Security Directory

2

2NP production s.r.o.

oktagonmma.cz

67

OKTAGON MMA is a prominent European mixed martial arts organization founded in 2016, with a strong presence in the Czech Republic and neighboring countries. The website serves as the official platform for event promotion, fighter information, ticket sales, and media streaming through OKTAGON.tv. The organization targets MMA fans and sports enthusiasts, offering a comprehensive range of services including live events, online streaming, and merchandise sales. The business model is centered on event-driven revenue and media content distribution, supported by partnerships with major broadcasters and sponsors.

L

LightRocket

lightrocket.com

67

LightRocket operates as a digital asset management (DAM) platform targeting global organizations and media professionals. The company offers a comprehensive DAM system with AI-powered tools, collaboration features, and seamless integrations to enhance digital asset workflows. The website presents a professional and polished image with strong client testimonials and a clear value proposition. Technically, the site uses modern frameworks such as Next.js and React, ensuring fast performance and mobile optimization. Security posture is generally good with HTTPS enforced and secure forms, though some security headers are not detected and no explicit security policy or incident response contacts are published. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR considerations. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, but the overall business credibility remains solid based on website content and client references.

M

Motul

motul.com

68

Motul is a well-established company specializing in high-performance engine oils, lubricants, and vehicle care products for a wide range of vehicles including cars, motorcycles, trucks, and bicycles. The website reflects a strong market position with a comprehensive product offering and multiple sales channels including B2B and e-commerce platforms. The brand is supported by consistent and professional digital presence with clear navigation and rich content. Technically, the site is built on modern frameworks such as Next.js and React, integrating advanced analytics and marketing tools with user consent management. Security posture is good with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and incident response information suggests room for improvement. The lack of WHOIS data is unusual but does not detract significantly from the overall legitimacy given the brand recognition and content quality. Strategic recommendations include enhancing security transparency and publishing vulnerability disclosure policies to further strengthen trust and compliance.

F

Fédération Internationale de Motocyclisme

fim-pictures.com

60

Fédération Internationale de Motocyclisme (FIM) operates fim-pictures.com as an official media platform providing extensive photographic content and official documents related to motorcycling sports worldwide. The website targets motorcycling enthusiasts, media professionals, and sports fans, offering free access to images upon signup. The platform is well-positioned as the international governing body for motorcycle sport, leveraging partnerships with recognized brands such as Motul and Hertz. Technically, the site is built on modern frameworks including Next.js and Chakra UI, hosted with reputable providers, and optimized for performance and mobile use. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism, trustworthiness, and content quality, with no indications of malicious or adult content.

F

FIM (Fédération Internationale de Motocyclisme)

fim-moto.tv

66

FIM-MOTO.TV is the official video streaming platform of the Fédération Internationale de Motocyclisme (FIM), providing live broadcasts, race highlights, and exclusive motorcycle sport content globally. The platform targets motorcycle sport enthusiasts and serves as a central hub for FIM's world and national championships. Technically, the website leverages modern web technologies including Next.js, React, and integrates analytics tools such as Matomo and Facebook Pixel, indicating a mature digital infrastructure. Security posture is solid with HTTPS enabled and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is limited due to the absence of explicit privacy and cookie policies in the analyzed content. Overall, the platform presents a professional and trustworthy front with room for enhanced transparency and security practices.

K

Kino Blansko

kinoblansko.cz

55

Kino Blansko is a local cinema in Blansko, Czech Republic, with a rich history spanning over a century. The website provides detailed information about film screenings, events, and ticket sales, targeting families and general audiences. The business model centers on cinema operations, event hosting, and gift voucher sales, positioning itself as a key entertainment venue in the region. Technically, the site leverages modern frameworks such as Next.js and Material-UI, ensuring a responsive and user-friendly experience. The presence of Hotjar indicates some level of user behavior analytics. Security posture is generally good with HTTPS enforced, but lacks some security headers and explicit incident response contacts. Privacy and cookie policies are present and GDPR compliant, though no explicit cookie consent mechanism is detected. Overall, the site is professional and trustworthy, though the absence of WHOIS data slightly reduces domain trust. Strategic recommendations include enhancing security headers, adding incident response info, and implementing cookie consent mechanisms.

ELEVUP is a Czech-based technology company specializing in advanced business and software development services. Their offerings include full stack development, mobile and web development, DevOps, cloud engineering, UX/UI design, and emerging technologies such as AI, AR/VR, and IoT. The company serves a diverse client base including media, automotive, fintech, and logistics sectors, with notable clients like ŠKODA Auto and RENOMIA. The website demonstrates a modern technical infrastructure built on React and Next.js, indicating a mature digital presence. However, a client-side application error on the homepage negatively impacts user experience. Security posture is moderate with the presence of HTTPS and cookie consent but lacks explicit security headers and incident response contacts. The absence of WHOIS data raises concerns about domain registration legitimacy, though the professional certifications and client portfolio support business credibility. Strategic improvements in security practices and domain verification are recommended to enhance trust and compliance.

