trust and resilience. The absence of direct contact details and security disclosures suggests room for maturity in business credibility and security culture.

1

10dencehispahard S.L.

tecnologa.cat

0

La Tecnòloga is a small digital media company operating a Catalan-language technology magazine founded in 2019. The website provides technology news, in-depth analysis, interviews, and book reviews targeting Catalan-speaking technology enthusiasts and the general public interested in technology and society. The company is registered as 10dencehispahard S.L. in Spain, consistent with the website's regional focus. The site is built on WordPress with standard plugins and integrates Google Analytics and social media feeds for audience engagement. The technical infrastructure is moderate in performance with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks DNSSEC and security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR explicit indicators. Contact information is limited to an email address and social media links, with no phone or physical address provided. Overall, the website is professional and trustworthy within its niche but could improve security and privacy practices.

L

Langley Advance Times

langleyadvancetimes.com

0

Langley Advance Times is a regional news media outlet serving the Langley area in British Columbia, Canada. It provides local news, community events, sports, entertainment, and obituaries, targeting local residents and readers interested in regional news. The site operates under the parent company Black Press Media, a known media group. The business model is primarily advertising and subscription-based, with a focus on community engagement and local journalism. Technically, the website uses a modern tech stack including Google Tag Manager, Google Analytics, Rubicon Project for advertising, and Marfeel SDK for mobile optimization. The CMS appears proprietary to Black Press Media. The site is mobile optimized, has good SEO practices, and loads with moderate performance. Accessibility features are basic but present. From a security perspective, the site enforces HTTPS and uses several security best practices, though some security headers are not explicitly visible. There is no visible security.txt or vulnerability disclosure policy, and cookie consent mechanisms are minimal or absent. WHOIS data for the domain is unavailable, which reduces trust slightly but the site’s professional appearance and affiliation with Black Press Media support its legitimacy. Overall, the site is a trustworthy local news source with good content quality and technical implementation. Strategic improvements in privacy compliance, security disclosures, and WHOIS transparency would enhance trust and security posture.

B

Boston Herald

bostonherald.com

0

Boston Herald is a prominent local news media organization serving the Boston, Massachusetts area, providing comprehensive coverage of news, sports, politics, entertainment, weather, and obituaries. The website demonstrates a mature digital presence with a subscription-based business model supported by a parent company, MediaNews Group. The site is well-branded and targets a general audience seeking timely and relevant local information. Technically, the site is built on WordPress and integrates multiple modern technologies including Google Tag Manager, Auth0 for authentication, and sophisticated ad and analytics platforms such as Google Ad Manager and Parsely. The site is mobile optimized and employs consent management via Osano, reflecting a commitment to privacy compliance. From a security perspective, the site enforces HTTPS, uses standard security headers, and manages cookie consent effectively. However, the absence of a public WHOIS record and lack of explicit security policies or incident response contacts slightly reduce trustworthiness. No critical vulnerabilities or exposed sensitive data were detected. Overall, Boston Herald's website is professional, secure, and compliant with privacy regulations, though improvements could be made in transparency around security policies and contact information. The domain WHOIS data absence warrants monitoring but does not currently undermine the site's legitimacy.

I

Information Week

informationweek.com

0

InformationWeek is a well-established technology news and analysis media brand founded in 1979 and currently owned by Informa PLC. The website serves IT professionals and business leaders by providing in-depth coverage of IT management, artificial intelligence, cybersecurity, cloud computing, and data privacy. It holds a strong market position as a trusted source of technology insights. Technically, the website employs a modern technology stack including JavaScript frameworks, New Relic monitoring, and various analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly available. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and content-rich, though the lack of publicly available WHOIS data slightly impacts trust scores.

A

Artur Kiulian

arturkiulian.com

0

Artur Kiulian's website presents a professional and well-structured digital presence focused on entrepreneurship, artificial intelligence, and machine learning. The business operates as a venture studio partner and non-profit supporter for startups, with additional activities including authoring books and speaking engagements. The site leverages modern web technologies such as Webflow CMS and integrates Google Analytics for tracking. The content is rich, relevant, and targeted primarily at entrepreneurs and business leaders interested in AI applications. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the website content itself is consistent and trustworthy. Security posture is moderate with HTTPS implied but lacking explicit security headers and published policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is functional and professional but would benefit from enhanced transparency and security practices.

