Security Directory

The website hasznosholmik.hu currently hosts only a default placeholder page indicating a 'Coming Soon' status. There is no business information, contact details, or content describing the nature of the business or services. The only external link points to vestacp.com, suggesting the site is hosted or managed via the VESTA control panel. The domain was registered in 2016, but the lack of content suggests the site is inactive or under development. From a technical perspective, the site is minimal with no detected CMS, scripts, or analytics. There is no evidence of HTTPS or security headers, which indicates a poor security posture. No privacy or cookie policies are present, and no contact or incident response information is available. Security evaluation reveals critical gaps including absence of HTTPS, lack of security headers, and no visible security or privacy compliance measures. The site does not collect user data or have forms, reducing immediate risk but also indicating no active business operations. Overall, the site presents a low trust profile with minimal content and poor security and privacy practices. It is recommended to implement HTTPS, add privacy and cookie policies, provide contact information, and develop actual business content to improve credibility and security posture.

F

Felicity Divat

felicity.hu

56

Felicity Divat operates as a Hungarian e-commerce retailer specializing in a wide range of clothing and accessories for children, women, men, as well as home textiles and decor. The website presents a comprehensive product catalog segmented by age groups and categories, targeting families and individuals in Hungary. The business model is focused on online retail with a medium-sized market presence and consistent branding. Technically, the site leverages the UNAS e-commerce platform with modern JavaScript libraries such as jQuery, Flickity, and Tippy.js, and integrates Google Tag Manager and Analytics for marketing and tracking purposes. The site is mobile optimized and SEO friendly, providing a good user experience. Security posture is solid with HTTPS enforced and consent management for tracking scripts, though explicit security headers and policies are not published. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

E

expondo

expondo.hu

61

Expondo.hu is a well-established e-commerce platform specializing in professional tools, equipment, and related products primarily targeting businesses and professional customers in Hungary and across Europe. The company boasts over 17 years of market presence, offering a broad product catalog with categories ranging from gastronomy to industrial tools. The website is built on modern technology, specifically Vue Storefront 2, and integrates multiple marketing and analytics tools such as Google Tag Manager and Exponea. While the site demonstrates good design quality, mobile optimization, and user experience, it lacks explicit privacy and terms of service documentation in the provided content. Security posture is solid with HTTPS enabled and cookie consent mechanisms in place, but could be improved by adding security headers and publishing security policies. Overall, the domain registration data aligns well with the business claims, indicating high legitimacy and trustworthiness.

E

EMOS

emos.hu

72

EMOS.hu is a Hungarian e-commerce website specializing in the online sale of lighting technology and electronic devices. The site targets general consumers in Hungary and positions itself as a significant player in the retail sector for these product categories. The website features a professional design with consistent branding and good content quality, supporting a positive user experience. Technically, the site employs modern web technologies including jQuery, Google Tag Manager, Facebook SDK, and Cookiebot for cookie consent management. It is hosted with CDN support to optimize performance and is mobile-optimized with basic accessibility features. Security-wise, the site enforces HTTPS, uses cookie consent with granular controls, and integrates multiple advertising and analytics services responsibly. No critical vulnerabilities or security issues were detected, though explicit security and incident response policies are not publicly available. Overall, EMOS.hu demonstrates a mature digital presence with good privacy compliance and business credibility.

D

DEMY.HU

demy.hu

52

DEMY.hu is a Hungarian e-commerce retailer specializing in electronic products such as electric dog collars, wireless alarms, and GPS navigation and tracking devices. The website targets Hungarian consumers interested in pet electronics and security solutions, positioning itself as a specialist in this niche market. The site is well-branded with consistent design and localized content for neighboring countries through sister sites. Technically, the website employs modern JavaScript libraries and integrates third-party analytics and advertising tools, including Google Analytics, Google Tag Manager, and ClickCease, indicating a moderate level of digital maturity. However, the absence of explicit privacy and cookie policies, as well as terms of service, suggests gaps in compliance and transparency. Security-wise, the site uses HTTPS and some best practices but lacks comprehensive security headers and incident response information, which could be improved to enhance trust and protection. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security documentation to strengthen its risk posture and user trust.

C

COSORI MAGYARORSZÁG

cosori.hu

59

COSORI MAGYARORSZÁG operates a professional Hungarian e-commerce website specializing in the retail of Cosori brand kitchen appliances, primarily air fryers and multifunctional cooking pots. The site targets Hungarian consumers seeking healthy and efficient cooking solutions, offering a range of products, accessories, recipes, and customer support. The business is relatively young, founded around 2021, and positions itself as an official distributor with strong trust signals such as awards and customer testimonials. Technically, the website leverages a modern e-commerce platform (ShopRenter) with a robust tech stack including jQuery, Bootstrap, and multiple marketing and analytics integrations such as Google Tag Manager, Facebook Pixel, TikTok Pixel, and Klaviyo. The site is mobile-optimized with good SEO practices and moderate performance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security policy pages and some recommended HTTP security headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear policies and consent banners. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements could focus on enhancing security headers and publishing dedicated security and incident response information.

