Security Directory

R

Rose Colored Gaming

rosecoloredgaming.com

61

Rose Colored Gaming is a niche e-commerce retailer specializing in unique and creative products designed for the display and protection of geek culture collections. Founded in 2012 and based in the US, the company targets enthusiasts and collectors within the geek community. The website is built on the Shopify platform, leveraging modern e-commerce technologies and third-party marketing tools to support its online retail operations. The business maintains a consistent brand presence with active social media channels and clear policy pages, although some privacy compliance aspects such as cookie consent are lacking. Technically, the website uses a solid infrastructure hosted on SiteGround with Shopify CMS, integrating multiple JavaScript libraries and marketing pixels for analytics and customer engagement. Performance and mobile optimization are good, but there is room for improvement in accessibility and security hardening, particularly by enabling DNSSEC and implementing security headers. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data, but lacks advanced security policies and incident response information. The absence of a cookie consent mechanism and GDPR compliance indicators suggests partial privacy compliance. The WHOIS data is consistent with the business profile, showing a long-standing domain registration without privacy protection, which supports legitimacy. Overall, Rose Colored Gaming presents a professional and trustworthy online presence with moderate security and privacy maturity. Strategic improvements in security headers, privacy compliance, and incident response transparency would enhance its risk posture and customer trust.

RetroSouls is a small indie game development team specializing in homebrew games for retro gaming platforms such as ZX Spectrum, Sega Mega Drive/Genesis, MSX, NES/Famicom, Commodore 64, and PC. Their website serves as a hub for game announcements, downloads, and press materials, targeting retro gaming enthusiasts. The business model relies on digital distribution through platforms like Steam and itch.io, supplemented by community engagement and donations. Technically, the site is built on WordPress with a basic but functional design, moderate performance, and minimal mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS data for the domain raises some concerns about domain registration legitimacy, although the active website and external platform integrations support its authenticity. Overall, the site is moderately trustworthy but would benefit from improved compliance and security practices.

R

Retrotainment Games LLC

retrotainmentgames.com

61

Retrotainment Games LLC operates a professionally designed e-commerce website focused on retro cartridge-based video games. The company targets retro gaming enthusiasts and collectors, offering game development, manufacturing, publishing, and retail services. The website is built on the Shopify platform, leveraging modern web technologies and providing a good user experience with mobile optimization and clear navigation. However, the absence of WHOIS data raises concerns about domain registration legitimacy, although the active and professional online presence suggests a legitimate business. Security posture is strong with HTTPS and secure Shopify checkout, but privacy and cookie policies are missing, which impacts compliance. Overall, the site is safe and trustworthy for general audiences but would benefit from enhanced privacy disclosures and domain registration transparency.

N

Nick

nick.tv

70

Nick.com is the official global website for Nickelodeon, a leading children's entertainment brand owned by Paramount Global. The site offers access to popular children's shows such as SpongeBob SquarePants, Dora, and Teenage Mutant Ninja Turtles, targeting a young audience and their families. The website is professionally designed with excellent content quality and consistent branding, reflecting its enterprise-level status in the media industry. Technically, the site leverages modern JavaScript frameworks like React and integrates industry-standard tools for analytics and cookie consent management, ensuring a responsive and performant user experience across devices. Security posture is strong with HTTPS enforcement and security headers, although explicit privacy and terms of service pages are not evident in the provided content. WHOIS data is unavailable, likely due to privacy protection, which is justified for a large media company. Overall, the site is trustworthy, safe for general audiences, and well-optimized for SEO and accessibility.

A

Azivex s.r.o.

azivex.cz

53

Azivex s.r.o. is a small local business based in Hořovice, Czech Republic, with an online presence hosted on the Wix platform. The website is primarily in Czech and appears to target local customers, though specific business services or products are not detailed on the homepage. The site uses Wix's standard technology stack and scripts, indicating a moderate level of digital maturity. The technical infrastructure is typical for small businesses using website builders, with basic mobile optimization and moderate performance. Security posture is limited, with no advanced security headers or policies detected, and no visible privacy or cookie policies, which may expose the business to compliance risks. The absence of WHOIS registrant data reduces trustworthiness and raises questions about domain registration transparency. Overall, the website is functional and safe for general audiences but would benefit from enhanced security and compliance measures.

A

ArenaJech

arenajech.cz

41

ArenaJech.cz is a specialized Czech e-commerce and physical retail business focused on competitive swimming gear, offering products from major brands such as Arena, Speedo, and TYR. The website targets competitive swimmers and swimming enthusiasts primarily in the Czech Republic and Slovakia, providing a broad range of swimwear, goggles, training aids, and accessories. The business model combines online sales with a physical store presence, enhancing customer reach and service. The site is professionally designed with clear navigation and product categorization, supporting a positive user experience.

Č

Český svaz moderního pětiboje, z.s.

pentathlon.cz

44

Český svaz moderního pětiboje, z.s. is the official Czech Modern Pentathlon Association, established in 2002, serving as the national governing body for modern pentathlon sports in the Czech Republic. The organization focuses on athlete development, competition organization, and promotion of the sport to youth and sports enthusiasts. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its target audience of athletes, clubs, and fans. Technically, the site employs modern JavaScript libraries, lazy loading, and integrates social media and analytics tools, indicating a moderate to good level of digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms, though improvements are recommended in security headers and removal of potentially sensitive inline scripts. Privacy compliance is basic, lacking explicit privacy and terms of service pages. Overall, the domain registration data aligns well with the business, supporting high legitimacy and trustworthiness.

