Security Directory

I

iSmile Teledentistry

ismile.app

57

iSmile Teledentistry operates a healthcare technology website focused on providing AI-powered smile technology and teledentistry services. The business targets general consumers seeking remote dental consultations and oral health assessments. The website is built on the Wix platform, leveraging standard Wix scripts and Facebook Pixel for marketing and analytics. While the technical infrastructure is modern and mobile-optimized, the site lacks critical privacy and cookie policies, as well as explicit contact information, which impacts its privacy compliance and business credibility scores. Security posture is moderate with HTTPS enabled and some client-side security hardening, but missing key security headers and incident response details. Overall, the site presents a basic but functional digital presence for a small healthcare tech business.

O

Olje og gass for det 21. århundre

og21.no

72

The website www.og21.no serves as a Norwegian platform focused on the oil and gas sector for the 21st century, likely supporting research, innovation, and collaboration within the energy industry. The site targets industry professionals and stakeholders, providing sector-specific information and updates. Technically, the site is hosted on Microsoft Azure and employs modern analytics tools such as Piwik PRO and Microsoft Application Insights, indicating a mature digital infrastructure. The presence of a comprehensive cookie consent mechanism aligned with GDPR demonstrates good privacy compliance. Security posture is solid with HTTPS enforced and use of security cookies, though explicit security headers and incident response contacts are absent. Overall, the site is professional, trustworthy, and well-optimized for mobile and accessibility, but could improve transparency by publishing security policies and contact information.

I

IEA Norge

iea.no

74

IEA Norge operates as the Norwegian representative and coordinator for the International Energy Agency's technology collaboration programs. The organization facilitates information dissemination and participation coordination for Norwegian stakeholders in various energy and technology programs involving over 40 countries. The website reflects a professional governmental or quasi-governmental entity with a focus on energy and transportation sectors. Technically, the site is hosted on Microsoft Azure and uses modern analytics tools such as Piwik PRO and Microsoft Application Insights, indicating a mature digital infrastructure. The presence of a comprehensive cookie consent mechanism and privacy policies demonstrates good privacy compliance. Security posture is solid with HTTPS enforced, though the absence of explicit security headers and vulnerability disclosure mechanisms suggests room for improvement. Overall, the site is trustworthy, well-maintained, and serves its target audience effectively.

P

Industriell strategi for prosessindustrien

prosess21.no

73

The website www.prosess21.no serves as an informational and strategic platform focused on the industrial strategy for the process industry in Norway. It appears to be a government or research-backed initiative aimed at industry professionals, researchers, and policymakers. The site provides detailed information about industrial strategies and related initiatives, linking to several partner domains within the Norwegian industrial and energy sectors. Technically, the website is hosted on Microsoft Azure and uses modern analytics tools such as Piwik PRO and Microsoft Application Insights, indicating a mature digital infrastructure. The presence of a comprehensive cookie consent mechanism and privacy policy demonstrates good privacy compliance and user data protection awareness. Security-wise, the site enforces HTTPS and uses reputable cloud services, though explicit security headers are not fully confirmed. There are no visible vulnerabilities or exposed sensitive data. However, no direct contact information or security incident response details are provided, which could be improved for transparency and user trust. Overall, the website is professional, well-structured, and trustworthy, with a moderate to good security posture and compliance level.

P

PIXELPETER GmbH

pixelpeter.ch

49

PIXELPETER GmbH is a Swiss-based technology service provider specializing in web development, graphic design, SEO, media production, AI consulting, and hosting services. With over 25 years of experience and a strong portfolio of projects and satisfied clients, the company targets SMEs, freelancers, artists, associations, and social organizations. The website reflects a professional and consistent brand image with clear service offerings and a focus on customer orientation. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and responsive design principles to ensure good mobile optimization and user experience. While performance is moderate, the site is well-structured with SEO-friendly meta tags and basic accessibility features. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers, privacy and cookie policies, and incident response information, indicating room for improvement in compliance and security posture. No vulnerabilities or suspicious elements were detected in the content or scripts. Overall, the website presents a low-risk profile with a solid business credibility score but requires enhancements in privacy compliance and security best practices to strengthen trust and regulatory adherence.

A

Arctic World Archive

arcticworldarchive.org

10

Arctic World Archive is a Norwegian non-profit foundation dedicated to ultra-long-term data preservation using innovative piqlFilm technology stored in a secure Arctic vault. The organization targets institutions and cultural entities seeking to safeguard valuable digital assets for centuries. Their platform offers free software tools for data preparation and management, reinforcing their mission of global stewardship and accessibility. Technically, the website employs modern frameworks like Astro, integrates analytics and marketing tools such as PostHog and Intercom, and is hosted with Cloudflare DNS services. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and privacy policies are absent, indicating areas for compliance improvement. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

M

Midlaier AS

helseassistent.no

60

Helseassistent, operated by Midlaier AS, is a Norwegian-based innovative AI solution tailored for healthcare professionals. The platform offers AI-powered tools such as speech-to-note, chat with document upload and speech-to-text, and a multilingual translator to reduce administrative burdens and improve patient communication. Positioned as a modern SaaS solution, it targets healthcare providers including doctors, physiotherapists, and chiropractors, aiming to enhance clinical workflows and patient care quality. The business model is subscription-based with monthly and annual plans, reflecting a small but focused enterprise founded in 2023. Technically, the website leverages modern web technologies including SvelteKit and JavaScript, with good mobile optimization and accessibility features. The site is well-structured with clear navigation and professional design, though it lacks some advanced security headers and cookie consent mechanisms. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS with excellent SSL configuration and secure form handling. However, the absence of explicit security headers and a cookie consent mechanism are areas for improvement. No vulnerabilities or exposed sensitive data were found. The WHOIS data aligns well with the business claims, supporting legitimacy. Overall, Helseassistent presents a trustworthy and professional digital presence with strong business credibility and technical maturity. Strategic enhancements in security policies, privacy compliance, and transparency would further strengthen its posture and user trust.

