Security Directory

S

Home | Sondevoedingthuis

sondevoedingthuis.be

71

Sondevoedingthuis is a specialized healthcare knowledge platform focused on providing information about tube feeding (sondevoeding) for both children and adults. The website is branded under Nutricia, a recognized healthcare nutrition company, indicating a credible market position within the healthcare nutrition sector in Belgium. The platform serves patients, caregivers, and healthcare professionals seeking guidance on sondevoeding in daily life. Technically, the site is built on Adobe Experience Manager, leveraging modern web technologies and integrating privacy and analytics tools such as TrustCommander, Google Tag Manager, and Hotjar. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, but lacks visible advanced security headers and a public vulnerability disclosure policy. WHOIS data is restricted by the .be registry, which is common and justified for privacy reasons, and does not detract from the site's legitimacy given the strong branding and content quality. Overall, the site presents a professional and trustworthy resource in its niche.

N

Nutricia

nutriciababy.be

64

Nutricia Baby is a well-established brand focused on baby and child nutrition, providing both products and extensive informational content for parents and caregivers in Belgium. The website offers a comprehensive range of tools, articles, and support services, including a dedicated Nutricia Care Team accessible via phone, WhatsApp, and email. The brand is part of Danone, a global leader in nutrition and healthcare products, reinforcing its market position and credibility. Technically, the website is built on Adobe Experience Manager, leveraging modern web technologies and privacy management tools to ensure a good user experience and compliance with GDPR. Security posture is solid with HTTPS enforced and privacy scripts in place, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

I

IZHAK Interact Agency

izhak.fr

45

IZHAK Interact Agency is a French digital communication and interactive marketing agency based in Strasbourg with an additional presence in Paris. Founded in 2020, the agency specializes in digital communication, social media, corporate and CSR communication, video production, web design, and branding services. Their target audience primarily consists of businesses and organizations seeking innovative and engaging communication strategies. The company maintains a professional and consistent brand image across its website and social media channels, positioning itself as a regional player with a focus on quality and creativity. Technically, the website is built on WordPress and leverages modern JavaScript libraries such as GSAP and Swiper for animations and interactive elements. It integrates third-party services including Google Tag Manager, Plausible Analytics for privacy-focused tracking, Axeptio for cookie consent management, and Small.chat for live chat support. The site demonstrates good mobile optimization and SEO practices, with a moderate performance profile. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, reflecting compliance with GDPR. However, it lacks advanced security headers and a published security or incident response policy. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data reduces the domain trust slightly, but the professional presentation and presence of legal and privacy documentation support the site's legitimacy. Overall, IZHAK Interact Agency presents a secure, professional, and user-friendly digital presence suitable for its business model. Strategic improvements in security headers, incident response transparency, and WHOIS data availability could further enhance trust and compliance.

S

Sparkasse Zwickau

spk-zwickau.de

69

Sparkasse Zwickau is a regional financial institution in Germany offering a broad range of banking and financial services including online banking, accounts, credit cards, loans, investments, insurance, and real estate services. The website targets both private and corporate customers and positions itself as a trusted local financial partner with a strong digital presence. The site is well-structured, professionally designed, and provides comprehensive product information and customer support channels. Technically, the website uses modern web technologies and is likely built on Adobe Experience Manager CMS, ensuring a robust and scalable platform. Mobile optimization and accessibility features are well implemented, enhancing user experience across devices. Security posture is strong with HTTPS enforced and session management features, although some security headers could be improved. Privacy compliance is evident with clear cookie consent mechanisms and detailed privacy policies. Overall, the website reflects a mature digital infrastructure suitable for a large financial institution with high trustworthiness and professionalism.

M

Mibau Stema Group

mibau-stema.com

53

The website 'Mibau Stema Group' presents a basic corporate presence with minimal content and limited business information. The domain WHOIS data is unavailable, indicating either a very recent registration, privacy protection, or incomplete WHOIS records, which raises concerns about domain legitimacy. The site loads external scripts from cloud.ccm19.de but lacks visible contact details, privacy policies, or terms of service, limiting trust and compliance indicators. Technically, the site uses standard web technologies but lacks advanced frameworks or CMS detection. Security posture is weak due to missing HTTPS and security headers. Overall, the site appears functional but lacks critical trust and security features.

V

Visibuilt

visibuilt.com

56

Visibuilt is a company focused on developing sustainable, bio-based asphalt binders made from mycelium, aiming to replace traditional fossil bitumen in construction applications. The website presents a professional and modern design built on WordPress, utilizing SEO best practices and cookie consent management via Cookiebot. The technical infrastructure is standard for a small to medium business website, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and consent mechanisms in place, but lacks advanced security headers and published security policies. The absence of WHOIS registration data raises concerns about domain legitimacy, which impacts overall trust. Privacy compliance is partially addressed through cookie consent, but lacks visible privacy and terms policies. Contact information is not readily available, limiting direct communication channels.

N

NCC

ncc.dk

70

NCC is a large Nordic construction and infrastructure company focused on delivering residential buildings, commercial premises, and infrastructure projects. The website presents a professional image with clear branding and a focus on collaboration and innovation in the construction sector. The company targets customers and partners in Denmark and the broader Nordic region. Technically, the website uses modern web technologies including JavaScript, Microsoft Application Insights for telemetry, and Cookiebot for cookie consent management. The site is mobile-optimized and includes SEO best practices, though some security headers are missing. Security posture is strong with HTTPS enforced and telemetry in place, but transparency could be improved by publishing explicit privacy policies, terms of service, and security policies. Overall, the site is trustworthy and well-maintained with extensive analytics and marketing tools used in compliance with GDPR via consent mechanisms.