P

Porticus Amsterdam C.V.

porticus.com

66

Porticus Amsterdam C.V. is a well-established philanthropic organization founded in 1996, focused on creating a just and sustainable future where human dignity flourishes. The organization operates globally with a network of offices and partners, emphasizing social and environmental impact through grant-making and community resilience programs. Their website reflects a mature digital presence with comprehensive content, professional design, and clear navigation aimed at partners, NGOs, and the public interested in social change. Technically, the website is built on modern frameworks such as Next.js and React, with Umbraco CMS managing content. It employs Matomo analytics, indicating a privacy-conscious approach to user tracking. The site is mobile-optimized and accessible, with good SEO practices and performance. From a security perspective, the site enforces HTTPS, includes standard security headers, and has a domain registration consistent with the organization's profile. However, it lacks a publicly available security policy, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. Overall, the website presents a low-risk profile with strong privacy compliance and business credibility. Strategic improvements could include publishing security policies and enabling DNSSEC to further strengthen security posture.

K

KNDS Deutschland GmbH & Co. KG

kmweg.de

62

KNDS Deutschland GmbH & Co. KG is a leading European defense technology company specializing in the development, production, and support of military land systems. As part of the KNDS group, formed by the merger of Krauss-Maffei Wegmann and Nexter, the company offers comprehensive solutions including armored vehicles, artillery systems, training, logistics, and customer service. Their market position is strong, serving armed forces in over 50 countries with a broad product portfolio and extensive expertise. Technically, the website is built on modern frameworks such as Next.js and React, with cloud-hosted media assets and integrated analytics via Matomo. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a mature digital infrastructure. From a security perspective, the site uses HTTPS, domain protection statuses, and cookie consent mechanisms, though it lacks explicit public security policies or incident response contacts. No vulnerabilities or suspicious activities were detected, and the WHOIS data confirms domain legitimacy and consistency with the business history. Overall, the website presents a professional, trustworthy, and secure digital presence aligned with the company's stature in the defense industry. Strategic improvements could focus on enhancing security transparency and formalizing vulnerability disclosure processes.

K

KNDS France

knds.fr

65

KNDS France is a leading European defense manufacturer specializing in air-land defense systems, including armored vehicles, artillery, and robotics. It operates as part of the KNDS Group, with a strong presence in France and multiple subsidiaries across Europe and globally. The company supports armed forces with comprehensive lifecycle services and is a key player in major defense programs such as SCORPION. Technically, the website is built on modern frameworks like Next.js and React, with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and domain protections, though DNSSEC is not enabled. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site reflects a professional, trustworthy, and mature digital presence aligned with its business stature.

K

KNDS Deutschland GmbH & Co. KG

knds.de

62

KNDS Deutschland GmbH & Co. KG is a leading European manufacturer and system supplier of military land systems, offering a broad portfolio of armored vehicles, artillery, and support systems. The company operates within the French-German KNDS group, serving over 50 countries worldwide with integrated solutions including development, production, logistics, training, and maintenance. The website reflects a mature digital presence built on modern technologies such as Next.js and React, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and domain protections, though improvements like DNSSEC and explicit security policies could enhance trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site projects professionalism and credibility consistent with a large defense manufacturing entity.

A

Akkodis

akkodis.com

84

Akkodis is a global technology and digital engineering company focused on Smart Industry solutions. They provide consulting, technology solutions, talent acquisition, and academy services to enterprises worldwide. The website demonstrates a mature digital presence with modern technologies such as Next.js and React, integrated monitoring via Dynatrace, and privacy compliance through OneTrust. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response information are not published. The absence of WHOIS data reduces domain trust slightly but does not detract from the professional presentation and comprehensive service offerings. Overall, Akkodis presents as a credible and established enterprise technology partner.

R

RankFaster

rankfaster.pro

55

RankFaster is a specialized SEO toolkit designed to serve early-stage websites and small businesses seeking affordable and scalable SEO solutions. The platform offers essential SEO tools such as on-page audits, keyword research, domain rating checks, and AI-powered blog content generation, all accessible via a pay-as-you-go credit system. This business model allows users to pay only for the features they use, making SEO more accessible to smaller budgets and reducing overhead costs associated with traditional subscription models. The website is professionally designed with a clear focus on usability and straightforward navigation, targeting users with basic SEO knowledge.

3

3Commas

3commas.io

80

3Commas is a well-established cryptocurrency trading platform founded in 2017, headquartered in Estonia. It offers a suite of automated trading tools including DCA bots, signal bots, grid bots, and a smart trading terminal, targeting cryptocurrency traders and investors globally. The platform integrates with major exchanges and supports multi-exchange portfolio management, positioning itself as a comprehensive solution for crypto trading automation. The website demonstrates a high level of professionalism, with excellent design, clear navigation, and strong trust signals such as high user ratings and active community engagement. Technically, the site leverages modern web technologies including React and Next.js, hosted behind Cloudflare with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and client transfer protection on the domain, though DNSSEC is not enabled. Privacy compliance is addressed with clear privacy and cookie policies and consent mechanisms. Overall, 3Commas presents a credible, secure, and user-friendly platform for crypto trading automation.

KNDS is a leading European defense manufacturer specializing in military land systems, formed by the association of Krauss-Maffei Wegmann and Nexter. The company operates globally with over 10,000 employees and a strong product portfolio including main battle tanks, armored vehicles, artillery, and advanced training solutions. Their market position is strong within the European defense sector, supported by a large order backlog and significant turnover. Technically, the website is built on modern frameworks such as React and Next.js, with privacy-conscious analytics via Matomo and comprehensive cookie consent management through Cookiebot. Security posture is good with HTTPS enforced and domain registration consistent with the business profile. However, there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is professional, secure, and compliant with GDPR, reflecting a mature and credible business entity.