F

FunkFeuer Wien - Verein zur Förderung freier Netze

funkfeuer.at

53

FunkFeuer.at represents a non-commercial, community-driven initiative focused on building and maintaining free, decentralized wireless networks in Austria. Founded in 2003, it operates through volunteer-run nodes that form a mesh network to provide open communication infrastructure without commercial interests. The website serves as an informational hub with links to regional initiatives, community resources, and sponsors supporting the project. Technically, the site uses modern web technologies such as Bootstrap and custom CSS, delivering a mobile-optimized and well-structured user experience. However, it lacks formal privacy and cookie policies, security headers, and incident response information, which are areas for improvement. The absence of tracking and advertising tools aligns with the community's privacy-conscious ethos. WHOIS data confirms the domain's legitimacy and consistent registration details matching the organization's profile. Overall, the site is trustworthy and functional but could enhance compliance and security transparency.

M

mur.at - Initiative Netzkultur

mur.at

55

mur.at is a small cultural initiative based in Austria focused on promoting network culture and network art. The website serves as a portal to various related projects and provides resources such as a newsletter subscription and service status monitoring. The business model appears to be non-profit or community-driven, targeting artists and cultural communities interested in digital and networked art. Technically, the site is built using modern front-end technologies including Hugo CMS, Bootstrap, jQuery, and LESS CSS, with a responsive design suitable for mobile devices. However, the site lacks visible privacy and cookie policies, security headers, and explicit contact information, which are areas for improvement. Security posture is moderate with no detected blocking or WAF mechanisms, but the absence of security best practices and compliance documentation reduces the overall security score. Overall, the site is professional and consistent in branding but could enhance trust and compliance by adding privacy policies and security measures.

openscienceASAP is an educational and community-focused platform dedicated to promoting open science practices. The website provides resources, research, education, and social engagement opportunities for researchers and advocates of open science. The platform operates as a small-scale non-profit or community resource hub with a niche focus on open science within the education sector. Technically, the website is built on WordPress with standard web technologies including PHP and JavaScript, and uses external resources such as Google Fonts and Fontello icons. The hosting and domain registration are stable and consistent with the website's age and purpose. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks advanced DNS security and security headers. Privacy and cookie policies are absent, indicating compliance gaps. No contact information or incident response details are provided, limiting transparency. Overall, the website is functional but basic in content and technical sophistication.

C

CyberChimps

cyberchimps.com

78

CyberChimps is a small technology company specializing in the development and distribution of responsive, fast, and customizable WordPress themes. Established in 2010, the company targets WordPress users and developers seeking quality themes with customization capabilities. The website demonstrates a mature digital presence with professional design and good SEO practices, leveraging popular frameworks such as Elementor and Yoast SEO. Hosting and DNS services are provided via Cloudflare, enhancing performance and security. The security posture is solid with HTTPS enabled and domain locks in place, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is lacking, with no visible privacy or cookie policies and no consent mechanisms, which is a notable gap. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

S

Signal

signal.group

61

Signal is a well-established nonprofit organization founded in 2013, providing secure messaging services through its Signal Messenger app and related group functionalities. The website signal.group serves as a gateway to join Signal groups and links users to official Signal resources, downloads, and support. The organization holds a strong market position as a leading privacy-focused messaging platform with a global user base. Technically, the website employs modern web technologies including Bulma CSS framework and JavaScript, with responsive design optimized for mobile devices. The site is served over HTTPS with no visible security vulnerabilities or exposed sensitive data. However, some security best practices such as security headers and cookie consent mechanisms are absent, which could be improved to enhance compliance and security posture. From a security perspective, the domain WHOIS data is limited due to registry restrictions, but the domain is actively maintained and consistent with the nonprofit's branding and operations. No WAF or blocking mechanisms are detected, and the site does not engage in advertising or tracking, aligning with privacy principles. Overall, the website demonstrates a strong security posture with room for improvement in transparency and compliance documentation. The overall risk assessment is low, with recommendations focusing on enhancing security headers, publishing security policies, and implementing cookie consent to meet GDPR requirements. These steps will further strengthen trust and compliance for the organization's global audience.

D

Deutsche Postcode Lotterie GmbH & Co. KG

postcode-lotterie.de

70

The Deutsche Postcode Lotterie GmbH & Co. KG operates a socially responsible lottery platform in Germany, allowing participants to win prizes based on their postal codes while supporting charitable projects. The website is professionally designed, highly accessible, and optimized for mobile devices, reflecting a mature digital presence. Key services include monthly and daily lottery draws, with a significant portion of proceeds dedicated to social causes. The platform holds reputable certifications such as TÜV Saarland and Trusted Shops, enhancing its credibility. Technically, the website leverages modern frameworks including Next.js and Storyblok CMS, hosted on Vercel and AWS infrastructure. It employs best practices in security, including HTTPS enforcement, security headers, and content security policies. Analytics and marketing tools like Google Tag Manager and Usercentrics CMP are used with GDPR-compliant consent mechanisms. Security posture is strong with no evident vulnerabilities or exposed sensitive data. However, explicit security policy and incident response contact details could be more visible. Privacy compliance is robust, with comprehensive privacy and cookie policies in place. The domain registration data aligns well with the website content, supporting legitimacy and trustworthiness. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enhancing security policy transparency and incident response visibility to further strengthen user trust and compliance.