N

NetIQ

validcoupons.net

49

ValidCoupons.net is a coupon and promotional deal aggregator primarily targeting the US market, operated by NetIQ, a Czech-based company. The website offers a large catalog of coupons, deals, freebies, and competitions, positioning itself as one of the largest portals in the US coupon space. The business model revolves around providing free discount codes and promotional offers to consumers, with additional incentives for registered users through bonus programs and cash prizes. The site maintains a consistent brand presence and leverages social media channels for outreach. Technically, the site uses a custom-built platform with standard web technologies including HTML, CSS, JavaScript, and Google Tag Manager for analytics. Hosting and domain registration are managed by Gransy, s.r.o., with nameservers indicating Czech hosting infrastructure. Security posture is moderate with HTTPS enabled and CAPTCHA protections on forms, but lacks advanced security headers and DNSSEC. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and professional but could improve in security and privacy transparency.

C

Caminovo

caminovo.at

68

Caminovo is a specialized HR consulting firm based in Austria, focusing on providing HR business partner services on demand, personnel search, organizational development, and team coaching primarily for medium-sized and owner-managed companies. The website presents a professional and well-structured digital presence built on WordPress with modern tools such as Bricks Builder and Rank Math SEO, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement and appropriate security headers, complemented by GDPR-compliant privacy and cookie policies with active consent mechanisms. No critical vulnerabilities or blocking mechanisms were detected, supporting a trustworthy and reliable online presence. Overall, Caminovo demonstrates a solid market position in the HR consulting niche with a clear value proposition and professional digital maturity.

B

Blueprint - KOSMAS

cap-ausbildung.eu

59

Blueprint - KOSMAS operates the CAP. educational initiative, providing supplementary vocational training alongside the AHS-Oberstufe in Austria. Their key offerings include four-year programs in Mechatronik and Cybersecurity, developed in partnership with reputable institutions such as WIFI Linz and FH OÖ. The website presents a professional, well-structured platform targeting youth seeking to enhance their technical and social skills parallel to academic schooling. Technically, the site is built on WordPress with modern plugins and frameworks, featuring good mobile optimization and SEO practices. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security headers could be improved. The domain WHOIS is privacy protected, typical for .eu domains, and does not raise trust concerns given the transparent business presence and partner affiliations. Overall, the site is trustworthy, compliant, and well-positioned in its niche educational market.

B

Berufsgenossenschaft für Gesundheitsdienst und Wohlfahrtspflege (BGW)

bgw-online.de

62

The Berufsgenossenschaft für Gesundheitsdienst und Wohlfahrtspflege (BGW) operates as a statutory accident insurance provider for individuals working in the health and social services sectors in Germany. The website serves as a comprehensive portal offering information on accident insurance, prevention, rehabilitation, health protection, and training services. It targets professionals and organizations within the healthcare and welfare industries, positioning itself as a trusted and established institution within the German social system. Technically, the website is built on the CoreMedia CMS platform, hosted on Colt Technology Services infrastructure, and employs modern web technologies including JavaScript and CSS. It integrates analytics tools such as Matomo and eTracker for user behavior tracking, although it lacks a visible cookie consent mechanism. The site is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. From a security perspective, the site enforces HTTPS and mentions the use of two-factor authentication for member services, indicating a commitment to protecting user data. However, explicit security headers are not evident, and no public security or incident response policies are found. The WHOIS data shows professional hosting but limited registrant details, which is typical for large institutional domains. Overall, the website demonstrates a strong business credibility and technical maturity with minor gaps in privacy compliance and security transparency. It is safe for general audiences and free from adult or questionable content.

D

Deutsche Postcode Lotterie

deutschepostcode-lotterie.de

70

The Deutsche Postcode Lotterie operates a socially responsible lottery platform in Germany, allowing participants to win prizes based on their postal codes. The website is professionally designed, mobile-optimized, and provides comprehensive information about participation, prizes, and social impact. The platform is TÜV Saarland certified and regulated by the German gambling authority, enhancing its trustworthiness. Technically, the site uses modern frameworks such as Next.js and Storyblok CMS, hosted on Vercel, ensuring fast performance and good accessibility. Privacy compliance is well addressed with GDPR-aligned policies and a consent management platform. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Overall, the site presents a trustworthy and professional digital presence for a large non-profit lottery business.

P

Pigsar

pigsar.de

68

Pigsar is a specialized service provider in Germany focusing on the testing and calibration of high-pressure natural gas meters. Positioned as a leading test facility, the company offers precise and accurate metrology services primarily targeting industrial and commercial clients involved in natural gas measurement. The website reflects a professional business model centered on metrology and calibration services, supported by downloadable company brochures and multilingual content to serve a broader audience. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, hosted on Adacor nameservers. The site demonstrates good digital maturity with responsive design, SEO optimization, and a cookie consent mechanism compliant with GDPR. Google Tag Manager and Google Analytics are used for analytics and tracking, with clear user consent for statistics cookies. From a security perspective, the website enforces HTTPS and employs cookie consent for privacy compliance. However, it lacks explicit security headers and does not provide a public security policy or vulnerability disclosure page. No critical vulnerabilities or exposed sensitive data were detected, indicating a solid security posture but with room for improvement in transparency and header implementation. Overall, the website is trustworthy, professionally designed, and compliant with privacy regulations. The risk level is low, but strategic enhancements in security policy publication and header configurations would further strengthen the security posture and user trust.

