Security Directory

П

Принцип

pryncyp.com

0

The website www.pryncyp.org represents a Ukrainian non-profit legal advocacy center named "Принцип" focused on supporting military personnel and veterans through legal aid, policy advocacy, and educational initiatives. Founded in 2023 by Masі Nayem and Liubov Galan, the organization provides pro bono legal consultations, conducts analytical research, and promotes veteran policies. The site is professionally designed using WordPress CMS with multilingual support and integrates common web technologies such as jQuery, Swiper, and Select2. It leverages Google Analytics for user tracking and includes donation mechanisms via Patreon and Liqpay. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though the absence of security headers and explicit privacy/cookie policies indicates room for improvement. WHOIS data is unavailable, limiting domain trust verification, but the website's content, social media presence, and professional branding support its legitimacy. Overall, the site is well-positioned as a trusted resource for its target audience with moderate technical maturity and good user experience.

D

Deutsch-Ukrainische Gesellschaft

deutsch-ukrainische-gesellschaft.de

0

The Deutsch-Ukrainische Gesellschaft (DUG) is a small non-profit organization dedicated to fostering and deepening German-Ukrainian relations across politics, science, culture, and civil society. The organization offers expert dialogues, publications, cultural events, and exchange programs to promote mutual understanding and support Ukraine's integration into European and Euro-Atlantic structures. The website reflects a professional and consistent brand image, targeting stakeholders interested in German-Ukrainian cooperation. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, Contact Form 7, and GDPR Cookie Compliance, ensuring good SEO and privacy compliance. The site uses HTTPS with Google reCAPTCHA for form security and includes a cookie consent mechanism, indicating a mature digital infrastructure. Performance and mobile optimization are good, though some security headers could be improved. From a security perspective, the site demonstrates solid practices including HTTPS enforcement and GDPR compliance. However, no explicit security policy or incident response contacts are published, and security headers are not detected, suggesting room for enhancement. No vulnerabilities or suspicious content were found. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations, serving its niche audience effectively. Strategic improvements in security headers and transparency around security policies would further strengthen its posture.

L

Lobby X

thelobbyx.com

0

Lobby X is a Ukrainian employment platform and recruiting agency focused on supporting job seekers and employers, with a special emphasis on veterans and military personnel. The company operates a professional website with a clear business model centered on job listings, recruitment services, and career consultations. Their market position is niche but important within Ukraine, supporting progress and victory through employment. Technically, the website is built on WordPress with modern front-end technologies including Bootstrap, jQuery, and Lottie animations, and integrates Google services such as reCAPTCHA and Tag Manager. The site is mobile optimized and SEO friendly, though accessibility is basic. Security posture is adequate with HTTPS and CAPTCHA protections, but lacks DNSSEC and security headers, which are recommended for improvement. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. Strategic recommendations include enhancing security headers, enabling DNSSEC, and improving privacy compliance to strengthen trust and security.

P

PayFast (Pty) Ltd

paygate.co.za

0

PayFast (Pty) Ltd operates a secure and scalable online payment gateway primarily serving businesses in South Africa. The company offers a comprehensive payment processing platform designed to support merchants with efficient and reliable payment solutions. Their market position is solid within the regional fintech space, leveraging modern web technologies and integrations to provide a seamless user experience. The website reflects a mature digital infrastructure with WordPress CMS, SEO optimization, and multiple analytics and marketing tools integrated. Security posture is good with HTTPS enforced and domain registration consistent with the business identity, though some security headers and policies could be improved. Privacy compliance is evident with clear privacy and cookie policies and GDPR considerations. Overall, the business credibility is high with consistent branding and trust signals such as social media presence and structured data.

DGTL-FUSION's website is minimalistic, offering very limited content beyond a single image and a brief description tagline 'Technology that works'. The company behind the domain is Drivechain (Pty) Ltd, a South African entity established in 2004, indicating a mature business presence. However, the website lacks detailed business information, contact details, or descriptions of services, limiting its effectiveness as a digital presence. The absence of metadata such as Open Graph or structured data further reduces its discoverability and user engagement potential. From a technical perspective, the website does not utilize any detectable modern frameworks, CMS, or analytics tools. The hosting appears to be managed through cpns.host/cpns.zone name servers, but no advanced technical features or security headers are present. Mobile optimization and accessibility are basic, and SEO is poor due to minimal content and lack of meta tags. Security posture is weak, with no evidence of HTTPS enforcement or security headers. The domain WHOIS data is transparent and consistent with the business identity, which supports legitimacy. However, the lack of privacy, cookie, or terms of service policies indicates non-compliance with common data protection standards such as GDPR. No incident response or vulnerability disclosure information is provided. Overall, the website presents a low-risk profile due to minimal content and no suspicious elements but suffers from poor professionalism, lack of user engagement features, and weak security and privacy practices. Strategic improvements in content, security, and compliance are recommended to enhance trust and digital maturity.