F

Faulmann Möbel GmbH

kuechenstudio.cc

58

Faulmann Möbel GmbH operates as a specialized kitchen studio and planner based in Korneuburg, Austria, providing comprehensive kitchen planning, consultation, sales, and installation services primarily targeting private and commercial customers in the local region. The company emphasizes quality, personalized service, and partnerships with reputable kitchen brands. The website is well-structured, professionally designed, and optimized for mobile devices, offering clear navigation and rich content including product highlights and company information. Technically, the site uses modern web technologies and enforces HTTPS, but lacks some advanced security headers and explicit security policies. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. However, the absence of WHOIS data reduces domain trustworthiness, suggesting a recent registration or privacy protection. Overall, the site presents a trustworthy and professional business presence with room for security posture improvements.

C

Cesta z krize, z. ú.

cestazkrize.net

10

Cesta z krize, z. ú. is a Czech non-profit organization specializing in crisis intervention and support services, particularly focusing on endangered children and psychological first aid for adults. The organization operates recognized crisis helplines 116 000 and 116 123, with official government authorizations and memberships in European federations. Their website reflects a professional and consistent brand presence, targeting families, educators, and the general public in crisis situations within the Czech Republic. Technically, the website uses modern web technologies including Cookiebot for cookie consent, Google Tag Manager, and Facebook Pixel for analytics and marketing. Hosting is provided by Active24, and the site is mobile optimized with good SEO practices. Security posture is adequate with HTTPS enforced and cookie consent implemented, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is moderate; a cookie policy and consent mechanism exist, but no explicit privacy policy or terms of service pages were found in the provided content. No incident response or vulnerability disclosure information is available. Overall, the domain registration is consistent with the organization's history and shows no suspicious patterns. The website is safe for general audiences and does not contain adult or explicit content.

#

#to chce odvahu

tochceodvahu.cz

10

The website tochceodvahu.cz represents a recently launched non-profit mental health awareness campaign named '#to chce odvahu', initiated in 2025. It is a collaborative effort involving the Office of the President of the Czech Republic, Nadační fond Flaminia, and Nevypusť duši. The campaign provides resources such as crisis helpline information, ambassador stories, and a help directory aimed at supporting mental health, particularly targeting youth and adults. The site is professionally designed with consistent branding and clear navigation, reflecting a high level of digital maturity for a small non-profit initiative. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with integration of Font Awesome icons and Google/Fontshare fonts. It embeds YouTube videos for richer content delivery and uses the Umami analytics platform for minimal user tracking. Hosting is provided by WEDOS, a reputable Czech hosting provider. The site is mobile-optimized and SEO-friendly, though accessibility features could be enhanced. From a security perspective, the site uses HTTPS as indicated by canonical URLs, but lacks visible security headers and formal privacy or cookie policies, which are important for GDPR compliance and user trust. No forms collecting personal data are present on the main page, reducing immediate data protection risks. The WHOIS data shows a consistent and transparent domain registration aligned with the campaign's launch timeline, supporting legitimacy. Overall, the website is a trustworthy and well-executed campaign platform with excellent content quality and business credibility. However, it should improve privacy compliance and security best practices to enhance user trust and regulatory adherence.

S

SSI SCHÄFER Gruppe

ssi-schaefer.com

10

SSI SCHÄFER Gruppe is a globally operating enterprise specializing in modular warehouse and logistics systems, software solutions, and comprehensive intralogistics services. The company positions itself as a worldwide leader in intralogistics, offering innovative technologies and software to enhance efficiency and sustainability in warehousing, order picking, and transport processes. Their business model focuses on B2B engagements across multiple industries, providing tailored solutions for various market segments. The website reflects a mature digital presence with professional design, multilingual support, and extensive content covering products, services, corporate philosophy, and sustainability initiatives. Technically, the website employs modern JavaScript frameworks, Google Tag Manager for analytics, and Usercentrics for cookie consent management, ensuring compliance with privacy regulations. The site is mobile-optimized, accessible, and SEO-friendly, with embedded multimedia content enhancing user engagement. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved and an incident response contact is absent. Overall, the website demonstrates a strong security and compliance stance suitable for an enterprise of its scale, with clear business credibility and trust indicators. The absence of WHOIS data suggests privacy protection, which is reasonable for a large corporation. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and providing explicit incident response contacts to further strengthen trust and security transparency.

M

Mi'pu'mi Games GmbH

mipumi.com

10

Mi'pu'mi Games GmbH is an independent video game development company based in Vienna, Austria, founded in 2008. The company focuses on creating indie games and collaborating with notable clients in the gaming industry such as IO Interactive, Remedy Entertainment, and Ubisoft. Their website reflects a professional and consistent brand image targeting gamers, indie developers, and potential employees. The business model centers on game development services and client partnerships within the technology sector. Technically, the website is built using the Hugo static site generator, leveraging modern web technologies and a cookie consent mechanism to comply with basic privacy standards. Hosting is provided by World4You Internet Services GmbH, an Austrian provider consistent with the company's location. Security posture is moderate with HTTPS enabled but lacking advanced security headers and DNSSEC. Privacy compliance is partial, with a cookie policy present but no privacy policy or terms of service found. No contact emails or phone numbers are explicitly listed, which may impact user trust and support accessibility. Overall, the website is well designed, mobile optimized, and SEO friendly, but could improve in security and compliance documentation.

H

HochschülerInnenschaft an der TU Graz (HTU Graz)

htugraz.at

56

HTU Graz serves as the official student representation body at the Technical University of Graz, Austria. It advocates for student interests, provides various support services, and organizes events with a large volunteer base. The organization is well integrated within the university ecosystem and collaborates with multiple student unions and partners. The website is built on TYPO3 CMS with Bootstrap, offering a professional and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks advanced security headers and formal incident response disclosures. Overall, the site reflects a trustworthy and credible non-profit educational entity.