S

SUPERKODERS s.r.o.

superkoders.cz

54

SUPERKODERS s.r.o. is a Czech-based technology company specializing in the development of custom websites, e-commerce platforms, and web/mobile applications. Founded in 2009, the company has established a strong market presence with a portfolio of successful projects and recognized clients. Their services include full-cycle development, accessibility audits, and coding of components and emails, targeting businesses seeking tailored digital solutions. The website reflects a professional and modern digital presence with comprehensive content and clear navigation.

E

EnviWeb s.r.o.

enviweb.eu

55

EnviWeb s.r.o. is a specialized public relations agency focused on environmental topics, ecology, and sustainability primarily serving clients in the Czech Republic. The company manages notable environmental projects such as Ukliďme Česko, Kam s ním?, and EKOkalendář, positioning itself as a niche leader in environmental communication. Their business model centers on providing comprehensive PR services including media relations, brand building, and content creation tailored to environmental and sustainability sectors. The website is built on a modern React and Next.js framework, indicating a contemporary technical infrastructure with good mobile optimization and user experience. However, the site lacks visible privacy and cookie policies, contact information, and security headers, which are areas for improvement in compliance and security posture. The domain WHOIS data is privacy protected by EURid, which is typical for EU domains, and no suspicious patterns were detected, supporting the legitimacy of the business. Overall, the website presents a professional and trustworthy image with moderate technical and security maturity.

S

shen zhen shi gong zhi yi ke ji you xian gong si

evercraft.co

44

EverCraft is a Chinese technology company specializing in engineering productivity tools, including version control software and online CAD visualization platforms. The company targets engineers and professionals requiring efficient file history management and CAD collaboration tools. Their product suite includes 追光Lite for file versioning, 追光看图 for CAD viewing and annotation, and 分形三维 for 3D CAD visualization. The company operates primarily in China, with hosting and domain registration consistent with local regulations and ICP licensing. Technically, the website is built using modern web technologies such as React and Next.js, hosted on Alibaba Cloud. The site is mobile-optimized and performs moderately well, though accessibility and SEO optimizations are basic. The site uses Baidu Analytics for user tracking but lacks visible cookie consent mechanisms or privacy policies, indicating room for improvement in privacy compliance. From a security perspective, the site uses HTTPS but lacks important security headers and DNSSEC is not enabled. No forms or sensitive data collection points were detected on the homepage, reducing immediate risk. However, the absence of published security policies, incident response contacts, and vulnerability disclosure mechanisms suggests a low maturity in security governance. Overall, the website is professional and trustworthy within its niche but would benefit from enhanced privacy compliance, security hardening, and clearer contact information to improve user trust and regulatory adherence.

W

Waitwhile Inc.

waitwhile.com

65

Waitwhile Inc. is a technology company specializing in queue management, appointment scheduling, and customer journey management solutions. Established in 2017, the company serves over 50,000 locations worldwide and offers a comprehensive SaaS platform that integrates virtual waitlists, automation, communication, analytics, and resource management. The website demonstrates a strong market position with high customer satisfaction ratings and a clear focus on improving customer experience and operational efficiency for businesses. Technically, the website is built using modern frameworks such as Next.js and React, hosted on Google Cloud infrastructure with DNS managed by Google Domains. It employs best practices in web performance, mobile optimization, and SEO. The presence of cookie consent mechanisms and privacy policies indicates a mature approach to privacy compliance. From a security perspective, the site enforces HTTPS, uses security headers, and employs domain registration protections. However, DNSSEC is not enabled, and explicit incident response or vulnerability disclosure policies are not publicly available, representing areas for improvement. Overall, the security posture is solid with room for enhancement. The overall risk assessment is low, with no signs of malicious activity or content safety concerns. Strategic recommendations include enabling DNSSEC, publishing incident response policies, and enhancing transparency around security certifications to further build trust and compliance.

L

Lockton Finland Oy

lockton.com

68

Lockton Finland Oy is a subsidiary of Lockton Companies, a globally recognized independent insurance broker founded in 1966. The company specializes in providing a wide range of insurance and risk management services including cyber insurance, corporate risk, financial institutions insurance, and professional indemnity. The website reflects a mature and professional business presence targeting corporate clients primarily in Finland and Europe. Technically, the site is built using modern web technologies such as React and Next.js, with Material-UI for UI components, and integrates Google Tag Manager and cookie consent management for analytics and compliance. Security posture is strong with HTTPS enforced and security headers present, although explicit security policies and incident response contacts are not published. The absence of WHOIS data limits domain trust analysis but the overall professional presentation and compliance indicators suggest a legitimate and trustworthy business. Strategic recommendations include publishing a dedicated security policy, vulnerability disclosure, and incident response information to enhance transparency and trust.

