Security Directory

Restopolis is a Luxembourg-based service provider specializing in school and university catering. The website offers multilingual content targeting students, adults, and visitors, providing menu consultation, booking, and account management services. The platform integrates with IAM for secure user access and supports sustainable food procurement initiatives. Technically, the site is built on ASP.NET WebForms using the DNN CMS, leveraging modern JavaScript libraries and Google services for analytics and security. Security posture is good with HTTPS and reCAPTCHA, though explicit security headers are missing. Privacy compliance is basic with a cookie consent banner and privacy policy available. WHOIS data is unavailable, limiting domain trust verification, but the website's professional appearance and government affiliations support legitimacy.

The website summerschool.lu serves as an informational portal for a summer school program in Luxembourg, primarily targeting students in fundamental and secondary education. The site is multilingual, supporting Luxembourgish, French, German, English, and Portuguese, reflecting inclusivity for the diverse population. The presence of official government logos and links to Luxembourg government domains strongly suggests this is a public sector or government-affiliated educational initiative. The site offers basic navigation and language selection but lacks detailed business or contact information on the homepage. From a technical perspective, the website uses modern JavaScript libraries such as jQuery 3.7.1 and integrates Google Tag Manager for analytics and tracking. The site loads external fonts from Adobe Typekit and uses HTTPS, although no advanced security headers were detected in the provided content. The site appears moderately optimized for mobile devices and has basic accessibility features. However, the absence of privacy and cookie policies and lack of visible security headers indicate room for improvement in compliance and security posture. Security-wise, the site does not expose sensitive data and uses HTTPS, but the lack of security headers and privacy notices reduces its overall security maturity. No vulnerabilities or malicious content were detected. The WHOIS data is unavailable due to query rate limits, but the domain is registered under Luxembourg's official DNS registry (RESTENA DNS-LU), which is typical for government domains and suggests legitimacy despite privacy protection. Overall, the website is a legitimate, government-affiliated educational resource with basic technical implementation and moderate security posture. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and compliance.

N

Naturpark Landseer Berge

landseer-berge.at

0

Naturpark Landseer Berge is a regional nature park located in Austria, focusing on promoting tourism, cultural heritage, and outdoor recreational activities. The website serves as an informational portal providing details about the park's attractions, events, and regional highlights. The target audience includes tourists, families, and nature enthusiasts interested in exploring the area. Technically, the site is built on the Worldsoft CMS platform and uses legacy JavaScript libraries such as jQuery 1.12.4 and jQuery UI 1.12.1, which may pose security risks. The website is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing critical security headers and using outdated libraries. No privacy or cookie policies are present, indicating compliance gaps. Overall, the site is functional and informative but requires updates to improve security, privacy compliance, and technical modernization.

R

RIKA Innovative Ofentechnik GmbH

rika.ch

0

RIKA Innovative Ofentechnik GmbH is a medium-sized Austrian manufacturer specializing in high-quality heating stoves including pellet, wood-burning, and combination stoves. The company emphasizes Austrian craftsmanship and innovative stove technologies, targeting homeowners seeking efficient and aesthetic heating solutions. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. It supports multiple languages and offers tools such as an online stove configurator and dealer locator to enhance customer engagement. Technically, the site uses modern JavaScript libraries, is hosted on DigitalOcean CDN, and implements security best practices including HTTPS, reCAPTCHA, and cookie consent mechanisms. However, explicit security headers and a public security policy are absent. The WHOIS data confirms the legitimacy and consistency of the domain registration with the company's Austrian base. Overall, the website demonstrates a mature digital presence with good privacy compliance and a solid security posture.

R

RIKA Innovative Ofentechnik GmbH

rika.be

0

RIKA Innovative Ofentechnik GmbH is an Austrian manufacturer specializing in high-quality heating stoves including wood, pellet, and combination stoves. The company targets homeowners and consumers seeking efficient and innovative heating solutions. Their market position is that of an established European brand known for quality and technological innovation, supported by a broad dealer network and online configurator tools. Technically, the website employs modern JavaScript libraries and is hosted on a reliable CDN platform, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, reCAPTCHA on forms, and cookie consent mechanisms, though some security headers are missing and no explicit incident response or vulnerability disclosure information is provided. Overall, the site is professional, trustworthy, and compliant with GDPR requirements. The WHOIS data is restricted, but the domain and website content align with a legitimate business presence.

R

RIKA Innovative Ofentechnik GmbH

rika.se

0

RIKA Innovative Ofentechnik GmbH is an Austrian manufacturer specializing in high-quality wood, pellet, and combination stoves for residential heating. The company maintains a strong market presence in Europe with multiple regional websites and a dealer network, emphasizing innovation and quality craftsmanship. Their business model includes direct sales through dealers and an online configurator tool to customize stoves. The website is professionally designed, targeting Swedish-speaking customers with multilingual support for other regions. Technically, the website employs modern JavaScript libraries such as Alpine.js and Flickity, hosted on DigitalOcean's CDN infrastructure, ensuring moderate performance and good mobile optimization. Security measures include HTTPS enforcement, reCAPTCHA integration, and cookie consent mechanisms, although explicit security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie management. The security posture is solid with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS data for the exact domain suggests the use of subdomains or proxying, which is not uncommon but reduces transparency. Overall, the site demonstrates a mature digital presence with good business credibility and moderate technical sophistication. Strategic recommendations include enhancing security headers, publishing a dedicated security policy, and improving accessibility compliance to further strengthen trust and compliance.