R

Rarebyte GmbH

rarebyte.com

50

Rarebyte GmbH is a small, established game development studio based in Austria with over 19 years of experience and more than 25 released titles. The company focuses on multiplatform game development, including PC, consoles, and mobile platforms, and collaborates with known publishers such as Headup Games and Greenheart Games. Their website reflects a professional and consistent brand image targeting gamers and industry partners. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and integrates Google Analytics and cookie consent mechanisms, indicating a moderate level of digital maturity. Security posture is moderate with some best practices like domain transfer protection and cookie consent but lacks advanced security headers and DNSSEC. Privacy compliance is basic with a privacy policy and cookie banner but no explicit GDPR statements or terms of service. Overall, the website is trustworthy and well-maintained, supporting the company's credibility in the gaming industry.

2

2Racing autodíly nejen pro rally, tuning, motorsport

2racing.cz

41

2Racing.cz is a Czech Republic-based e-commerce website specializing in the sale of automotive parts focused on racing, rally, and tuning enthusiasts. The site offers a wide range of products including racing seats, suspension components, filters, and accessories from reputable brands such as Strongflex, Koni, Sparco, and others. The business targets motorsport hobbyists and professionals seeking specialized car parts. The website is professionally designed with clear navigation and product categorization by car brand and year, supporting a good user experience.

B

BKV – Interessengemeinschaft Betriebliche Krankenversicherung e. V.

bkk-kampagne-2019.de

42

The website 'bkk-kampagne-2019.de' represents a health awareness campaign by the BKV – Interessengemeinschaft Betriebliche Krankenversicherung e. V., focusing on promoting healthy sleep habits. It provides educational content, tips, and resources related to sleep health, targeting the general German-speaking public. The campaign is positioned as a niche, non-profit initiative within the healthcare sector, with a clear and consistent branding approach. The website content is well-structured, professionally designed, and offers multilingual support (German and English). Technically, the site is built on WordPress, leveraging caching and minification plugins to optimize performance. It uses HTTPS with a good SSL configuration, but lacks some security headers and cookie consent mechanisms, which are recommended for enhanced compliance and security. No forms or data collection mechanisms are visible on the homepage, reducing privacy risks. Contact information is clearly provided, including a verified organizational email and physical address in Berlin. No suspicious or malicious indicators were found, and the domain appears legitimate and appropriate for the campaign's history and purpose.

PINK LEMON is a small, established marketing and design agency based in Vaduz, Liechtenstein, offering services including marketing, corporate design, graphic design, and web design. The company targets businesses and organizations in Vaduz and surrounding regions, positioning itself as a trusted partner with over 11 years of experience. The website is professionally designed, content-rich, and consistent with the company's branding and market positioning. Technically, the website is built on the Contao Open Source CMS using the Foundation framework and standard JavaScript libraries. It demonstrates good mobile optimization and SEO practices, with moderate performance. The site uses HTTPS with an excellent SSL configuration but lacks advanced security headers. Privacy compliance is addressed through a privacy policy and a cookie consent banner, with minimal user tracking limited to newsletter subscriptions. From a security perspective, the website shows a solid baseline with HTTPS and cookie consent but could improve by implementing security headers and publishing incident response or vulnerability disclosure policies. No vulnerabilities or suspicious activities were detected. Overall, the site is trustworthy and professionally maintained. The risk assessment is low, with no critical issues found. Strategic recommendations include enhancing security headers, adding incident response information, and expanding privacy and security disclosures to further strengthen trust and compliance.

N

NIVEA

nivea.cz

61

NIVEA.cz is the Czech Republic localized website for the globally recognized skincare brand NIVEA, owned by Beiersdorf AG. The site offers a comprehensive catalog of skincare and cosmetic products, along with tips and advice for skin and body care. The website targets general consumers interested in personal care products and maintains a strong brand presence consistent with NIVEA's global identity. Technically, the site is built on the Sitecore CMS platform, employs modern web technologies, and integrates multiple analytics and marketing tools such as Google Analytics, Google Tag Manager, and Consent Manager for GDPR compliance. The site is mobile-optimized and provides a professional user experience with clear navigation and rich content. Security-wise, the website enforces HTTPS, uses standard security headers, and implements cookie consent mechanisms, reflecting a mature security posture. However, it lacks publicly available explicit security policies and incident response contacts, which could be improved. The domain WHOIS data is unavailable, likely due to registry policies, which slightly reduces transparency but does not detract significantly from the site's legitimacy given the brand's reputation. Overall, the website is well-maintained, secure, and compliant with privacy regulations, serving as a reliable digital presence for NIVEA in the Czech market.

Q

Qminers

qminers.com

50

Qminers is a specialized software development company focused on algorithmic trading, providing a Central European hub for top-tier professionals in quantitative finance and technology. The company emphasizes improving global markets through advanced software solutions and a meritocratic, knowledge-sharing culture. Their website reflects a professional and consistent brand image, targeting expert audiences in finance and technology sectors. Technically, the site uses modern web technologies with embedded video content and is hosted by a reputable provider. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published policies. Privacy compliance is limited, with no privacy or terms of service pages found, though a cookie consent banner is present. Overall, the site is safe, professional, and trustworthy but could improve in compliance and security transparency.