U

Uus777

caiac19.org

0

Uus777 operates as an online slot gambling agent primarily targeting the Indonesian market. The website promotes slot 77 international gambling services with claims of high jackpot wins and fast payouts. The business model revolves around online gambling facilitation, with registration and login links provided via short URLs. The domain is well aged, registered since 2003, and uses Cloudflare DNS services. The website is built using AMP HTML technology, optimized for mobile performance and fast loading. However, the site lacks critical compliance elements such as privacy and cookie policies, and does not provide any contact information or terms of service. Security posture is weak with no security headers detected and DNSSEC not enabled. No analytics or advertising tracking scripts are present, indicating minimal user tracking. Overall, the site has basic content quality and design, with low trustworthiness due to missing compliance and security best practices. The content is adult-oriented due to gambling services, targeting adults only.

A

Artha Platform | Rianta Capital Zurich

arthaimpact.com

0

Artha Impact operates as an impact investing network and platform focused primarily on social ventures in India, with a history dating back to 2007 as part of Rianta Capital advising the Singh Family Trust. The platform facilitates collaboration and capital deployment among investors, entrepreneurs, and support organizations through an invite-only online network and associated SaaS offerings. The website presents a professional and consistent brand image with clear navigation and comprehensive content about its mission, sectors of interest, and partner ecosystem. Technically, the site is built on WordPress using modern libraries such as Bootstrap and jQuery, with integration of Google Analytics, Tag Manager, and Microsoft Clarity for analytics and tracking. Security posture is generally good with HTTPS enforced, but lacks DNSSEC and explicit security headers. Privacy and cookie policies are present and appear comprehensive, supporting GDPR compliance. No contact emails or phone numbers are explicitly listed, which may impact direct communication. Overall, the domain registration data is consistent and legitimate, supporting the credibility of the business.

S

Songue PR

songuepr.com

0

Songue PR is a specialized global public relations firm focused on delivering personalized and strategic PR services tailored to businesses at various growth stages. Their offerings include crisis communications, media relations, corporate messaging, and workshops for startups, positioning them as a boutique yet comprehensive PR partner. The website reflects a high level of professionalism with excellent design, clear navigation, and strong client testimonials, indicating a mature digital presence. Technically, the site leverages modern web technologies such as Webflow CMS, GSAP animations, and Google Analytics, ensuring smooth user experience and performance. Security posture is generally good with HTTPS and cookie consent mechanisms in place, though the absence of published security policies and incident response details suggests room for improvement. The WHOIS data is notably absent or inconsistent, raising questions about domain registration legitimacy despite the professional front. Overall, the site is trustworthy and well-constructed but would benefit from enhanced transparency regarding domain registration and security governance.

EZProvider Networks Inc. operates the website www.ezp.net, providing web hosting services primarily focused on the Vancouver and Canadian market. Their offerings include shared hosting, VPS hosting, and dedicated server hosting, targeting businesses and individuals seeking reliable and fast Canadian-based hosting solutions. The company positions itself as a local, customer-focused provider emphasizing performance and support. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, Yoast SEO, and Google Analytics, indicating a moderate level of digital maturity. The site is mobile optimized and performs well with clear navigation and professional design. Security posture is adequate with HTTPS enforced and use of Google reCAPTCHA; however, the absence of security headers and cookie consent mechanisms indicates room for improvement. The lack of WHOIS data for the domain is a notable concern, impacting trust and legitimacy assessments. Overall, the website is functional and professional but would benefit from enhanced security practices and privacy compliance measures.

H

Hansel Oy

hansel.fi

0

Hansel Oy is a Finnish government-owned company specializing in centralized public procurement services. The website serves as an official portal for public sector organizations in Finland to access procurement frameworks and related services. The company holds a strong market position as a key government procurement facilitator, focusing on efficiency and compliance. The website content is professionally presented, targeting public sector entities with clear information about services and privacy practices. Technically, the site employs modern JavaScript frameworks such as Alpine.js and HTMX, integrates consent management via Cookiebot, and uses analytics tools like Hotjar and Piwik Pro. The security posture is robust with HTTPS enforcement, security headers, and monitoring via Sentry, although some legacy libraries like jQuery 2.2.4 could be updated. Privacy compliance is well addressed with a comprehensive privacy policy and explicit cookie consent mechanisms. Overall, the site is trustworthy, secure, and well-aligned with its government service mission.