A

Error

assegaiandjavelin.com

0

The domain assegaiandjavelin.com is currently not connected to an active website and instead serves a Wix error page indicating the domain is not linked to any Wix site. There is no business content, contact information, or policies available on the site. The domain is registered since 2002 with Diamatrix C.C., indicating a long registration history but no active web presence. The technical infrastructure is based on Wix platform using AngularJS and jQuery libraries, but no advanced SEO, security headers, or privacy compliance mechanisms are present. Security posture is weak due to lack of HTTPS information and security headers. Overall, the site is inactive and provides no business or security assurances.

C

Chambre des Députés

propositions.lu

0

The website propositions.lu is an official government platform managed by the Chambre des Députés of Luxembourg. It serves as a digital interface for citizens to participate in the legislative process by submitting and supporting Propositions Motivées aux Fins de Légiférer (PML). The platform is well-structured, primarily in French, and offers clear guidance and resources for legislative participation. The site targets Luxembourgish voters aged 18 and above, providing a transparent and accessible channel for democratic engagement. Technically, the site is built on a modern Angular framework with a responsive design optimized for mobile devices. It employs standard web technologies including Font Awesome and Bootstrap CSS variables. The site uses HTTPS with strong SSL configuration, but lacks some security headers and a cookie consent mechanism, which are recommended for enhanced security and privacy compliance. Accessibility is addressed but with some noted deficiencies. From a security perspective, the site demonstrates good practices such as encrypted data transmission and no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS data limits the ability to fully verify domain registration legitimacy. The site includes comprehensive privacy and legal notices, with a clearly identified Data Protection Officer contact. Overall, the platform presents a trustworthy and professional government service with room for minor improvements in security headers and privacy mechanisms. Strategically, the site supports Luxembourg's democratic processes by enabling direct citizen involvement in lawmaking. It is positioned as a key digital government service with high trustworthiness and professional content quality.

C

Chambre des Députés du Grand Duché de Luxembourg

petitions.lu

0

The website www.petitiounen.lu is the official petition platform of the Chambre des Députés of Luxembourg, enabling citizens to submit and sign public and ordinary petitions. It serves as a government civic engagement tool with a clear focus on transparency and public participation. The platform is well-branded with official logos and provides comprehensive information about petitions, legal notices, data protection, and contact details. Technically, it is built on a modern Angular framework with responsive design and integrates visitor analytics for performance monitoring. Security posture is strong with HTTPS enforced and session management features, though explicit security headers could be improved. Privacy compliance is good with a detailed privacy policy and data protection officer information, but lacks a visible cookie consent mechanism. WHOIS data is unavailable due to malformed queries, limiting domain legitimacy verification, but the official nature of the content and branding strongly supports authenticity.

C

Contact Privacy Inc. Customer 0167022659

eth.limo

0

eth.limo is a technology service focused on making decentralized websites accessible, specifically those built with the Ethereum Name Service (ENS). The website positions itself as a niche service provider facilitating effortless access to blockchain-based web content. The company appears to be a small-sized entity founded in 2021, with domain registration protected by privacy services. The site uses modern front-end technology (Framer) and is hosted on AWS infrastructure, indicating a reasonable level of digital maturity. However, the absence of privacy and cookie policies suggests gaps in compliance and transparency. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but DNSSEC is not enabled and no explicit security policies are published. Overall, the website is professional and functional but would benefit from enhanced privacy compliance and security best practices.

T

The Giving Block

thegivingblock.com

0

The Giving Block is a specialized platform empowering nonprofits to accept cryptocurrency, stocks, and donor-advised fund (DAF) donations. Founded in 2018, it has established itself as a leading service provider in the nonprofit crypto donation space, offering secure and compliant donation forms tailored to the needs of nonprofits and their donors. The website reflects a professional and consistent brand image, targeting nonprofits and crypto donors with clear messaging and structured data to enhance search visibility. Technically, the website is built on WordPress using the Divi theme, supplemented by a variety of marketing and analytics tools including HubSpot, Google Analytics, Microsoft Clarity, and Hotjar. The domain is registered with GoDaddy and uses Cloudflare for DNS, indicating a robust hosting and domain management setup. Mobile optimization and SEO practices are good, though accessibility features are basic. From a security perspective, HTTPS is enabled and domain status flags protect against unauthorized changes. However, the site lacks explicit security headers, published security policies, and vulnerability disclosure mechanisms. Privacy compliance is limited due to the absence of visible privacy and cookie policies or consent mechanisms. The extensive use of tracking and marketing scripts suggests a moderate to extensive user tracking level, which should be balanced with stronger privacy disclosures. Overall, the site is credible and professionally managed but would benefit from enhanced privacy and security transparency to improve compliance and user trust. Strategic recommendations include enabling DNSSEC, publishing comprehensive privacy and cookie policies, implementing security headers, and establishing a vulnerability disclosure program.

P

Plaid Inc.

plaid.com

0

Plaid Inc. is a leading fintech company specializing in providing secure and reliable APIs that enable applications to connect with users' financial data. The company operates primarily in the finance and technology sectors, serving developers, fintech firms, and financial institutions. Plaid's market position is strong, supported by its parent company Visa Inc., and it offers key services such as financial data aggregation, account verification, and payment initiation. The website reflects a mature digital infrastructure with modern technologies and excellent performance, optimized for mobile and accessibility. Security posture is robust, with industry-standard certifications like ISO 27001 and SOC 2, and comprehensive security policies are publicly available. Privacy compliance is well addressed, including GDPR adherence and clear cookie consent mechanisms. Overall, Plaid's website demonstrates high professionalism, trustworthiness, and business credibility.