Bubulakovo is a regional e-commerce retailer specializing in fabrics and meter goods, primarily serving the Hungarian market with multiple sister sites targeting other European countries. The website presents a professional and consistent brand image with a good quality user experience and moderate technical maturity, leveraging modern frameworks like Bootstrap 4 and marketing tools such as Google Tag Manager and SalesManago. Security posture is solid with HTTPS enforced and standard security headers, though the absence of explicit privacy and terms of service pages limits compliance maturity. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the site is trustworthy and well-positioned in its niche but would benefit from enhanced privacy and security disclosures.

O

OEMUS MEDIA AG

designpreis.org

53

The website designpreis.org serves as the official platform for the ZWP Designpreis, an established German award recognizing outstanding dental practice designs. Operated by OEMUS MEDIA AG, the site provides comprehensive information about the competition, showcases winners, and facilitates applications. The target audience includes dental professionals and architects interested in innovative dental office design. Technically, the site is built on WordPress 6.8.2, uses Matomo for privacy-conscious analytics, and hosts media assets on Amazon S3, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and domain transfer protections, but lacks DNSSEC and security headers, indicating room for improvement. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with its niche business purpose.

P

Pfarrei Hl. Edith Stein

heiligeedithstein.de

46

The website represents the Catholic parish 'Hl. Edith Stein' located in Berlin, Germany, serving the local community with religious services, events, and pastoral care. It operates under the Erzbistum Berlin and targets parishioners and interested individuals in the region. The site provides comprehensive information about services, events, and community life, reflecting a small but active religious organization. Technically, the site is built on TYPO3 CMS, utilizing legacy jQuery libraries and Shadowbox.js for media display. The site is moderately optimized for performance and mobile devices, with good accessibility and SEO practices. Cookie consent is implemented with granular user choices, reflecting good privacy compliance. Security posture is moderate; while HTTPS is implied, no explicit security headers were detected, and no published security or incident response policies are available. The site does not expose sensitive data and uses consent-based activation for tracking and media embeds. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website is trustworthy and professional, with good content quality and privacy compliance. Recommendations include enhancing security headers, publishing security policies, and considering vulnerability disclosure mechanisms to improve security maturity and trust further.

B

Bluedrop ISM

bluedropism.com

67

Bluedrop ISM is a well-established technology company specializing in workforce training delivery and credential management solutions, primarily serving governments, industry groups, and training providers. Founded in 1992, the company has a strong market presence with a globally recognized platform called SkillsPass. Their business model focuses on providing integrated skills management platforms and custom eLearning solutions, targeting a diverse audience including employers and workers across multiple sectors. The website reflects a professional and consistent brand image with clear navigation and relevant content.

C

COVE

coveocean.com

63

COVE is a well-established marine technology innovation hub based in Canada, founded in 2016. It serves as a collaborative community and physical space for marine technology organizations, offering programs and services that support testing, incubation, research, and commercialization. The website reflects a professional and modern digital presence with clear branding, comprehensive content, and active engagement through social media and newsletters. Technically, the site is built on WordPress with popular plugins and frameworks, hosted with reputable providers, and employs modern SEO and analytics tools. Security posture is solid with HTTPS, domain locking, and no visible vulnerabilities, though DNSSEC is not enabled and some security policies are not publicly disclosed. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the site is trustworthy, well-maintained, and positioned as a key player in the marine technology sector.

N

Nova Scotia Community College

nscc.ca

69

Nova Scotia Community College (NSCC) is a prominent public educational institution in Canada offering over 140 programs across 14 campuses in Nova Scotia. The website clearly targets prospective and current students, employers, and industry partners, providing comprehensive information on programs, admissions, student supports, and campus experiences. The institution positions itself as a leading community college with a strong emphasis on inclusive, flexible, and industry-driven education. Technically, the website employs a modern technology stack including jQuery, FontAwesome, Google reCAPTCHA, and various analytics and tracking tools such as Google Tag Manager, Facebook Pixel, CrazyEgg, and Monsido for accessibility and heatmaps. The site is mobile-optimized, accessible, and SEO-friendly with clear navigation and professional design. Security posture is strong with HTTPS enforced and bot protection via reCAPTCHA, though some security headers are missing and no incident response or vulnerability disclosure information is published. Privacy compliance is good with a comprehensive privacy policy, but lacks explicit cookie consent mechanisms. Overall, the domain WHOIS data is unavailable, likely due to privacy protection, but the website content and external references strongly support legitimacy. Strategic recommendations include enhancing security headers, adding cookie consent, publishing incident response and vulnerability disclosure policies, and auditing third-party scripts regularly.