D

DOKYO

dokyo.de

10

DOKYO is a Hamburg-based full-service advertising agency specializing in creating multi-channel, integrated brand and product advertising campaigns. They serve notable clients such as AXE, Dove, and Ben & Jerry’s, positioning themselves as a creative agency that leverages pop culture to make brands more emotional, relevant, and popular. The agency has a strong market presence with over 150 campaigns for more than 30 brands over 15 years, supported by a B CORP certification indicating social and environmental responsibility. Technically, the website is built with modern web standards including HTML5, CSS3, and JavaScript, utilizing the Swiper.js library for interactive sliders. Hosting is provided by Strato AG, a German hosting provider, consistent with the agency’s location. The site is mobile optimized with good SEO practices and basic accessibility features, though there is room for improvement in accessibility and performance optimization. From a security perspective, the website enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers, published security policies, incident response contacts, and vulnerability disclosure mechanisms. No analytics or tracking scripts were detected, indicating a minimal user tracking approach. The WHOIS data is minimal but consistent with the hosting provider and geographic location, with no privacy protection that would raise suspicion. Overall, the website is professional, trustworthy, and compliant with privacy regulations, but could enhance its security posture by adding explicit security policies, headers, and incident response information. The absence of direct contact emails or phone numbers on the main page may impact user trust and accessibility. Strategic improvements in these areas would strengthen the agency’s digital maturity and security readiness.

B

bontempo GmbH & Co. KG

bontempo.de

41

Bontempo GmbH & Co. KG is a medium-sized German agency and manufactory specializing in retail design, exhibition construction, shopfitting, and event services across Europe. The company positions itself as a creative partner turning spaces into brand experiences, serving a diverse clientele including notable brands in retail and events. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and uses Matomo for analytics with device fingerprinting. The site is mobile-optimized and SEO-friendly, though some accessibility features are basic. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place. However, additional security headers and a formal security policy or incident response contact are absent. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with comprehensive privacy and cookie policies aligned with GDPR. Overall, the website presents a trustworthy and professional digital presence with minor areas for security and technical enhancement. The domain WHOIS data supports legitimacy and transparency, reinforcing business credibility.

The FC St. Pauli Museum website serves as a digital gateway promoting the museum's mobile app, targeting fans and visitors interested in the cultural heritage of the FC St. Pauli football club. The business operates as a non-profit cultural institution based in Germany, leveraging digital platforms such as Google Play and Apple App Store to distribute its app. The website content is well-structured, visually consistent, and provides clear calls to action for app downloads, supported by official social media channels and endorsements from reputable German cultural bodies. Technically, the website employs standard web technologies including HTML5, CSS, and JavaScript, with minimal external dependencies. It integrates Umami analytics for privacy-conscious user tracking. The site is mobile-optimized and offers a good user experience, although accessibility and SEO optimizations are basic. No advanced CMS or hosting details are evident from the content. From a security perspective, the website lacks visible security headers and does not provide explicit security or incident response policies. The absence of a cookie consent mechanism indicates partial GDPR compliance, though a privacy policy is present and accessible. No forms or direct contact information are provided, limiting data exposure risks but also reducing user engagement options. Overall, the website presents a trustworthy and professional front for the museum app, with low risk from a security and privacy standpoint. Strategic improvements in security headers, cookie consent, and published policies would enhance compliance and user trust. The domain WHOIS data was not provided, limiting the ability to assess domain registration legitimacy and history fully.

L

Landesmuseum Württemberg

landesmuseum-stuttgart.de

56

The Landesmuseum Württemberg website represents a well-established cultural institution focused on showcasing regional history and art in Stuttgart, Germany. The museum offers a variety of exhibitions, educational programs, and visitor services, positioning itself as a key cultural hub in the region. The website is professionally designed, content-rich, and targets a broad audience interested in history and culture. Technically, the site is built on the TYPO3 CMS platform, leveraging modern web technologies and integrating Matomo analytics for user insights. The site demonstrates good mobile optimization and accessibility features, enhancing user experience across devices. Security-wise, the website enforces HTTPS and implements a comprehensive cookie consent mechanism, aligning with GDPR requirements. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure information, which are areas for improvement. Overall, the domain and website content are consistent and legitimate, with no signs of malicious activity or suspicious patterns. Strategic recommendations include publishing security and incident response policies, enhancing security headers, and formalizing vulnerability disclosure processes to strengthen trust and compliance.

The Banc de Bones Pràctiques website is a government/non-profit platform dedicated to identifying and disseminating innovative local government practices in the province of Barcelona, Catalonia. It serves local municipalities and government entities by providing a searchable database of best practices, evaluation criteria, and resources to promote governance innovation. The site is supported by recognized local institutions such as the Diputació de Barcelona and the Fundació Carles Pi i Sunyer, enhancing its credibility and trustworthiness. Technically, the website employs a modern frontend stack including Bootstrap 4, jQuery, and FontAwesome, ensuring responsive design and good user experience across devices. Hosting and domain registration are consistent with the business purpose, with a mature domain age since 2010. However, the site lacks advanced security headers and DNSSEC, which are recommended for improved security posture. Security-wise, the site uses HTTPS (assumed from domain and external resources) but does not implement visible security policies or incident response contacts. No privacy policy page was found, though a cookie consent banner is present, indicating some level of GDPR awareness. Contact information is limited to an official email and contact form, with no phone or physical address explicitly listed. Overall, the website is professional and trustworthy for its niche audience but would benefit from enhanced security measures, explicit privacy and terms policies, and improved transparency regarding data protection and incident response.