Rakuten Kobo operates a leading global e-commerce platform specializing in digital reading products including eBooks, audiobooks, eReaders, and reading applications. The website targets a broad audience with a strong presence in Finland and worldwide, supported by a comprehensive catalog of over 6 million titles. The business model focuses on direct sales, subscription services (Kobo Plus), and hardware sales, positioning Kobo as a major player in the digital reading market under the Rakuten corporate umbrella. Technically, the site leverages modern web technologies such as React and Next.js, with a content management system powered by Builder.io and search capabilities enhanced by Algolia. The site is well-optimized for performance, mobile responsiveness, accessibility, and SEO, providing an excellent user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in implementing and reporting security headers and publishing a dedicated security policy. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, the site is trustworthy and professional, though the absence of WHOIS registration details is unusual but likely due to registry privacy restrictions. Strategic recommendations include enhancing security transparency and incident response readiness to further strengthen trust and compliance.

M

Mast-Jägermeister SE

jaegermeister.com

62

Mast-Jägermeister SE operates the official website for Jägermeister, a globally recognized premium herbal liqueur brand established in 1935. The website serves as a comprehensive platform for brand storytelling, product information, and e-commerce, targeting adult consumers interested in nightlife and premium spirits. The company maintains a strong market position with consistent branding and a professional digital presence. Technically, the website leverages modern web technologies including React and Next.js, hosted on Vercel with Contentful CMS integration. The site demonstrates excellent performance, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, includes an age gate to restrict underage access, and implements standard security headers. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a dedicated security policy or vulnerability disclosure page suggests room for improvement in transparency and incident response readiness. Overall, the website presents a low-risk profile with strong business credibility and compliance with privacy regulations such as GDPR. Strategic recommendations include enhancing security transparency, publishing incident response contacts, and continuous monitoring of third-party scripts to maintain security posture.

A

ACC Belgium asbl

acc.be

49

ACC Belgium is a professional association dedicated to uniting and empowering communication agencies in Belgium. It offers a comprehensive suite of services including training programs, industry awards, tools, and platforms to support agencies and professionals in the marketing communication sector. The website is well-designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. The technical infrastructure leverages modern frameworks such as Next.js and React, with analytics implemented via Google Tag Manager and Plausible Analytics. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user trust and regulatory adherence. Overall, ACC Belgium presents a credible, professional, and trustworthy online presence with a strong focus on industry support and development.

H

Hotel & Therme AQUA DOME

aqua-dome.at

44

Hotel & Therme AQUA DOME is a premium alpine spa hotel located in the Ötztal valley, Tyrol, Austria. It offers a comprehensive wellness experience including thermal baths, spa treatments, fitness facilities, and culinary services. The business targets wellness tourists, couples, families, and singles seeking relaxation and alpine experiences. The website is professionally designed, mobile optimized, and provides clear navigation and booking options. Technically, it uses modern frameworks such as Next.js and React, with integrated consent management and advertising pixels. Security posture is good with HTTPS and consent mechanisms, though explicit security headers and incident response policies are not publicly documented. The domain WHOIS data is unavailable, likely due to privacy protection, but the website's trust indicators and certifications support its legitimacy. Overall, the site demonstrates a mature digital presence aligned with hospitality industry standards.

J

Johnson & Johnson | Vision PRO

jnjvisionpro.com

68

Johnson & Johnson Vision Pro is a comprehensive online platform dedicated to eye care professionals, offering a wide range of products, educational resources, and expert support. The website reflects the strong market position of Johnson & Johnson in the healthcare and vision care sectors, targeting professionals who require cutting-edge solutions for myopia management, contact lenses, refractive surgery, ocular surface care, and cataract surgery. The platform supports business growth and patient care excellence through tools like online ordering, calculators, and virtual services such as LensAssist. Technically, the website is built using modern frameworks such as Next.js and React, integrated with Contentstack CMS, and employs advanced analytics and user engagement tools including Google Tag Manager, reCAPTCHA Enterprise, and WalkMe. The site demonstrates good performance, mobile optimization, and accessibility features, ensuring a professional user experience. From a security perspective, the site enforces HTTPS, uses security headers, and incorporates consent mechanisms for cookies, reflecting a mature security posture. However, the absence of publicly available WHOIS data is a notable anomaly, although the overall branding and content strongly support the site's legitimacy. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site presents a low risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure information to further enhance trust and compliance.

A

ASD - AeroSpace and Defence Industries Association of Europe

asd-europe.org

69

ASD - AeroSpace and Defence Industries Association of Europe is a leading European industry association representing aerospace, defense, security, and space sectors. The organization connects over 4,000 companies across 21 countries, providing advocacy, standards development, and networking services. Their website reflects a professional and comprehensive digital presence, targeting industry professionals and stakeholders. The site uses modern web technologies including Next.js and React, with privacy-conscious analytics via Matomo and a robust cookie consent mechanism powered by Cookiebot. Security posture is strong with HTTPS enforced and appropriate security headers in place, though explicit security policies and incident response information are not publicly detailed. Overall, the domain appears legitimate and consistent with an established industry association, despite the lack of WHOIS data due to privacy protection. Strategic recommendations include publishing security policies and vulnerability disclosure information to enhance trust and compliance.