T

Tech-Access Canada

tech-access.ca

47

Tech-Access Canada operates as a national network of 70 Technology Access Centres (TACs) across Canada, providing critical support to entrepreneurs and businesses by facilitating access to emerging technologies and applied research. The organization plays a pivotal role in driving innovation and business growth nationwide, positioning itself as a key enabler in the Canadian technology ecosystem. Their services include technology access, industry collaboration, and innovation facilitation, targeting primarily Canadian businesses and industry stakeholders. The website reflects a medium-sized, well-established non-profit entity founded in 2016, with a clear focus on supporting technology-driven economic development. From a technical perspective, the website is built on WordPress CMS with a modern but somewhat dated technology stack including jQuery 1.11.3 and several popular plugins such as RevSlider and Modern Events Calendar Lite. The site is mobile optimized, accessible, and incorporates SEO best practices. Analytics and tracking are implemented via Google Analytics, Google Tag Manager, and Clicky Analytics, with basic privacy compliance mechanisms including cookie consent and privacy policies. Security posture is generally good with HTTPS enforced and domain transfer protections in place. However, there are areas for improvement such as enabling DNSSEC, upgrading outdated JavaScript libraries, and implementing additional security headers like Content Security Policy. No explicit security policy or incident response information is published, which could be enhanced to improve trust and compliance. Overall, the website presents a professional and trustworthy digital presence aligned with its mission. The risk profile is low with no signs of malicious activity or content safety concerns. Strategic recommendations include technical security enhancements, improved transparency on security policies, and continued adherence to privacy regulations to maintain and strengthen stakeholder trust.

W

World Clinical Laser Institute

wcli.org

57

The World Clinical Laser Institute (WCLI) is a well-established professional organization founded in 2000, focused on advancing dental care through laser technologies. It serves a global membership of over 19,000 dental professionals, researchers, and manufacturers. The organization provides education, certification, events, and resources to its members, positioning itself as the largest dental laser group worldwide. The website reflects a professional and consistent brand image, targeting dental professionals seeking advanced training and certification in laser dentistry. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies and plugins to deliver a responsive and user-friendly experience. Hosting and DNS are managed through reputable providers, with HTTPS enabled ensuring secure communications. However, some security best practices such as DNSSEC and security headers are not implemented, representing areas for improvement. From a security perspective, the site maintains a good posture with HTTPS and domain registration protections but lacks explicit security policies and incident response information. Privacy compliance is weak due to the absence of privacy and cookie policies, which could expose the organization to regulatory risks. No analytics or tracking scripts were detected, indicating minimal user tracking. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security hardening to align with best practices and regulatory requirements.

Biolase operates a professional healthcare-focused website providing a customer login portal primarily for laser technology products and services. The site is well-branded and targets healthcare professionals, offering account access and ordering capabilities. The technical infrastructure leverages modern web technologies including Nuxt.js, Tailwind CSS, Firebase backend services, Stripe for payments, and PostHog for analytics, indicating a mature digital presence. Security posture is generally good with HTTPS enforced and no exposed sensitive data, but lacks some security headers and formal privacy and cookie policies, which are critical for compliance and trust. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

Y

YouCan.cz

youcan.cz

28

YouCan.cz is a Czech-based professional web development team specializing in creating websites, e-commerce platforms, and custom web applications tailored to client needs. Their portfolio includes diverse clients such as municipalities, internet providers, schools, and e-commerce businesses, positioning them as a regional technology service provider. The website content is well-structured and professional, targeting businesses seeking reliable web solutions. Technically, the site uses legacy JavaScript libraries like jQuery 1.4.2 and Coin Slider, alongside Google Analytics and Mouseflow for user behavior tracking. While the site is accessible and well-organized, it lacks modern security headers and visible HTTPS confirmation, and the outdated libraries pose potential security risks. Mobile optimization is basic, and no CMS or hosting provider details are evident. From a security perspective, the absence of privacy, cookie, and terms policies, combined with missing WHOIS registration data, reduces trustworthiness. The site does not exhibit signs of WAF or blocking mechanisms, but the lack of updated security practices and policies indicates room for improvement. Tracking scripts are present without visible consent mechanisms, raising privacy compliance concerns. Overall, the website is functional and professional but requires updates in security, privacy compliance, and technical modernization to enhance trust and resilience. The missing WHOIS data is a notable risk factor, and implementing HTTPS and security headers is strongly recommended.

N

Nakladatelství Fraus, s.r.o.

skolasnadhladom.sk

54

Škola s nadhľadom is an educational online platform operated by Nakladatelství Fraus, s.r.o., targeting Slovak primary and secondary school students and their parents. The website offers interactive exercises linked with printed workbooks, aiming to support learning in various subjects such as mathematics, physics, chemistry, biology, geography, and Slovak language. The platform is positioned as a trusted educational resource with a professional design and consistent branding, supported by partnerships with recognized educational entities. Technically, the site employs modern JavaScript libraries and Google Tag Manager for analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not published. Overall, the site demonstrates a mature digital presence suitable for its educational mission.