U

Universitat Politècnica de Catalunya - BarcelonaTech

upc.edu

11

The Universitat Politècnica de Catalunya - BarcelonaTech (UPC) is a prominent public university specializing in engineering, architecture, and technology education and research. The website serves a broad audience including prospective and current students, researchers, academic staff, and industry partners. It offers comprehensive information on undergraduate, master's, doctoral, and continuing education programs, as well as research and innovation services. The university holds a strong market position in Catalonia and Spain with international recognition and certifications such as HR Excellence in Research. Technically, the website is built on the Plone CMS platform and employs modern web technologies including Usercentrics for consent management, Google Analytics, Microsoft Clarity for analytics, and Bootstrap for responsive design. The site demonstrates good performance, mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and consent mechanisms in place, though explicit security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data for the exact queried domain 'www.upc.edu' was not found, which is unusual but likely due to querying the subdomain rather than the root domain. Despite this, the website's legitimacy is supported by consistent branding, official social media presence, and comprehensive institutional content. Privacy policies and cookie consent mechanisms indicate GDPR compliance. Overall, the website is professional, secure, and trustworthy, serving as a reliable digital presence for the university. Strategic recommendations include enhancing security headers, publishing a dedicated security policy, and adding a vulnerability disclosure mechanism to further strengthen security posture.

SAP is a global leader in enterprise software solutions, with a strong market position in Human Capital Management through its SAP SuccessFactors Recruiting software. The website presents a comprehensive, AI-enabled talent acquisition platform designed for HR professionals and enterprises to attract and hire top talent efficiently. The digital infrastructure leverages modern web technologies including SAP UI5 and React, ensuring a responsive, accessible, and SEO-optimized user experience. Security posture is robust with HTTPS enforcement, security headers, and consent management for privacy compliance. While WHOIS data is unavailable, the domain's global recognition and consistent branding affirm its legitimacy. Overall, the site reflects a mature, professional enterprise-grade digital presence.

M

Malá - elektromobilita

mala-elektromobilita.cz

9

Malá - elektromobilita is a small Czech company specializing in electromobility and renewable energy solutions, including photovoltaic systems, battery storage, and electric vehicles. The company operates an e-shop, organizes related events, and assists with subsidy processing. Their market position is local to regional within the Czech Republic, focusing on energy and transportation sectors. The website is built on the Wix platform, featuring a professional design and moderate technical maturity. Security posture is adequate with HTTPS and some script hardening, but lacks visible security headers and formal privacy or cookie policies. WHOIS data is unavailable, which reduces domain trustworthiness. Overall, the site presents a legitimate business with room for improvement in security and compliance.

L

Luhačovské zálesí o.p.s

luhacovskezalesi.cz

9

Luhačovské zálesí o.p.s is a small non-profit organization dedicated to the development and improvement of living conditions in the Luhačovské Zálesí region of the Czech Republic. The website serves as an informational platform to support community engagement and regional development initiatives. The organization appears to have an established presence since 2007, consistent with the domain registration data. Technically, the website is built on WordPress using the Divi theme, incorporating standard analytics tools such as Google Analytics and Google Tag Manager. While the site demonstrates good design quality and mobile optimization, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security posture is minimal with no detected security headers or incident response information publicly available. Overall, the website is functional and professional but would benefit from enhanced security and privacy measures to improve trust and compliance.

E

ExFactory Czech s.r.o.

exfactoryczech.cz

57

ExFactory Czech s.r.o. is a small Czech company specializing in energy management, photovoltaic installations, and related services. Their website, built on the Wix platform, serves as a professional communication channel to present their offerings and company values to customers and partners. The company targets clients interested in energy solutions within the Czech Republic. Technically, the website uses Wix's infrastructure and standard web technologies, providing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and policies. The absence of privacy and cookie policies indicates compliance gaps. WHOIS data is unavailable, which reduces domain trustworthiness. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security practices.

O

Obec Pržno

przno.cz

10

The website przno.cz serves as the official online presence of the municipality of Pržno in the Czech Republic. It provides residents and visitors with essential information about local government activities, news, events, and public services. The site is well-structured, with clear navigation and relevant content tailored to its community audience. It integrates modern web technologies including Google Analytics with user consent and Google reCAPTCHA for form security. The website demonstrates a good level of digital maturity for a small municipal government portal, balancing usability and compliance with privacy regulations. Security posture is adequate with HTTPS enforced and basic protections in place, though there is room for enhancement in security headers and formal policies. Overall, the site is trustworthy, professional, and serves its intended purpose effectively.

M

Místní akční skupina Bobrava

masbobrava.cz

43

Místní akční skupina Bobrava is a Czech regional non-profit organization focused on supporting local municipalities, schools, entrepreneurs, non-profits, and the general public within the Bobrava region. The organization provides information on funding opportunities, promotes regional products and services, and engages the community through news updates and events. Their website reflects a professional and community-oriented approach with clear navigation and relevant content. Technically, the site is built on WordPress with common plugins and frameworks such as Bootstrap, and it employs Google reCAPTCHA for form security and a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and no obvious vulnerabilities detected, though additional security headers could enhance protection. The absence of WHOIS data limits domain trust assessment, but the website's content and structure suggest legitimacy. Overall, the site is well-maintained, user-friendly, and compliant with privacy regulations.

E

ECM System Solutions s.r.o.

ecmsystem.cz

51

ECM System Solutions s.r.o. is a Czech-based company specializing in comprehensive energy management solutions tailored to various sectors including companies, municipalities, energy communities, and residential buildings. With 16 years of market presence and over 150 implementations, the company offers key services such as energy dispatch management, attendance tracking, and custom system development. It operates as part of the larger LAMA ENERGY GROUP, enhancing its market position and trustworthiness. Technically, the website employs modern JavaScript frameworks including jQuery and Naja for AJAX handling, integrates Google reCAPTCHA v3 for form security, and uses Google Tag Manager for analytics and tracking. The site is hosted under a Czech registrar and shows good mobile optimization and SEO practices, although no explicit CMS is detected. From a security perspective, the website enforces HTTPS, uses reCAPTCHA to protect forms, and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policies, incident response contacts, and security.txt files. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website presents a professional, trustworthy, and secure digital presence consistent with its business claims. The domain age and WHOIS data support the legitimacy and history of the company. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular audits of third-party scripts.