R

RIKA Innovative Ofentechnik GmbH

rika.es

0

RIKA Innovative Ofentechnik GmbH is a reputable Austrian manufacturer specializing in high-quality wood, pellet, and combined stoves for residential heating. The company holds a strong market position as a leader in pellet stoves within German-speaking countries and maintains a broad international presence through multiple localized websites. Their business model focuses on manufacturing, direct sales, and a network of distributors, supported by digital tools such as an online stove configurator. Technically, the website employs modern JavaScript libraries and is hosted on a reliable CDN infrastructure, ensuring good performance and mobile optimization. Security measures include HTTPS enforcement, reCAPTCHA integration, and cookie consent mechanisms, although some advanced security headers and incident response disclosures are absent. Overall, the site demonstrates a professional and trustworthy online presence with comprehensive privacy compliance and clear contact information.

R

RIKA Innovative Ofentechnik GmbH

rika.it

0

RIKA Innovative Ofentechnik GmbH is an established Austrian manufacturer specializing in high-quality wood, pellet, and combined stoves for residential heating. The company maintains a strong market position in the European energy sector, offering innovative products supported by an extensive dealer network and digital tools such as an online stove configurator. The website is professionally designed, multilingual, and targets homeowners seeking efficient heating solutions. Technically, the site leverages modern JavaScript frameworks and libraries, is hosted on DigitalOcean infrastructure, and integrates marketing and analytics tools with user consent mechanisms. Security posture is solid with HTTPS enforcement, reCAPTCHA protection on forms, and cookie consent, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.

R

RIKA Innovative Ofentechnik GmbH

rika.fr

0

RIKA Innovative Ofentechnik GmbH is an Austrian-based manufacturer specializing in high-quality wood, pellet, and hybrid stoves, with a strong market presence in France and Europe. The company emphasizes innovation, sustainability, and customer-centric services such as an online stove configurator and a broad dealer network. Their website reflects a professional and modern digital presence, leveraging advanced JavaScript libraries and CDN hosting to ensure fast and responsive user experience. Privacy and cookie policies are comprehensive and GDPR compliant, with clear consent mechanisms implemented. Security posture is strong, with HTTPS enforced, security headers present, and no visible vulnerabilities or exposed sensitive data. However, WHOIS data is unavailable, likely due to privacy protection, which is justified given the business nature. Overall, the website is trustworthy, well-branded, and provides clear contact and support channels.

R

RIKA Innovative Ofentechnik GmbH

rika.eu

0

RIKA Innovative Ofentechnik GmbH is an Austrian manufacturer specializing in high-quality wood-burning, pellet, and combination stoves for residential heating. The company maintains a strong market position with innovative technologies such as RIKATRONIC controllers and online stove configurators, serving a broad international audience through multiple country-specific domains and a dealer network. The website reflects a mature digital presence with comprehensive product information, customer testimonials, and multilingual support. Technically, the website employs modern JavaScript libraries and CDN hosting to ensure good performance and mobile optimization. It integrates Google Tag Manager and Facebook Pixel for analytics and marketing, alongside Cookiebot for GDPR-compliant cookie consent. Security best practices include HTTPS enforcement and reCAPTCHA on forms, though some security headers and incident response disclosures could be improved. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies. Business credibility is high, supported by transparent contact information, professional content, and trust signals. WHOIS data is privacy protected per EURid policy, which is typical for European domains, and does not detract from the legitimacy of the business. Overall, RIKA's website demonstrates a professional, secure, and user-friendly platform aligned with its business goals and regulatory requirements.

X

Xplore Fitness Na Příkopě

xplorefitness.cz

0

Xplore Fitness Na Příkopě is a prominent fitness center located in the heart of Prague, offering a wide range of fitness and wellness services including gym facilities, group classes, martial arts, and additional amenities such as solariums and massages. The business positions itself as the largest and most modern fitness center in Prague's city center, targeting fitness enthusiasts and the general public. The website is professionally designed, content-rich, and provides clear navigation and multilingual support (Czech and English). The company maintains active social media channels and regularly updates its content with news and events. Technically, the site is built on WordPress with several plugins for enhanced user experience and analytics integration. However, the WordPress version is outdated, posing potential security risks. The site employs HTTPS and cookie consent mechanisms, demonstrating good privacy compliance. Security policies and incident response information are not explicitly published, representing an area for improvement. Overall, the website is trustworthy, well-maintained, and compliant with GDPR requirements.

M

MČ Praha 5

praha5.cz

0

The website www.praha5.cz serves as the official online presence for the Municipal District Prague 5, providing residents and visitors with information about local government services, community events, and administrative resources. The site targets the local population of Prague 5 and operates as a government/public service entity. Technically, the site is built on WordPress 6.4.1, utilizing common plugins such as Events Manager and Cookiebot for event management and cookie consent respectively. The infrastructure shows moderate performance and good mobile optimization, though accessibility features are basic. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism, which are positive indicators. However, no explicit security headers were detected, and the WHOIS data for the domain is unavailable, which slightly reduces trustworthiness. No critical vulnerabilities or exposed sensitive data were found in the analysis. Privacy compliance is partial, with a cookie policy present but no clear privacy policy or terms of service pages identified. Overall, the website is a legitimate municipal government portal with good content quality and user experience. The absence of WHOIS data and some missing compliance documents suggest areas for improvement. Strategic recommendations include implementing comprehensive privacy and security policies, enhancing security headers, and verifying domain registration details to strengthen trust and compliance.