M

Mobai AS

mobai.bio

63

Mobai AS is a technology company specializing in biometric identity verification solutions, including face verification, identity proofing, and liveness detection. Their services target banks, identity providers, and regulated industries, offering secure and accessible digital identity solutions. The company leverages academic research and certifications such as NIST testing and Swiss Center for Biometrics certification to establish credibility and market position. Technically, the website is built on modern frameworks like Webflow and integrates advanced SDKs for mobile platforms, ensuring a seamless developer experience and fast performance. Security posture is strong with HTTPS and secure forms, though improvements are recommended in security headers and cookie consent mechanisms. Privacy policies and terms of service are comprehensive and GDPR compliant. WHOIS data is privacy-protected but consistent with a legitimate tech business. Overall, Mobai presents a professional, trustworthy, and technically mature digital presence.

S

Spectac AS

spectac.no

59

Spectac AS is a small Norwegian company specializing in innovative tactical products and training services aimed at special operations forces, EOD, and naval units. Their website reflects a niche B2B business model focused on defense and tactical sectors, providing specialized equipment and training. The company presents clear contact information and a professional, though basic, web presence built on the Squarespace platform. Technically, the website is well-configured with HTTPS and HSTS, but lacks advanced security headers and privacy compliance documentation. No forms or tracking scripts are present, indicating minimal data collection and user tracking. The absence of WHOIS data due to privacy protection slightly reduces trustworthiness but is not uncommon for defense-related businesses. Overall, the site is functional and secure but could improve in privacy transparency and security best practices.

The website coinstore.io is a parked domain page currently offered for sale through the Sedo domain parking platform. The domain is registered to Aligned Acquisitions Inc, a US-based entity, with registration dating back to 2017. The site contains no original business content or services and primarily serves as a placeholder with advertising and domain sale links. Technically, the site uses standard HTML5 and JavaScript with Sedo and Google Ads scripts for monetization. There is no evidence of a CMS or advanced frameworks. Security posture is minimal with no detected security headers and no explicit security or privacy policies beyond Sedo's generic privacy policy. The domain WHOIS data is consistent and transparent, indicating legitimate ownership and control. Overall, the site has low business credibility and content quality, reflecting its status as a domain parking page.

V

Vulti Holdings Limited

vultisig.com

61

Vultisig is a newly launched cryptocurrency wallet provider specializing in multi-factor, seedless security using Threshold Signature Scheme (TSS) technology. The company, operating under Vulti Holdings Limited based in the British Virgin Islands, offers a multi-chain wallet supporting over 30 blockchains including Bitcoin and Ethereum. Their product targets crypto users seeking enhanced security without the traditional risks of seed phrase management. The website presents a professional and modern interface with clear messaging about security and usability. Technically, the site uses modern web technologies such as Next.js and Cloudflare DNS, and supports multiple platforms including web, Android, iOS, and Windows. Security posture is strong with HTTPS, multi-factor authentication, and domain protection status flags, though DNSSEC is not enabled and explicit security policies are not published. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and well-positioned for its niche but should improve transparency on privacy and security policies.

U

Unizen

zcx.com

52

Unizen is a decentralized finance platform specializing in omni-chain enabled decentralized exchange aggregation across multiple blockchain networks. The platform targets DeFi users and cryptocurrency traders seeking cross-chain asset swaps and liquidity aggregation. The website employs modern web technologies such as React and Next.js, indicating a contemporary technical infrastructure with moderate performance and mobile optimization. However, the site lacks comprehensive privacy, cookie, and terms of service policies, as well as explicit contact information, which impacts user trust and compliance posture. Security measures such as security headers and vulnerability disclosures are absent, suggesting room for improvement in security maturity. Overall, the domain is well-established with a reputable registrar, supporting legitimacy, but the website would benefit from enhanced transparency and security practices to improve trust and compliance.

B

Bitly, Inc.

datasecai2025.com

73

Bitly, Inc. is a well-established technology company specializing in branded link management and URL shortening services. Founded in 2003, Bitly serves a broad business and marketing audience, offering SaaS solutions that enable customization, sharing, and tracking of links. The company holds a strong market position, trusted by major brands globally. The website reflects a mature digital infrastructure built on WordPress, hosted on AWS, and integrates modern analytics and marketing technologies such as Google Tag Manager, Snowplow, and OneTrust for consent management. Security posture is robust with HTTPS enforcement, security headers, and cookie consent mechanisms, although DNSSEC is not enabled. Privacy and compliance policies are comprehensive and GDPR-aligned. Overall, the site demonstrates high professionalism, excellent content quality, and strong business credibility.