S

Centrum.cz: Fandíme dobrému obsahu

stdout.cz

0

Centrum.cz is a prominent Czech internet portal providing a variety of services including email, current news, weather updates, and search functionalities. It serves a broad Czech audience seeking reliable and timely information. The website leverages modern web technologies such as React and Next.js, ensuring a responsive and user-friendly experience. The presence of multiple reputable news sources and professional design indicates a mature digital presence. Security-wise, the site enforces HTTPS and includes essential security headers, reflecting a good security posture. However, the absence of explicit privacy and cookie policies, as well as contact information, suggests areas for compliance and transparency improvement. Overall, Centrum.cz appears to be a trustworthy and well-established media portal with room to enhance privacy compliance and user trust through clearer policy disclosures.

C

Centrum.cz

xsd.cz

0

Centrum.cz is a well-established Czech internet portal providing a variety of online services including email, news, and weather updates. The website targets Czech-speaking users seeking reliable and diverse content. Technically, the site is built on modern frameworks such as Next.js and React, leveraging multiple third-party analytics and advertising platforms to monetize and analyze user engagement. Security posture is strong with HTTPS enforced and appropriate security headers, although privacy compliance could be improved by publishing clear privacy and cookie policies. The absence of WHOIS data is likely due to privacy protection, which is common for media portals. Overall, the site presents a professional and trustworthy online presence with room for enhancement in privacy transparency and contact accessibility.

K

Kappa Data

kappadata.be

0

Kappa Data is a value-added IT distributor specializing in networking infrastructure, security, and IoT solutions primarily serving business customers in Belgium and surrounding markets. The company offers a broad portfolio of products and services including technical expertise, training, and events. The website is professionally designed, multi-lingual, and optimized for performance and mobile devices, reflecting a mature digital presence. Security posture is solid with HTTPS and no visible vulnerabilities, though the absence of published privacy and cookie policies indicates room for compliance improvement. WHOIS data is restricted, which is common for business privacy but limits transparency. Overall, the site presents a trustworthy and credible business with a good technical foundation.

C

Conostix S.A.

conostix.com

0

Conostix S.A. is a small Luxembourg-based technology company specializing in security and system services, with a focus on security management consultancy, tailored open source software solutions, and customer care. Founded in 2001, the company positions itself as a niche provider for enterprises requiring advanced security expertise. The website content reflects this business focus but is basic in design and technical sophistication. Technically, the website is a simple HTML and CSS implementation with no detected CMS or advanced frameworks. There is no evidence of HTTPS enforcement or security headers, and mobile optimization is poor. The site lacks privacy and cookie policies, contact information, and incident response details, indicating limited digital maturity and compliance readiness. From a security perspective, the domain is well-established with consistent WHOIS data and clientTransferProhibited status, supporting legitimacy. However, the absence of HTTPS and security headers, as well as missing privacy compliance elements, represent vulnerabilities and compliance gaps. No forms or data collection mechanisms were found, reducing immediate data exposure risks. Overall, the website presents a moderate risk profile with room for significant improvements in security posture, privacy compliance, and technical modernization. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, improving mobile responsiveness, and enhancing security headers and incident response capabilities.

The Computer Incident Response Center Luxembourg (CIRCL) is a government-driven cybersecurity entity serving as the national CERT/CSIRT for Luxembourg's private sector, communes, and non-governmental organizations. CIRCL provides a broad range of cybersecurity services including threat intelligence sharing via the MISP platform, dynamic malware analysis, passive DNS historical data, and document sanitization from untrusted USB devices. The organization maintains a strong market position as a trusted government-affiliated cybersecurity resource with a history dating back to 2008 and operates under the Luxembourg House of Cybersecurity (LHC). The website reflects a professional and authoritative presence with comprehensive security advisories and publications.

CEES HARTMAN is a small Dutch business specializing in website creation, online marketing, photography, and video production services. The company uses WordPress as its platform and collaborates closely with clients to design websites that reflect their branding and needs. The website showcases a portfolio of client projects, indicating a focus on small to medium-sized clients. Technically, the website is built on a modern WordPress stack with Elementor and the Customizr theme, providing a responsive and user-friendly experience. However, the site lacks privacy and cookie policies, and no explicit contact emails or phone numbers are provided, which may affect user trust and compliance. Security posture is moderate with HTTPS enabled but missing important security headers. Overall, the site is professional and safe but could improve in privacy compliance and security best practices.

U

Upbooking

upbooking.lu

0

Upbooking is a Luxembourg-based online platform dedicated to the recycling and exchange of used school books, promoting environmental sustainability and offering incentives such as vouchers for new book purchases. The platform targets students and families within Luxembourg, supported by government initiatives as evidenced by the presence of the Luxembourg government logo. Technically, the website is built on WordPress with a custom theme, uses modern tools like Google Tag Manager and Axeptio for cookie consent, and implements good accessibility features. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is strong with comprehensive policies and cookie consent mechanisms in place. Overall, the website is professional, trustworthy, and well-aligned with its educational and governmental mission.