M

MEDIA FACTORY Group

mfgroup.cz

0

MEDIA FACTORY Group is a Czech-based digital services company specializing in web development, system development, and tailored promotional strategies to help businesses innovate and grow online. The company positions itself as an expert in digital innovation, marketing, and analytics, targeting business clients seeking advanced digital solutions. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Webflow CMS, Google Tag Manager, reCAPTCHA, and Cookiebot for privacy compliance. Security posture is strong with HTTPS enforced and security headers present, although no explicit security policy or incident response information is published. The absence of WHOIS registration data is a concern for domain legitimacy, but the website's professional presentation and privacy compliance mitigate some risk. Overall, the site demonstrates a mature digital infrastructure suitable for its business model.

B

BESTA

besta.cz

0

BESTA operates as a Czech Republic-based e-commerce retailer specializing in bathroom, plumbing, and heating products. The website presents a professional and well-structured online store powered by the Shoptet platform, targeting general consumers seeking installation and heating supplies. The business appears to be a small-sized local retailer with a focused market niche. Technically, the website employs standard modern web technologies including Google Analytics, Facebook Pixel, and Biano Pixel for marketing and tracking purposes, alongside a cookie consent mechanism to comply with privacy regulations. However, the use of an outdated jQuery version and absence of explicit privacy and terms of service pages indicate areas for improvement. Security posture is moderate with HTTPS enforced but lacking explicit security headers and incident response information. The absence of WHOIS data reduces domain trustworthiness, though the website content and technical setup suggest a legitimate business presence. Overall, the site is accessible without WAF or blocking mechanisms and contains no adult or questionable content.

Y

Úvod | Yankeesvicky.cz

yankeesvicky.cz

0

The website www.yankeesvicky.cz is a small-scale e-commerce platform focused on retailing Yankees sports merchandise primarily targeting the Czech Republic market. The site features basic content and design, with a functional user interface and mobile optimization. It integrates several third-party technologies including jQuery, Google Maps API, and delivery service scripts, indicating a moderate level of technical maturity. However, the absence of a privacy policy and limited business information reduces its compliance and trustworthiness. Security posture is moderate with HTTPS usage and CSRF token presence but lacks advanced security headers and explicit vulnerability disclosures. Overall, the site is functional but would benefit from enhanced transparency, security practices, and privacy compliance to improve user trust and regulatory adherence.

P

Pro Háčkování s.r.o.

prohackovani.cz

0

ProHackovani.cz is a Czech Republic-based e-commerce retailer specializing in crafting supplies, particularly for knitting, crocheting, sewing, and creative hobbies. The website offers over 21,000 products and has an established market presence with an 8-year tradition. It provides both online sales and a physical store in Kostelec nad Labem, supported by customer service via phone, email, and chat. The business model focuses on retail sales to hobbyists and creative individuals, maintaining a strong customer service orientation and product availability.

P

Pejskovice

pejskovice.cz

0

Pejskovice.cz is an e-commerce website specializing in pet supplies targeted primarily at Czech pet owners. The site offers a variety of products for dogs, cats, and rabbits, positioning itself as a local online retailer with a focus on pet care. The website is built on the Shoptet platform, leveraging common web technologies such as JavaScript, jQuery, and integrates analytics tools including Google Analytics and Smartlook for user behavior tracking. While the site is accessible and uses HTTPS, it lacks visible privacy and terms of service pages, which are important for compliance and user trust. The absence of WHOIS data and registrant information reduces the domain's trustworthiness, although the website content and structure appear professional and consistent with a legitimate retail business. Security posture is moderate, with HTTPS enabled but missing important security headers. Overall, the site is functional and serves its business purpose but would benefit from enhanced transparency and security practices.

P

Pinoys.cz

pinoys.cz

0

Pinoys.cz is a specialized e-commerce retailer focused on Asian food products, primarily serving customers in Prague and the Czech Republic. The website offers a variety of Asian groceries including instant noodles, spices, and fresh products, targeting consumers interested in exotic and authentic Asian cuisine. The business operates a niche online store with a clear product categorization and customer loyalty programs, positioning itself as a trusted local supplier in its market segment. Technically, the website is built on the Upgates e-commerce platform, leveraging modern web technologies such as Google Tag Manager, Facebook Pixel, and live chat services to enhance customer engagement and marketing effectiveness. The site is mobile-optimized with good navigation and SEO practices, although accessibility features are basic. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published security policies. The absence of WHOIS data reduces domain registration transparency, which slightly impacts trustworthiness. Overall, the site is professional and functional with moderate risk, suitable for its business purpose.

D

DAFIT s. r. o.

extrifit.cz

0

EXTRIFIT.cz is a Czech Republic-based e-commerce platform specializing in sports and supplementary nutrition products such as proteins, gainers, creatine, carnitine, amino acids, fat burners, and anabolic supplements. The website is professionally designed with good SEO and mobile optimization, targeting sports enthusiasts and supplement consumers primarily in the Czech market. The technical infrastructure leverages a proprietary e-commerce framework (BSSHOP), Google Tag Manager for analytics, and modern web fonts, indicating a mature digital presence. Security posture is strong with HTTPS enforced and standard security headers present, though explicit privacy and cookie policies are not clearly found in the provided content. Overall, the site demonstrates a good level of professionalism and trustworthiness, though improvements in privacy compliance and contact transparency are recommended.