N

Nintendo

nintendo.com

81

Nintendo is a globally recognized leader in the video game industry, offering a wide range of gaming consoles, software, and digital services. The official German website serves as a localized portal providing product information, account management, and customer support tailored for German-speaking users. The site reflects Nintendo's strong market position and commitment to user engagement through a professional and well-branded online presence. Technically, the website employs modern web technologies, including CDN delivery, asynchronous JavaScript loading, and cookie consent frameworks, ensuring fast performance and compliance with privacy regulations such as GDPR. Security measures are robust, with HTTPS enforced and multiple security headers implemented, contributing to a high security posture. No critical vulnerabilities or suspicious activities were detected. The absence of WHOIS data is noted but likely due to privacy or registry policies rather than malicious intent. Overall, the website demonstrates a mature digital infrastructure aligned with Nintendo's enterprise status and global brand reputation.

B

Beat Games

beatsaber.com

63

Beat Saber is a well-established VR rhythm game developed by Beat Games, founded in 2017. The website serves as a comprehensive platform for promoting the game, offering music packs, original soundtracks, and directing users to purchase options across major VR and gaming platforms such as Steam, Meta Quest Store, and PlayStation Store. The target audience primarily consists of VR gamers and music game enthusiasts. The business model focuses on digital sales and downloadable content, supported by a strong social media presence and multiple industry awards that reinforce its market leadership. Technically, the website employs modern web technologies including Bootstrap for responsive design, Typekit for fonts, and HTML5 video elements for multimedia content. Hosting is indicated by Facebook DNS servers, suggesting professional infrastructure. The site is mobile-optimized with good SEO practices, though accessibility features are basic. Performance is moderate, with room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site uses HTTPS (implied by external store links) and does not expose sensitive data. However, it lacks explicit security headers and published security or incident response policies, which are areas for enhancement. The WHOIS data is consistent and trustworthy, with domain registration dating back to 2017, aligning with the company's founding and product timeline. Overall, the website is professional, trustworthy, and content-rich, with minor gaps in privacy compliance and security best practices. Strategic improvements in these areas would enhance user trust and regulatory adherence.

B

Bc. Martin Hůlek

martinhulek.cz

9

The website www.martinhulek.cz represents Bc. Martin Hůlek, a freelance fullstack web developer based in the Czech Republic. The business focuses on delivering custom web development services including responsive websites, e-commerce platforms, tailored web applications, ongoing maintenance, and consulting. The site positions itself as a specialist in modern, secure, and user-friendly web solutions aimed at businesses and individuals seeking professional digital presence. The portfolio includes at least one e-shop project, indicating practical experience in commercial web development. Technically, the website employs modern frontend technologies such as Bootstrap 5, jQuery, FontAwesome, and Google Tag Manager for analytics and cookie consent management. The site is mobile-optimized with responsive design and good SEO practices evident from meta tags and structured navigation. Performance appears fast with asynchronous script loading and minimal external dependencies. However, no CMS or hosting provider details are disclosed. From a security perspective, the site uses HTTPS (implied by external Google Tag Manager scripts loaded over HTTPS), and implements a cookie consent modal, indicating awareness of privacy regulations. However, no explicit privacy policy or terms of service pages were found, and no HTTP security headers were detected in the provided data. The WHOIS lookup failed to return any domain registration data, which reduces trustworthiness and raises questions about domain legitimacy. No vulnerabilities or exposed sensitive data were observed in the content. Overall, the website is professional and functional, suitable for a small freelance business. The main risks relate to missing WHOIS transparency and incomplete privacy compliance documentation. Strategic improvements in security headers, privacy policy publication, and domain registration transparency would enhance trust and compliance.

K

Kapnetix s.r.o.

kapnetix.ai

58

Kapnetix s.r.o. is a technology company specializing in AI-powered tools for motion capture professionals. Their website presents a focused business offering innovative AI solutions such as single camera 3D pose estimation and automated motion capture cleanup, targeting animation teams and game developers. The company positions itself as a niche innovator with a small but experienced team and notable industry awards. Technically, the website is built on Webflow CMS with modern integrations including Google Tag Manager and Leadfeeder for analytics and marketing. The site is well-designed, mobile-optimized, and includes embedded video content to demonstrate product capabilities. Security-wise, the site uses HTTPS and implements cookie consent mechanisms but lacks visible advanced security headers or published security policies. WHOIS data is unavailable due to privacy protection, which is common for small tech firms. Overall, the site is professional and trustworthy with moderate risk due to limited public security disclosures.

C

Context Heroes s.r.o.

contextheroes.com

71

Context Heroes s.r.o. is a Czech-based company specializing in bespoke translation and localization services, primarily targeting video games, apps, software, and product markets. The company positions itself as a trusted partner with a focus on delivering contextually accurate translations to help clients expand internationally. Their website reflects a professional and modern digital presence, leveraging a custom CMS platform and modern web technologies to provide a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security best practices like security headers and incident response information are absent. The lack of WHOIS data for the domain is a notable concern, potentially impacting trust and legitimacy assessments. Overall, the company demonstrates strong business credibility and digital maturity, with room for improvement in transparency and security documentation.