I

iSmile

blueskysmilesimulation.com

46

iSmile Simulation is a specialized digital healthcare service focused on providing 2D smile design and tele-dentistry solutions. The platform allows users to upload smile images for simulation and offers mobile applications for iOS and Android to extend its services. The business targets dentists and patients interested in dental aesthetics and remote dental consultations. Technically, the website uses modern frontend technologies including Bootstrap, jQuery, and an image comparison slider, delivering a responsive and user-friendly experience. However, the site lacks visible privacy and cookie policies, security headers, and explicit contact information, which are important for compliance and trust in healthcare services. The domain uses privacy protection in WHOIS, which is common and justified for healthcare-related businesses. Overall, the website is functional and professional but requires improvements in privacy compliance and security posture to enhance trust and regulatory adherence.

B

BlueSkyMeet

blueskymeet.com

50

BlueSkyMeet is a technology company providing a video conferencing platform based on the open-source Jitsi Meet software. The platform offers features such as video and audio conferencing, screen sharing, recording, and collaborative whiteboarding. The service targets general users and organizations seeking reliable online meeting solutions. The website is branded consistently with BlueSkyMeet and includes mobile app links for Android and iOS, indicating a multi-platform approach. Technically, the site leverages modern web technologies including WebRTC, service workers for PWA functionality, and integrates Google Analytics for user tracking. The domain is registered with GoDaddy since 2020, aligning with the company's recent establishment. Security posture is moderate with HTTPS enabled and domain status protections, but lacks DNSSEC and visible security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is functional and professional but would benefit from enhanced privacy disclosures and security hardening.

L

LUKAS Hydraulik GmbH

idexfiresafety-shop.com

50

The website idexfiresafety-shop.com operates as an e-commerce platform primarily focused on selling promotional products such as clothing, advertising giveaways, and books. It is associated with LUKAS Hydraulik GmbH and partners, targeting business customers seeking creative giveaways. The site is relatively new, with the domain registered in November 2023, aligning with the business launch timeframe. The parent company is identified as IDEX Corporation, indicating a connection to a larger industrial group. The business model revolves around retailing branded promotional items through a Shopware-based online store.

艾迪斯鼎力科技（天津）有限公司是一家专注于消防与救援设备制造的企业，隶属于全球性的IDEX集团。公司提供包括液压破拆工具、消防泵、压缩空气泡沫系统等多种专业救援产品，服务于消防救援市场，拥有30年以上的行业经验和国际认证。网站内容丰富，设计专业，面向消防及救援专业人员，体现了较高的业务成熟度和市场定位。技术架构基于现代前端框架UIkit和jQuery，支持响应式设计，用户体验良好。安全方面，网站启用HTTPS，但缺少部分安全头和隐私合规机制，存在改进空间。整体风险较低，建议加强安全策略和隐私合规以提升信任度和合规性。

Thüringer Literaturtage is a small regional cultural festival organized by LeseZeichen e.V., focusing on literature events in the Thüringen region of Germany. The website serves as an informational portal for festival programming, archival content, and organizational details. The target audience includes literature enthusiasts and regional visitors interested in cultural events. The business operates as a non-profit cultural event organizer with a modest online presence. Technically, the website uses basic web technologies including HTML5, CSS, JavaScript with jQuery, and Font Awesome icons. The site is hosted likely on a German hosting provider indicated by the nameservers. Performance and mobile optimization are basic, with no advanced CMS or frameworks detected. SEO and accessibility features are minimal but present. From a security perspective, the site lacks HTTPS enforcement and security headers, which lowers its security posture. No privacy or cookie policies are present, and no contact information is explicitly provided, which impacts privacy compliance and business credibility. No WAF or blocking mechanisms are detected, and no vulnerabilities are immediately apparent from the content. WHOIS data is minimal but consistent with a small cultural event domain. Overall, the site is functional but basic, with room for improvement in security, privacy compliance, and contact transparency. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, securing login forms, and improving contact information visibility to enhance trust and compliance.

B

Bund der Freien Waldorfschulen

waldorfschule.de

40

The website www.waldorfschule.de is the official portal of the Bund der Freien Waldorfschulen, a non-profit educational association in Germany focused on Waldorf and Rudolf Steiner schools. It provides comprehensive information about Waldorf pedagogy, teacher training, school directories, campaigns, and educational research. The site targets parents, teachers, prospective educators, and the Waldorf school community. It holds a strong market position as a leading resource and association for Waldorf education in Germany. Technically, the website is built on TYPO3 CMS, employing modern web technologies and offering good mobile optimization and accessibility. The site uses HTTPS and Google Analytics for visitor tracking but lacks visible privacy and cookie policies or consent mechanisms. Navigation is clear and content quality is excellent, reflecting a professional and trustworthy presence. From a security perspective, the site has a good SSL configuration but lacks explicit security headers and incident response information. No vulnerabilities or suspicious content were detected. The WHOIS data confirms domain legitimacy and consistency with the organization's identity. Overall, the website is a high-quality, professional educational resource with minor gaps in privacy compliance and security best practices. Strategic improvements in privacy disclosures and security headers would enhance trust and compliance.