V

Vastuu Group

tilaajavastuu.fi

0

Vastuu Group is a Finnish technology service provider specializing in digital solutions that facilitate employee data management, compliance with labor laws, and reporting obligations primarily for the construction sector and related industries. The company offers a broad portfolio of services including Valtti+, Valttikortti, and electronic signature solutions, positioning itself as a key enabler of digital transformation and regulatory compliance in its market. Recent acquisitions such as Linnunmaa Lex indicate strategic growth and expansion of service offerings. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies and integrating analytics and marketing tools such as Google Tag Manager and Facebook Pixel. The site demonstrates good performance, mobile optimization, and accessibility, reflecting a mature digital infrastructure. From a security perspective, Vastuu Group maintains a strong posture with HTTPS enforcement, ISO 27001 certification, and comprehensive privacy and cookie policies. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a public incident response policy and security.txt file suggests areas for improvement in transparency and vulnerability management. Overall, Vastuu Group presents a professional, trustworthy, and compliant digital presence aligned with its business objectives. The company is well-positioned in its sector with a clear focus on compliance, digital services, and customer support.

K

Kappa Data France

kappadata.fr

0

Kappa Data France is a value-added IT distributor specializing in network infrastructure and security solutions for businesses. Established in 1986, the company offers reliable products, technical expertise, and support services targeting IT resellers, SMEs, and large enterprises. The website reflects a mature digital presence with a professional design, multi-language support, and modern WordPress infrastructure. Security posture is solid with HTTPS and Cloudflare DNS, though explicit security headers and privacy policies are missing. Analytics are implemented via Google Tag Manager, indicating moderate user tracking. Overall, the site is trustworthy and well-positioned in the technology distribution sector.

L

Luxembourg - Let's Make It Happen (LMIH)

lmih.lu

0

Luxembourg - Let's Make It Happen (LMIH) is an official government-backed platform designed to inspire and connect actors involved in promoting Luxembourg internationally. The website offers a rich selection of multimedia tools, branding guidelines, and partnership opportunities to support the promotion of Luxembourg's values and talents. It targets both national and international audiences including ministries, public administrations, businesses, and associations. The platform is positioned as a central resource for Luxembourg's national branding efforts, leveraging modern web technologies and a multilingual approach to maximize reach and engagement. Technically, the website is built on WordPress 6.8.1 with a modern tech stack including Yoast SEO, jQuery, Select2, Swiper.js, and Matomo analytics for privacy-conscious tracking. It employs HTTPS with good SSL configuration and integrates Google reCAPTCHA v2 for form security. Accessibility features and SEO optimizations are well implemented, contributing to a positive user experience across devices. However, explicit privacy and cookie policy pages are not detected in the provided content, which is a compliance gap. From a security perspective, the site follows best practices such as HTTPS enforcement and CAPTCHA protection on forms. The use of Matomo analytics and Axeptio cookie consent indicates a privacy-aware approach. Nonetheless, the absence of security headers and vulnerability disclosure policies suggests room for improvement in security posture. No vulnerabilities or suspicious activities were detected in the analysis. Overall, the website presents a professional, trustworthy, and well-structured platform aligned with its government branding mission. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, and establishing a vulnerability disclosure mechanism to enhance compliance and security maturity.

M

Molfar Intelligence Firm

molfar.com

0

Molfar Intelligence Firm is a Ukrainian private intelligence agency specializing in OSINT investigations and business consulting across finance, government, law, and IT sectors. Established in 2012 and operational since 2019, the firm serves a global clientele with expertise in over 60 countries, focusing on markets such as CIS, USA, UK, China, and Israel. Their key offerings include background checks, litigation support, risk consulting, market research, strategic communication, military intelligence, and OSINT training through their institute. Technically, the website is built on Webflow with modern JavaScript libraries and analytics tools, hosted with Cloudflare DNS, and employs HTTPS with domain transfer lock for security. Privacy and cookie policies are comprehensive and GDPR compliant, with user consent mechanisms in place. Security posture is strong with no critical vulnerabilities detected, though DNSSEC is not enabled. Overall, the site demonstrates high professionalism, trustworthiness, and technical maturity.

C

CREVV

crevv.com

0

CREVV is a small, full-service creative design studio based in Kyiv, Ukraine, specializing in visual and verbal communication, branding, environment design, text, and photography. The company has a well-established online presence with a portfolio showcasing various projects, positioning itself as a professional agency in the media sector. The website is built on the Readymag platform, utilizing modern web technologies including Google Fonts, YouTube API, and Google Analytics for tracking. The site is SSL secured and hosted by Hosting Ukraine LLC, reflecting a consistent and legitimate domain registration since 2014. However, the website lacks explicit privacy, cookie, and terms of service policies, which impacts its compliance posture.