A

ABCedu, a.s.

abcguru.sk

37

ABCguru is an educational platform operated by ABCedu, a.s., focused on providing autokorektívne kartičky (self-correcting cards) for mathematics learning targeted at primary school children in Slovakia. The business model combines physical product sales with an online application, catering to students, parents, and schools. The website is professionally designed with clear navigation and relevant content, including instructional videos and contact information. Technically, the site uses modern web technologies such as Bootstrap and Google Analytics, with responsive design suitable for mobile devices. However, there is a lack of publicly available privacy and cookie policies, and no visible security headers, which are areas for improvement. The security posture is moderate with HTTPS implied but no explicit security policy or incident response information. Overall, the website is safe, trustworthy, and focused on educational content without any adult or questionable material.

C

Campus

campus-cowork.com

42

Campus is a small business focused on providing tailored corporate innovation services such as hackathons, ideathons, and B2B partnerships primarily targeting businesses seeking innovation solutions. The website is built on WordPress using Elementor and integrates common analytics and marketing tools like Google Analytics, Facebook Pixel, Hotjar, and Google Tag Manager. The technical infrastructure is modern and mobile-optimized, offering a good user experience and professional design. However, the security posture is moderate due to the absence of visible security headers and lack of explicit privacy and cookie policies. The domain WHOIS data is missing or unavailable, which raises concerns about domain legitimacy and trustworthiness. Overall, the site is safe for general audiences and presents a professional business front but requires improvements in security and compliance documentation.

D

Darkmay s.r.o.

cestovnysystem.sk

53

Darkmay s.r.o. operates the CeSYS platform, a comprehensive system for travel agencies primarily in Slovakia, offering online tour sales and related services. The company holds a strong market position with over 100 active travel agencies using its data and services. The website is well-structured, professionally designed, and optimized for performance and mobile use. It integrates modern technologies such as jQuery, Bootstrap, Google Analytics, and Google Maps API, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, indicating a trustworthy and accessible platform. Overall, the website demonstrates good compliance with privacy regulations and provides clear business and partner information.

O

October CMS

octobercms.com

63

October CMS is a mature, developer-focused content management system built on the Laravel PHP framework. It targets developers, agencies, and businesses seeking a flexible, extensible CMS platform. The website demonstrates strong branding, professional design, and a comprehensive presentation of services including free licenses, premium support, and a marketplace for plugins and themes. The technical infrastructure leverages modern technologies such as Laravel, PHP, AWS hosting, and Google Tag Manager for analytics, indicating a solid digital maturity. Security posture is good with HTTPS enforced and domain transfer protections, though there is room for improvement in security headers and explicit security policies. Privacy compliance is basic with no visible cookie consent mechanism or detailed privacy policy disclosures. Overall, the website is trustworthy, well-maintained, and serves its target audience effectively.

O

Obsahová agentura

obsahova-agentura.cz

55

Obsahová agentura was a Czech content marketing agency that has now closed and rebranded as Hook & Tell. The website serves primarily as a closure notice and redirect to the new brand, providing visitors with a video introduction and newsletter subscription. The company targeted businesses and individuals interested in content marketing services. The site is professionally designed, mobile optimized, and uses modern tracking and analytics tools such as Google Analytics, Facebook Pixel, and Leady tracking. It is built on the Solidpixels CMS platform and enforces HTTPS for secure communication. However, WHOIS data is unavailable, which reduces transparency and trustworthiness. Privacy and cookie policies are present and GDPR compliant, but no explicit security or incident response policies are published. Overall, the site is safe, professional, and trustworthy, but could improve security posture and transparency.

B

BRAND FAMILY s.r.o.

brand.family

55

BRAND FAMILY s.r.o. operates the website brand.family, presenting itself as a marketing and brand consulting business under the brand 'Mindless'. The company targets business owners seeking honest and realistic advice on marketing, branding, and business growth. The website is professionally designed with clear navigation and content in Czech, indicating a focus on the Czech market. Key services include marketing consulting and brand advisory, positioning the company as a niche player in the consulting sector. Technically, the website employs modern JavaScript frameworks, Google Tag Manager, and Google Analytics, ensuring a contemporary digital presence with good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers and explicit security policies are absent. WHOIS data is privacy protected, which is reasonable for this business type, but limits direct verification of registrant details. Overall, the website is trustworthy, professional, and compliant with GDPR requirements.

W

wbv Distribution

wbv-distribution.de

58

wbv Distribution is a German family-owned logistics and fulfillment service provider specializing in sustainable supply chain solutions. Their key services include E-Commerce Fulfillment, PreFBA logistics, media and advertising logistics, and campaign logistics. The company positions itself as a reliable partner with over 125 years of logistics experience, emphasizing sustainability and certified quality management. The website reflects a professional and consistent brand image with clear contact information and customer testimonials, supporting a high trust level. Technically, the website uses modern frontend technologies such as jQuery and UIkit, with Matomo analytics for user tracking. The site is mobile-optimized, accessible, and SEO-friendly, hosted likely by a German provider (Schlundtech). Security best practices include HTTPS and a cookie consent mechanism with blocking access until consent, though security headers and incident response information are not evident. The security posture is solid but could be improved by adding security headers and publishing a security policy or vulnerability disclosure. No critical vulnerabilities or suspicious patterns were detected. The domain registration is consistent with the business claims, and the parent company relationship to wbv Media is clearly stated. Overall, the website is professional, secure, and compliant with GDPR, making it a trustworthy platform for its target B2B audience in logistics and fulfillment.