D

DEKORHOME, s.r.o.

dekorhome.cz

0

DEKORHOME, s.r.o. operates a large e-commerce platform specializing in furniture, home accessories, and garden products primarily targeting customers in the Czech Republic and Slovakia. The website offers a wide product range with claims of over 70,000 products and 3 million satisfied customers, positioning itself as a significant player in the regional retail market. The business model focuses on online retail with customer support and promotional sales events. Technically, the site is built on the Upgates e-commerce platform, leveraging modern JavaScript libraries and CDN hosting for performance. The site is mobile-optimized and includes SEO best practices. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the site is professional, trustworthy, and compliant with GDPR requirements. No blocking or WAF interference was detected, allowing full content access and analysis.

Indiana University Indianapolis operates as a premier educational institution serving the Indianapolis region and the broader Midwest. The website provides comprehensive academic program information, student support services, research initiatives, and campus life details, targeting prospective and current students, faculty, and alumni. The site is well-structured with consistent branding aligned with Indiana University standards. Technically, the site leverages modern web technologies including Rivet Site Builder and integrates multiple analytics and marketing pixels, indicating a mature digital presence. Security posture is moderate with HTTPS usage implied but lacking explicit security headers and published security policies. Privacy compliance is limited due to absence of clear privacy and cookie policies. Overall, the domain is a legitimate subdomain of the official Indiana University domain, though WHOIS data is unavailable as expected for subdomains. Strategic improvements in privacy transparency and security hardening would enhance trust and compliance.

Montana State University is a large, top-tier research university located in Bozeman, Montana, serving a broad audience including students, faculty, staff, alumni, and researchers. The institution offers over 250 academic programs and emphasizes research, community outreach, and student life. The website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site uses a modern technology stack including jQuery, Google Analytics, Microsoft Clarity, and Google Tag Manager, hosted likely on a platform using OmniUpdate CMS. Security posture is strong with HTTPS enforced and use of reCAPTCHA, though some security headers could be improved. Privacy compliance is partial, with a clear privacy policy but lacking visible cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-optimized for mobile and accessibility.

W

Wellcome Collection

wellcomecollection.org

0

Wellcome Collection is a well-established non-profit cultural institution based in London, offering a free museum and library focused on health, science, medicine, and human experience. The website provides rich content including exhibitions, events, stories, and publications, targeting a broad audience interested in these themes. The organization maintains a strong market position as a reputable educational and cultural resource. Technically, the website is built on modern frameworks such as Next.js and Prismic CMS, hosted on AWS infrastructure, and incorporates advanced analytics and cookie consent mechanisms, reflecting a mature digital presence. Security posture is strong with HTTPS enforced and privacy-conscious analytics, though DNSSEC is not enabled and no explicit security or incident response policies are published. Overall, the site is professional, accessible, and trustworthy, with clear contact information and compliance with privacy regulations. Strategic recommendations include enhancing DNS security, publishing security policies, and maintaining vigilance on third-party scripts. The domain registration is privacy protected but consistent with legitimate use for a non-profit entity, with a domain age appropriate for the organization's history.

L

Liikenne- ja viestintävirasto Traficom

traficom.fi

0

Liikenne- ja viestintävirasto Traficom is the Finnish government agency responsible for ensuring smooth, safe, and sustainable transport and communication services. The agency also promotes national cybersecurity and acts as a licensing, registry, and supervisory authority. The website reflects a mature digital presence with comprehensive content tailored to Finnish residents and businesses involved in transportation and communications. It offers regulatory information, news, and access to various services. Technically, the website employs modern web technologies including React and Apollo GraphQL, with a focus on performance, accessibility, and SEO. The presence of HTTPS, DNSSEC, and Matomo analytics indicates a strong commitment to security and privacy. The site is mobile-optimized and well-structured, providing a professional user experience. Security posture is robust with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear cookie and privacy policies, including consent mechanisms aligned with GDPR. Incident response and vulnerability disclosure channels are available, though explicit security policies could be enhanced. Overall, the website is trustworthy, professionally maintained, and aligns well with the official government identity. Strategic recommendations include publishing detailed security policies, implementing security.txt, and enhancing visible security headers to further strengthen trust and compliance.

T

The Audiencers

theaudiencers.com

0

The Audiencers is a specialized B2B media community platform founded in 2022, focused on supporting publishing professionals with expertise in audience engagement, conversion, and retention. The platform offers case studies, newsletters, events, and subscription services, positioning itself as a niche player in the media industry. The business is linked to Poool, a known player in paywall and engagement technology, enhancing its credibility and market positioning. Technically, the website is built on WordPress with modern tools like Elementor and Kadence Blocks, integrating analytics and marketing tools such as Google Analytics, HubSpot, and Stripe for payments. The site is mobile-optimized and uses structured data for SEO, reflecting a mature digital infrastructure. Security-wise, the site uses HTTPS and domain transfer protection but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is partially implemented with a cookie consent mechanism but lacks explicit privacy and terms of service pages. Overall, the website is professional, trustworthy, and safe for general audiences, with room for improvement in privacy and security transparency.