Z

ZONER, s.r.o.

zonercloud.com

0

ZonerCloud, operated by ZONER, s.r.o., is a Slovakia-based cloud services provider specializing in high-performance virtual private servers (VPS), managed hosting, email hosting, cloud storage, and AI/GPU server rentals. The company positions itself as a market leader in VPS performance within its region, leveraging partnerships with VMware and Microsoft to deliver reliable and scalable cloud infrastructure solutions. Their offerings target businesses and developers seeking affordable, powerful, and flexible cloud computing resources with rapid deployment times and strong uptime guarantees. Technically, the website demonstrates a mature digital infrastructure using modern web technologies such as Bootstrap, jQuery, and various UI/UX libraries. It integrates analytics and marketing tools including Google Analytics, Google Tag Manager, and Facebook Pixel, alongside a live chat support system. The site is well-optimized for mobile devices, features comprehensive cookie consent mechanisms, and employs HTTPS with a DigiCert SSL certificate, indicating a strong commitment to security and privacy. From a security perspective, while the site enforces HTTPS and uses secure forms with CSRF tokens, it lacks publicly available formal security policies or incident response disclosures. No critical vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS registrant data slightly reduces trust but is mitigated by the professional presentation and trust signals such as certifications and partner logos. Overall, ZonerCloud presents a trustworthy and professional cloud service platform with strong business credibility and technical maturity. Strategic improvements in transparency around security policies and incident response, as well as WHOIS data availability, would further enhance trust and compliance posture.

P

Prva sušačka hrvatska gimnazija u Rijeci

pshg.net

0

Prva sušačka hrvatska gimnazija u Rijeci is a Croatian secondary school providing general and specialized education including classical ballet and contemporary dance programs. The institution is well-established with a domain age since 2007 and holds Erasmus accreditation, indicating active participation in European educational programs. The website serves students, parents, and educators with relevant news, schedules, and contact information. Technically, the site uses standard web technologies such as HTML5, CSS3, jQuery, and Font Awesome, hosted under a reputable registrar. The site is moderately optimized for performance and mobile use, with clear navigation and consistent branding. Security posture is moderate; while HTTPS is assumed, no advanced security headers or DNSSEC are implemented, and no cookie consent mechanism is present, which may affect compliance with privacy regulations. Overall, the site is trustworthy and professional but could improve in security and privacy compliance.

Energetska zadruga "Otok Krk" is a small Croatian energy cooperative focused on promoting renewable energy and energy independence on the island of Krk. The cooperative provides consulting, project support, collective purchasing, and education services to local residents and businesses. Their website reflects a community-oriented business model with clear contact information and active social media presence. Technically, the site uses common web technologies such as jQuery, Bootstrap, and Owl Carousel, providing a moderate performance and good mobile optimization. Security posture is moderate with HTTPS usage but lacks explicit security headers and incident response policies. Privacy compliance is basic with privacy and cookie policies present but no consent mechanism. Overall, the website is professional and trustworthy, with a legitimacy score supported by consistent WHOIS data and domain age.

G

Galaksija

galaksija.hr

0

Galaksija.hr is a Croatian online magazine focused on popularizing science across various disciplines including natural sciences, technology, social sciences, ecology, and medicine. The website offers news articles, blogs, multimedia galleries, and videos targeting a general audience interested in science and education. The business model appears to be content publishing supported by advertising and partnerships with related portals. Technically, the site uses a custom CMS with common web technologies such as jQuery, Bootstrap, and Flexslider, and integrates analytics tools like Google Analytics, Histats, and Mixpanel. The site is accessible via HTTPS and includes a login form for registered users, but lacks advanced security headers and explicit GDPR cookie consent mechanisms. No incident response or security contact information is provided, which could be improved to enhance trust and compliance. Overall, the website is professionally designed with good content quality and moderate technical implementation, suitable for its niche media role.

W

Wellcome

wellcome.org

0

Wellcome is a globally recognized charitable foundation dedicated to advancing discovery research in life sciences, health, and wellbeing. The organization focuses on critical global health challenges including mental health, infectious diseases, and climate-related health issues. Their website reflects a mature digital presence with comprehensive content aimed at researchers, policymakers, and the public, supported by a professional design and clear navigation. The foundation operates with a transparent and user-friendly approach to privacy and cookie management, demonstrating compliance with GDPR and related regulations. Technically, the website leverages modern frameworks such as Next.js and React, hosted on AWS infrastructure, and integrates Google Tag Manager for analytics and marketing. The site is optimized for performance and mobile responsiveness, with good accessibility features. Security posture is strong with HTTPS enforcement and domain protections, though DNSSEC is not enabled and explicit security policies are not published. Overall, the security posture is solid with no evident vulnerabilities or exposed sensitive data. The WHOIS data confirms a long-standing domain registration consistent with the organization's history, using privacy protection appropriately. The site maintains a high level of trustworthiness and professionalism, supported by active social media channels and clear business information.