The website cookie-bar.com is a parked domain page hosted and managed by GoDaddy.com, LLC. It does not contain any active business content, services, or products. The page primarily serves as a placeholder indicating the domain is available for purchase or is reserved by GoDaddy. The presence of a Trustpilot widget referencing GoDaddy.com reinforces the domain parking nature. The target audience is domain investors or buyers rather than end consumers. Technically, the site uses modern JavaScript and CSS assets served by GoDaddy's parking platform, with basic mobile optimization and fast loading times. However, the site lacks SEO optimization and accessibility features. Security posture is minimal with no detected security headers or DNSSEC enabled, though the domain is locked against unauthorized transfers or deletions. Privacy compliance is limited to a link to GoDaddy's global privacy policy, with no cookie consent mechanism or GDPR-specific disclosures on the domain itself. Overall, the site is low risk but offers minimal value beyond domain parking.

G

Grizzly Ads

grizzlyads.com

57

Grizzly Ads is a technology startup offering an ad booking and management platform targeted at creative businesses and content creators. The platform is currently in beta, focusing on enabling creators to sell ad slots directly to sponsors with unlimited bookings and direct payments. The website reflects this early stage with clear but limited content and a focus on onboarding beta users. Technically, the site is built on the Bubble.io platform, leveraging modern JavaScript libraries and cloud hosting via AWS Cloudfront CDN. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. The technical infrastructure is adequate for a startup but could benefit from enhanced security configurations. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and important security headers. There are no visible incident response or security policies, and cookie consent mechanisms are absent. Analytics usage is minimal, relying on plausible.io, which is privacy-focused. Overall, the security posture is moderate but requires improvements to meet best practices. The overall risk is moderate given the startup nature and limited exposure. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent and privacy enhancements, and publishing incident response contacts to improve trust and compliance.

Z

zGoat

zgo.at

54

The website zgo.at, titled 'zGoat', serves as a personal repository and showcase for Go programming language packages and tools developed by the owner. It primarily targets Go developers seeking open source libraries and utilities, offering a variety of applications and libraries with links to GitHub and GoDoc documentation. The business model is centered on open source software distribution, with no commercial or enterprise presence indicated. Technically, the site is simple, fast-loading, and mobile-optimized, using standard web technologies and a privacy-focused analytics service (GoatCounter). However, it lacks formal privacy, cookie, or terms of service policies, and does not provide contact or security incident information. Security posture is basic, with no detected security headers or advanced protections, but no vulnerabilities or malicious content were found. Overall, the site is a legitimate, small-scale developer project with moderate trustworthiness but could improve compliance and security transparency.

Patio.coop is a global network of worker-owned tech cooperatives specializing in software development, communication, and design services. The cooperative model emphasizes democratic ownership and international collaboration, with over 80 cooperatives and 1500 cooperators across 24+ countries. The website presents a professional and consistent brand image targeting organizations and individuals interested in cooperative technology solutions. Technically, the site leverages modern JavaScript libraries such as Three.js and D3 for interactive globe visualizations, and uses standard web technologies including CSS3 and HTML5. Hosting and DNS are managed via NS1 DNS servers, indicating a reliable infrastructure. Security posture is moderate; domain registration includes transfer prohibitions, but lacks DNSSEC and security headers. No privacy or cookie policies are present, and contact is limited to a web form without direct emails or phone numbers. Social media presence is strong and aligned with the cooperative identity. Overall, the site is safe, professional, and functional but could improve in privacy compliance and security best practices.

The website at scantrade.com/lander is currently a minimal landing or parking page with very limited content. It primarily serves advertisements via Google Adsense and does not provide any meaningful business information, contact details, or policies. The domain is registered with GoDaddy.com, LLC and has been active since 2003, indicating a long-standing registration. However, the website itself does not reflect an active or mature business presence. Technically, the site uses JavaScript and CSS loaded from a third-party parking service domain, with no detected CMS or advanced frameworks. Security posture is basic with no DNSSEC enabled and no security headers detected. Privacy and compliance policies are absent, and no contact or incident response information is provided. Overall, the site appears to be a placeholder rather than an operational business website.

A

assemblag.es

assemblag.es

10

assemblag.es operates as a niche Mastodon instance dedicated to individuals interested in creative and critical discussions about technology. The platform emphasizes a strong community code of conduct and privacy awareness, positioning itself as a thoughtful and moderated decentralized social media environment. The service is small-scale but maintains a clear focus on its target audience, leveraging the Mastodon and Hometown software stack to deliver its offerings. The website content is well-organized and professional, with clear administrative contact details and policies, although some standard compliance elements like cookie consent are missing. Technically, assemblag.es uses modern open-source technologies including Mastodon version 4.2.17 with the Hometown frontend, hosted via a CDN provider. The site is mobile-optimized and provides a good user experience, though accessibility and SEO optimizations are basic. Security posture is moderate with HTTPS implied but lacking explicit security headers and published security policies. The absence of WHOIS data due to registrar restrictions limits external verification of domain legitimacy, but the site content and operational transparency support trustworthiness. Security-wise, the platform enforces a strict code of conduct and privacy policy, but lacks formal incident response and vulnerability disclosure mechanisms. No tracking or advertising is present, enhancing privacy. The overall risk is moderate, with recommendations to improve security headers, cookie consent, and publish explicit security policies to strengthen compliance and user trust. Strategically, assemblag.es should focus on enhancing its security posture and privacy compliance to maintain and grow its user base in a competitive decentralized social media landscape.

