Security Directory

P

Pro Háčkování s.r.o.

prohackovani.cz

0

ProHackovani.cz is a Czech Republic-based e-commerce retailer specializing in crafting supplies, particularly for knitting, crocheting, sewing, and creative hobbies. The website offers over 21,000 products and has an established market presence with an 8-year tradition. It provides both online sales and a physical store in Kostelec nad Labem, supported by customer service via phone, email, and chat. The business model focuses on retail sales to hobbyists and creative individuals, maintaining a strong customer service orientation and product availability.

P

Pejskovice

pejskovice.cz

0

Pejskovice.cz is an e-commerce website specializing in pet supplies targeted primarily at Czech pet owners. The site offers a variety of products for dogs, cats, and rabbits, positioning itself as a local online retailer with a focus on pet care. The website is built on the Shoptet platform, leveraging common web technologies such as JavaScript, jQuery, and integrates analytics tools including Google Analytics and Smartlook for user behavior tracking. While the site is accessible and uses HTTPS, it lacks visible privacy and terms of service pages, which are important for compliance and user trust. The absence of WHOIS data and registrant information reduces the domain's trustworthiness, although the website content and structure appear professional and consistent with a legitimate retail business. Security posture is moderate, with HTTPS enabled but missing important security headers. Overall, the site is functional and serves its business purpose but would benefit from enhanced transparency and security practices.

P

Pinoys.cz

pinoys.cz

0

Pinoys.cz is a specialized e-commerce retailer focused on Asian food products, primarily serving customers in Prague and the Czech Republic. The website offers a variety of Asian groceries including instant noodles, spices, and fresh products, targeting consumers interested in exotic and authentic Asian cuisine. The business operates a niche online store with a clear product categorization and customer loyalty programs, positioning itself as a trusted local supplier in its market segment. Technically, the website is built on the Upgates e-commerce platform, leveraging modern web technologies such as Google Tag Manager, Facebook Pixel, and live chat services to enhance customer engagement and marketing effectiveness. The site is mobile-optimized with good navigation and SEO practices, although accessibility features are basic. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published security policies. The absence of WHOIS data reduces domain registration transparency, which slightly impacts trustworthiness. Overall, the site is professional and functional with moderate risk, suitable for its business purpose.

D

DAFIT s. r. o.

extrifit.cz

0

EXTRIFIT.cz is a Czech Republic-based e-commerce platform specializing in sports and supplementary nutrition products such as proteins, gainers, creatine, carnitine, amino acids, fat burners, and anabolic supplements. The website is professionally designed with good SEO and mobile optimization, targeting sports enthusiasts and supplement consumers primarily in the Czech market. The technical infrastructure leverages a proprietary e-commerce framework (BSSHOP), Google Tag Manager for analytics, and modern web fonts, indicating a mature digital presence. Security posture is strong with HTTPS enforced and standard security headers present, though explicit privacy and cookie policies are not clearly found in the provided content. Overall, the site demonstrates a good level of professionalism and trustworthiness, though improvements in privacy compliance and contact transparency are recommended.

D

DEKORHOME, s.r.o.

dekorhome.cz

0

DEKORHOME, s.r.o. operates a large e-commerce platform specializing in furniture, home accessories, and garden products primarily targeting customers in the Czech Republic and Slovakia. The website offers a wide product range with claims of over 70,000 products and 3 million satisfied customers, positioning itself as a significant player in the regional retail market. The business model focuses on online retail with customer support and promotional sales events. Technically, the site is built on the Upgates e-commerce platform, leveraging modern JavaScript libraries and CDN hosting for performance. The site is mobile-optimized and includes SEO best practices. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the site is professional, trustworthy, and compliant with GDPR requirements. No blocking or WAF interference was detected, allowing full content access and analysis.

Indiana University Indianapolis operates as a premier educational institution serving the Indianapolis region and the broader Midwest. The website provides comprehensive academic program information, student support services, research initiatives, and campus life details, targeting prospective and current students, faculty, and alumni. The site is well-structured with consistent branding aligned with Indiana University standards. Technically, the site leverages modern web technologies including Rivet Site Builder and integrates multiple analytics and marketing pixels, indicating a mature digital presence. Security posture is moderate with HTTPS usage implied but lacking explicit security headers and published security policies. Privacy compliance is limited due to absence of clear privacy and cookie policies. Overall, the domain is a legitimate subdomain of the official Indiana University domain, though WHOIS data is unavailable as expected for subdomains. Strategic improvements in privacy transparency and security hardening would enhance trust and compliance.

Montana State University is a large, top-tier research university located in Bozeman, Montana, serving a broad audience including students, faculty, staff, alumni, and researchers. The institution offers over 250 academic programs and emphasizes research, community outreach, and student life. The website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site uses a modern technology stack including jQuery, Google Analytics, Microsoft Clarity, and Google Tag Manager, hosted likely on a platform using OmniUpdate CMS. Security posture is strong with HTTPS enforced and use of reCAPTCHA, though some security headers could be improved. Privacy compliance is partial, with a clear privacy policy but lacking visible cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-optimized for mobile and accessibility.