F

Fondation Restena

cyberday.lu

0

CyberDay.lu is a professionally maintained website representing an annual cybersecurity awareness event organized by the Fondation Restena in Luxembourg. The event is positioned as a key cybersecurity knowledge-sharing platform within the European Cyber Security Month and is partially funded by the European Union’s Digital Europe programme. The website targets cybersecurity professionals and stakeholders in Luxembourg and Europe, providing event schedules, speaker information, and registration details. The business model is event-driven, supported by public funding and institutional backing. Technically, the website is built on WordPress 6.8 with common web technologies such as jQuery, Bootstrap, and Font Awesome. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features. SEO optimization is basic, and no advanced analytics or tracking tools are detected, indicating a privacy-conscious approach or minimal user tracking. From a security perspective, the site uses HTTPS with good SSL configuration but lacks important security headers such as Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected in the HTML content. However, the absence of privacy and cookie policies represents a compliance gap with GDPR requirements. Incident response and security policy information are not publicly available, which could be improved to enhance trust and transparency. Overall, CyberDay.lu presents a trustworthy and professional online presence for a niche cybersecurity event. The risk profile is low given the nature of the content and organizational backing. Strategic improvements in privacy compliance, security headers, and accessibility would strengthen the site’s security posture and regulatory adherence.

C

Croatian Climate Change Panel

solarniklaster.org

0

The Croatian Climate Change Panel operates the solarniklaster.org website as a specialized platform focused on renewable energy, sustainable technologies, and climate change awareness primarily targeting Croatian and regional audiences. The site offers news, expert articles, multimedia content, and educational resources to support green energy transition efforts. Technically, the website uses a standard modern tech stack including Bootstrap, jQuery, and analytics tools, hosted on a domain registered since 2015 with privacy protection. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is basic with policies present but no explicit cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site is a credible, niche informational resource with room for security and privacy improvements.

Otok Krk energija d.o.o. is a Croatian limited liability company focused on producing and supplying renewable energy, primarily solar, to achieve energy independence for the island of Krk. The company is relatively new, founded in 2019, and is owned by the local municipality of Baška with plans to include other local government units as co-owners. Their business model centers on local investment and sustainable energy production, positioning themselves as a key player in the regional green energy market. The website reflects this mission with content in Croatian and some English, targeting local residents, investors, and governmental bodies interested in renewable energy projects. Technically, the website uses common web technologies such as Bootstrap, jQuery, and popular carousel libraries, with integration of Google Analytics and Facebook SDK for tracking and marketing purposes. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security posture is moderate; HTTPS is used but no explicit security headers or incident response policies are published. Privacy and cookie policies exist but lack active consent mechanisms. Overall, the website is professional and trustworthy but could improve in security and privacy compliance. Recommendations include implementing security headers, adding cookie consent, publishing incident response information, and enhancing contact transparency.

S

STT Viestintäpalvelut

viestintapalvelut.fi

0

STT Viestintäpalvelut is a Finnish media communication service provider specializing in enhancing brand visibility through comprehensive media communication tools, press release distribution, communication planning, and visual communication services. The website is professionally designed using HubSpot CMS and integrates modern marketing and analytics technologies such as Google Analytics, Hotjar, and HubSpot's own lead and messaging tools. While the technical infrastructure is solid with HTTPS and cookie consent mechanisms in place, the site lacks explicit privacy and terms of service pages, as well as visible contact information, which slightly impacts its privacy compliance and business credibility scores. Security posture is generally good but could be improved by adding security headers and incident response information.

S

Suomen Tietotoimisto Oy

stt.fi

0

Suomen Tietotoimisto Oy (STT) is a historically significant Finnish news agency, established in 1887, providing comprehensive news, image, and communication services. The company holds a strong market position as one of Finland's leading and most trusted media organizations, serving a broad audience including media houses, organizations, and the general public. Their digital presence is professional, with a well-structured website offering multilingual support and extensive content. Technically, the site leverages modern technologies such as WordPress, Google Tag Manager, and Matomo Analytics, ensuring good performance and SEO optimization. Security measures include HTTPS, reCAPTCHA, and cookie consent management, though there is room for improvement in DNSSEC and explicit security policies. Overall, STT demonstrates a mature digital infrastructure and a strong commitment to privacy compliance, making it a credible and trustworthy media entity.

A

Aittakoodi Oy

pikavuorot.fi

0

Pikavuorot.fi is a Finnish transportation price comparison website operated by Aittakoodi Oy, founded in 2015. The platform aggregates and compares prices and schedules for bus and train travel across multiple Finnish transportation providers, including major companies such as VR, Matkahuolto, Onnibus, and airlines like Finnair and Norwegian. It serves a general audience seeking convenient travel planning and ticket purchasing options within Finland. The website enjoys a moderate market position as a leading price comparison tool in its niche. Technically, the site employs a modern but somewhat dated technology stack including Bootstrap 3, jQuery, DataTables, and Socket.io for real-time data updates. It integrates multiple third-party services for fonts, advertising, and analytics, including Google Adsense and Facebook SDK. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. From a security perspective, HTTPS is used, but explicit security headers are not detected in the provided data. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is basic, with a cookie consent banner and a privacy policy page present, but no detailed security or incident response policies are published. Contact information is limited to an email address, with no phone or physical address provided. Overall, Pikavuorot.fi presents a trustworthy and functional service with room for improvement in security hardening, privacy transparency, and expanded contact options. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing comprehensive policies, and improving user trust signals.