L

Los Angeles Times

latimes.com

73

Los Angeles Times is a leading American daily newspaper with a strong digital presence, delivering news and information primarily focused on Los Angeles and California. The website demonstrates a mature technical infrastructure with a modern tech stack incorporating various advertising and analytics technologies. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a high level of digital maturity. Security posture is robust with HTTPS enforcement and multiple security headers, though public security policies and incident response information are not prominently available. The absence of WHOIS data is unusual but does not detract significantly from the site's legitimacy given its brand recognition and content quality. Overall, the site presents a low risk profile with recommendations to enhance transparency around security and privacy practices.

The website archive.li is a web archiving service that allows users to save and access snapshots of web pages. However, the content provided is a security check page requiring CAPTCHA completion before access, indicating the presence of a Web Application Firewall or bot mitigation system. This limits the ability to fully analyze the website's content, policies, and business information. The technical infrastructure includes the use of Google reCAPTCHA and is hosted on Hetzner Online GmbH's infrastructure. Security posture shows some best practices with CAPTCHA usage but lacks visible security headers and policies. Overall, the site is partially inaccessible, limiting trust and compliance assessments.

C

Cooperpress

golangweekly.com

10

Golang Weekly is a niche technology newsletter focused on the Go programming language, published by Cooperpress. It targets developers and enthusiasts interested in Go, providing weekly curated content and an RSS feed. The business model centers on subscription-based newsletter distribution, with a long-standing presence since 2012, indicating stable market positioning within its niche. The website branding is consistent and professional, supporting trust and engagement within its target audience. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, and Cloudflare Turnstile CAPTCHA for form security. DNS hosting is managed via DNSimple, and the site uses standard HTML5, CSS, and JavaScript. Mobile optimization and SEO practices are good, though accessibility is basic. Performance is moderate, with no major technical debt or CMS detected. From a security perspective, the site uses HTTPS (implied by Google Analytics and Turnstile usage), includes CSRF protection on forms, and employs CAPTCHA to mitigate spam. However, DNSSEC is not enabled, and no explicit security headers or incident response policies are published. Privacy compliance is partially addressed with clear privacy and GDPR policies, but no cookie consent mechanism is present despite tracking scripts. No vulnerabilities or suspicious content were detected. Overall, the website presents a low-risk profile with good business credibility and technical implementation. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and compliance maturity.

Z

ZDNET

zdnet.com

11

ZDNET is a well-established technology news and professional advice platform, serving IT professionals and business decision makers globally. As part of Ziff Davis, it holds a strong market position with a comprehensive offering of technology news, product reviews, and industry analysis. The website demonstrates a mature digital infrastructure leveraging modern JavaScript frameworks, advanced analytics, and advertising technologies. Security posture is robust with HTTPS enforcement, security headers, and privacy compliance mechanisms in place. No critical vulnerabilities or suspicious activities were detected. Overall, ZDNET presents a trustworthy and professional online presence with excellent content quality and user experience.

B

ByteDance

cloudwego.io

59

CloudWeGo is an open-source middleware platform primarily focused on enabling enterprise cloud-native architectures and microservices. Backed by ByteDance, it offers a suite of high-performance frameworks and tools such as Kitex, Hertz, and Volo, targeting developers and organizations building scalable microservices. The website reflects a mature, professional presence with clear branding and a focus on technology innovation. Technically, the site is built using modern static site generation (Hugo), with a tech stack including Go, Rust, JavaScript, and Bootstrap, delivering fast performance and good mobile optimization. Security posture is solid with HTTPS enforced and dedicated vulnerability reporting pages, though it lacks some security headers and formal privacy/cookie policies. Overall, the domain and website appear legitimate and trustworthy, with strong enterprise user endorsements and active community engagement via GitHub and Discord.

E

Ent Foundation

entgo.io

57

Ent Foundation operates the entgo.io website, which provides an open source entity framework (ORM) for the Go programming language. The website targets Go developers and software engineers seeking a powerful yet simple ORM solution. The project is positioned as a niche technology provider with a focus on schema modeling, graph traversal, and code generation. The business model is primarily open source with community and enterprise adoption. The website content is professional, well-structured, and supported by documentation and social media presence, indicating a mature digital footprint. Technically, the website uses modern web technologies including Docusaurus for documentation, JavaScript libraries like Clipboard.js, and Google Analytics for tracking. Hosting appears to be on AWS infrastructure, supported by AWS DNS servers. The site is performant, mobile-optimized, and SEO-friendly. However, some security best practices such as DNSSEC and security headers are missing, and no cookie consent mechanism is implemented despite the presence of a cookie policy. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. No vulnerabilities or exposed sensitive data were detected. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure reduces the overall security maturity. Privacy compliance is basic, with privacy and cookie policies linked to Facebook Open Source legal pages, but no explicit GDPR compliance statements or consent mechanisms. Overall, the website is trustworthy and professional with a strong business credibility score. The main risks relate to incomplete security and privacy practices. Strategic improvements in security headers, incident response transparency, and cookie consent would enhance the security posture and compliance. The domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

G

gobridge

golangbridge.org

61

The website is a GitHub repository page for the organization 'gobridge', which focuses on building bridges to educate and empower underrepresented communities. The content is community-driven and educational, hosted securely on GitHub's platform. The technical infrastructure leverages modern web technologies including React and GitHub's hosting services, ensuring good performance and accessibility. Security posture benefits from GitHub's HTTPS enforcement and domain registration protections, though the site lacks explicit security policies and privacy compliance documentation. Overall, the site is trustworthy for its intended purpose but would benefit from enhanced privacy and security disclosures.