W

Wellcome Collection

wellcomecollection.org

0

Wellcome Collection is a well-established non-profit cultural institution based in London, offering a free museum and library focused on health, science, medicine, and human experience. The website provides rich content including exhibitions, events, stories, and publications, targeting a broad audience interested in these themes. The organization maintains a strong market position as a reputable educational and cultural resource. Technically, the website is built on modern frameworks such as Next.js and Prismic CMS, hosted on AWS infrastructure, and incorporates advanced analytics and cookie consent mechanisms, reflecting a mature digital presence. Security posture is strong with HTTPS enforced and privacy-conscious analytics, though DNSSEC is not enabled and no explicit security or incident response policies are published. Overall, the site is professional, accessible, and trustworthy, with clear contact information and compliance with privacy regulations. Strategic recommendations include enhancing DNS security, publishing security policies, and maintaining vigilance on third-party scripts. The domain registration is privacy protected but consistent with legitimate use for a non-profit entity, with a domain age appropriate for the organization's history.

L

Liikenne- ja viestintävirasto Traficom

traficom.fi

0

Liikenne- ja viestintävirasto Traficom is the Finnish government agency responsible for ensuring smooth, safe, and sustainable transport and communication services. The agency also promotes national cybersecurity and acts as a licensing, registry, and supervisory authority. The website reflects a mature digital presence with comprehensive content tailored to Finnish residents and businesses involved in transportation and communications. It offers regulatory information, news, and access to various services. Technically, the website employs modern web technologies including React and Apollo GraphQL, with a focus on performance, accessibility, and SEO. The presence of HTTPS, DNSSEC, and Matomo analytics indicates a strong commitment to security and privacy. The site is mobile-optimized and well-structured, providing a professional user experience. Security posture is robust with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear cookie and privacy policies, including consent mechanisms aligned with GDPR. Incident response and vulnerability disclosure channels are available, though explicit security policies could be enhanced. Overall, the website is trustworthy, professionally maintained, and aligns well with the official government identity. Strategic recommendations include publishing detailed security policies, implementing security.txt, and enhancing visible security headers to further strengthen trust and compliance.

T

The Audiencers

theaudiencers.com

0

The Audiencers is a specialized B2B media community platform founded in 2022, focused on supporting publishing professionals with expertise in audience engagement, conversion, and retention. The platform offers case studies, newsletters, events, and subscription services, positioning itself as a niche player in the media industry. The business is linked to Poool, a known player in paywall and engagement technology, enhancing its credibility and market positioning. Technically, the website is built on WordPress with modern tools like Elementor and Kadence Blocks, integrating analytics and marketing tools such as Google Analytics, HubSpot, and Stripe for payments. The site is mobile-optimized and uses structured data for SEO, reflecting a mature digital infrastructure. Security-wise, the site uses HTTPS and domain transfer protection but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is partially implemented with a cookie consent mechanism but lacks explicit privacy and terms of service pages. Overall, the website is professional, trustworthy, and safe for general audiences, with room for improvement in privacy and security transparency.

F

Fondation Restena

cyberday.lu

0

CyberDay.lu is a professionally maintained website representing an annual cybersecurity awareness event organized by the Fondation Restena in Luxembourg. The event is positioned as a key cybersecurity knowledge-sharing platform within the European Cyber Security Month and is partially funded by the European Union’s Digital Europe programme. The website targets cybersecurity professionals and stakeholders in Luxembourg and Europe, providing event schedules, speaker information, and registration details. The business model is event-driven, supported by public funding and institutional backing. Technically, the website is built on WordPress 6.8 with common web technologies such as jQuery, Bootstrap, and Font Awesome. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features. SEO optimization is basic, and no advanced analytics or tracking tools are detected, indicating a privacy-conscious approach or minimal user tracking. From a security perspective, the site uses HTTPS with good SSL configuration but lacks important security headers such as Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected in the HTML content. However, the absence of privacy and cookie policies represents a compliance gap with GDPR requirements. Incident response and security policy information are not publicly available, which could be improved to enhance trust and transparency. Overall, CyberDay.lu presents a trustworthy and professional online presence for a niche cybersecurity event. The risk profile is low given the nature of the content and organizational backing. Strategic improvements in privacy compliance, security headers, and accessibility would strengthen the site’s security posture and regulatory adherence.

C

Croatian Climate Change Panel

solarniklaster.org

0

The Croatian Climate Change Panel operates the solarniklaster.org website as a specialized platform focused on renewable energy, sustainable technologies, and climate change awareness primarily targeting Croatian and regional audiences. The site offers news, expert articles, multimedia content, and educational resources to support green energy transition efforts. Technically, the website uses a standard modern tech stack including Bootstrap, jQuery, and analytics tools, hosted on a domain registered since 2015 with privacy protection. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is basic with policies present but no explicit cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site is a credible, niche informational resource with room for security and privacy improvements.

Otok Krk energija d.o.o. is a Croatian limited liability company focused on producing and supplying renewable energy, primarily solar, to achieve energy independence for the island of Krk. The company is relatively new, founded in 2019, and is owned by the local municipality of Baška with plans to include other local government units as co-owners. Their business model centers on local investment and sustainable energy production, positioning themselves as a key player in the regional green energy market. The website reflects this mission with content in Croatian and some English, targeting local residents, investors, and governmental bodies interested in renewable energy projects. Technically, the website uses common web technologies such as Bootstrap, jQuery, and popular carousel libraries, with integration of Google Analytics and Facebook SDK for tracking and marketing purposes. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security posture is moderate; HTTPS is used but no explicit security headers or incident response policies are published. Privacy and cookie policies exist but lack active consent mechanisms. Overall, the website is professional and trustworthy but could improve in security and privacy compliance. Recommendations include implementing security headers, adding cookie consent, publishing incident response information, and enhancing contact transparency.