A

Anthropoi Bundesverband und Anthropoi Selbsthilfe

anthropoi.de

38

Anthropoi is a German non-profit organization focused on advocacy and support for people with assistance needs, helping them exercise their rights and participate actively in society. The website content is primarily in German and targets individuals requiring assistance and their supporters. The organization operates in a niche non-profit sector with a focus on disability rights and self-help initiatives. The website uses modern JavaScript technologies such as Web Components and SystemJS, and includes analytics tracking via eTracker. However, the site lacks visible privacy, cookie, and terms of service policies, and no contact information or forms are present in the provided HTML content. Security headers and SSL/TLS configuration details are not evident from the data provided, indicating room for improvement in security posture. Overall, the website is accessible without WAF or blocking mechanisms, but the technical and compliance maturity is basic.

P

Posten

posten.no

69

Posten.no is the official website of Posten, the leading postal and logistics service provider in Norway. The site offers a comprehensive range of services including parcel shipping, package tracking, address change notifications, and digital mailbox solutions. The business is positioned as a large, trusted entity serving the general public in Norway, with a parent company Posten Bring AS. The website is well-branded, professionally designed, and provides extensive self-service tools for customers.

N

NCC

ncc.no

51

NCC is a large Norwegian company specializing in infrastructure, building, and real estate development. Their website reflects a professional corporate presence with a focus on sustainable construction solutions and societal development. The company targets customers and partners in the Norwegian construction and real estate sectors. Technically, the website uses modern web technologies including Google Fonts, Microsoft Application Insights for telemetry, and Cookiebot for cookie consent management. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is good with HTTPS enforced and no exposed sensitive data, but lacks visible security headers and explicit privacy or security policies. Overall, the domain appears legitimate despite the absence of WHOIS data, which is common for Norwegian domains. The site integrates multiple third-party services for analytics and marketing, maintaining good advertising transparency. Recommendations include publishing clear privacy and security policies, adding contact information, and enhancing security headers to improve trust and compliance.

C

Coffin & Nails Publishing, LLC

coffinandnailspublishing.com

53

Coffin & Nails Publishing, LLC is a newly founded micro-publisher specializing in assisting debut authors with self-publishing their works, particularly in genres such as horror, thriller, fantasy, and science fiction. The company offers a unique business model that eliminates upfront financial investment by authors, instead providing advances as services. Their a la carte service offerings allow authors to tailor publishing support to their needs, positioning the company as a niche player focused on cost-effective, guided publishing experiences. Technically, the website is built with modern web standards using HTML5, CSS3, and JavaScript, including GSAP for animations. Hosting is provided by DreamHost, LLC, a reputable provider. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Performance is moderate with no major technical issues detected. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks security headers and a cookie consent mechanism, which are important for compliance and protection. No incident response or vulnerability disclosure policies are published, indicating room for improvement in security governance. Overall, the website presents a professional and trustworthy front for a small publishing business, with a solid foundation but some gaps in privacy compliance and security best practices. Strategic enhancements in these areas would improve trust and regulatory adherence.

D

Dark Veil Society

darkveilsociety.com

59

Dark Veil Society is a collective of independent horror authors focused on promoting and supporting dark fiction. The website serves as a platform for author collaboration, book promotion, and community engagement within the horror genre niche. The site is professionally designed with good content quality and clear navigation, targeting horror readers and writers. Technically, the site uses modern web standards, Google Analytics for tracking, and is hosted by DreamHost with DNS managed by Cloudflare. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. WHOIS data shows anomalies with a future domain creation date, which may be a data error but reduces trust slightly. Overall, the site is trustworthy and professional but could improve security and privacy practices.

P

Post Media Group

postmediagroup.com

51

Post Media Group presents a corporate media website built on the Wix platform, featuring standard Wix technologies and scripts. The site is accessible without any WAF or blocking mechanisms, indicating no immediate access restrictions. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy and ownership transparency. The website lacks critical compliance documents such as privacy and cookie policies, as well as contact information, which impacts trust and compliance posture. Technically, the site uses modern polyfills and Wix Thunderbolt framework, but performance and SEO optimizations appear basic. Security best practices are partially observed with HTTPS usage but lack advanced headers and incident response information. Overall, the site appears to be a basic corporate presence with limited content and transparency, warranting improvements in compliance, security, and business credibility to enhance trustworthiness.

I

International Workers and Amateurs in Sports Confederation

csit.sport

49

The International Workers and Amateurs in Sports Confederation (CSIT) is a well-established non-profit organization founded in 1913, dedicated to promoting amateur and workers' sports globally. The website reflects a mature digital presence with comprehensive content about their events, social missions, and partnerships with recognized international bodies such as the IOC and SportAccord. Their business model focuses on organizing multi-sport events and fostering social values like sustainability, human rights, and fair play. Technically, the website employs modern web standards with HTML5, CSS3, and JavaScript, including a robust cookie consent mechanism powered by Clickskeks. The site is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. While no CMS or hosting provider is explicitly identified, the performance is moderate with good responsiveness. From a security perspective, the site uses HTTPS with no visible vulnerabilities or exposed sensitive data. The cookie consent banner and privacy policy indicate good privacy compliance, although formal security policies and vulnerability disclosure mechanisms are absent. The WHOIS data is privacy protected, which is justified for this type of organization, and no suspicious patterns were detected. Overall, the website presents a trustworthy and professional image with strong business credibility and compliance posture. Strategic recommendations include publishing a dedicated security policy, adding a security.txt file, and enhancing HTTP security headers to further strengthen security posture.