Č

Česká spořitelna, a.s.

ittrendy.cz

50

IT Trendy is a corporate blog and community platform operated by Česká spořitelna, a leading Czech bank, focusing on information technology trends and innovations. The website targets IT professionals, technology enthusiasts, and banking sector employees, providing high-quality articles, educational content, and community engagement. The platform supports professional growth and knowledge sharing within the bank and the broader IT community. Technically, the website employs modern web technologies including Alpine.js, Google Tag Manager, and optimized image formats, hosted by Active24. It demonstrates excellent mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though lacks a dedicated security policy or incident response contact. Overall, the domain registration is consistent and transparent, reinforcing business credibility. The website is safe, professional, and trustworthy, with no signs of malicious content or vulnerabilities.

E

Exit Games GmbH

photonengine.com

74

Photon Engine, operated by Exit Games GmbH, is a leading provider of multiplayer game backend services, offering a comprehensive suite of products including Photon Fusion, Quantum, Realtime, Chat, and Voice. The company targets game developers and studios worldwide, supporting over 1.4 billion monthly players and more than 1 million developers. Their business model is SaaS-based, providing scalable cloud infrastructure and communication tools for multiplayer games across multiple platforms including mobile, PC, consoles, and VR/AR. Technically, the website demonstrates a mature digital infrastructure with modern web technologies, fast performance, and excellent mobile optimization. The use of Google Tag Manager and Cloudflare Insights indicates active analytics and performance monitoring. The site is well-structured with comprehensive documentation and multilingual support, enhancing accessibility and user experience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers and a public security policy or incident response contacts are not evident, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given the strong market presence and trust indicators. Overall, Photon Engine presents a professional, trustworthy, and technically sound platform with strong compliance and privacy practices. Strategic enhancements in security transparency and contact availability would further strengthen their security posture and user trust.

F

Flying Rat Studio

flying-rat.online

61

Flying Rat Studio is a small, Prague-based game development studio specializing in co-development, porting, and optimization of games for multiple platforms including VR and consoles. They collaborate with well-known studios and work on internal projects focused on gameplay and fun. The website is professionally designed, providing detailed project descriptions and links to major game stores, reflecting a credible and niche market position. Technically, the site uses modern web technologies such as JavaScript and Babylon.js, with evidence of Bootstrap framework usage. The site is mobile optimized and SEO friendly but lacks some accessibility features. Security posture is moderate with no visible vulnerabilities but missing security headers and privacy policies. WHOIS data is unavailable or protected, which is common for small studios but reduces transparency. Overall, the site is trustworthy and professional but could improve compliance and security practices.

The website stepupforchildhoodcancer.com is currently a minimal placeholder page hosted on Squarespace, indicating it is under construction. There is no substantive business content, contact information, or policies published. The domain is registered since 2014 with Squarespace Domains II LLC, showing stable registration but no privacy protection or detailed registrant data. The technical infrastructure is basic, relying on Squarespace platform and Google Fonts, with no advanced frameworks or analytics detected. Security posture is minimal with no security headers or DNSSEC enabled, and no HTTPS enforcement details available. Privacy compliance is absent due to missing privacy and cookie policies. Overall, the website presents low business credibility and trustworthiness due to lack of content and transparency.

S

SGA

shift2games.com

50

Shift2Games is an educational platform dedicated to providing comprehensive information and resources for individuals seeking careers in the gaming industry. The website offers news, industry insights, profession descriptions, and education resources to support career development in gaming. The platform targets aspiring gaming professionals and enthusiasts, positioning itself as a niche resource within the technology sector focused on gaming careers. Technically, the website is built on WordPress using Elementor, with modern JavaScript libraries such as Swiper.js and integrated Google Analytics for user tracking. The site demonstrates good SEO practices and mobile optimization, though accessibility features are basic. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks some security headers and explicit privacy and terms of service pages. The absence of WHOIS data for the domain reduces trustworthiness from a domain registration perspective, though the website content and technical setup appear professional and legitimate. Overall, the site scores well in content quality and technical implementation but should improve privacy compliance and domain transparency to enhance business credibility and trust.

S

synchrnzr Advanced Music & Audio Research S.L.

synchrnzr.com

67

synchrnzr.com represents an independent technical sound design consultancy and educational resource operated by David Font, with a focus on game audio production, integration, research, lecturing, and mentoring. The website showcases a professional portfolio of projects and collaborations with recognized partners in the gaming and education sectors. The business operates in a niche technology segment with a long-standing presence since 2000, supported by a domain registered since 2004. The target audience includes game developers, audio professionals, researchers, and students seeking expert sound design services and learning resources. Technically, the website employs modern web standards including HTML5, CSS3, JavaScript, Google Fonts, and Google Tag Manager for analytics. The site is mobile optimized with good SEO practices and structured data for organization branding. Hosting details are not explicit, but the domain registrar is reputable. Performance is moderate with no critical technical issues detected. Accessibility is basic but functional. From a security perspective, the site uses HTTPS and secure cookie flags, but lacks advanced security headers and DNSSEC. No forms or sensitive data inputs are present on the homepage, reducing attack surface. Privacy compliance is basic with presence of privacy and cookie policies but no explicit consent mechanisms or GDPR compliance indicators. No incident response or vulnerability disclosure information is provided, which could be improved. Overall, the website is trustworthy, professional, and content-rich with a solid business credibility score. Security posture is adequate but can be enhanced with additional headers and policies. Privacy compliance requires improvement to meet modern standards. The risk level is low, with recommendations focusing on strengthening security and privacy transparency.