U

Unmarked Agency

unmarkedagency.co.uk

59

Unmarked Agency is a UK-based creative agency specializing in bold photography, immersive video, and standout sports and leisure campaigns. The company positions itself as a niche player focused on sports culture, delivering impactful visual content to clients primarily in the sports and leisure sectors. The website is professionally designed, mobile-optimized, and features rich multimedia content including videos and images showcasing their projects. The agency is part of The Jask Group, indicating a broader corporate structure. Technically, the website runs on WordPress 6.8.3 with modern JavaScript libraries such as jQuery and HLS.js, and integrates Google Tag Manager and Vimeo Player API for analytics and video playback. The site demonstrates good performance, accessibility, and SEO practices. Privacy compliance is strong with a comprehensive privacy policy and an embedded cookie consent mechanism allowing user control over analytical cookies. From a security perspective, the site enforces HTTPS and uses cookie consent best practices. However, no security headers were detected in the provided data, and there is no visible security policy or incident response information. The WHOIS data is unavailable due to domain naming issues, which slightly impacts trust but does not detract from the professional presentation and accessibility of the site. Overall, the website reflects a mature digital presence with good content quality and privacy compliance, moderate security posture, and clear business credibility. Strategic improvements in security headers and transparency around security policies would enhance trust and resilience.

DN Media Group AS is a well-established Norwegian media company specializing in business journalism with a focus on sectors such as shipping, seafood, aquaculture, and energy. The company operates multiple specialized publications and serves a global audience with market insights and breaking news. It is a subsidiary of NHST Holding AS, indicating a strong corporate backing and market presence. The website reflects a professional and consistent brand image with high-quality content tailored to business professionals and industry stakeholders. Technically, the website is built on WordPress with modern SEO optimizations and responsive design, ensuring good user experience across devices. While performance is moderate, the site is well-structured and accessible, though accessibility features could be enhanced. Security posture is solid with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and published security policies. The security evaluation shows no blocking or WAF interference, and no critical vulnerabilities were detected. However, the absence of a cookie consent mechanism and missing WHOIS data are notable gaps. The WHOIS data absence raises questions but is likely due to registry or privacy settings rather than malicious intent. Overall, the site is trustworthy but could improve transparency and compliance aspects. Strategically, DN Media Group should focus on enhancing privacy compliance by implementing cookie consent, publishing security and incident response policies, and improving WHOIS transparency. These steps will strengthen trust and align with regulatory requirements, supporting their position as a leading media group in their sectors.

K

KraftCERT AS

kraftcert.no

70

KraftCERT AS is a specialized non-profit cybersecurity organization focused on securing process control systems within the Norwegian energy sector, including power, petroleum, and related industries. It operates as an Information Sharing and Analysis Center (ISAC) and Incident Response Team (IRT), providing members with vulnerability monitoring, threat intelligence, incident handling, advisory services, exercises, and training. The organization holds recognized certifications such as Trusted Introducer and FIRST membership, reinforcing its credibility and sector-specific expertise. Technically, the website employs a modern Bootstrap framework with JavaScript enhancements, offering a responsive and well-structured user experience. While the site lacks advanced analytics and tracking, it uses email obfuscation and provides PGP keys to secure communications. However, explicit privacy and cookie policies are absent, and no security headers were detected, indicating room for improvement in compliance and security hardening. The security posture is solid in terms of operational focus and incident response capabilities, but the website itself could benefit from enhanced security headers and formalized privacy documentation. The absence of WHOIS data limits domain trust analysis, but the detailed contact information, certifications, and professional presentation support legitimacy. Overall, KraftCERT presents a trustworthy and professional front for its niche cybersecurity services, with recommendations to improve privacy compliance and web security practices to further strengthen stakeholder confidence.

N

Norsk Tipping AS

norsk-tipping.no

65

Norsk Tipping AS is the official Norwegian state-owned lottery and sports betting operator, providing a wide range of gaming products including lotteries, sports betting, and instant games. The website targets Norwegian adults over 18 years and emphasizes responsible gaming with clear age restrictions and links to support organizations. Norsk Tipping holds a leading market position in Norway's regulated gambling sector, offering trusted and popular gaming services. The website content is rich, professionally designed, and well-structured, supporting a positive user experience and clear navigation.

K

KLP

klp.no

70

KLP is a large Norwegian mutual insurance company specializing in managing public sector pensions and offering complementary banking, insurance, and fund services. The company targets Norwegian municipalities, health sector employees, and public organizations, positioning itself as a trusted financial partner in the public sector. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its audience. Technically, the site uses modern frameworks such as React and Enonic CMS, integrates analytics and personalization tools like Google Tag Manager and Kameleoon, and maintains good performance and accessibility standards. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly detailed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS data is due to privacy protection by Norid, which is common and justified for financial institutions. Overall, KLP's website demonstrates a high level of professionalism, trustworthiness, and compliance suitable for its sector.