C

Clear Vision For You

clearvisionforyou.com

62

Clear Vision For You is a healthcare-focused website affiliated with Johnson & Johnson Vision, providing comprehensive information and resources about eye health treatments and vision care solutions. The site targets a general audience seeking education on conditions such as myopia, cataracts, dry eye, and laser vision correction, and offers tools like a 'Find a Doctor' feature to connect users with eye care professionals. The website is professionally designed with consistent branding and high-quality content, reflecting the stature of its parent company in the healthcare industry. Technically, the site leverages modern web technologies including React and Next.js frameworks, integrates Google Tag Manager for analytics, and employs OneTrust for cookie consent management. The content is well-structured, mobile-optimized, and accessible, ensuring a positive user experience. However, the absence of WHOIS data for the domain raises questions about domain registration transparency, although the website's content and external links strongly associate it with Johnson & Johnson Vision. From a security perspective, the site uses HTTPS and includes privacy and cookie policies indicating GDPR compliance. Nonetheless, it lacks explicit security headers and does not provide visible incident response or vulnerability disclosure information, which are areas for improvement. No critical vulnerabilities or suspicious content were detected, and the site maintains a good security posture overall. Overall, Clear Vision For You presents a trustworthy and authoritative resource for eye health information, but should enhance transparency around domain registration and strengthen security policies to further build user trust and compliance assurance.

C

Clear Vision For You

jjvision.com

62

Clear Vision For You is a healthcare-focused website operated under the Johnson & Johnson Vision brand, providing comprehensive information and resources related to eye health, vision correction, and treatments such as myopia management, contact lenses, laser vision correction, dry eye treatment, and cataract surgery. The site targets a general audience seeking trusted eye care information and facilitates finding local eye doctors. Technically, the site is built on modern web technologies including Next.js and React, with integrations for analytics and cookie consent, delivering a fast, mobile-optimized, and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly visible. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trustworthiness, but the strong branding and professional content support legitimacy. Overall, the site demonstrates a mature digital presence aligned with enterprise healthcare standards.

F

Fibery

fibery.io

74

Fibery is a technology company offering a modular SaaS platform designed to replace scattered business tools with a unified, customizable company operating system. Their platform targets startups, product companies, software development firms, and digital agencies, providing features such as no-code app creation, flexible database schemas, collaborative documents, and AI-powered automation. Fibery positions itself as a niche player with a strong emphasis on customization and integration, supported by a tiered subscription model including free and enterprise plans. Technically, Fibery employs modern web technologies including React and Next.js, hosted on AWS infrastructure. The website demonstrates excellent performance, mobile optimization, and SEO practices, with comprehensive structured data enhancing search visibility. Privacy-respecting analytics and minimal tracking are used, reflecting a mature digital strategy. From a security perspective, Fibery maintains a strong posture with HTTPS enforcement, SOC 2 certification, GDPR compliance, and advanced platform permissions. However, there is room for improvement in publishing explicit vulnerability disclosure policies and incident response contacts. No critical vulnerabilities or exposures were detected in the analysis. Overall, Fibery presents a professional, trustworthy, and technically sound online presence with a solid business foundation. Strategic recommendations include enhancing transparency around incident response and cookie consent mechanisms to further strengthen compliance and user trust.

J

Johnson & Johnson | Vision PRO

tecnisodysseyiol.com

70

Johnson & Johnson Vision Professional operates a comprehensive website dedicated to the TECNIS Odyssey™ intraocular lens product line, targeting eye care professionals and surgeons. The site provides detailed product information, clinical data, safety instructions, and multimedia testimonials, reinforcing its position as a leading healthcare provider in ophthalmic surgical solutions. The website leverages modern web technologies including Next.js, React, and Contentstack CMS, ensuring a responsive and accessible user experience. Security measures such as HTTPS, Google reCAPTCHA Enterprise, and cookie consent mechanisms are implemented, reflecting a mature security posture. However, the absence of WHOIS data limits domain registration transparency, though the strong corporate branding and external trusted links support legitimacy. Overall, the site demonstrates high professionalism, good privacy compliance, and effective user engagement tools.

C

CARAVANA

caravana.de

52

CARAVANA operates as a German online marketplace specializing in the sale of motorhomes and caravans, connecting buyers with dealers across Germany. The platform offers tools such as smart filters, a configurator, and dealer finder to facilitate the purchase process for end consumers interested in recreational vehicles. The website is professionally designed with a consistent brand presence and targets the transportation sector within Germany. Technically, the site is built using modern frameworks like Next.js and React, hosted on webgo.de infrastructure, and employs Matomo for analytics. While the site demonstrates good content quality and user experience, it lacks visible privacy and cookie policies, explicit contact information, and security headers, which are important for compliance and trust. The security posture is moderate with HTTPS usage implied but could be improved by adding security headers and incident response information. Overall, the domain appears legitimate with consistent hosting and no suspicious WHOIS data, but the absence of key compliance documents and contact details suggests room for improvement in privacy and security transparency.

DBtune is a technology company specializing in AI-powered automated tuning of PostgreSQL databases. Their platform dynamically optimizes database server parameters to improve performance, reduce costs, and increase productivity for a wide range of workloads and machine sizes. The company targets enterprises and database professionals seeking to enhance PostgreSQL efficiency without manual tuning effort. Their market position is supported by reputable clients and positive testimonials, positioning DBtune as a leading innovator in database performance optimization. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Google Cloud infrastructure with DNS managed by Google Domains. The site employs advanced analytics tools including Microsoft Clarity, HubSpot, and Google Analytics, indicating a mature digital marketing and user tracking strategy. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a high level of technical maturity. From a security perspective, the site enforces HTTPS with domain status locks to prevent unauthorized domain transfers or deletions. However, DNSSEC is not enabled, which is a recommended improvement. No explicit security policies or incident response information are published, and no vulnerability disclosure program or security.txt file is found. Overall, the security posture is solid but could be enhanced with additional transparency and DNS security. The overall risk assessment is low, with no signs of malicious activity or content safety concerns. The domain registration is consistent with the business profile, showing a stable and legitimate presence since 2018. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and establishing a vulnerability disclosure program to further strengthen trust and compliance.