W

worldgames.com

worldgames.com

51

The website ww25.worldgames.com is a domain parking page indicating that the domain worldgames.com may be for sale. There is no substantive business content, services, or company information presented. The site primarily serves advertisements via Google Adsense and Bodis scripts, with minimal user engagement or navigation features. The WHOIS data is unavailable, suggesting the domain is either unregistered or privacy protected, which aligns with the domain parking status. Technically, the site uses basic HTML, CSS, and JavaScript with no detected CMS or advanced frameworks. Security posture is weak due to lack of HTTPS and security headers. Privacy compliance is minimal with only basic privacy and legal pages present but no cookie consent mechanism. Overall, the site lacks business credibility and trust indicators.

J

JIROUT REKLAMNÍ AGENTURA s.r.o.

rezidencetrnova.cz

60

Rezidence Nová Trnová is a Czech Republic-based real estate development project focused on providing modern, comfortable housing for approximately 200 families in Pardubice. The project emphasizes proximity to nature, accessibility to city centers, and full civic amenities including parking facilities. The website is professionally designed with clear navigation and contact options, targeting home buyers and families. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, Google Fonts, and YouTube API for video content. While the site is mobile optimized and includes cookie consent mechanisms, it lacks visible security headers and explicit SSL configuration details. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency. Overall, the website presents a moderate security posture with good privacy compliance but would benefit from enhanced security practices and domain registration verification.

F

fitness-rezervace.cz

fitness-rezervace.cz

47

fitness-rezervace.cz operates a specialized online reservation and information system primarily targeting fitness centers, gyms, yoga studios, and various sports facilities in the Czech Republic. Established in 2011, the company offers a comprehensive software solution that includes user management, payment integration, live streaming capabilities, and advanced features such as turnstiles, vouchers, and REST API for developers. Their market position is that of a niche leader within the Czech fitness and sports reservation software sector, supported by a small but focused business model emphasizing customization and client support. The website reflects a professional and consistent brand image with clear business information and contact details.

The domain roadsafety.international is currently a parked domain with no active website content or business presence. The site displays a Sedo parking iframe and Google ads scripts, indicating it is not operational for any road safety-related business or service. The lack of privacy policies, contact information, or business details further confirms the domain is inactive. Technically, the site uses basic HTML and JavaScript with no detected CMS or advanced frameworks. There is no evidence of HTTPS enforcement or security headers, which poses a security risk if the site were to become active. The WHOIS data is minimal and does not provide creation or expiry dates, with registrant information withheld, reducing trustworthiness. Overall, the domain is not currently suitable for business use and lacks any meaningful security or compliance posture.

P

PROM-IN, s.r.o.

prom-in.cz

58

PROM-IN, s.r.o. operates a professional e-commerce website specializing in premium dietary supplements primarily targeting athletes and health-conscious consumers in the Czech Republic. The website offers a broad range of products including protein supplements, vitamins, minerals, and performance enhancers, positioning itself as a premium brand in the sports nutrition market. The company maintains an active online presence with social media integration and multi-language support to cater to a wider audience. Technically, the website is built on the Shoptet CMS platform, utilizing modern web technologies such as JavaScript, jQuery, Google Tag Manager, and Facebook SDK. It incorporates Google Analytics and Google Ads for marketing and tracking purposes, alongside a cookie consent mechanism ensuring GDPR compliance. The site demonstrates good mobile optimization and SEO practices, although accessibility features could be enhanced. From a security perspective, the website enforces HTTPS and includes secure login forms with CSRF protection. While explicit security headers are not confirmed in the HTML, the site follows best practices by not exposing sensitive data and implementing cookie consent. However, there is no public security policy or incident response information, and WHOIS data is unavailable, which slightly reduces trustworthiness. Overall, the website presents a professional and trustworthy front for its business, with good content quality and technical implementation. The absence of WHOIS data and lack of explicit security policies are areas for improvement. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and improving accessibility to further strengthen the site's security posture and compliance.

B

BIOTRONIK SE & Co. KG

biotronik.com

64

BIOTRONIK SE & Co. KG is a globally recognized healthcare company specializing in advanced medical devices for cardiac rhythm management, electrophysiology, and neuromodulation. Founded in 1963 in Germany, the company has a strong market position as a pioneer and leader in life-changing therapies and digital health innovations. Their website reflects a mature digital presence with comprehensive product information, clinical studies, and corporate responsibility content targeting patients, healthcare professionals, and partners. Technically, the website is built on Drupal 10, leveraging modern JavaScript frameworks and consent management tools like Usercentrics. The site is mobile-optimized, accessible, and SEO-friendly, with good performance and structured navigation. Security posture is strong with HTTPS enforced and privacy compliance evident through detailed policies and consent mechanisms, although explicit security headers and incident response information could be improved. Overall, the website demonstrates a high level of professionalism and trustworthiness, supported by consistent branding and active social media engagement. However, the absence of WHOIS data for the domain is unusual and should be further investigated to confirm domain registration legitimacy. No critical vulnerabilities or suspicious content were detected, making the site safe for general audiences.