L

Lerøy Seafood Group

leroyseafood.com

64

Lerøy Seafood Group is a world-leading seafood company with roots dating back to 1899, headquartered in Bergen, Norway. The company operates in seafood production and distribution, targeting a broad audience including consumers and business partners. The website reflects a professional corporate presence with consistent branding and good content quality. Technically, the site leverages Microsoft Azure hosting, Google Analytics, and various marketing and consent management tools, indicating a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and a comprehensive cookie consent mechanism, though explicit security policies and contact information are lacking. Overall, the site is trustworthy and compliant with privacy regulations, but WHOIS data is not publicly available, which is common for corporate domains using privacy protection services.

H

Horn Media

hornmedia.no

71

Horn Media is a Norwegian digital marketing agency specializing in serving small and medium-sized businesses (SMBs) with tailored marketing strategies including SEO, Google Ads, web design, and social media marketing. Positioned as a leading agency in Oslo, Horn Media boasts over 700 satisfied customers and a high customer rating of 4.9 out of 5. Their business model focuses on delivering comprehensive marketing plans rather than isolated services, aiming to increase client profitability through smarter investments and customer development. Technically, the website is built on the Webflow platform and integrates modern marketing and analytics technologies such as Google Tag Manager, Microsoft Clarity, Facebook Pixel, LinkedIn Insight Tag, and Cookiebot for GDPR-compliant cookie management. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and employs a robust cookie consent mechanism with granular user controls. While explicit security headers are not fully confirmed, the overall posture is strong with no visible vulnerabilities or exposed sensitive data. The lack of public WHOIS data suggests privacy protection for the domain registration, which is common and justified for this business type. Overall, Horn Media presents a professional, trustworthy, and compliant digital presence with strong business credibility and technical maturity. The main risk lies in the absence of publicly available WHOIS data, but this is mitigated by the transparency and quality of the website content and services offered.

S

Surfing Waves

surfing-waves.com

54

Surfing Waves is a well-established online resource dedicated to surfing enthusiasts, offering comprehensive tutorials, surf spot maps, community forums, news, and an e-commerce surf shop. Founded in 2003, the website has built a niche community and provides valuable content for surfers worldwide. The business model combines content delivery with product sales and community engagement, positioning it as a trusted surfing information hub. Technically, the website uses a mix of legacy and modern web technologies including jQuery, Google Tag Manager, and Typekit fonts. It is hosted behind Cloudflare DNS and uses HTTPS, ensuring basic security and performance. The site is moderately optimized for mobile and SEO, with a clear navigation structure and good content relevance. From a security perspective, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and several important security headers. There is no visible cookie consent mechanism, and privacy compliance is partial. No direct company contact emails or phone numbers are provided, limiting transparency. Advertising is managed via Monumetric and Google DoubleClick, with moderate user tracking. Overall, Surfing Waves presents a moderate risk profile with good content quality and business credibility but could improve security posture and privacy compliance. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent, and providing clearer contact information to enhance trust and compliance.

Canon Norge operates as the Norwegian branch of the global imaging and printing giant Canon Inc., offering a comprehensive range of digital cameras, lenses, video cameras, printers, and scanners tailored for both consumers and businesses. The website reflects a mature digital presence with a well-structured product catalog, clear navigation, and localized content in Norwegian, targeting the Norwegian market effectively. Canon Norge maintains a strong market position as a leading technology provider in imaging solutions, supported by a consistent brand identity and extensive product offerings. Technically, the website employs modern web technologies including JSON-LD structured data, advanced analytics tools like Google Analytics, Tealium, and Optimizely, and integrates with Salesforce for customer account management. The site is mobile-optimized, accessible, and SEO-friendly, demonstrating a high level of digital maturity. Performance is moderate with room for optimization, but overall the technical infrastructure supports a robust user experience. From a security perspective, the site enforces HTTPS with strong SSL configurations and implements multiple security headers such as Content-Security-Policy and Strict-Transport-Security. Cookie consent mechanisms are in place, and privacy policies align with GDPR requirements. However, there is no publicly available security policy or incident response information, and no vulnerability disclosure program is evident, which could be areas for improvement. Overall, Canon Norge presents a trustworthy and professional online presence with strong business credibility and security posture. The lack of WHOIS data is due to registry privacy policies and is justified given the corporate nature of the entity. Strategic recommendations include publishing a dedicated security policy, establishing a vulnerability disclosure channel, and enhancing performance optimizations to further strengthen the site’s security and user experience.

A

Argus AS

argus.no

57

Argus AS is a Norwegian company specializing in providing systems and document bases for effective management of system requirements in the construction, transport, and related industries. They offer digital solutions, certification assistance including ISO standards, and support for regulatory inspections. The company has a long-standing presence since 1999, positioning itself as a specialist in compliance and document management within its sectors. The website reflects a business-to-business model targeting companies needing compliance and certification support. Technically, the site uses a custom ASP.NET Web Forms platform with older JavaScript libraries such as AngularJS and jQuery 1.7.1, indicating moderate digital maturity. The site is functional with good content quality but lacks modern security headers and explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is moderate with HTTPS usage but missing advanced security headers and vulnerability disclosures. Overall, the website is professional and trustworthy but would benefit from updates to security practices and privacy compliance to reduce risk and enhance user trust.