Supplyframe is a well-established global engineering network specializing in Design-to-Source Intelligence solutions that empower manufacturers, suppliers, and procurement professionals in the electronics industry. The company offers a suite of software products aimed at optimizing new product introductions, strategic sourcing, quoting, and digital marketing to a global engineering audience. With a strong market position supported by partnerships with major industry players and a parent company Siemens, Supplyframe demonstrates a mature business model focused on B2B SaaS and digital platform services. Technically, the website leverages modern web technologies including React and Next.js, ensuring fast performance, mobile responsiveness, and good SEO practices. The presence of analytics and marketing tools such as Google Analytics, HubSpot, and Clearbit indicates a data-driven approach to user engagement and marketing. Privacy and cookie compliance mechanisms are implemented effectively, reflecting awareness of GDPR requirements. From a security perspective, the site uses HTTPS with a good SSL configuration and some security headers, although there is room for improvement by enabling DNSSEC and additional headers like CSP and HSTS. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the business history and domain age, supporting legitimacy and trustworthiness. Overall, Supplyframe's website reflects a professional, secure, and compliant digital presence suitable for its enterprise audience. Strategic recommendations include enhancing DNS security, publishing explicit security policies, and adding vulnerability disclosure mechanisms to further strengthen trust and security posture.

Q

Query Digital, s.r.o.

query.cz

63

Query Digital, s.r.o. is a Czech Republic-based web studio specializing in the development, operation, and consulting of web applications. The company serves a business clientele, including notable brands, and positions itself as a small but professional and trusted service provider in the technology sector. Their website reflects a modern, well-structured digital presence built on Next.js and React, with strong mobile optimization and user experience. Privacy and cookie policies are clearly presented and GDPR compliant, enhancing trust. Security posture is good with HTTPS and consent mechanisms, though some security policy documentation and incident response contacts are missing. WHOIS data is unavailable, which slightly impacts domain trust but does not detract from the professional appearance and business legitimacy of the site.

U

University of California Press

ucpress.edu

63

University of California Press is a well-established academic publisher affiliated with the University of California. The website serves as a platform for promoting scholarly books, journals, and publishing services targeting academics, researchers, students, librarians, and authors. The site demonstrates a strong market position within the academic publishing sector, offering a wide range of disciplines and resources. Technically, the website is built on modern frameworks such as Next.js and React, with integration of Google Analytics and Tag Manager for tracking. The design is professional, mobile-optimized, and accessible, providing a positive user experience. Security posture is strong with HTTPS enforcement and appropriate security headers, though privacy compliance could be improved by adding cookie consent mechanisms and explicit terms of service. Overall, the website is trustworthy and credible, reflecting the reputation of its parent institution.

C

Coordinator ODIS s.r.o.

odis.cz

52

Coordinator ODIS s.r.o. is a regional public transportation coordinator serving the Moravian-Silesian Region in the Czech Republic. The company provides comprehensive services including timetables, fare and tariff information, updates on transportation changes, maps, and practical travel information. The website targets public transportation users in the region and supports digital ticketing through an e-shop and a mobile app called ODISapp. The company is positioned as a key regional transportation service provider with strong ties to local government entities.

M

MOL Group

molcampus.hu

65

MOL Campus is the corporate headquarters of MOL Group, Hungary's leading energy company. The website showcases the building as a symbol of sustainability and innovation, offering visitor experiences such as the SkyDeck and various employee services. The site is well-designed, mobile-optimized, and uses modern web technologies including Next.js and React. It integrates marketing and analytics tools like Google Tag Manager and Facebook Pixel with appropriate cookie consent mechanisms. Security posture is strong with HTTPS and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the website reflects a mature digital presence aligned with MOL Group's corporate identity and sustainability commitments.

S

Sky

skyaccessibility.sky

71

Sky Accessibility is a dedicated platform by Sky, a leading UK and Ireland media and telecommunications company, focused on ensuring all products and services are inclusive and accessible to customers with various impairments. The website offers detailed information on accessibility features, support services, and collaborations with recognized organizations to enhance user experience for people with disabilities. The platform is well integrated with Sky's corporate ecosystem, reflecting a strong market position and commitment to accessibility. Technically, the website leverages modern web technologies including React and Next.js, supported by Contentstack CMS and Adobe Launch for analytics and tag management. The site demonstrates good performance, mobile optimization, and excellent accessibility compliance, aligning with its mission. Privacy and cookie policies are comprehensive and GDPR compliant, supported by a consent management platform. From a security perspective, the site uses HTTPS with a strong SSL configuration and includes consent management scripts. While explicit security policies and incident response contacts are not found, no vulnerabilities or security issues are evident in the content. The WHOIS data confirms the domain's legitimacy and consistency with Sky's corporate identity. Overall, Sky Accessibility presents a professional, trustworthy, and user-focused digital presence with strong compliance and technical maturity. Strategic improvements could include publishing explicit security policies and vulnerability disclosure information to further enhance trust and security posture.