World Nuclear News is a well-established information service operated by the World Nuclear Association, providing authoritative news, features, and analysis on the global nuclear energy sector. The website targets industry professionals, policymakers, and stakeholders, offering a comprehensive range of content including news articles, podcasts, and newsletters. The business model is centered on information dissemination supported by an industry association, positioning itself as a trusted source within the energy sector. Technically, the website employs modern web technologies such as Bootstrap and jQuery, integrates analytics tools including Google Analytics and Microsoft Clarity, and is hosted with Cloudflare DNS services. The site demonstrates good mobile optimization and SEO practices, though some accessibility features could be enhanced. The infrastructure supports a professional and responsive user experience with moderate performance. From a security perspective, the site enforces HTTPS, uses reCAPTCHA for form protection, and maintains domain registration safeguards. However, it lacks advanced security headers and does not publish explicit security policies or incident response contacts. No vulnerabilities or suspicious activities were detected, indicating a solid security posture but with room for improvement in transparency and DNS security. Overall, the website is professional, trustworthy, and compliant with privacy regulations, including GDPR. It provides clear contact information and maintains consistent branding. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing a security policy, and establishing a vulnerability disclosure program to further enhance security and trust.

E

Eko Kvarner

ekokvarner.hr

0

Eko Kvarner is a Croatian non-profit environmental organization focused on promoting sustainable energy, climate change awareness, and ecological protection in the Kvarner region. The website serves as an information hub providing news, activities, projects, and educational resources to local communities and stakeholders interested in environmental issues. The organization appears well-established with a domain registered since 2012 and clear contact information including physical address, phone numbers, and email. The site content is primarily in Croatian and targets regional audiences. Technically, the website uses an older CMS platform called Galaksija and relies on legacy JavaScript libraries such as jQuery and Fancybox. While the site is accessible and contains meaningful content, it loads some external scripts over unsecured HTTP, which introduces mixed content risks. The site lacks modern security headers and advanced privacy or cookie consent mechanisms, indicating room for improvement in security and compliance maturity. Hosting is provided by Totohost, a Croatian hosting provider, and the domain registrar is CARNET, a reputable Croatian academic network. From a security perspective, the site uses HTTPS but does not implement additional security headers or content security policies. No incident response or security policy pages are found, and no vulnerability disclosure or security.txt files are present. The WHOIS data is consistent with the website's business profile and geographic location, supporting legitimacy. No suspicious or malicious indicators were detected. Overall, the website is functional and provides valuable content for its target audience but would benefit from technical modernization, improved security practices, and enhanced privacy compliance to strengthen trust and resilience against threats.

R

RIKA Innovative Ofentechnik GmbH

rika.at

0

RIKA Innovative Ofentechnik GmbH is an Austrian manufacturer specializing in high-quality heating stoves including pellet, wood-burning, and combination ovens. The company emphasizes innovation, Austrian craftsmanship, and customer-centric services such as an online stove configurator and a broad dealer network. Their market position is that of a reputable medium-sized enterprise with international reach, targeting homeowners seeking efficient and modern heating solutions. Technically, the website employs modern JavaScript libraries and asynchronous loading techniques, hosted on DigitalOcean infrastructure, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers and explicit incident response policies are absent. Privacy compliance is well addressed with comprehensive policies and GDPR adherence. Overall, the website is professional, trustworthy, and well-structured, supporting the company's business credibility effectively.

G

Gemeindeamt Markt St. Martin

marktstmartin.at

0

The website marktstmartin.at serves as the official online presence of the Gemeindeamt Markt St. Martin, a municipal government entity in Austria. It provides comprehensive information about the community, including news, events, municipal services, tourism, and contact details. The site targets local residents and visitors, offering a user-friendly platform to access essential community resources and updates. The business model is typical of a government website, focusing on public service and community engagement rather than commercial activities. Technically, the website employs a modern but straightforward technology stack including jQuery, Tether, Bootstrap, and PhotoSwipe for image galleries. The site is mobile responsive and well-structured, with good SEO and accessibility basics. Performance is moderate, and the site uses HTTPS, although explicit security headers are not detected. Google Analytics is included but commented out, indicating a cautious approach to user tracking and privacy. From a security perspective, the site demonstrates a basic but adequate posture. There are no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, consistent with GDPR requirements. Overall, the website is trustworthy and professional, reflecting the legitimacy of a local government entity. It effectively balances user experience, content quality, and privacy considerations. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility compliance to further strengthen the site's security and compliance posture.

EM-Immobilien is a small real estate company based in Vienna, Austria, specializing in property management and brokerage services. The website serves as a basic informational portal targeting individuals and businesses seeking real estate services locally. The company branding is moderately consistent, with a focus on personal and individual service as indicated by the tagline and logo. The website content is primarily in German and includes references to key services such as property management and real estate brokerage. However, the site lacks comprehensive business contact details and formal privacy or terms of service documentation.

Mic Dorin Bau GmbH is a small, family-run construction company based in Austria, specializing in residential building services including shell construction, facades, outdoor areas, and renovations. With over 10 years of experience, the company targets private homeowners and clients seeking personalized construction solutions. The website reflects a professional and consistent brand image, providing clear contact information and a user-friendly interface. Technically, the site is built using modern frameworks like React and Phenomic, with Google Analytics integrated for visitor tracking and a cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and incident response disclosures are recommended. Overall, the domain registration data aligns well with the business claims, indicating a legitimate and trustworthy entity.