A

Aiba

aiba.ai

71

Aiba is a Norwegian cybersecurity company specializing in AI-driven content moderation platforms designed to protect youth and gaming communities from harmful online behaviors. Their flagship product, Amanda, automates moderation tasks, enabling real-time threat detection and compliance with global regulations such as GDPR and the Digital Services Act. The company targets game studios, social media platforms, and other online communities, positioning itself as a next-generation solution provider in the AI moderation space. The website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence for a small-sized tech company founded in 2022. Technically, the site leverages WordPress with the Avada theme, integrates multiple analytics and marketing tools including Google Analytics, Google Tag Manager, HubSpot, and LinkedIn Insight, and uses AWS for hosting. Security practices include HTTPS enforcement and use of Google reCAPTCHA Enterprise, though the site lacks explicit security headers and published security policies. Privacy compliance is indicated through GDPR adherence claims, but no explicit privacy or cookie policies were found on the site. The security posture is solid with encrypted data handling and role-based access controls mentioned, but improvements are recommended in publishing security policies, incident response contacts, and implementing security headers. The domain is privacy protected via Domains By Proxy, consistent with the company’s profile, and shows no suspicious registration patterns. Overall, the site is trustworthy, safe, and professionally managed, with room for enhanced transparency and security documentation. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, establishing a vulnerability disclosure program, and enhancing incident response transparency to strengthen trust and compliance posture.

M

Minel AS

minel.no

66

Minel AS is a Norwegian company specializing in electrical installations for both private and commercial customers primarily in Oslo, Viken, and Innlandet regions. The company operates through a group of 12 subsidiaries, employing over 350 people and generating a turnover of approximately 550 million NOK. Their services include electric vehicle charging, smart home solutions, lighting, electrical safety, and energy-saving measures. The website is professionally designed, mobile-optimized, and uses modern web technologies including React, Google Tag Manager, and Google Maps API. Privacy and cookie policies are clearly presented with consent mechanisms in place. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. The domain registration is consistent with the business profile and age, supporting legitimacy. Overall, Minel AS presents a trustworthy and credible digital presence with a focus on customer service and compliance.

G

Goetheanum

goetheanum.ch

56

Goetheanum is a well-established non-profit educational and cultural institution based in Switzerland, serving as the School of Spiritual Science and the seat of the General Anthroposophical Society. The website reflects its mission by providing comprehensive information about its educational programs, cultural events, and anthroposophical research. The institution targets individuals interested in spiritual science and related disciplines, maintaining a strong market position within its niche. Technically, the website employs modern web technologies, including JavaScript frameworks, CSS, and reputable third-party services for cookie management and user engagement, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and no detected vulnerabilities, although there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is professional, trustworthy, and compliant with GDPR and cookie regulations, supporting a positive user experience and business credibility.

A

Allgemeine Anthroposophische Gesellschaft

sektion-landwirtschaft.org

47

The Sektion für Landwirtschaft is a non-profit organization affiliated with the Allgemeine Anthroposophische Gesellschaft and based at the Goetheanum in Switzerland. It focuses on promoting biodynamic agriculture through education, research, publications, and events. The website is professionally designed using TYPO3 CMS and integrates modern technologies such as Matomo for analytics and Tiny Slider for UI components. Contact information and social media presence are clearly provided, enhancing trust and accessibility. Privacy and cookie policies are implemented with GDPR compliance, although explicit terms of service and security policies are absent. The WHOIS data is unavailable due to query failure, but the website content and affiliations strongly indicate legitimacy and a mature organizational presence.

G

Goetheanum, Dornach

steiner100.ch

48

The website steiner100.ch is a dedicated platform commemorating the 100th anniversary of Rudolf Steiner's death in 2025. It serves as a regional cultural hub focusing on events, exhibitions, and initiatives related to Rudolf Steiner in Northwest Switzerland and the tri-border area. The site targets a general audience interested in cultural, spiritual, and educational activities linked to Steiner's legacy. The business model is non-profit and event-driven, with partnerships involving notable cultural institutions such as the Goetheanum. Technically, the site is built on WordPress using modern themes and plugins, ensuring a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and explicit incident response policies. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, though improvements in security and privacy transparency are recommended.