V

Vertek

vertek.com.br

54

Vertek is a Brazilian company specializing in ophthalmological and veterinary products, targeting healthcare and veterinary professionals. The website is built using modern web technologies including React and Next.js, and incorporates Google Tag Manager for analytics. The site is accessible and mobile-optimized with a clean design, but contains minimal textual content and lacks key compliance documents such as privacy and cookie policies. Security posture is basic with no detected security headers or incident response information, and no contact details are provided on the homepage. Overall, the website presents a professional but minimal online presence with room for improvement in compliance and security transparency.

A

Amsterdam University of Applied Sciences

amsterdamuas.com

72

Amsterdam University of Applied Sciences (AUAS) is a large, well-established higher education institution in the Netherlands offering a wide range of bachelor's, master's, and exchange programmes primarily in English and Dutch. The university emphasizes applied research with societal impact and maintains strong international collaborations such as the U!REKA European university alliance. The website reflects a professional and comprehensive digital presence, targeting prospective students, researchers, and international applicants. The content is rich, well-structured, and accessible, supporting a positive user experience.

F

Folkhem

folkhem.se

51

Folkhem is a Swedish real estate developer specializing in the construction and sale of sustainable wooden houses and apartments. Established in 1998, the company positions itself as an innovator in climate-smart housing with a focus on natural materials and craftsmanship. Their market presence is primarily in Stockholm, Sundbyberg, and Uppsala, targeting environmentally conscious homebuyers. Technically, the website is built on modern frameworks such as Next.js and React, utilizing Google Tag Manager for analytics and Klaro for consent management, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and privacy policies in place, though there is room for improvement in DNSSEC and security headers. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting a positive business reputation.

G

Gemeente Rotterdam

rotterdam.nl

73

Gemeente Rotterdam operates the official municipal website providing comprehensive information, news, and services to residents, entrepreneurs, visitors, and government stakeholders. The site serves as a central hub for accessing public services such as parking registration, waste management, passport applications, and local government contact. It holds a strong market position as the authoritative source for municipal information in Rotterdam, Netherlands. Technically, the website leverages modern web technologies including React and Next.js frameworks, ensuring good mobile optimization, accessibility, and SEO practices. Integration of third-party tools like ReadSpeaker enhances accessibility, while Kameleoon supports marketing and user experience optimization. The site demonstrates moderate to good performance and a consistent, professional design. From a security perspective, the site enforces HTTPS with strong SSL configuration and employs security headers. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. Privacy compliance is well addressed with clear cookie and privacy policies and GDPR adherence. Overall, the website is trustworthy, professional, and secure with minor gaps in published security governance documentation. Strategic recommendations include publishing security policies, establishing incident response contacts, and enhancing security headers to further strengthen the security posture.

B

Betway Limited

betway.co.za

70

Betway Limited operates a well-established online gambling platform offering sports betting, casino games, live casino, vegas games, and esports betting. The company holds a Malta Gaming Authority license and maintains a strong market presence through official partnerships with major sports clubs such as Arsenal, Manchester City, Chelsea, and Atlético de Madrid. The website is professionally designed, mobile-optimized, and provides comprehensive user engagement through various welcome offers and promotions. Technically, the platform leverages modern web technologies including React and Next.js, supported by a robust analytics and advertising infrastructure with Google Tag Manager, Snowplow, Adobe Alloy, and multiple ad networks. Security posture is strong with HTTPS enforcement, domain transfer protections, and reputable certifications like eCOGRA and IBIA. Privacy and cookie policies are comprehensive and GDPR compliant, although explicit incident response contacts and vulnerability disclosure mechanisms are not publicly available. Overall, Betway presents a trustworthy and professional online gambling service with a mature digital presence.

I

International Biathlon Union

biathlonworld.com

66

The International Biathlon Union (IBU) operates the official website www.biathlonworld.com, serving as the authoritative source for biathlon sport information globally. The site provides comprehensive services including event calendars, results, athlete profiles, news, videos, and live streaming options, targeting biathlon fans, athletes, and sports professionals. The website demonstrates a consistent and professional brand presence with good content quality and user experience. Technically, the website leverages modern web technologies such as React and Next.js, with Contentful as the CMS. It integrates Google Tag Manager for analytics and OneTrust for cookie consent management, indicating a moderate level of digital maturity. Performance and mobile optimization are adequate, though accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and includes several security headers, reflecting a good security posture. However, the absence of a published privacy policy, terms of service, and explicit contact information for security incidents or data protection officers represents compliance gaps. The lack of WHOIS data reduces domain trust slightly but does not undermine the apparent legitimacy of the site. Overall, the website is a reliable and professional platform for biathlon sport information, with recommendations to improve privacy compliance, transparency, and accessibility to further strengthen trust and security.