S

STT Viestintäpalvelut

viestintapalvelut.fi

0

STT Viestintäpalvelut is a Finnish media communication service provider specializing in enhancing brand visibility through comprehensive media communication tools, press release distribution, communication planning, and visual communication services. The website is professionally designed using HubSpot CMS and integrates modern marketing and analytics technologies such as Google Analytics, Hotjar, and HubSpot's own lead and messaging tools. While the technical infrastructure is solid with HTTPS and cookie consent mechanisms in place, the site lacks explicit privacy and terms of service pages, as well as visible contact information, which slightly impacts its privacy compliance and business credibility scores. Security posture is generally good but could be improved by adding security headers and incident response information.

S

Suomen Tietotoimisto Oy

stt.fi

0

Suomen Tietotoimisto Oy (STT) is a historically significant Finnish news agency, established in 1887, providing comprehensive news, image, and communication services. The company holds a strong market position as one of Finland's leading and most trusted media organizations, serving a broad audience including media houses, organizations, and the general public. Their digital presence is professional, with a well-structured website offering multilingual support and extensive content. Technically, the site leverages modern technologies such as WordPress, Google Tag Manager, and Matomo Analytics, ensuring good performance and SEO optimization. Security measures include HTTPS, reCAPTCHA, and cookie consent management, though there is room for improvement in DNSSEC and explicit security policies. Overall, STT demonstrates a mature digital infrastructure and a strong commitment to privacy compliance, making it a credible and trustworthy media entity.

A

Aittakoodi Oy

pikavuorot.fi

0

Pikavuorot.fi is a Finnish transportation price comparison website operated by Aittakoodi Oy, founded in 2015. The platform aggregates and compares prices and schedules for bus and train travel across multiple Finnish transportation providers, including major companies such as VR, Matkahuolto, Onnibus, and airlines like Finnair and Norwegian. It serves a general audience seeking convenient travel planning and ticket purchasing options within Finland. The website enjoys a moderate market position as a leading price comparison tool in its niche. Technically, the site employs a modern but somewhat dated technology stack including Bootstrap 3, jQuery, DataTables, and Socket.io for real-time data updates. It integrates multiple third-party services for fonts, advertising, and analytics, including Google Adsense and Facebook SDK. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. From a security perspective, HTTPS is used, but explicit security headers are not detected in the provided data. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is basic, with a cookie consent banner and a privacy policy page present, but no detailed security or incident response policies are published. Contact information is limited to an email address, with no phone or physical address provided. Overall, Pikavuorot.fi presents a trustworthy and functional service with room for improvement in security hardening, privacy transparency, and expanded contact options. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing comprehensive policies, and improving user trust signals.

P

Perille Mobility Services Oy

perille.fi

0

Perille Mobility Services Oy operates Perille.fi, a Finnish travel ticket service that aggregates and facilitates the purchase of train, bus, and flight tickets across Finland. The platform integrates multiple major transport providers, offering door-to-door trip planning and a user-friendly interface without requiring app downloads or registration. The service targets travelers within Finland seeking convenient and comprehensive travel options. Technically, the website is built on modern frameworks such as Next.js and React, with integrations for analytics and payment processing. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable platform for travel planning and ticket purchasing.

P

Perille Mobility Services Oy

matkakeisari.fi

0

Matkakeisari.fi is a Finnish travel ticket price comparison and booking platform operated by Perille Mobility Services Oy, founded in 2015. The service aggregates bus and train schedules and prices from major Finnish transport providers, enabling travelers to find the cheapest and fastest routes and purchase tickets conveniently. The website is well-designed, mobile-optimized, and uses modern web technologies including React and Next.js. It integrates Google Analytics and Tag Manager for analytics and marketing purposes. Security posture is solid with HTTPS and security headers implemented, though no explicit security or incident response policies are published. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism. The domain registration data aligns well with the business claims, supporting legitimacy. Overall, the website provides a trustworthy and user-friendly service for Finnish public transport travelers.

V

VR-Yhtymä Oyj

vr.fi

0

VR.fi is the official digital platform for VR-Yhtymä Oyj, Finland's primary railway operator. The website offers comprehensive services for domestic train travel including ticket sales, travel information, and customer support. It targets Finnish residents and visitors seeking sustainable and comfortable rail travel options. The company holds a strong market position as the national rail service provider with a large operational scale and a focus on environmental responsibility. Technically, the website is built on modern web technologies including React and Next.js, integrated with Contentful CMS for content management. It demonstrates excellent performance, mobile optimization, and accessibility. The site employs Google Tag Manager and Convertexperiments for analytics and A/B testing, with appropriate cookie consent mechanisms in place. From a security perspective, the site enforces HTTPS and includes standard security headers, ensuring a secure browsing experience. However, it lacks a dedicated security policy or incident response page and does not publish a vulnerability disclosure or security.txt file, which could enhance transparency and trust. Overall, VR.fi presents a professional, trustworthy, and user-friendly platform aligned with its business goals. Strategic improvements in security transparency and incident response communication are recommended to further strengthen its security posture and compliance.

M

Matkahuolto

matkahuolto.fi

0

Matkahuolto is a well-established Finnish transportation and parcel service provider offering bus schedules and parcel services for both businesses and private individuals across Finland. The website reflects a professional and consistent brand presence with clear service offerings targeted at a general audience. The technical infrastructure is modern, leveraging Gatsby and React frameworks, and integrates Google Tag Manager for analytics and marketing purposes. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced, but lacks some advanced security headers and explicit security policies. Privacy and cookie policies are not detected, indicating room for compliance improvements. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy of the website.