N

NT, Norrköpings Tidningar - lokala nyheter just nu

nt.se

66

The website www.nt.se represents a regional news media outlet focused on delivering local news for the Norrköping area in Sweden. It provides news articles and updates primarily targeting local residents and news readers. The business model appears to be media publishing supported by advertising revenue. The site uses modern frontend technologies such as Angular and Font Awesome, indicating a contemporary technical infrastructure. However, the WHOIS data for the exact domain www.nt.se is not available, suggesting it may be a subdomain or alias, which introduces some uncertainty about domain registration details. Security posture is moderate with no explicit security headers or policies detected, and privacy compliance is low due to missing privacy and cookie policies. Overall, the site is professionally designed, mobile optimized, and safe for general audiences.

G

GoDaddy Operating Company, LLC

wiley.co

68

The website is a professional domain sales landing page hosted by Afternic, a GoDaddy-operated domain marketplace. It offers the domain wiley.co for sale with options for price inquiry via a form or direct phone contact. The platform emphasizes secure and straightforward domain transactions, leveraging GoDaddy's infrastructure and reputation. The site is well-structured, mobile-optimized, and includes trust signals such as a high Trustpilot rating. Technically, it uses modern web technologies including React and Next.js, hosted on AWS, ensuring good performance and security. Security posture is strong with HTTPS, security headers, and secure forms with reCAPTCHA, although explicit vulnerability disclosure and incident response information are absent. Overall, the site is trustworthy and suitable for domain buyers seeking premium names.

C

COLA Land Group

pauldirmeyer.com

57

The website represents the COLA Land Group, an academic research group affiliated with George Mason University, focusing on land-atmosphere interactions in the physical climate system. The site provides information about the research group, its members, projects, publications, and teaching activities. The business model is academic and educational, targeting researchers, students, and the scientific community. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies. It is moderately optimized for performance and accessibility but lacks advanced mobile responsiveness and comprehensive SEO features. Security posture is adequate with HTTPS enforced but lacks security headers and privacy compliance documentation. WHOIS data is missing or unavailable, which reduces domain trustworthiness but the university affiliation and professional presentation mitigate concerns. Overall, the site is professional and trustworthy but would benefit from enhanced privacy, security, and compliance features.

Ge-Baek Hosin Sool is a well-established traditional Taekwon-Do ITF school based in the Czech Republic, focusing on martial arts training with an emphasis on moral and traditional values rather than competitive sports. The website serves as an information hub for recruitment, member resources, event schedules, and media galleries, targeting individuals and families interested in Taekwon-Do. The school maintains partnerships with other martial arts organizations and receives sponsorship from various municipalities, indicating a strong community presence. Technically, the website uses modern web technologies including Bootstrap and Google Analytics, with responsive design and multilingual support. HTTPS is enforced, and Google Analytics consent is configured to deny ad and analytics storage by default, reflecting a basic level of privacy awareness. However, the site lacks explicit privacy and security policies, terms of service, and direct contact information, which are areas for improvement. From a security perspective, the site shows good SSL configuration but lacks security headers and formal incident response or vulnerability disclosure mechanisms. No WHOIS data is available due to privacy protection, but the website's professional appearance and affiliations suggest legitimacy. Overall, the site scores well on content quality and business credibility but could enhance privacy compliance and security posture. Strategic recommendations include implementing comprehensive privacy and security policies, adding terms of service, improving contact transparency, and deploying security headers to strengthen trust and compliance.

Z

ZS Hořovice

zs-horovice.cz

52

The website www.zs-horovice.cz represents a local sports facility, specifically the ice stadium in Hořovice, Czech Republic. The site provides basic information about the stadium's location and purpose but lacks detailed business or contact information. It is built on the Wix platform, indicating a moderate level of digital maturity with standard web technologies and hosting. The technical infrastructure is typical for Wix sites, with no advanced frameworks or custom backend detected. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but the absence of explicit security headers and privacy policies limits compliance and trust. The lack of WHOIS data due to privacy protection or unregistered domain status reduces the domain's trustworthiness. Overall, the site serves informational purposes for a small local entity but requires improvements in transparency, privacy compliance, and security best practices to enhance credibility and user trust.

Klub Labe Hořovice is a local entertainment venue based in the Czech Republic, specializing in live concerts, podcasts, and nightlife events. The website serves as a platform to showcase upcoming events, facilitate ticket sales through a reputable external provider, and offer venue rental services. The target audience primarily consists of local residents and visitors interested in cultural and music events in the Hořovice and Beroun regions. The business operates on a small scale with a focus on hospitality and entertainment services. Technically, the website is built using modern web technologies including Nuxt.js and Vue.js, indicating a contemporary and maintainable infrastructure. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. However, some areas such as accessibility and SEO could be further enhanced. The hosting and domain registration are consistent with the business location, and the site uses HTTPS ensuring secure communication. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks several security headers and does not provide visible privacy or cookie policies, which are important for GDPR compliance. There is no public incident response or vulnerability disclosure information, which could be improved to enhance trust and security posture. The site does not appear to use analytics or tracking services, minimizing privacy concerns but also limiting marketing insights. Overall, Klub Labe Hořovice presents a professional and trustworthy online presence for a local entertainment venue. Strategic improvements in privacy compliance, security headers, and transparency around data protection would strengthen its security posture and regulatory adherence. The business is well positioned in its local market with a clear service offering and digital maturity appropriate for its size and sector.