P

Perille Mobility Services Oy

perille.fi

0

Perille Mobility Services Oy operates Perille.fi, a Finnish travel ticket service that aggregates and facilitates the purchase of train, bus, and flight tickets across Finland. The platform integrates multiple major transport providers, offering door-to-door trip planning and a user-friendly interface without requiring app downloads or registration. The service targets travelers within Finland seeking convenient and comprehensive travel options. Technically, the website is built on modern frameworks such as Next.js and React, with integrations for analytics and payment processing. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable platform for travel planning and ticket purchasing.

P

Perille Mobility Services Oy

matkakeisari.fi

0

Matkakeisari.fi is a Finnish travel ticket price comparison and booking platform operated by Perille Mobility Services Oy, founded in 2015. The service aggregates bus and train schedules and prices from major Finnish transport providers, enabling travelers to find the cheapest and fastest routes and purchase tickets conveniently. The website is well-designed, mobile-optimized, and uses modern web technologies including React and Next.js. It integrates Google Analytics and Tag Manager for analytics and marketing purposes. Security posture is solid with HTTPS and security headers implemented, though no explicit security or incident response policies are published. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism. The domain registration data aligns well with the business claims, supporting legitimacy. Overall, the website provides a trustworthy and user-friendly service for Finnish public transport travelers.

V

VR-Yhtymä Oyj

vr.fi

0

VR.fi is the official digital platform for VR-Yhtymä Oyj, Finland's primary railway operator. The website offers comprehensive services for domestic train travel including ticket sales, travel information, and customer support. It targets Finnish residents and visitors seeking sustainable and comfortable rail travel options. The company holds a strong market position as the national rail service provider with a large operational scale and a focus on environmental responsibility. Technically, the website is built on modern web technologies including React and Next.js, integrated with Contentful CMS for content management. It demonstrates excellent performance, mobile optimization, and accessibility. The site employs Google Tag Manager and Convertexperiments for analytics and A/B testing, with appropriate cookie consent mechanisms in place. From a security perspective, the site enforces HTTPS and includes standard security headers, ensuring a secure browsing experience. However, it lacks a dedicated security policy or incident response page and does not publish a vulnerability disclosure or security.txt file, which could enhance transparency and trust. Overall, VR.fi presents a professional, trustworthy, and user-friendly platform aligned with its business goals. Strategic improvements in security transparency and incident response communication are recommended to further strengthen its security posture and compliance.

M

Matkahuolto

matkahuolto.fi

0

Matkahuolto is a well-established Finnish transportation and parcel service provider offering bus schedules and parcel services for both businesses and private individuals across Finland. The website reflects a professional and consistent brand presence with clear service offerings targeted at a general audience. The technical infrastructure is modern, leveraging Gatsby and React frameworks, and integrates Google Tag Manager for analytics and marketing purposes. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced, but lacks some advanced security headers and explicit security policies. Privacy and cookie policies are not detected, indicating room for compliance improvements. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy of the website.

W

Waltti Solutions

waltti.fi

0

Waltti Solutions Oy is a Finnish company specializing in digital ticketing and payment solutions for public transportation. Their offerings include a mobile ticketing app, travel card management, and contactless payment integration, serving multiple Finnish cities. The company holds a strong market position as a leading provider in this niche, with a business model targeting both end-users and municipal transport authorities. The website reflects a mature digital presence with good content quality and user experience, supporting their business objectives effectively. Technically, the site is built on WordPress with modern libraries and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent compliance, though some security headers could be improved. Overall, the domain registration data aligns well with the business, indicating high legitimacy and trust. The site is free from blocking or WAF challenges, allowing full content access and analysis.

S

Saaristolautat.fi

saaristolautat.fi

0

Saaristolautat.fi is a specialized informational website providing ferry routes and schedules for the Finnish archipelago, including the Turku archipelago and Åland Islands. The site targets travelers and residents needing up-to-date ferry information for over 40,000 islands serviced by approximately 50 ferries and 200 docks. The business model is primarily informational, serving as a public utility platform rather than a commercial enterprise. The website is relatively small in scale, founded in 2017, and operates with a niche focus on regional transportation. Technically, the website employs a modern web stack including HTML5, CSS3, JavaScript with jQuery, Bootstrap for responsive design, FontAwesome for icons, and integrates Google Maps API for route visualization. Hosting appears to be provided by Domainhotelli, a Finnish hosting provider. The site is mobile optimized and has good SEO practices, though accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, the site lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance given its European audience. No contact information or incident response details are provided, limiting transparency and trust. The WHOIS data shows the domain is registered to a private person rather than an organization, which is somewhat inconsistent with the public service nature of the site but not necessarily suspicious. No WAF or blocking mechanisms are detected, and the site content is fully accessible. Overall, the website is functional and provides valuable regional transportation information but would benefit from improved security practices, privacy compliance, and clearer business contact details to enhance trust and regulatory adherence.

Å

Ålandstrafiken

alandstrafiken.ax

0

Ålandstrafiken is a regional transportation company operating ferry and bus services in the Åland Islands, Finland. The website serves as an informational portal for residents and visitors seeking public transport options. The company appears to be a medium-sized essential entity within the transportation sector, with a clear focus on regional mobility services. The website is built on Drupal 10 and integrates modern technologies such as Matomo for analytics and CookieYes for cookie consent management, reflecting a moderate level of digital maturity. Accessibility is enhanced through the BrowseAloud tool, indicating attention to inclusive design. Security posture is solid with HTTPS enforced and standard security headers present, although explicit privacy and security policies are missing. Overall, the site is professional and trustworthy but could improve transparency and compliance documentation.