N

News and Media Holding a.s.

cas.sk

56

Nový Čas is a leading Slovak online daily newspaper operated by News and Media Holding a.s., providing current news, scandals, crime, and sports coverage. The website is well-branded and targets a general audience interested in Slovak and international news. Technically, the site uses modern frameworks such as Next.js and React, integrates Google Tag Manager and Gemius analytics, and employs privacy management tools, indicating a mature digital infrastructure. Security posture is good with HTTPS enabled and some privacy tools in place, but lacks explicit security headers and formal security policies. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the site is professional, trustworthy, and content-rich, with room for improvement in privacy and security transparency.

T

Teoxane

teoxane.com

65

Teoxane is a healthcare company specializing in aesthetic medicine products such as dermal fillers and skincare solutions, targeting medical professionals and aesthetic practitioners. The website is built using modern web technologies including React and Next.js, indicating a contemporary digital infrastructure. However, the provided HTML content is minimal and appears to rely heavily on client-side rendering, which limits the immediate availability of content and metadata. Security posture is limited based on the available data, with no visible security headers or privacy policies detected. Tracking technologies such as Google Tag Manager and Pingdom are used, but privacy compliance is weak due to the absence of cookie and privacy policies. Overall, the website presents a moderate risk profile with room for improvement in security and compliance transparency.

M

Motiva Enterprises LLC

motiva.com

66

Motiva Enterprises LLC is a major energy company headquartered in Houston, Texas, specializing in refining, distributing, and marketing petroleum products across the Americas. As North America's largest refinery operator and fully owned by Aramco, Motiva plays a critical role in energy security and economic prosperity. The website reflects a mature digital presence built on modern web technologies such as Next.js and React, offering a professional and user-friendly experience with comprehensive content about their operations, community involvement, and career opportunities. Security posture is adequate with HTTPS enabled, but lacks some advanced security headers and explicit incident response information. Privacy policies are comprehensive and GDPR compliant, though cookie consent mechanisms could be improved. The absence of WHOIS data is a notable anomaly that requires further investigation to confirm domain legitimacy. Overall, the site demonstrates strong business credibility and technical maturity with room for security enhancements.

T

Timme Hosting GmbH & Co. KG

timmehosting-status.com

61

Timme Hosting GmbH & Co. KG is a German hosting service provider offering a range of services including webhosting, managed servers, cloud solutions, backups, and object storage. The company appears to be newly established in 2024, with a domain registration consistent with this timeline. The website serves primarily as a status page, providing uptime and incident information for its various services, demonstrating operational transparency. Technically, the website is built using modern frameworks such as Next.js and React, with Cloudflare DNS services and Cloudinary for image hosting. The site is well-optimized for mobile devices and performs well, with clear navigation and good content relevance. However, it lacks some SEO and privacy compliance features such as privacy and cookie policies. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but it lacks DNSSEC and important security headers. There is no published security policy or incident response contact information, and no vulnerability disclosure mechanism is evident. These gaps suggest room for improvement in security posture and compliance. Overall, the website is professional and trustworthy for its purpose as a status page, but it would benefit from enhanced privacy compliance, security policies, and contact information to improve user trust and regulatory adherence.

V

Volleyball World

volleyballworld.com

66

Volleyball World operates as an official digital platform providing comprehensive coverage of professional volleyball, including live streaming, rankings, schedules, and player profiles. The website targets volleyball fans and sports enthusiasts globally, positioning itself as an authoritative source for volleyball content. Technically, the site leverages modern web frameworks such as React and Next.js, supported by a robust analytics and advertising ecosystem including Google Analytics, Microsoft Clarity, and various ad networks. The site demonstrates excellent design quality, mobile optimization, and user experience, reflecting a mature digital presence. From a security perspective, the website enforces HTTPS and employs bot mitigation techniques like Cloudflare Turnstile captcha. However, explicit security headers such as Content-Security-Policy are not clearly documented, and no security or incident response policies are publicly visible. Privacy compliance is limited, with no clear privacy or cookie policies detected, which may expose the site to regulatory scrutiny. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency, although the website content and branding suggest an official affiliation with volleyball governing bodies. Overall, Volleyball World presents a professional and trustworthy front for volleyball media content but should improve transparency in privacy, security policies, and domain registration information to enhance trust and compliance. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security.txt for vulnerability disclosure, and verifying domain registration details to assure visitors and partners of legitimacy.

S

Slovenská volejbalová federácia

slovakvolley.sk

39

The Slovenská volejbalová federácia (Slovak Volleyball Federation) operates as the national governing body for volleyball in Slovakia, providing comprehensive information on competitions, teams, and volleyball-related news. The website serves volleyball players, fans, clubs, and the broader sports community in Slovakia, positioning itself as an authoritative source for volleyball activities and events. It offers services including competition management, event organization, player registration, and fan engagement through ticket sales and a fan shop. Technically, the website is built using modern web technologies such as React and Next.js, ensuring a responsive and user-friendly experience across devices. The site demonstrates good performance and SEO practices, with appropriate meta tags and structured navigation. Security is well-managed with HTTPS enforcement and standard security headers, although explicit privacy and cookie policies are not found, which is a compliance gap. From a security perspective, the site shows a mature posture with no detected vulnerabilities or exposed sensitive data. However, the absence of published incident response or vulnerability disclosure policies limits transparency. The site integrates multiple trusted partner domains and maintains a strong social media presence, enhancing its credibility. Overall, the website is professional, secure, and trustworthy, but it would benefit from improved privacy compliance documentation and clearer contact information to enhance user trust and regulatory adherence.