W

Waltti Solutions

waltti.fi

0

Waltti Solutions Oy is a Finnish company specializing in digital ticketing and payment solutions for public transportation. Their offerings include a mobile ticketing app, travel card management, and contactless payment integration, serving multiple Finnish cities. The company holds a strong market position as a leading provider in this niche, with a business model targeting both end-users and municipal transport authorities. The website reflects a mature digital presence with good content quality and user experience, supporting their business objectives effectively. Technically, the site is built on WordPress with modern libraries and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent compliance, though some security headers could be improved. Overall, the domain registration data aligns well with the business, indicating high legitimacy and trust. The site is free from blocking or WAF challenges, allowing full content access and analysis.

S

Saaristolautat.fi

saaristolautat.fi

0

Saaristolautat.fi is a specialized informational website providing ferry routes and schedules for the Finnish archipelago, including the Turku archipelago and Åland Islands. The site targets travelers and residents needing up-to-date ferry information for over 40,000 islands serviced by approximately 50 ferries and 200 docks. The business model is primarily informational, serving as a public utility platform rather than a commercial enterprise. The website is relatively small in scale, founded in 2017, and operates with a niche focus on regional transportation. Technically, the website employs a modern web stack including HTML5, CSS3, JavaScript with jQuery, Bootstrap for responsive design, FontAwesome for icons, and integrates Google Maps API for route visualization. Hosting appears to be provided by Domainhotelli, a Finnish hosting provider. The site is mobile optimized and has good SEO practices, though accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, the site lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance given its European audience. No contact information or incident response details are provided, limiting transparency and trust. The WHOIS data shows the domain is registered to a private person rather than an organization, which is somewhat inconsistent with the public service nature of the site but not necessarily suspicious. No WAF or blocking mechanisms are detected, and the site content is fully accessible. Overall, the website is functional and provides valuable regional transportation information but would benefit from improved security practices, privacy compliance, and clearer business contact details to enhance trust and regulatory adherence.

Å

Ålandstrafiken

alandstrafiken.ax

0

Ålandstrafiken is a regional transportation company operating ferry and bus services in the Åland Islands, Finland. The website serves as an informational portal for residents and visitors seeking public transport options. The company appears to be a medium-sized essential entity within the transportation sector, with a clear focus on regional mobility services. The website is built on Drupal 10 and integrates modern technologies such as Matomo for analytics and CookieYes for cookie consent management, reflecting a moderate level of digital maturity. Accessibility is enhanced through the BrowseAloud tool, indicating attention to inclusive design. Security posture is solid with HTTPS enforced and standard security headers present, although explicit privacy and security policies are missing. Overall, the site is professional and trustworthy but could improve transparency and compliance documentation.

L

LuxID

luxid.lu

0

LuxID is a Luxembourg-based digital identity platform providing a secure, unified login solution for multiple local companies and applications. Supported by major partners such as POST, Cactus, CFL, and RTL, LuxID aims to simplify user authentication while enhancing privacy and security in compliance with GDPR. The website is professionally designed, multilingual, and offers clear information about the service, benefits, and partners. Technically, the site uses modern web technologies including Liferay CMS, Bootstrap, React, and various JavaScript libraries, hosted likely within Luxembourg's POST infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security policies and vulnerability disclosures are absent. WHOIS data is unavailable, limiting domain trust verification, but the business credibility is supported by visible partnerships and professional content.

B

BCE

bce.lu

0

BCE is a professional media and digital solutions provider targeting businesses and institutions worldwide. The company offers innovative services across media, sports, fashion, and business sectors, positioning itself as a key player in digital expertise and seamless service integration. The website reflects a medium-sized enterprise with a consistent brand presence and good content quality. Technically, the site is built on WordPress with modern JavaScript libraries and integrates privacy-conscious analytics and marketing tools such as Matomo and HubSpot. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are absent. The lack of WHOIS data limits domain trust assessment, but the website's professional presentation and privacy compliance indicate legitimacy. Overall, BCE demonstrates a mature digital presence with room for improvement in security transparency and contact availability.

A

Agile Partner

agilepartner.net

0

Agile Partner is a medium-sized technology company based in Luxembourg, specializing in custom software development and agile transformation services. With over 18 years of experience and a team of approximately 50 professionals, the company targets businesses seeking tailored digital solutions and agile coaching to support their digital transformation. The website is professionally designed, multilingual (French and English), and provides clear information about their services, certifications, and contact details. Technically, the site is built on WordPress and leverages modern JavaScript libraries and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and HubSpot, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and no visible sensitive data exposure, though the absence of security headers and explicit security policies suggests room for improvement. The lack of WHOIS domain registration data is a notable concern, reducing trust in domain legitimacy despite the professional presentation. Overall, the website is functional, secure, and business-focused, but would benefit from enhanced transparency in domain registration and security documentation.

L

Luxembourg House of Cybersecurity

lhc.lu

0

Luxembourg House of Cybersecurity (LHC) serves as the central hub for cybersecurity resilience in Luxembourg, hosting key national centers such as CIRCL and NC3. The organization focuses on fostering innovation, collaboration, and capacity building in cybersecurity through various services including acceleration programs, community meet-ups, and standards development. The website reflects a professional and government-aligned entity with a clear mission to enhance Luxembourg's cybersecurity posture. Technically, the website employs modern web technologies including React, Bootstrap, and Leaflet, with privacy-conscious analytics via Matomo. The site is hosted on Luxembourg-based infrastructure (Restena) and demonstrates good mobile optimization and user experience. However, some technical improvements are recommended, such as implementing security headers and cookie consent mechanisms. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks explicit security headers and a published security policy. Incident response is facilitated through links to CIRCL's reporting portal. Privacy compliance is partial, with a privacy policy available but no cookie consent banner. Overall, the site presents a strong security posture appropriate for a government-related cybersecurity entity. The overall risk is low, with recommendations focusing on enhancing privacy compliance, security headers, and accessibility to further strengthen trust and regulatory adherence.