L

Latin Studio

latinstudio.at

0

Latin Studio is a small local dance studio based in Austria specializing in Latin dance styles. The website is built on the Wix platform and offers information about dance classes and workshops targeting dance enthusiasts. The technical infrastructure is standard for Wix-hosted sites, with moderate performance and basic mobile optimization. Security posture is basic with HTTPS enabled but lacks security headers and formal privacy or cookie policies. No contact or incident response information is provided, limiting transparency and compliance. Overall, the site is functional but would benefit from enhanced security and privacy features to improve trust and compliance.

E

Etelä-Suomen aluehallintovirasto

avi.fi

0

Etelä-Suomen aluehallintovirasto is a Finnish regional state administrative agency responsible for providing public services, regulatory oversight, and administrative functions in Southern Finland. The website serves citizens, businesses, and authorities by offering information, licensing services, guidance, and event notifications. It is positioned as a key government authority with a clear mandate and a broad service portfolio. The website is multilingual, supporting Finnish, Swedish, English, and Northern Sami languages, reflecting inclusivity and accessibility. Technically, the site is built on the Liferay CMS platform, leveraging modern JavaScript libraries such as React and jQuery, and integrates analytics via Snoobi. The infrastructure supports responsive design and accessibility standards, ensuring usability across devices and for diverse users. Security posture is strong with HTTPS enforcement and standard security headers, though DNSSEC is not implemented. Privacy compliance is evident with a comprehensive privacy policy and cookie consent mechanisms aligned with GDPR. However, explicit security policies and incident response contacts are not published, which could be improved. Overall, the site reflects a mature digital presence consistent with a government entity, with good trust indicators and professional content.

U

UDICE

udice.org

0

UDICE is a French alliance of 13 major universities focused on promoting research excellence, enhancing higher education performance, and developing attractive innovation ecosystems. The website presents a professional and consistent brand image, targeting academic institutions and stakeholders in higher education and research. The business model is non-profit and collaborative, positioning UDICE as a key player in the French academic landscape. Technically, the website is built on WordPress using Elementor and Yoast SEO, with integration of Google Analytics and Tag Manager for user tracking. The site is mobile-optimized and performs moderately well, though accessibility features are basic. The SSL configuration is excellent, ensuring secure HTTPS connections. Security posture is generally good with HTTPS enforced and no exposed sensitive data, but lacks security headers and a formal security policy or incident response information. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected, which is a gap given GDPR relevance. Overall, the site is trustworthy and professional, though transparency is reduced by the absence of WHOIS data and limited security disclosures. Strategic improvements in security headers, privacy compliance, and incident response communication would enhance the site's security maturity and user trust.

E

EPICUR Alliance

epicur.education

0

EPICUR Alliance is a consortium of nine European higher education institutions collaborating to provide innovative educational programs, research initiatives, and regional ecosystem engagement. The website serves as a multilingual portal offering information on educational offers, research projects, events, and partner universities. The technical infrastructure is based on WordPress with modern web technologies including Bootstrap, jQuery, and Matomo analytics, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although additional security headers could enhance protection. Privacy compliance is well addressed with GDPR-aligned policies and consent banners. Overall, the website reflects a professional and trustworthy educational alliance with a strong digital presence.

LingOA is a foundation dedicated to supporting Diamond Open Access journals in the field of linguistics, hosting 45 journals and publishing over 600 articles annually. The website is built on WordPress using the Enfold theme and employs modern web technologies such as jQuery and Google Fonts. The site is accessible, mobile-optimized, and presents a professional design tailored to an academic audience. However, it lacks explicit privacy, cookie, and terms of service policies, as well as detailed contact information, which impacts its compliance and trustworthiness scores. From a security perspective, the website uses HTTPS, ensuring encrypted communication, but does not implement common security headers, which could improve protection against certain web attacks. No vulnerability disclosure or incident response information is provided, which is a gap for transparency and security readiness. The absence of WHOIS registrant data is due to EURid's privacy policies for .eu domains, which is typical and justified for this type of non-profit academic entity. Overall, the website is safe, professional, and serves its niche academic community well but would benefit from enhanced privacy compliance and security best practices to improve trust and regulatory adherence.

Mathematics in Open Access (MathOA) is a non-profit foundation dedicated to promoting Fair Open Access principles in the mathematics scholarly publishing community. The organization supports the creation and transition of mathematics journals to Diamond Open Access models, providing funding, advisory services, and community engagement. The website reflects a focused academic mission with endorsements from notable scholars and support from reputable institutions. Technically, the site is built on WordPress with a modern theme and standard libraries, offering good mobile optimization and SEO practices. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers and formal policies are absent. The lack of privacy and cookie policies indicates compliance gaps that should be addressed to meet GDPR and other regulations. WHOIS data is unavailable or malformed, limiting domain trust verification, but the website content and external references support legitimacy. Overall, the site is professional, content-rich, and trustworthy within its niche, but could improve privacy compliance and security transparency.