M

Michelin

michelin.ca

72

Michelin Canada operates a comprehensive website offering a wide range of tires and related products for automotive, motorcycle, and bicycle markets. The site reflects Michelin's position as a leading global tire manufacturer with a strong brand presence and extensive product catalog tailored to Canadian consumers and businesses. The website employs modern web technologies including the Astro framework and Svelte components, integrated with advanced consent management and analytics tools, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, though explicit privacy and terms of service pages are not clearly identified in the provided content. Overall, the site is professional, well-branded, and trustworthy, with moderate user tracking balanced by consent mechanisms.

V

VP Racing Fuels, Inc.

vpracingfuels.com

72

VP Racing Fuels, Inc. is a well-established company specializing in premium race fuels, lubricants, coolants, and fuel additives, targeting motorsport enthusiasts and professionals. The company operates a professionally designed Shopify e-commerce platform, offering a comprehensive product range and customer support through detailed contact forms and quality assurance channels. The website demonstrates a mature digital presence with consistent branding and clear business information, supported by a domain registered since 1998, indicating long-term market presence. Technically, the website leverages modern e-commerce infrastructure on Shopify, enhanced with various marketing and analytics tools such as Google Tag Manager, Microsoft Clarity, and Facebook Pixel. Cookie consent is managed via OneTrust, reflecting attention to privacy compliance. The site is hosted behind Cloudflare DNS and CDN services, ensuring reliable performance and security. Mobile optimization and SEO practices are good, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs reCaptcha on forms to mitigate abuse. While explicit security headers are not fully visible in the provided data, the overall posture is strong with no exposed sensitive data or vulnerabilities detected. The WHOIS data aligns with the business claims, showing no privacy protection and a consistent registration history, enhancing trust. Overall, the website presents a low-risk profile with good compliance and security practices. Recommendations include enabling DNSSEC, adding explicit security headers, and maintaining regular audits of third-party scripts to further strengthen security and trust.

L

Live for Speed

lfs.net

63

Live for Speed operates as a niche online racing simulator platform offering realistic car physics and multiplayer racing experiences. The business targets racing simulation enthusiasts with a freemium model that includes a free demo and purchasable additional content such as cars and tracks. The website is well-branded and maintains active community engagement through leagues, events, and forums. Technically, the site uses standard web technologies (HTML5, CSS, JavaScript) with moderate performance and basic mobile optimization. Security posture is solid with HTTPS enforcement and improved authentication mechanisms, though some security headers and cookie consent mechanisms are missing. WHOIS data is unavailable, which slightly impacts trust but is mitigated by the site's active presence and consistent branding. Overall, the site is professional, trustworthy, and focused on delivering a quality gaming experience.

Shape is a professional digital product development agency focused on creating meaningful digital products and forming long-term partnerships with clients. Their market position is strong within the regional technology sector, serving clients in insurance and finance with notable case studies. The website demonstrates a modern technical infrastructure using Vue.js and Nuxt.js frameworks, integrated with HubSpot for marketing and analytics. The site is well-optimized for mobile and SEO, with excellent design and user experience. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers and policies could be improved. Overall, the website presents a trustworthy and credible business with no critical vulnerabilities detected.

M

MemeCore

memecore.com

59

MemeCore operates as a niche blockchain platform specializing in meme coins and decentralized applications, targeting crypto enthusiasts and meme communities. The website presents a modern, playful branding with a focus on connecting creators and communities through its Layer 1 blockchain. The technical infrastructure leverages modern web technologies including React and Next.js, hosted on AWS infrastructure, with integrated analytics tools such as Google Tag Manager and Hotjar. While the site is accessible and well-structured, it lacks critical privacy and security policy disclosures, as well as contact information, which impacts its overall trustworthiness and compliance posture. Security practices are basic, with HTTPS enabled but missing DNSSEC and security headers, and no published incident response or vulnerability disclosure information. Overall, the site is functional and professional but would benefit from enhanced transparency and security documentation.

G

Generation Digitale GmbH & Co. KG

generationdigitale.net

53

Generation Digitale GmbH & Co. KG is a Hamburg-based digital agency specializing in web, video on demand, digital signage, and emerging technologies such as AR and VR. Established since 2002, the company offers comprehensive digital solutions including enterprise technology integration, UX/UI design, and online video platform development. Their market position is that of an experienced innovator serving businesses, brands, and public institutions with a focus on user-centered and technology-driven products. Technically, the website leverages modern Microsoft .NET technologies, Umbraco CMS, and cloud services like Azure, indicating a mature digital infrastructure. Privacy compliance is robust, with detailed GDPR-aligned policies and an opt-in cookie consent mechanism using Matomo analytics. Security posture is moderate, with room for improvement in security headers and explicit incident response disclosures. Overall, the website is professional, content-rich, and trustworthy, though the absence of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy.

H

HIBLend

hiblend.eu

49

HIBLend is an educational project focused on enhancing the quality of blended mobility in European higher education. The website serves as an informational platform for stakeholders involved in this EU initiative. The technical infrastructure is based on WordPress with the Divi theme and Yoast SEO plugin, indicating a moderate level of digital maturity. The site is hosted via GoDaddy and uses HTTPS, ensuring basic security standards. However, the absence of privacy and cookie policies, as well as contact information, limits its compliance and user trust. Security posture is adequate but could be improved with additional headers and policies. Overall, the website is professional and relevant to its niche audience but requires enhancements in privacy and security transparency.