L

LU-CIX

lu-cix.lu

0

LU-CIX is a Luxembourg-based Internet Exchange Point founded in 2009, providing open and neutral peering and connectivity services to networks and content providers in Luxembourg and Europe. The organization operates as a non-profit entity, focusing on interconnecting critical networks in a secure and trusted environment. Their key services include public peering, route servers, blackholing, partner IX peering, and VoIP-X services, positioning them as a central telecommunications infrastructure player in Luxembourg. Technically, the website is built on WordPress CMS with modern JavaScript libraries such as jQuery and Owl Carousel, and uses Matomo for privacy-conscious analytics. The site is mobile-optimized with good SEO practices and moderate performance. Security-wise, the site enforces HTTPS and uses secure form submission techniques but lacks some security headers and a cookie consent mechanism, which are recommended for enhanced security and compliance. The security posture is solid but could be improved by adding explicit security policies, incident response contacts, and cookie consent to align better with GDPR requirements. The absence of WHOIS data limits domain trust verification, but the website content and business presence indicate a legitimate and professional operation. Overall, LU-CIX presents a trustworthy and professional digital presence with room for security and privacy enhancements to strengthen compliance and user trust.

A

AllSides

allsides.com

0

AllSides is a media company focused on providing balanced news coverage by revealing media bias across the political spectrum. The platform aggregates news stories from left, center, and right perspectives, enabling users to see multiple viewpoints side-by-side. It offers various services including newsletters, educational resources for schools, media and government services, and mobile applications. The website is well-established with a consistent brand presence and recognized partnerships with major media outlets. Technically, the site is built on Drupal CMS and uses modern JavaScript libraries and frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be explicitly verified and enhanced. Privacy compliance is strong with clear policies and GDPR considerations. WHOIS data is unavailable or privacy protected, which slightly reduces trust but is common for media entities. Overall, the site is professional, trustworthy, and serves a general audience interested in media literacy and balanced news.

A

Ad Fontes Media

adfontesmedia.com

0

Ad Fontes Media is a specialized media analysis company known for its Media Bias Chart®, which rates news sources for bias and reliability. The company operates primarily in the media sector, targeting general audiences, educators, advertisers, and publishers. Their business model revolves around subscription-based data services and media ratings, positioning them as a niche player with recognized authority in media bias analysis. Technically, the website is built on a modern WordPress platform using Elementor and WooCommerce, hosted by DreamHost, and integrates marketing and analytics tools such as HubSpot, Google Analytics, and Facebook Pixel. The site demonstrates good SEO and mobile optimization, with structured data enhancing search visibility. Security-wise, the site uses HTTPS with a good SSL configuration and domain transfer protection, but lacks DNSSEC and some security headers, which are recommended for enhanced protection. Privacy compliance is strong, with visible cookie consent and a comprehensive privacy policy. Overall, the website is professional, trustworthy, and well-maintained, with no signs of malicious activity or adult content.

N

NextGi

nextgi.com

0

NextGi is a small technology company founded in 2008, specializing in managed IT and security services with a strong emphasis on cybersecurity and customer support. Their website presents a professional and consistent brand image, targeting small to medium businesses seeking comprehensive IT solutions including managed security, VoIP, cloud hosting, and network optimization. The company leverages partnerships with major technology providers such as AWS, Microsoft, and Bitdefender, enhancing their market credibility. Technically, the website uses modern JavaScript libraries and analytics tools, is hosted behind Cloudflare, and employs HTTPS for secure communications. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, there are gaps in privacy compliance and security best practices, notably the absence of privacy and cookie policies, security headers, and incident response information. From a security perspective, the domain registration is consistent and trustworthy, with no signs of suspicious activity. The company demonstrates a security-first approach in its service offerings but should improve its website security posture by implementing recommended headers and compliance documentation. Overall, the website is functional and professional but could benefit from enhanced privacy and security transparency. The risk assessment indicates moderate security maturity with no critical vulnerabilities detected but highlights compliance gaps that could expose the company to regulatory risks. Strategic recommendations include publishing privacy and cookie policies, adding security headers, and providing incident response contacts to strengthen trust and compliance.

The website is a LinkedIn public profile for Alexander W., representing a small local tutoring business named Bloomington Tutors based in Bloomington, Indiana, USA. The profile highlights educational services and includes links to related tutoring websites. The digital infrastructure relies on LinkedIn's proprietary platform with secure authentication mechanisms including Google OAuth. Privacy and cookie policies are clearly presented, indicating compliance with GDPR and other regulations. The site is professionally designed with good content quality and user experience, optimized for mobile and accessibility. Security posture is strong with HTTPS, secure forms, and standard security headers, though WHOIS data is privacy protected and unavailable for detailed domain registration analysis. Overall, the site is trustworthy and suitable for its educational purpose.

Kevin Brown-Silva's website serves as a professional portfolio showcasing his software development expertise and contributions to open source projects. The site highlights his skills in technologies such as Python, Django, JavaScript, and jQuery, and provides links to his GitHub, Stack Overflow, LinkedIn, and Twitter profiles, establishing a credible online presence. The business model is personal branding and professional networking, targeting technology professionals and potential employers or collaborators. Technically, the website is built with standard web technologies including HTML, CSS, and JavaScript, with references to frameworks like Django REST framework and jQuery. Hosting and DNS are managed via Cloudflare, ensuring good SSL configuration and domain security. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. From a security perspective, the website benefits from HTTPS and domain transfer protection but lacks critical security headers and formal privacy or cookie policies. No forms or data collection mechanisms are present, reducing attack surface but also limiting user engagement features. The absence of vulnerability disclosure or incident response information indicates room for improvement in security maturity. Overall, the website is a safe, professional, and trustworthy personal portfolio with good business credibility but limited privacy compliance and security best practices. Strategic enhancements in privacy policies, security headers, and incident response readiness would strengthen the site's security posture and compliance.