E

eSputnik

esputnik.com

0

eSputnik is a well-established Ukrainian SaaS company specializing in omnichannel Customer Data Platform (CDP) and marketing automation solutions. The company targets enterprise and small to large businesses seeking advanced marketing tools to unify customer data and automate communications across multiple channels including email, SMS, Viber, push notifications, and more. Their market position is supported by a decade-long presence and a client base of thousands daily. Technically, the website leverages modern JavaScript frameworks such as Vue.js and Vuetify, integrates multiple analytics and tracking tools, and is hosted on AWS infrastructure, indicating a mature digital infrastructure. Security posture is generally good with HTTPS enforced and domain transfer protections, but lacks DNSSEC and visible security headers. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the site is professional, trustworthy, and content-rich, but could improve in privacy transparency and security best practices.

H

heap studio

heap.lu

0

Heap studio is a small creative digital agency based in Luxembourg specializing in web development, design, branding, and consulting services. The company positions itself as a success-oriented studio focused on delivering purposeful and targeted results for clients, primarily businesses and organizations seeking digital creative solutions. Their portfolio showcases a variety of projects emphasizing brand identity, UX/UI design, and front-end and back-end development. Technically, the website is built on WordPress with modern tools such as Yoast SEO and GSAP animations, hosted by Infomaniak, a reputable provider. The site demonstrates good mobile optimization, SEO practices, and a professional design, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is trustworthy and professional but could improve in compliance and security transparency.

The Luxembourg House of Cybersecurity (LHC) website represents a government-backed initiative focused on cybersecurity coordination and awareness within Luxembourg. The site primarily serves as an informational landing page announcing the transformation of SECURITYMADEIN.LU into LHC, targeting government entities and cybersecurity stakeholders. The business model is centered on providing a national cybersecurity hub and fostering community engagement in cybersecurity matters. Technically, the website is built using the Hugo static site generator, with basic CSS and JavaScript. The site is simple and moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No analytics or tracking technologies are detected, indicating a minimal digital footprint. From a security perspective, the site lacks visible security headers and published privacy or cookie policies, which are important for compliance and user trust. The absence of WHOIS data limits the ability to verify domain registration legitimacy, although the presence of official government links supports authenticity. No forms or user input fields reduce attack surface but also limit user engagement. Overall, the website is safe and professional but basic in content and technical sophistication. Strategic improvements in security headers, privacy compliance, and WHOIS transparency would enhance trust and compliance posture.

T

Tampereen kaupunki

tampere.fi

0

Tampereen kaupunki operates as the official municipal government website for the city of Tampere, Finland, providing residents and visitors with comprehensive access to city services, news, and online transactions. The website is positioned as a key digital gateway for public sector services, reflecting a large-scale government entity with a focus on accessibility and user engagement. The business model centers on public service delivery with no commercial intent, targeting local citizens and stakeholders. Technically, the site leverages Drupal 10 as its CMS, integrates Matomo for analytics, and employs CookieInformation for consent management, indicating a mature digital infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, supported by modern web technologies and performance optimizations such as lazy loading and asynchronous script loading. From a security perspective, the website enforces HTTPS with strong SSL configurations and implements essential security headers. The presence of a cookie consent mechanism and a comprehensive privacy policy aligns with GDPR compliance requirements. However, explicit security policies and incident response information are not publicly available, representing an area for improvement. Overall, the site exhibits a strong security posture and trustworthy business credibility, with no detected vulnerabilities or suspicious activities. Strategic recommendations include publishing detailed security and incident response policies, implementing a security.txt file for vulnerability disclosures, and enhancing transparency around data protection officer contacts to further strengthen compliance and user trust.

R

Ruskon kunta

rusko.fi

0

Ruskon kunta is the official municipal government entity for the Rusko region in Finland, providing a comprehensive digital platform for residents and stakeholders. The website offers extensive information on local government services, community events, employment, education, and wellbeing. It serves as a key communication channel for municipal announcements and public engagement. The technical infrastructure is based on a modern WordPress CMS with integrated SEO and accessibility features, hosted with Azure DNS and secured with DNSSEC and HTTPS. The site demonstrates good privacy compliance with clear cookie consent mechanisms and a comprehensive privacy policy. Security posture is strong with no critical vulnerabilities detected, although some security headers could be enhanced. Overall, the website is trustworthy, professionally maintained, and aligned with the official registrant data, reflecting a mature and credible municipal digital presence.