D

Diony Sports

dionysports.com

54

Diony Sports operates an e-commerce platform specializing in high-quality Czech gymnastics equipment, targeting gymnastics clubs, athletes, and sports facilities. The company positions itself as a competitive alternative to leading international brands by offering quality products at lower prices. The website features a comprehensive product catalog, 3D project services, and certifications such as FIG, enhancing its market credibility. Technically, the website employs modern JavaScript libraries, Google Analytics, and embedded YouTube videos to engage users and track performance. The site is accessible, uses HTTPS, and includes a cookie consent mechanism, though mobile optimization and accessibility are basic. No CMS or hosting provider details were identified. From a security perspective, the site benefits from HTTPS but lacks visible security headers and formal privacy or terms of service pages. No contact information for incident response or data protection officers is provided. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and branding appear professional and trustworthy. Overall, the site is functional and business-focused but would benefit from enhanced security practices, clearer privacy compliance, and verified domain registration to improve trust and compliance posture.

X

Xenoplexus Webstudios, LLC

idowebsitestuff.com

56

Xenoplexus Webstudios, LLC is a small freelance web development business operated by Blake Myers, offering custom website design, performance optimization, responsive development, logo creation, and consulting services. The company targets small businesses, non-profits, and schools, emphasizing high-quality, standards-compliant web solutions. The website demonstrates a professional portfolio with multiple client projects and clear contact information including physical addresses in the US and Czech Republic. Technically, the site uses modern web technologies such as HTML5, CSS3, JavaScript, and PHP, with a focus on responsive design and performance. Hosting is provided by DreamHost, with Cloudflare nameservers, and the site enforces HTTPS with a clientTransferProhibited domain status, indicating good security practices. However, DNSSEC is not enabled and security headers are not detected, suggesting room for improvement in security hardening. Privacy compliance is addressed with a GDPR privacy policy, but no cookie consent mechanism is present. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. Overall, the website is well-structured, trustworthy, and professionally maintained, with a solid security posture but some opportunities for enhancement.

Č

Česká asociace cheerleaders

cheerleadingjesport.cz

45

The website 'Cheerleading je sport!' serves as the official online presence for the Czech Association of Cheerleaders (ČACH), a national sports authority representing cheerleading clubs and athletes in the Czech Republic. It provides educational content about cheerleading, club directories, national team information, and historical context. The site targets cheerleading enthusiasts, athletes, and the general public interested in the sport within the Czech Republic. The business model is non-profit and focused on sport promotion and community building. Technically, the website employs standard web technologies including HTML5, CSS3, JavaScript, jQuery, and FontAwesome icons, with a responsive design framework (Skel) to support mobile devices. The site loads moderately fast and offers a good user experience with clear navigation and relevant content. However, there is no detected CMS or advanced analytics, indicating a relatively simple technical infrastructure. From a security perspective, the site lacks visible security headers and privacy/cookie policies, which are important for GDPR compliance and user trust. No forms or sensitive data collection mechanisms are present, reducing immediate privacy risks. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for small non-commercial organizations. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website is a legitimate, well-structured resource for cheerleading in the Czech Republic but would benefit from enhanced privacy compliance, improved security headers, and more transparent business contact information to strengthen trust and compliance.

L

LabBoîte

labboite.fr

48

LabBoîte is a French fablab community platform established since 2016, offering services such as machine and space reservations, training registrations, event participation, and project documentation. The website serves makers and hobbyists interested in collaborative fabrication activities. Technically, the site is built on AngularJS and the Fab-manager platform, integrating Google Analytics for user tracking and Stripe for payment processing. The site is mobile-optimized with a moderate performance profile. Security posture is adequate with HTTPS and CSRF protections, but lacks visible security headers and explicit privacy policies. The domain registration is consistent and legitimate, supporting trust in the platform. Overall, the site provides a functional and community-focused digital presence with room for improvement in privacy and security transparency.

C

Colourbox

colourbox.com

70

Colourbox is an online platform providing royalty free stock photos, videos, and vectors, targeting a broad audience including print, web, and social media users. The website positions itself as a provider of high quality and transparent licensing stock media content. Technically, the site uses modern JavaScript frameworks, CDNs like Amazon Cloudfront, and integrates third-party services such as Google Tag Manager and Cookiebot for analytics and privacy compliance. The site is accessible, mobile-optimized, and demonstrates good content quality and branding consistency. Security-wise, the site enforces HTTPS and cookie consent but lacks visible security headers and explicit privacy or terms of service pages, which are areas for improvement. The WHOIS data is missing or unavailable, which raises concerns about domain legitimacy and reduces trustworthiness. Overall, the site is functional and professional but would benefit from enhanced transparency and security practices.

F

FlixPatrol

flixpatrol.com

59

FlixPatrol is a specialized media analytics platform that provides daily updated rankings and popularity charts for streaming video on demand (VOD) content across nearly a thousand streaming platforms worldwide. The service targets general audiences interested in streaming trends, as well as industry professionals seeking data insights. The platform offers key services such as top 10 charts, popularity metrics, and a premium subscription with API access for advanced analytics. Technically, the website employs modern frontend technologies including Alpine.js, Tailwind CSS, and integrates analytics tools like Google Analytics and Hotjar for user behavior tracking. The site is mobile optimized and presents a professional design with clear navigation. From a security perspective, the site enforces HTTPS and has domain transfer protections in place, but lacks DNSSEC and security headers, and does not provide visible privacy or cookie policies, which are areas for improvement. Overall, the website is legitimate and functional with moderate risk, but would benefit from enhanced privacy compliance and security hardening.