L

Le Gouvernement du Grand-Duché de Luxembourg

services-publics.lu

0

Guichet.public.lu is the official government portal of Luxembourg dedicated to providing citizens with easy access to a wide range of public services and administrative information. The website covers numerous thematic areas including financial aid, citizenship, family and education, taxation, immigration, inclusion, justice, housing, leisure, health, transport, and employment. It serves as a comprehensive digital gateway for residents and citizens to navigate government procedures efficiently. Technically, the site leverages Adobe Experience Manager as its CMS platform and uses Adobe Dynamic Tag Management for analytics and tracking. The site is well-structured with responsive design and accessibility features, ensuring a good user experience across devices. However, some security headers and explicit privacy and cookie policies are not evident in the provided content, indicating areas for improvement in compliance and security transparency. From a security perspective, the site uses HTTPS and secure login mechanisms, but lacks visible security headers and incident response contact information. The WHOIS data for the domain is unavailable or malformed, which limits the ability to fully verify domain registration legitimacy. Despite this, the official branding and domain (.public.lu) strongly support its authenticity as a government site. Overall, guichet.public.lu demonstrates a mature digital presence with excellent content quality and user experience, but could enhance its privacy compliance and security posture by publishing clear policies and improving domain transparency. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, and providing explicit security incident contacts to strengthen trust and compliance.

A

Administration du Cadastre et de la Topographie (ACT)

geoportal.lu

0

The Geoportal of the Grand-Duchy of Luxembourg is an official governmental platform providing comprehensive geospatial data, maps, and related services to individuals, professionals, and developers. It serves as the national authoritative source for geodata across multiple sectors including environment, energy, tourism, spatial planning, and agriculture. The platform offers a variety of applications and catalogues, supporting both public and professional users with tools such as 3D printing exports, coordinate conversion, and route planning. The website is well-branded, consistent, and targets a broad audience with multilingual support. Technically, the site employs modern web technologies including jQuery, Modernizr, and SVG icons, and integrates Piwik (Matomo) for analytics. It is mobile-optimized and accessible, with good SEO practices. The site uses HTTPS with strong SSL configuration, although explicit security headers are not detected. Some services require strong authentication, indicating attention to security for sensitive operations. Security posture is solid with no visible vulnerabilities or exposed sensitive data, but the absence of a published security policy or vulnerability disclosure limits transparency. Privacy compliance is partial; while terms and conditions and a privacy policy page exist, no cookie consent mechanism is evident. Contact information is limited to a contact form with no direct emails or phone numbers visible. Overall, the site is trustworthy, professionally maintained, and aligned with its governmental role. Strategic improvements in security transparency and privacy compliance would enhance its posture further.

T

The national geoportal of the Grand-Duchy of Luxembourg

g-o.lu

0

The Geoportal of the Grand-Duchy of Luxembourg is an official government platform providing comprehensive geospatial data, maps, and related applications to individuals, professionals, and developers. It serves as the national reference for governmental geodata and services, offering a wide range of thematic maps and tools such as 3D printing, route planning, and data catalogues. The platform is well-branded with government logos and maintains a consistent professional appearance. Technically, the site uses established JavaScript libraries like jQuery and Modernizr, and employs Piwik (Matomo) for analytics, indicating moderate digital maturity. Mobile optimization and accessibility are well addressed, enhancing user experience across devices. Security posture is adequate with HTTPS usage implied, but lacks explicit security headers and cookie consent mechanisms, which are areas for improvement. The absence of WHOIS data limits domain trust assessment, though the official government affiliation and consistent branding support legitimacy. Overall, the site is a reliable and professional government resource with room for enhanced privacy and security compliance.

S

Système d'Information Géographique de la Grande Région

sig-gr.eu

0

The website www.sig-gr.eu represents the Système d'Information Géographique de la Grande Région, a government-backed geographic information system service focused on the Greater Region, including France and Luxembourg. It provides thematic maps, interactive geoportals, metadata catalogs, and open data to support regional planning and cooperation. The site is professionally designed, multilingual, and offers comprehensive content relevant to its target audience of public institutions, researchers, and regional partners. Technically, it is built on Adobe Experience Manager CMS and uses Adobe DTM for analytics, with a responsive design and good accessibility features. Security posture is moderate with HTTPS enforced and cookie consent implemented, though explicit security headers and policies are not evident. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR. Overall, the site is trustworthy and legitimate, though WHOIS data is unavailable due to EURid privacy restrictions. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding vulnerability disclosure information.

Marcus Hutchins' website serves as a personal brand platform highlighting his expertise as a cybersecurity specialist, speaker, and ex-hacker known for stopping the global WannaCry ransomware attack. The site targets cybersecurity professionals and enthusiasts, offering services such as public speaking, research, and educational content. The business model revolves around personal branding and content dissemination. Technically, the site employs modern web technologies including HTML5, CSS3, JavaScript, Google Fonts, and Ionicons, hosted behind Cloudflare DNS and CDN services. Analytics are implemented via Google Analytics and Cloudflare Insights, though privacy compliance is limited due to the absence of privacy and cookie policies. Security posture is solid with HTTPS and domain registration protections, but could be enhanced by enabling DNSSEC and adding security headers. Overall, the site is professional, trustworthy, and well-structured, though it lacks some compliance documentation.