S

SiteGround

siteground.eu

72

SiteGround is a large, established web hosting provider offering services to over 3 million domains globally. Their business model focuses on providing ultrafast, secure, and reliable web hosting solutions with 24/7 expert support. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to website owners and developers. Technically, the site uses modern JavaScript libraries, Google Tag Manager, Cookiebot for GDPR compliance, and integrates with trusted third-party services such as Stripe for payments and Typeform for forms. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and policies could be improved. Overall, the website demonstrates a high level of professionalism and trustworthiness consistent with a major technology company.

G

Google LLC

golang.org

63

The website go.dev is the official site for the Go programming language, an open source project supported and maintained by Google LLC. It serves as a comprehensive resource hub for developers, offering documentation, learning materials, downloads, and community engagement. The site targets software developers and engineering teams seeking to build secure, scalable systems using Go. The business model revolves around providing an open source programming language ecosystem backed by a major technology company, positioning Go as a leading language in cloud and network services, web development, and DevOps. Technically, the site is well-implemented with modern web technologies including HTML5, CSS3, JavaScript, and Google’s own analytics and tag management tools. It is hosted on Google Cloud Platform, ensuring fast performance and excellent mobile optimization. The site demonstrates good SEO and accessibility practices, with clear navigation and professional design. No CMS is detected, indicating a custom-built platform tailored for the Go project. From a security perspective, the website enforces HTTPS with strong SSL configuration and includes standard security headers. It uses Google Analytics and Tag Manager scripts loaded asynchronously, and a cookie consent banner is present to comply with privacy regulations. However, there is no explicit security policy or vulnerability disclosure page, nor contact information for incident response, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, go.dev is a high-quality, trustworthy, and professional website that effectively supports the Go programming language community. It reflects the credibility of Google LLC and provides valuable resources for developers. Strategic recommendations include publishing a dedicated security policy, adding vulnerability disclosure information, and providing clear security incident contacts to enhance trust and compliance.

W

Wemove

wemove.no

69

Wemove.no is a Norwegian e-commerce retailer specializing in sports, training, and leisure branded products such as Umbro, Scott, and Fibra. The website targets sports enthusiasts and offers a curated selection of well-known brands. The business appears to be a small-sized entity founded in 2016, with a consistent domain age and market presence. Technically, the website employs modern web technologies including ASP.NET, Cloudflare CDN, and integrates with Shopify and various third-party marketing and analytics tools. The site is mobile optimized and uses HTTPS with appropriate security headers, reflecting a good digital maturity level. Security posture is solid with no visible vulnerabilities or exposed sensitive data, although explicit security policies and incident response information are not published. Privacy compliance is strong, featuring a comprehensive cookie consent mechanism with granular user controls and links to detailed privacy policies. Overall, the website is professional, trustworthy, and safe for general audiences.

C

Colab Cooperative Inc

colab.coop

55

Colab Cooperative Inc is a US-based worker-owned agency specializing in crafting complex websites and custom applications for socially responsible organizations since 2010. The company positions itself as a niche provider focusing on cooperatives and non-profits, emphasizing listening and mission fulfillment. Their key services include discovery, design, development, support, maintenance, and Kubernetes hosting. The website reflects a professional and consistent brand image with strong trust indicators such as client testimonials and recognized certifications like B Corporation and US Federation of Worker Cooperatives. Technically, the site is built on WordPress, hosted on AWS infrastructure, and employs modern web standards with good mobile optimization and accessibility. Security posture is solid with HTTPS and anti-spam measures, though improvements are recommended in security headers and explicit security policies. Privacy compliance is partially met with a comprehensive privacy policy but lacks cookie consent mechanisms. Overall, the site demonstrates high business credibility and technical maturity with minor gaps in privacy and security documentation.

P

Piton Labs

pitonlabs.com

55

Piton Labs is a technology-focused startup development agency founded in 2021, specializing in helping early-stage companies and entrepreneurs rapidly build and launch MVPs. Their services include product strategy, expert software development, and team assembly to ensure long-term success. The website reflects a professional and consistent brand with clear messaging targeted at startups seeking reliable development partners. Technically, the site uses modern frameworks such as Next.js and React, with Tailwind CSS for styling, indicating a contemporary and maintainable tech stack. Performance and mobile optimization are adequate, though accessibility and SEO could be improved. Security posture is moderate; HTTPS is implied, but no security headers or DNSSEC are enabled, and no explicit security or privacy policies are published, which are areas for improvement. The domain registration is consistent with the business profile, showing legitimacy and no suspicious patterns. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security hardening.

JWP.com is a minimalistic website primarily serving as a login portal for users with credentials. The site lacks public-facing business descriptions or detailed service information, indicating it is likely an internal or restricted access platform. The domain is long-established, dating back to 1996, which suggests a mature presence, although no registrant organization details are publicly available. The hosting is provided by DreamHost, and the domain is registered through Epik LLC without DNSSEC enabled. Technically, the website uses basic HTML, CSS, and JavaScript with a PHP backend for form submission. There is no evidence of modern frameworks or CMS usage. The site shows basic design and accessibility but lacks mobile optimization and advanced SEO features. Security posture is weak, with no HTTPS enforcement visible in the provided data, no security headers, and no anti-CSRF or CAPTCHA protections on the login form. Privacy and cookie policies are absent, and no analytics or marketing tools are detected. Overall, the security posture is below average, with critical recommendations including enabling HTTPS, adding security headers, and implementing protections against automated login attacks. The site content is safe for general audiences, with no adult or questionable content detected. Contact information is limited to an obfuscated email address ([email protected]) and a login form, with no phone numbers or physical addresses provided. The overall risk assessment indicates a low trustworthiness level due to minimal content, lack of security best practices, and absence of compliance documentation. Strategic improvements in security, privacy compliance, and content transparency are recommended to enhance business credibility and user trust.