L

LuxID

luxid.lu

0

LuxID is a Luxembourg-based digital identity platform providing a secure, unified login solution for multiple local companies and applications. Supported by major partners such as POST, Cactus, CFL, and RTL, LuxID aims to simplify user authentication while enhancing privacy and security in compliance with GDPR. The website is professionally designed, multilingual, and offers clear information about the service, benefits, and partners. Technically, the site uses modern web technologies including Liferay CMS, Bootstrap, React, and various JavaScript libraries, hosted likely within Luxembourg's POST infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security policies and vulnerability disclosures are absent. WHOIS data is unavailable, limiting domain trust verification, but the business credibility is supported by visible partnerships and professional content.

B

BCE

bce.lu

0

BCE is a professional media and digital solutions provider targeting businesses and institutions worldwide. The company offers innovative services across media, sports, fashion, and business sectors, positioning itself as a key player in digital expertise and seamless service integration. The website reflects a medium-sized enterprise with a consistent brand presence and good content quality. Technically, the site is built on WordPress with modern JavaScript libraries and integrates privacy-conscious analytics and marketing tools such as Matomo and HubSpot. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are absent. The lack of WHOIS data limits domain trust assessment, but the website's professional presentation and privacy compliance indicate legitimacy. Overall, BCE demonstrates a mature digital presence with room for improvement in security transparency and contact availability.

A

Agile Partner

agilepartner.net

0

Agile Partner is a medium-sized technology company based in Luxembourg, specializing in custom software development and agile transformation services. With over 18 years of experience and a team of approximately 50 professionals, the company targets businesses seeking tailored digital solutions and agile coaching to support their digital transformation. The website is professionally designed, multilingual (French and English), and provides clear information about their services, certifications, and contact details. Technically, the site is built on WordPress and leverages modern JavaScript libraries and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and HubSpot, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and no visible sensitive data exposure, though the absence of security headers and explicit security policies suggests room for improvement. The lack of WHOIS domain registration data is a notable concern, reducing trust in domain legitimacy despite the professional presentation. Overall, the website is functional, secure, and business-focused, but would benefit from enhanced transparency in domain registration and security documentation.

L

Luxembourg House of Cybersecurity

lhc.lu

0

Luxembourg House of Cybersecurity (LHC) serves as the central hub for cybersecurity resilience in Luxembourg, hosting key national centers such as CIRCL and NC3. The organization focuses on fostering innovation, collaboration, and capacity building in cybersecurity through various services including acceleration programs, community meet-ups, and standards development. The website reflects a professional and government-aligned entity with a clear mission to enhance Luxembourg's cybersecurity posture. Technically, the website employs modern web technologies including React, Bootstrap, and Leaflet, with privacy-conscious analytics via Matomo. The site is hosted on Luxembourg-based infrastructure (Restena) and demonstrates good mobile optimization and user experience. However, some technical improvements are recommended, such as implementing security headers and cookie consent mechanisms. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks explicit security headers and a published security policy. Incident response is facilitated through links to CIRCL's reporting portal. Privacy compliance is partial, with a privacy policy available but no cookie consent banner. Overall, the site presents a strong security posture appropriate for a government-related cybersecurity entity. The overall risk is low, with recommendations focusing on enhancing privacy compliance, security headers, and accessibility to further strengthen trust and regulatory adherence.

L

LU-CIX

lu-cix.lu

0

LU-CIX is a Luxembourg-based Internet Exchange Point founded in 2009, providing open and neutral peering and connectivity services to networks and content providers in Luxembourg and Europe. The organization operates as a non-profit entity, focusing on interconnecting critical networks in a secure and trusted environment. Their key services include public peering, route servers, blackholing, partner IX peering, and VoIP-X services, positioning them as a central telecommunications infrastructure player in Luxembourg. Technically, the website is built on WordPress CMS with modern JavaScript libraries such as jQuery and Owl Carousel, and uses Matomo for privacy-conscious analytics. The site is mobile-optimized with good SEO practices and moderate performance. Security-wise, the site enforces HTTPS and uses secure form submission techniques but lacks some security headers and a cookie consent mechanism, which are recommended for enhanced security and compliance. The security posture is solid but could be improved by adding explicit security policies, incident response contacts, and cookie consent to align better with GDPR requirements. The absence of WHOIS data limits domain trust verification, but the website content and business presence indicate a legitimate and professional operation. Overall, LU-CIX presents a trustworthy and professional digital presence with room for security and privacy enhancements to strengthen compliance and user trust.

A

AllSides

allsides.com

0

AllSides is a media company focused on providing balanced news coverage by revealing media bias across the political spectrum. The platform aggregates news stories from left, center, and right perspectives, enabling users to see multiple viewpoints side-by-side. It offers various services including newsletters, educational resources for schools, media and government services, and mobile applications. The website is well-established with a consistent brand presence and recognized partnerships with major media outlets. Technically, the site is built on Drupal CMS and uses modern JavaScript libraries and frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be explicitly verified and enhanced. Privacy compliance is strong with clear policies and GDPR considerations. WHOIS data is unavailable or privacy protected, which slightly reduces trust but is common for media entities. Overall, the site is professional, trustworthy, and serves a general audience interested in media literacy and balanced news.