I

INSIDE COMMUNICATION

inside-communication.lu

0

INSIDE COMMUNICATION is a communication agency based in Luxembourg focusing on strategies, innovation, and impact. The current website is a placeholder announcing a forthcoming new site and offers a newsletter subscription to keep interested parties informed. The company targets businesses or professionals seeking communication and innovation services. The website's technical infrastructure uses standard web technologies including HTML5, CSS3, JavaScript, and integrates Google Fonts and CreateSend for email marketing. However, the site lacks advanced frameworks or CMS indications and shows basic mobile optimization and accessibility features. Security posture is limited with no visible HTTPS confirmation or security headers, and no privacy or cookie policies are present. The WHOIS data is unavailable due to query rate limits, limiting domain legitimacy verification. Overall, the site is functional but minimal, with room for significant improvements in security, privacy compliance, and content richness.

I

Info-Zenter Demenz

demenz.lu

0

Info-Zenter Demenz is a national information and consultation center in Luxembourg specializing in memory disorders and dementia. The organization provides free services and resources to affected individuals, their families, healthcare professionals, and the general public. The website is professionally designed, well-structured, and offers comprehensive content in French, with multilingual support. It maintains a strong presence through social media and government support, positioning itself as a trusted resource in the healthcare non-profit sector. Technically, the website is built on WordPress with modern technologies including Google Tag Manager, reCAPTCHA, and accessibility tools. It demonstrates good mobile optimization, SEO practices, and performance. The hosting and domain registration appear professional and consistent with the organization's profile. From a security perspective, the site uses HTTPS, has implemented cookie consent mechanisms, and employs reCAPTCHA to protect forms. While explicit security policies and incident response contacts are not found, no vulnerabilities or suspicious activities are detected. Privacy compliance is well addressed with clear policies and consent management. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enhancing security headers, publishing a formal security policy, and maintaining regular audits of third-party scripts to further strengthen security posture.

C

CovenantIQ

archwaysoftware.com

0

CovenantIQ is a specialized SaaS provider focused on scaling middle-market lending through intelligent covenant analysis. Their platform leverages AI to automate and normalize borrower financial data, enabling banks and private credit funds to monitor loan covenants efficiently and mitigate risk. The company targets financial institutions such as banks, private credit funds, and private equity sponsors, positioning itself as a niche innovator in lending analytics. Technically, the website is built on Webflow CMS with integrations including HubSpot for marketing and analytics, Google Tag Manager, and modern web fonts. The site is performant, mobile-optimized, and professionally designed, though some accessibility features could be improved. Security posture is solid with HTTPS enforced and no exposed sensitive data, but lacks some recommended security headers and explicit security or incident response policies. WHOIS data is unavailable due to privacy protection, which is common and justified for this business type, though it slightly reduces transparency. Overall, the website is trustworthy and professional with moderate risk, suitable for its finance technology market niche.

M

Mahalo Technologies, Inc.

mahalobanking.com

0

Mahalo Technologies, Inc. operates a specialized digital banking platform tailored for credit unions, focusing on enhancing member digital experiences through secure, integrated, and customizable solutions. The company positions itself as a niche provider in the financial technology sector, emphasizing security features such as Credential Assurance Technology and deep core integration. The website is professionally designed, leveraging modern technologies and HubSpot CMS, providing a seamless user experience with clear navigation and mobile optimization. Privacy and cookie policies are implemented with consent mechanisms, reflecting good privacy compliance. However, the absence of WHOIS data for the domain raises concerns about domain registration transparency, which slightly impacts overall trustworthiness. Security posture is solid with HTTPS and no exposed sensitive data, but could be improved by adding security headers and incident response information. Overall, the website reflects a credible and professional business with room for enhanced security and compliance disclosures.

Z

Zinnia Health

zinniahealth.com

0

Zinnia Health is a healthcare provider focused on delivering accessible and integrated care across multiple locations in the United States. The company positions itself as addressing unmet patient demand with a modern healthcare delivery model. The website reflects a medium-sized healthcare business founded in 2018, with clear contact information and a professional online presence. Technically, the site is built on modern web technologies including React and Next.js, with Cloudflare DNS and integration of analytics and tracking tools such as Microsoft Clarity and Google Tag Manager. Security posture is generally good with HTTPS enabled and domain status protections, though DNSSEC is not enabled and security headers are not evident. Privacy compliance is limited as no privacy or cookie policies were detected in the provided content. Overall, the site is professional and trustworthy but could improve transparency and compliance documentation.

The website umdpl.info represents a Ukrainian human rights non-profit association named Асоціація УМДПЛ, also branded as “ФРІРАЙТС”. It focuses on digital rights, penitentiary oversight, legal education, criminal justice, and activist protection. The organization targets activists, government bodies, and the general Ukrainian public, providing educational resources, reports, and special projects. The domain is well-established since 2008, supporting the organization's credibility and longevity. Technically, the site runs on an outdated WordPress 4.4.2 CMS with older jQuery libraries, which introduces security risks. The site uses Google Analytics and Facebook SDK for tracking and social media integration. Mobile optimization and accessibility are basic, with moderate performance. No advanced SEO or modern frameworks are detected. Security posture is moderate but with notable gaps: HTTPS is enabled, but no DNSSEC, no security headers, and no cookie consent mechanisms are present. The outdated CMS and libraries increase vulnerability exposure. No explicit privacy or cookie policies were found, indicating compliance gaps with GDPR and related regulations. Overall, the site is functional and credible for its non-profit mission but requires technical and security modernization. Strategic improvements in security headers, CMS updates, privacy compliance, and user experience would enhance trust and reduce risk.