The website smartteplomery.cz represents a small technology business focused on providing smart thermometers and meteorological stations with remote administration capabilities. The business appears to be newly established in 2024, targeting consumers and small businesses interested in temperature monitoring solutions. The website offers an e-shop and user account management features, emphasizing data visualization and remote device control. Technically, the website is built with standard HTML, CSS, and JavaScript without reliance on major frameworks or CMS platforms. Hosting is provided by WEDOS, a Czech hosting provider. The site demonstrates good mobile optimization and user experience with a clean, consistent design. However, SEO and accessibility features are basic, and no advanced analytics or marketing tools are detected. From a security perspective, the site uses HTTPS (assumed from domain and modern standards, though not explicitly confirmed in the HTML). There is a lack of security headers and no visible privacy or cookie policies, which impacts GDPR compliance. No contact information or incident response channels are provided, limiting transparency and trust. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, security hardening, and clearer business contact information to improve trust and regulatory adherence.

F

Facta Pro Futura

factaprofutura.com

58

Facta Pro Futura is a specialized strategic foresight platform focusing on understanding future trends and challenges, particularly in the energy sector and Central Europe. The website offers horizon scanning, data analysis, reports, and a geocalendar to support decision-makers in anticipating risks and opportunities. The platform collaborates with recognized partners such as the Adapt Institute, enhancing its credibility in the foresight domain. Technically, the website is built on the Webnode CMS, leveraging AWS Cloudfront CDN for content delivery, and demonstrates good mobile optimization and SEO practices. Security-wise, the site enforces HTTPS and implements a cookie consent mechanism but lacks visible security headers and formal privacy or terms of service pages. The absence of WHOIS registration data raises concerns about domain legitimacy, although the active and professional nature of the site partially offsets this risk. Overall, the site presents a moderate security posture with room for improvement in compliance and transparency.

The website europeanvalues.cz is currently inaccessible due to a Cloudflare Turnstile CAPTCHA challenge, which blocks access to the actual content. The domain is registered since November 2020 and uses Cloudflare for DNS and security services. Due to the WAF protection, no business content, policies, or contact information is visible, limiting the ability to assess the company's operations or services. The technical infrastructure relies on Cloudflare's security platform, indicating a focus on protecting the site from automated threats. However, the lack of accessible content and policies results in a low overall trust and compliance score.

MI-MA is a small Czech graphic design business specializing in the creation of internet websites, e-shops, banners, flyers, posters, and video production. The website serves as a portfolio showcasing various projects and design works. The business appears to be well-established with a domain registered since 2007, indicating stability and longevity in the market. The target audience is general, likely local businesses or individuals seeking graphic design services. Technically, the website is built on the MyPortfolio platform, uses modern web standards including HTTPS and Typekit fonts, and is moderately optimized for mobile devices. However, it lacks comprehensive privacy and cookie policies, contact information, and security headers, which are important for trust and compliance. No forms or data collection mechanisms are present, reducing privacy risks but also limiting user engagement. Security posture is adequate with HTTPS but could be improved with additional headers and policies. Overall, the website is professional and functional but would benefit from enhanced privacy compliance and security best practices.

The website 'Slovak Industry Vision Day' appears to be a business event platform aimed at connecting industry professionals and partners in Slovakia. The site promotes networking and matchmaking opportunities but lacks detailed business information, contact details, and formal policies. The technical infrastructure is based on the SITE123 CMS platform, utilizing standard web fonts and CDN-hosted resources. The site is accessible without any WAF or security blocking mechanisms, but it lacks advanced security headers and privacy compliance features. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, the site presents basic content with moderate technical implementation but requires significant improvements in security posture and business credibility to enhance trust and compliance.

J

JBL Slovensko

jbl.sk

65

JBL Slovensko operates as the official distributor of JBL audio products in Slovakia, offering a wide range of speakers, headphones, soundbars, and related audio equipment. The website reflects a well-established brand with a rich history dating back to 1927, emphasizing quality and innovation in audio technology. The business targets Slovak consumers seeking premium JBL products, positioning itself as a trusted retail source with comprehensive product information and customer support. Technically, the website employs modern web technologies including React, Tailwind CSS, and integrates with major analytics and advertising platforms such as Google Analytics and Facebook Pixel. The use of Cookiebot ensures compliance with privacy regulations, including GDPR. Security posture is solid with HTTPS enforced and standard security practices observed, though some security headers could be enhanced. Overall, the site is professional, user-friendly, and trustworthy, with no indications of malicious activity or content safety concerns.

G

Geozo

geozo.com

61

Geozo is a global native and push advertising platform that aims to boost revenue growth for publishers and advertisers by combining effective ad formats with a qualified team. The website presents a professional and modern design built on Nuxt.js with integrations such as Google Tag Manager and Cookiebot for analytics and cookie consent management. The domain is well-established since 2010, registered with a reputable registrar and uses Cloudflare DNS services, indicating a stable technical foundation. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is basic with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the website is functional and credible but would benefit from enhanced transparency and security documentation.

G

greenpeace.social

greenpeace.social

64

greenpeace.social is a decentralized social networking platform powered by Mastodon software, emphasizing privacy, ethical design, and no advertising. The platform targets users seeking an alternative social network free from corporate surveillance. The website is well-branded and consistent with Greenpeace's values, offering features such as posts, hashtags, and news exploration. Technically, it uses modern web technologies including React and WebSockets, hosted partially on Google Cloud Storage for media assets. The platform is mobile optimized and provides a good user experience with clear navigation. Security posture is moderate; HTTPS is implied but explicit security headers are missing. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism or terms of service found. WHOIS data is limited due to TLD restrictions and privacy protections, but no suspicious patterns are detected. Overall, the site is trustworthy and aligns with its non-profit, privacy-focused mission.