M

mistecko.cz

mistecko.cz

46

mistecko.cz is a Czech online magazine providing cultural, artistic, and lifestyle content targeted at creators, artists, and culture enthusiasts. The website offers news, tips, and tutorials related to various creative passions. The business operates in the media sector with a small scale and a niche market position. Technically, the site uses standard web technologies including Matomo for analytics and Google Adsense for advertising. The site is mobile optimized with good navigation and content relevance. Security posture is moderate with HTTPS enabled but lacks security headers and cookie consent mechanisms. WHOIS data shows inconsistencies with a future domain creation date, which raises questions about domain legitimacy. Overall, the website is functional and content-rich but requires improvements in privacy compliance and security practices.

The website www.vojujezd-brdy.cz serves as an informational portal focused on tourism, hiking, cycling, and local history related to the former military area Brdy in the Czech Republic. It targets tourists and outdoor enthusiasts seeking less crowded natural areas. The site provides detailed descriptions of trails, accommodation options, and local services, monetized primarily through Google Adsense advertising. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, Google Fonts, and integrates Google Analytics and a consent management platform to comply with privacy regulations. The website is accessible without WAF or security challenges, but lacks explicit privacy and terms of service pages, and does not provide direct contact information, which limits user trust and compliance transparency. Security posture is moderate with HTTPS enabled but missing security headers. WHOIS data is unavailable, which reduces domain trustworthiness. Overall, the site is functional and relevant for its niche audience but could improve in privacy transparency, security best practices, and contact availability.

E

European Business Enterprise, a.s.

statnisprava.cz

58

The website statnisprava.cz is a Czech government-related public service portal operated by European Business Enterprise, a.s. It provides comprehensive information on government offices, job vacancies, tenders, insolvencies, and related public services. The site targets a broad audience including citizens seeking official information and services. Technically, the site uses IBM Domino backend technology with a frontend built on HTML5, Bootstrap, jQuery, and Font Awesome, delivering a responsive and navigable user experience. Security posture is moderate with HTTPS usage and no visible sensitive data exposure, but lacks advanced security headers and explicit cookie consent mechanisms. WHOIS data is unavailable, which slightly reduces trust but the business information and content quality support legitimacy. Overall, the site is professional, content-rich, and serves an essential government function with room for security and privacy improvements.

O

Openplace s.r.o.

nafialce.cz

64

Na Fialce is a small hospitality and cultural center located in Říčany near Prague, operated by Openplace s.r.o. The center caters to sports enthusiasts, film lovers, and fans of quality food and coffee, offering a variety of services including sports facilities, cultural events, cinema, and dining options. The website presents a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern web technologies such as Bootstrap, Google Tag Manager, Facebook Pixel, and Cookiebot for cookie consent management. However, the absence of WHOIS data and explicit privacy and terms policies limits full trust verification. Security posture is moderate with HTTPS usage and cookie consent but lacks visible security headers and detailed security policies. Overall, the site is safe for general audiences and demonstrates a moderate level of digital maturity.

O

Olivova dětská léčebna o.p.s.

olivovna.cz

53

Olivova dětská léčebna o.p.s. is a well-established non-profit pediatric healthcare organization based in Říčany u Prahy, Czech Republic. Founded in 1896, it provides comprehensive inpatient treatment and rehabilitation services for children aged 1 to 18 years, fully covered by public health insurance. The organization focuses on treating respiratory and musculoskeletal diseases, childhood obesity, and related conditions, emphasizing prevention and follow-up care. The website reflects a professional and trustworthy presence with clear service offerings and engagement channels for parents, children, and medical professionals. Technically, the website is built on the SKY:CMS platform and employs modern web technologies including asynchronous JavaScript loading, Google Tag Manager, Google Analytics, Microsoft Clarity, and Facebook Pixel for analytics and marketing. The site is mobile-optimized, accessible, and SEO-friendly, with a cookie consent mechanism compliant with GDPR. However, explicit security headers are not fully implemented, and no dedicated security or incident response policies are published. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data due to privacy protection slightly reduces transparency but is understandable for a healthcare non-profit. Overall, the site demonstrates a mature digital presence with good privacy compliance and user engagement, though improvements in security headers and incident response transparency are recommended. The risk assessment is low, with no signs of malicious activity or content safety concerns. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular audits of third-party scripts to ensure ongoing compliance and security.

K

Kynologický klub Lety

kklety.cz

49

Kynologický klub Lety is a small, local dog training club based in the Czech Republic, offering a variety of dog training courses including socialization for puppies, basic obedience, rally obedience, and protection training. The website serves as an information hub for members and interested dog owners, providing event updates, photo galleries, and contact information. The club appears to be community-focused with active engagement through social media and email subscriptions. Technically, the website uses a custom CMS with JavaScript libraries such as jQuery and MooTools. It includes cookie consent mechanisms and privacy policy pages, indicating compliance with GDPR. However, there is no evidence of advanced security headers or incident response policies. The site is moderately optimized for performance and accessibility but could benefit from improvements in mobile responsiveness and security hardening. From a security perspective, the site uses HTTPS (assumed from standard practice though not explicitly confirmed), has cookie consent, and no visible vulnerabilities in the HTML content. The lack of WHOIS data is a concern for domain legitimacy and trust but does not directly impact the website's operational security. Overall, the site is safe for general audiences and does not contain any adult or questionable content. Strategically, the club should verify domain registration details and enhance security posture by implementing security headers and publishing incident response information. Improving mobile optimization and SEO could also enhance user experience and reach.