A

Ad Fontes Media

adfontesmedia.com

0

Ad Fontes Media is a specialized media analysis company known for its Media Bias Chart®, which rates news sources for bias and reliability. The company operates primarily in the media sector, targeting general audiences, educators, advertisers, and publishers. Their business model revolves around subscription-based data services and media ratings, positioning them as a niche player with recognized authority in media bias analysis. Technically, the website is built on a modern WordPress platform using Elementor and WooCommerce, hosted by DreamHost, and integrates marketing and analytics tools such as HubSpot, Google Analytics, and Facebook Pixel. The site demonstrates good SEO and mobile optimization, with structured data enhancing search visibility. Security-wise, the site uses HTTPS with a good SSL configuration and domain transfer protection, but lacks DNSSEC and some security headers, which are recommended for enhanced protection. Privacy compliance is strong, with visible cookie consent and a comprehensive privacy policy. Overall, the website is professional, trustworthy, and well-maintained, with no signs of malicious activity or adult content.

N

NextGi

nextgi.com

0

NextGi is a small technology company founded in 2008, specializing in managed IT and security services with a strong emphasis on cybersecurity and customer support. Their website presents a professional and consistent brand image, targeting small to medium businesses seeking comprehensive IT solutions including managed security, VoIP, cloud hosting, and network optimization. The company leverages partnerships with major technology providers such as AWS, Microsoft, and Bitdefender, enhancing their market credibility. Technically, the website uses modern JavaScript libraries and analytics tools, is hosted behind Cloudflare, and employs HTTPS for secure communications. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, there are gaps in privacy compliance and security best practices, notably the absence of privacy and cookie policies, security headers, and incident response information. From a security perspective, the domain registration is consistent and trustworthy, with no signs of suspicious activity. The company demonstrates a security-first approach in its service offerings but should improve its website security posture by implementing recommended headers and compliance documentation. Overall, the website is functional and professional but could benefit from enhanced privacy and security transparency. The risk assessment indicates moderate security maturity with no critical vulnerabilities detected but highlights compliance gaps that could expose the company to regulatory risks. Strategic recommendations include publishing privacy and cookie policies, adding security headers, and providing incident response contacts to strengthen trust and compliance.

The website is a LinkedIn public profile for Alexander W., representing a small local tutoring business named Bloomington Tutors based in Bloomington, Indiana, USA. The profile highlights educational services and includes links to related tutoring websites. The digital infrastructure relies on LinkedIn's proprietary platform with secure authentication mechanisms including Google OAuth. Privacy and cookie policies are clearly presented, indicating compliance with GDPR and other regulations. The site is professionally designed with good content quality and user experience, optimized for mobile and accessibility. Security posture is strong with HTTPS, secure forms, and standard security headers, though WHOIS data is privacy protected and unavailable for detailed domain registration analysis. Overall, the site is trustworthy and suitable for its educational purpose.

Kevin Brown-Silva's website serves as a professional portfolio showcasing his software development expertise and contributions to open source projects. The site highlights his skills in technologies such as Python, Django, JavaScript, and jQuery, and provides links to his GitHub, Stack Overflow, LinkedIn, and Twitter profiles, establishing a credible online presence. The business model is personal branding and professional networking, targeting technology professionals and potential employers or collaborators. Technically, the website is built with standard web technologies including HTML, CSS, and JavaScript, with references to frameworks like Django REST framework and jQuery. Hosting and DNS are managed via Cloudflare, ensuring good SSL configuration and domain security. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. From a security perspective, the website benefits from HTTPS and domain transfer protection but lacks critical security headers and formal privacy or cookie policies. No forms or data collection mechanisms are present, reducing attack surface but also limiting user engagement features. The absence of vulnerability disclosure or incident response information indicates room for improvement in security maturity. Overall, the website is a safe, professional, and trustworthy personal portfolio with good business credibility but limited privacy compliance and security best practices. Strategic enhancements in privacy policies, security headers, and incident response readiness would strengthen the site's security posture and compliance.

L

Le Gouvernement du Grand-Duché de Luxembourg

services-publics.lu

0

Guichet.public.lu is the official government portal of Luxembourg dedicated to providing citizens with easy access to a wide range of public services and administrative information. The website covers numerous thematic areas including financial aid, citizenship, family and education, taxation, immigration, inclusion, justice, housing, leisure, health, transport, and employment. It serves as a comprehensive digital gateway for residents and citizens to navigate government procedures efficiently. Technically, the site leverages Adobe Experience Manager as its CMS platform and uses Adobe Dynamic Tag Management for analytics and tracking. The site is well-structured with responsive design and accessibility features, ensuring a good user experience across devices. However, some security headers and explicit privacy and cookie policies are not evident in the provided content, indicating areas for improvement in compliance and security transparency. From a security perspective, the site uses HTTPS and secure login mechanisms, but lacks visible security headers and incident response contact information. The WHOIS data for the domain is unavailable or malformed, which limits the ability to fully verify domain registration legitimacy. Despite this, the official branding and domain (.public.lu) strongly support its authenticity as a government site. Overall, guichet.public.lu demonstrates a mature digital presence with excellent content quality and user experience, but could enhance its privacy compliance and security posture by publishing clear policies and improving domain transparency. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, and providing explicit security incident contacts to strengthen trust and compliance.