W

WOGGON Mode

woggon-mode.de

44

WOGGON Mode is a small retail business based in Göttingen, Germany, specializing in sustainable and high-quality fashion and accessories. The company emphasizes European production and certified labels, catering to customers seeking fashionable and environmentally conscious apparel. The website reflects a local boutique positioning with occasional cultural events such as concerts, enhancing community engagement. Technically, the website is built on WordPress using the Avada theme and Slider Revolution plugin, indicating a mature and widely supported infrastructure. The site is mobile-optimized with good SEO practices and a cookie consent mechanism, demonstrating digital maturity and privacy awareness. Hosting is managed via nameservers linked to agenturserver domains, suggesting a professional hosting environment. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is good with a clear privacy policy and cookie banner, though no terms of service or data protection officer information is provided. Overall, the website presents a trustworthy and professional image suitable for its retail business model. Strategic improvements in security headers, incident response transparency, and expanded compliance documentation would enhance the security and trustworthiness further.

S

Smart Sender

smartsender.eu

60

Smart Sender is a technology company offering a SaaS chatbot platform that integrates with multiple popular instant messengers such as Telegram, Viber, WhatsApp, Instagram Direct, Facebook Messenger, Skype, VKontakte, Kik, Line, and WeChat. The platform focuses on automating customer engagement, increasing sales, and improving customer loyalty through chatbots, autoresponders, and automated sales funnels. The website presents a professional and consistent brand image with clear pricing plans and calls to action for free trials and registration. Technically, the website is built using modern JavaScript frameworks, primarily Vue.js, and incorporates common analytics and marketing tools like Google Analytics and Facebook Pixel. The site is mobile-optimized with good SEO practices and a moderate performance profile. Security-wise, HTTPS is enforced, and CSRF tokens are present, but there is room for improvement in implementing additional security headers and publishing explicit security policies. The security posture is solid but could benefit from enhanced transparency around incident response and vulnerability disclosure. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. No direct contact emails or phone numbers are provided, which may limit immediate customer support access but is common for SaaS platforms relying on account portals. Overall, the website and business appear legitimate, professional, and trustworthy with no signs of malicious activity or content safety concerns. Strategic recommendations include enhancing security headers, publishing a security policy, and providing incident response contacts to further strengthen trust and compliance.

T

TRL SPACE

trlspace.cz

43

TRL SPACE is a Czech Republic-based mission integrator specializing in small satellites, probes, and space technology solutions. Founded in 2021, the company focuses on providing affordable and customized satellite solutions for sovereign satellite systems, Earth Observation, Communications, and lunar missions. Their business model centers on mission integration services and delivering bespoke satellite products and services to a diverse client base including commercial customers and space sector entities. The company maintains a strong partnership ecosystem with numerous research and space organizations, enhancing its market position as a premier mission integrator in the region. Technically, the website is built on the Webflow CMS platform, utilizing modern web technologies such as HTML5, CSS3, JavaScript, and jQuery. The site demonstrates good mobile optimization and user experience with clear navigation and professional design. However, SEO and accessibility features are basic, and performance is moderate. The hosting provider is not explicitly identified, but external scripts are served via Amazon CloudFront. From a security perspective, the website uses HTTPS but lacks visible security headers and published security policies such as privacy, cookie, or incident response policies. No forms collecting sensitive data are present on the homepage, reducing immediate risk exposure. The WHOIS data is consistent with the business profile, showing domain registration in 2021 with no privacy protection, supporting legitimacy. Overall, the security posture is moderate but could be improved by implementing security headers, privacy policies, and incident response information. The overall risk assessment indicates a trustworthy and professional business with minor compliance gaps primarily in privacy and security policy disclosures. Strategic recommendations include publishing comprehensive privacy and cookie policies, enhancing security headers, and providing incident response contacts to improve compliance and trust.

B

BRNO SPACE CLUSTER z.s.

brnospacecluster.cz

42

Brno Space Cluster z.s. is a technology-focused business entity formed by multiple companies and institutions from the Brno region, specializing in engineering services and cooperation on space projects. Leveraging experience from major aerospace players such as ESA, ArianeGroup, OHB, Avio, and Leonardo, the cluster operates in the commercial space market, providing services including satellite development exemplified by the Mise Drak project. The website reflects a professional and consistent brand presence with clear contact information and a strong partner ecosystem. Technically, the website is built on the Webflow CMS platform, utilizing modern web technologies including HTML5, CSS3, JavaScript, and jQuery. It integrates Google Analytics for user tracking and is hosted on servers associated with the Ignum nameservers. The site is mobile-optimized with good SEO practices but lacks some accessibility features and security headers which could enhance its technical robustness. From a security perspective, the website uses HTTPS with excellent SSL configuration, but it lacks visible security headers and does not provide privacy or cookie policies, indicating compliance gaps with GDPR and related regulations. No forms or direct data collection mechanisms are present, reducing immediate data exposure risks. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the organization's founding date and no suspicious registration patterns. Overall, the website presents a moderate risk profile with good business credibility but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.