L

Luxembourgticket GIE

luxembourgticket-gie.lu

0

Luxembourgticket GIE operates a website focused on ticketing services in Luxembourg, targeting both the general public and businesses. The site is built on WordPress and incorporates modern tracking and consent tools such as Google Tag Manager and Cookiebot, reflecting a moderate level of digital maturity. However, the absence of key compliance documents like a privacy policy and terms of service, as well as missing contact information, limits the site's transparency and trustworthiness. The security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and incident response information. Overall, the site presents a basic but functional online presence with room for improvement in compliance and security documentation.

H

hack.lu

hack.lu

0

hack.lu is an established cybersecurity conference held annually in Luxembourg, focusing on computer security, privacy, and information technology. The 2025 edition marks its 19th occurrence, indicating a long-standing presence in the security community. The conference offers talks, workshops, trainings, and CTF competitions, targeting security professionals, researchers, and privacy advocates. The website reflects a professional and consistent brand image, supported by reputable partners and sponsors.

F

Fondation Restena

restena.lu

0

Fondation Restena is a Luxembourg-based non-profit foundation that manages telecommunication infrastructure and services for the research, education, culture, health, and administration sectors in Luxembourg. It operates the national research and education network, manages the .lu domain registry, and provides a range of services including email, hosting, network connectivity, and IT security. The foundation is well-established, with origins dating back to 1989 and formal foundation status since 2000. Their market position is strong as a key national infrastructure provider with a focus on public and academic institutions. Technically, the website is built on Drupal 8, featuring modern web technologies and good mobile optimization. The site is well-structured with clear navigation and professional design. Security posture is strong, supported by ISO 27001 certification and secure form handling, although some security headers are not visibly implemented. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the security posture is robust with dedicated incident response services (CSIRT) and ongoing certification efforts. No major vulnerabilities or suspicious patterns were detected. The domain WHOIS data aligns well with the website content, confirming legitimacy and consistency. Strategic recommendations include enhancing privacy compliance with cookie consent, adding security headers, and publishing a vulnerability disclosure policy to further strengthen trust and security culture.

S

SCRIPT (Service de Coordination de la Recherche et de l’Innovation pédagogiques et technologiques)

script.lu

0

SCRIPT is a Luxembourg governmental agency focused on coordinating research and innovation in education and technology. It plays a central role in implementing educational policy priorities and enhancing school quality in Luxembourg. The website reflects this mission with relevant content, news, publications, and project information targeted at educators, government stakeholders, and the public. Technically, the site is built on Drupal 9 with modern libraries and provides a responsive, accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, indicating a trustworthy and professional online presence.

S

SCRIPT

heydoo.lu

0

Heydoo.lu is an official educational content platform operated under the auspices of Luxembourg's Ministry of National Education, Childhood and Youth, branded as SCRIPT. The platform aggregates a wide range of educational materials including publications, audio, video, apps, and websites, targeting students, teachers, parents, and educators. It supports multilingual content in Luxembourgish, French, and German, enhancing accessibility for its diverse audience. The website is built on Drupal 10 with modern UI frameworks and integrates analytics tools such as Google Analytics and Facebook Pixel for user behavior insights. Technically, the site demonstrates a solid infrastructure with good mobile optimization, accessibility, and SEO practices. Security posture is adequate with HTTPS enforced and anti-bot measures, though some security headers could be improved. Privacy compliance is strong, featuring comprehensive privacy and cookie policies aligned with GDPR requirements. Contact information is primarily provided via a contact form, with no direct emails or phone numbers publicly listed. The absence of WHOIS data due to a malformed domain query limits domain registration trust analysis. However, the official government affiliation and quality content strongly support the site's legitimacy. No adult or questionable content is present, making it safe for general audiences. Overall, Heydoo.lu is a credible, well-maintained educational resource platform with room for minor security enhancements.

M

Ministère de l'Éducation nationale, de l'Enfance et de la Jeunesse

men.lu

0

The website men.public.lu is the official online presence of the Ministry of National Education, Childhood and Youth of Luxembourg. It serves as a comprehensive information portal providing detailed content on the Luxembourg education system, policies, news, events, and resources for students, parents, educators, and the general public. The site is well-positioned as an authoritative government source with a clear focus on education and youth services in Luxembourg. Technically, the website is built on Adobe Experience Manager CMS, leveraging modern web technologies including RequireJS and Adobe Dynamic Tag Management for analytics and tag management. The site is mobile-optimized, accessible, and demonstrates good SEO practices. Performance is moderate, with content delivered via a government CDN. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully confirmed, the site follows best practices with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data is noted but likely due to registry policies rather than malicious intent. Overall, the site maintains a strong security posture suitable for a government entity. The overall risk assessment is low, with no signs of malicious activity or compliance issues. Strategic recommendations include enhancing security header implementation, publishing a formal security policy, and improving incident response contact visibility to further strengthen trust and security culture.

I

Istra Inspirit

istrainspirit.hr

0

Istra Inspirit is a cultural tourism project based in Croatia that offers interactive storytelling tours and experiences focused on the rich history and legends of the Istrian peninsula. The website presents a professional and engaging digital presence with a clear focus on cultural heritage tourism. The company appears to be a small-sized business with a niche market position targeting tourists interested in immersive historical experiences. Technically, the website is built on WordPress using Elementor, with modern web technologies and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. Privacy compliance is basic with no explicit privacy policy or terms of service detected, but cookie consent is present. Overall, the website is trustworthy and professionally maintained, with active social media channels supporting its business model.