Л

Лабораторія цифрової безпеки

dslua.org

0

Лабораторія цифрової безпеки is a Ukrainian non-profit organization specializing in digital security and the protection of digital rights. The organization supports journalists, human rights defenders, and civil activists in Ukraine by providing expertise in digital security and advocating for human rights in the digital environment through policy influence. The website is professionally designed using WordPress and Elementor, with a clear focus on content relevant to its target audience. Social media integration is strong, enhancing outreach and engagement. Technically, the website employs modern web technologies including WordPress CMS, Elementor page builder, and Cloudflare DNS services. HTTPS is properly configured, ensuring secure communications. However, DNSSEC is not enabled, and security headers are absent, indicating room for improvement in security hardening. The site performs moderately well with good mobile optimization and basic accessibility features. From a security perspective, the site demonstrates a reasonable posture with HTTPS and domain registration protections in place. The absence of privacy and cookie policies, security headers, and explicit contact information for security incidents or data protection officers represents compliance gaps. No vulnerabilities or suspicious patterns were detected in the WHOIS data or site content. Overall, the site is trustworthy but would benefit from enhanced transparency and security practices. The risk assessment is moderate with recommendations to implement DNSSEC, security headers, privacy and cookie policies with consent mechanisms, and publish incident response contacts. These steps would improve compliance with GDPR and other data protection regulations, strengthen security posture, and enhance user trust.

E

European Prison Litigation Network

prisonlitigation.org

0

The European Prison Litigation Network (EPLN) is a specialized non-profit organization dedicated to defending and advancing prisoners’ fundamental rights across Europe. It operates as a network of around 30 civil society organizations and bar associations, focusing on legal advocacy, research, and policy engagement to improve prison conditions and reduce incarceration. The website reflects a professional and well-structured digital presence, supporting multiple languages and providing comprehensive legal resources and publications. Technically, the site is built on WordPress with modern JavaScript libraries and includes GDPR-compliant cookie consent mechanisms. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and WHOIS transparency are minor concerns. Overall, EPLN presents a credible and trustworthy online presence aligned with its advocacy mission.

I

International Partnership for Human Rights (IPHR)

iphronline.org

0

International Partnership for Human Rights (IPHR) is a Brussels-based independent NGO founded in 2008, focusing on human rights advocacy and support in Central Asia, Eastern Europe, and the South Caucasus. The organization empowers local civil society groups, conducts research and reporting on human rights violations, and engages in advocacy with international institutions. Their website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on WordPress, hosted on SiteGround, and uses modern SEO and GDPR compliance tools. Security posture is good with HTTPS and domain transfer protections, though DNSSEC is not enabled and some security headers appear missing. No direct contact emails or phone numbers are publicly listed, relying on contact forms and social media channels. Overall, the site is professional, trustworthy, and safe for general audiences.

D

demch.co

zbir.win

0

The analyzed website is a Google Forms page hosted on docs.google.com, designed to facilitate the creation of fundraising pages for non-profit organizations and volunteers, primarily targeting Ukrainian users. The service is provided by demch.co, a small company specializing in web solutions for non-profits since 2013. The form collects essential data such as nickname, page title, payment details, social media contacts, and email for notifications. The platform leverages Google's secure and scalable infrastructure, ensuring reliable hosting and HTTPS encryption. The website demonstrates good technical maturity with fast performance, mobile optimization, and accessibility features. Security posture is strong due to Google's platform protections, though explicit cookie consent and incident response information are not present on the form page. Overall, the site is trustworthy, professional, and serves a clear niche in the non-profit fundraising sector.

3

33-тя окрема механізована бригада

33ombr.com

0

The website represents the official online presence of the 33rd Separate Mechanized Brigade of the Ukrainian Armed Forces. It provides comprehensive information about the brigade's history, structure, equipment, and recruitment opportunities, targeting Ukrainian citizens and supporters. The site is professionally designed with consistent branding and clear navigation, supporting its role as a trusted military information portal. Technically, it is built on WordPress with modern plugins and libraries, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is basic, lacking cookie consent mechanisms. Overall, the site is legitimate, trustworthy, and serves its informational and recruitment purposes effectively.

H

Hromadske Radio

hromadske.radio

0

Hromadske Radio is an independent Ukrainian radio station providing unbiased news, podcasts, and multimedia content focused on Ukraine and global events. The website serves as a digital platform for live broadcasts, podcasts, news articles, and videos, targeting a general audience interested in current affairs and cultural topics. The business operates in the media sector with a medium-sized footprint and was founded in 2017. The domain registration aligns well with the organization's identity and location in Ukraine. Technically, the website uses modern web technologies including Next.js and React, hosted with Cloudflare DNS services. It integrates multiple analytics and tracking tools such as Gemius, Microsoft Clarity, and Google Tag Manager, indicating a mature digital infrastructure. The site is mobile-optimized and offers good user experience and navigation clarity. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. There are no visible security or incident response policies published, and privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Contact information is limited to phone numbers, with no email or contact forms detected. Overall, the website is professional and trustworthy with high business credibility but has room for improvement in privacy compliance and security policy transparency. Strategic recommendations include implementing privacy and cookie policies with consent, enhancing security headers, and publishing incident response contacts to strengthen user trust and regulatory compliance.