P

Pedagogical Section at the Goetheanum and International Council for Steiner Waldorf Education

waldorf-resources.org

50

Waldorf Resources is a specialized online platform dedicated to supporting Waldorf and Steiner educators worldwide by providing academic publications, essays, and pedagogical articles. The website is affiliated with the Pedagogical Section at the Goetheanum and the International Council for Steiner Waldorf Education, positioning it as a niche educational resource within the Waldorf community. The platform operates as a non-profit entity focused on educational content and resource sharing. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including Bootstrap and jQuery, with integrated privacy compliance tools such as Iubenda for cookie consent and Matomo for analytics. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be enhanced. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and employs a comprehensive cookie consent mechanism, reflecting good privacy compliance with GDPR. However, security headers are not explicitly detected, and no published security or incident response policies are available. The WHOIS data is malformed or privacy-protected, limiting transparency but not indicating suspicious activity. Overall, the security posture is solid but could benefit from additional hardening and transparency. The overall risk assessment is low, with the site presenting as a trustworthy educational resource. Strategic recommendations include implementing security headers, publishing vulnerability disclosure and incident response information, and enhancing accessibility. These improvements would strengthen trust and security culture while maintaining compliance and user confidence.

A

Allgemeine Anthroposophische Gesellschaft

paedagogik-goetheanum.ch

51

The Pädagogische Sektion am Goetheanum website represents a small, specialized educational organization focused on Waldorf and anthroposophical pedagogy. It offers resources, events, and publications targeting educators and researchers in this niche field. The site is professionally designed using TYPO3 CMS and integrates modern privacy compliance tools such as Iubenda for cookie and privacy policies. The technical infrastructure is solid, with moderate performance and good mobile optimization. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Contact information and business legitimacy are clearly established with consistent WHOIS data and a professional imprint. Overall, the website is trustworthy, well-maintained, and serves its educational mission effectively.

G

Gospel Stats: #1 Trusted Platform for YouTube Data

gospelstats.com

7

Gospel Stats presents itself as a technology platform focused on providing accurate and transparent YouTube data analytics. The website is built using modern design tools such as Framer and employs Google Fonts for typography, indicating a moderate level of digital maturity. However, the absence of WHOIS registration data for the domain get.gospelstats.com raises concerns about the legitimacy and ownership of the domain. The site lacks critical compliance documents such as privacy and cookie policies, as well as contact and security policy information, which impacts trust and regulatory compliance. Security posture is minimal with no detected security headers or incident response information. Overall, while the platform's content is relevant and professionally presented, the lack of domain registration transparency and compliance documentation suggests a cautious approach when engaging with this site.

C

ClickFunnels

clickfunnels.com

70

ClickFunnels is a prominent SaaS platform specializing in marketing funnel creation and management, enabling businesses and entrepreneurs to market, sell, and deliver products online without extensive technical resources. The website demonstrates a professional and consistent brand presence with excellent design and user experience, targeting marketers and small to medium businesses. Technically, the site employs a modern technology stack including jQuery, Video.js, FontAwesome, and integrates multiple marketing and analytics tools such as Google Tag Manager, Microsoft Clarity, and Facebook Pixel. Security posture is strong with HTTPS enforced and CSRF tokens in use, though security headers are not explicitly detected in the provided data. Privacy compliance is limited due to absence of visible privacy and cookie policies, and no contact information is found, which impacts trust and compliance scores. WHOIS data is unavailable, indicating domain privacy or recent registration, which slightly reduces domain trustworthiness. Overall, the site is well-built and functional but would benefit from enhanced transparency and compliance documentation.

MediaFuse is a specialized consulting company focused on programmatic advertising and ad operations, targeting publishers and digital advertising professionals. The company offers services including ad tech operations, header bidding, and digital ad operations, positioning itself as an expert in the programmatic advertising space. The website is built on WordPress using the Divi theme and incorporates common marketing and analytics tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight Tag, indicating a moderate level of digital maturity and marketing sophistication. Security posture is generally good with HTTPS enabled and use of reCAPTCHA, but lacks some security headers and explicit privacy and cookie policies, which are important for compliance and trust. The absence of WHOIS data and registrant information raises concerns about domain legitimacy and transparency, impacting overall trustworthiness. Strategic recommendations include improving privacy compliance, adding clear contact and security incident response information, and enhancing security headers to strengthen the security posture.

K

Kargo HQ

kargo.com

10

Kargo is an advertising technology company specializing in breakthrough ad solutions across mobile, connected TV (CTV), social media, and e-commerce platforms. Positioned as a major supply-side platform (SSP), Kargo emphasizes premium inventory quality, brand safety, and innovative targeting powered by AI. Their business model focuses on delivering high-impact advertising campaigns for leading brands, leveraging contextual and cohort intelligence to maximize campaign effectiveness. The company maintains a professional online presence with a well-structured website hosted on Squarespace, integrating modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and HubSpot. Technically, the website is built on a modern CMS platform with good mobile optimization, SEO practices, and performance. The presence of a detailed cookie consent mechanism indicates attention to privacy compliance, although explicit privacy policy and terms of service pages are not found, which is a gap in compliance. Security posture is strong with HTTPS and HSTS enabled, but lacks explicit security policy or incident response information. The WHOIS data is notably missing or unavailable, which raises some concerns about domain registration transparency. However, the website content and business information appear legitimate and professional. Overall, the site scores well on content quality, technical implementation, and business credibility, with room for improvement in privacy compliance and WHOIS transparency.