I

Istra Bike

istria-bike.com

0

Istra Bike is an official regional cycling tourism portal for the Istria region in Croatia, providing comprehensive information on bike trails, accommodation, events, and related services. The website targets cycling tourists and outdoor enthusiasts, positioning itself as a key resource for promoting cycling tourism in the area. The platform offers detailed trail information, event calendars, multimedia content, and service listings such as bike rentals and transport. Technically, the website employs modern web technologies including Bootstrap 5, jQuery, Slick Carousel, and Lightbox2, ensuring a responsive and user-friendly experience. The site is served over HTTPS and includes cookie consent mechanisms, indicating awareness of privacy regulations. However, some security best practices such as explicit security headers and detailed security policies are missing. From a security perspective, the site maintains a good baseline with HTTPS and cookie consent but lacks advanced security headers and incident response information. The absence of WHOIS data for the domain raises concerns about domain registration transparency, although the website content and partner affiliations suggest legitimacy. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professionally designed and functional, with good content quality and user experience. The main risk lies in the missing WHOIS registration data, which slightly reduces trustworthiness. Strategic improvements in security headers, transparency policies, and domain registration clarity are recommended to enhance trust and compliance.

Istra Trails is an official regional tourism website focused on promoting cycling trails, accommodation, and events in the Istrian peninsula, Croatia. The site targets tourists and outdoor enthusiasts seeking detailed trail information and related services. It maintains a consistent brand presence with partner tourism companies and active social media channels. Technically, the website uses a mix of legacy and modern technologies including jQuery, Google Analytics, Facebook SDK, and Google Maps API v2, with moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but lacks DNSSEC and security headers, and uses deprecated APIs. Privacy compliance is addressed with a privacy policy and cookie consent banner, though terms of service and incident response policies are absent. Overall, the site is trustworthy and professionally maintained but could improve security and compliance aspects.

A

Autoklub servisní s.r.o.

autoklub-servisni.cz

0

Autoklub servisní s.r.o. operates a historic event venue located in central Prague, offering rental spaces and catering services primarily targeting event organizers and corporate clients. The business leverages the unique appeal of a protected first republic style building, positioning itself as a niche hospitality provider with a focus on quality and tradition. The website reflects a professional and consistent brand image with clear service offerings and customer testimonials enhancing trust. Technically, the website is built on WordPress 5.7.2 with common modern web technologies including jQuery, Google Tag Manager, Google Analytics, and Smartlook for user behavior tracking. The site is mobile optimized and SEO friendly, though performance is moderate. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit privacy or security policies. The absence of WHOIS data is a notable concern, reducing domain trustworthiness and raising questions about registration transparency. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security practices. Strategically, the company should focus on improving transparency through WHOIS data, publishing comprehensive privacy and security policies, and implementing stronger security headers to bolster trust and compliance.

M

MXGP Czech republic 26.-27.7.2025 - Home

mxgploket.com

0

The website www.mxgploket.com serves as an informational portal for the MXGP Czech Republic motocross event scheduled for July 26-27, 2025. It provides event details, ticketing links, accommodation, maps, and contact navigation. The site targets motocross enthusiasts and event attendees primarily in the Czech Republic region. Technically, it is built on Joomla CMS with standard web technologies including jQuery, Bootstrap, and Google Maps API integration. The site includes Google Analytics for visitor tracking but lacks visible privacy or cookie policies, which is a compliance gap. Security posture is basic with no detected security headers or advanced protections. WHOIS data for the domain is unavailable, raising concerns about domain registration legitimacy. Overall, the site is functional but requires improvements in privacy compliance, security hardening, and domain legitimacy verification.

F

FIVA (Fédération Internationale des Véhicules Anciens)

fiva.org

0

FIVA (Fédération Internationale des Véhicules Anciens) is a globally recognized non-profit organization dedicated to the protection, preservation, and promotion of historic vehicles. Established in 1966 and active in over 80 countries, FIVA serves millions of historic vehicle enthusiasts worldwide and holds a consultative partnership with UNESCO. The organization offers membership services, event support, advocacy on legislation, and maintains a comprehensive document library to support the historic vehicle community. Their website reflects a professional and well-structured digital presence, emphasizing community engagement and education. Technically, the website employs modern JavaScript libraries such as Livewire (Laravel), GSAP, and Swiper.js, alongside Google reCAPTCHA v3 for form security. The site is mobile-optimized, fast-loading, and includes SEO best practices. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not published. Analytics and marketing tools like Google Analytics and Facebook Pixel are used with user consent. The WHOIS data for the domain is unavailable or malformed, which limits the ability to fully verify domain registration legitimacy. Despite this, the website's professional design, clear contact information, and active social media presence support its credibility. No adult or questionable content is present, making the site safe for general audiences. Overall, FIVA's website demonstrates a mature digital infrastructure suitable for its global non-profit mission, with room for improvement in transparency around security policies and domain registration details.