Security Directory

B

business communication s.r.o.

bcom.cz

53

business communication s.r.o. operates as a Czech IT services company specializing in network management, virtualization infrastructure, and cybersecurity solutions. Founded in 2003, the company targets business customers seeking secure and modern IT infrastructure management. Their website reflects a professional presence with clear service offerings and contact information, though lacks some compliance documentation such as a privacy policy and terms of service. Technically, the site is built on WordPress with standard libraries like jQuery and Bootstrap, and employs Google Analytics for visitor insights. Security posture is solid with HTTPS and cookie consent mechanisms, but could be improved by adding security headers and publishing security policies. The absence of WHOIS data limits domain trust evaluation, but the website content and business information appear legitimate and consistent with a small-sized technology service provider in the Czech Republic.

L

Les Ateliers de maîtrise d’œuvre urbaine de Cergy Pontoise

ateliers.org

52

Les Ateliers de maîtrise d’œuvre urbaine de Cergy Pontoise is a well-established non-profit organization based in France, specializing in organizing international workshops focused on urban planning and design. With over 30 years of experience, they engage students, young professionals, and local stakeholders to collaboratively address urban challenges. Their website reflects a professional and content-rich platform that supports their mission and outreach. Technically, the website uses modern web technologies including Google Analytics and Tag Manager for tracking, hosted by OVH sas. The site is mobile-optimized and has a moderate performance profile. However, there are gaps in security best practices such as missing DNSSEC, lack of security headers, and absence of published privacy and cookie policies, which impact compliance and security posture. From a security perspective, the site uses HTTPS and includes CSRF protection in forms, but lacks explicit incident response and vulnerability disclosure information. The WHOIS data confirms a long-standing domain registration consistent with the organization's history, enhancing trustworthiness. Overall, the site is credible but would benefit from improved security and privacy compliance measures.

J

Jakub Cigler Architekti, a.s.

jakubcigler.archi

50

Jakub Cigler Architekti, a.s. is a well-established Czech architectural firm founded in 2001, specializing in progressive and sustainable architecture. The company holds a strong market position in the Czech Republic with multiple awards and is a founding member of the Czech Green Building Council. Their website reflects a professional portfolio showcasing projects and news relevant to their industry. Technically, the site is built on Drupal 7 with legacy jQuery libraries and uses modern UI components like Slick Carousel and FitVids for media responsiveness. Security posture is moderate but could be improved by implementing security headers and updating legacy libraries. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the website is trustworthy and professional, supporting the company's credibility in the real estate and architectural sector.

H

HELCZA - High Energy Load Czech Assembly

helcza.cz

54

The website www.helcza.cz represents HELCZA (High Energy Load Czech Assembly), a specialized experimental facility dedicated to cyclic thermal testing of components for future fusion energy devices. The site targets the scientific and engineering community involved in fusion technology development. The business model is focused on research and development within the energy sector, specifically fusion energy. The website presents a professional and consistent branding with good content quality, though it lacks visible contact information and privacy policies. Technically, the site uses modern web technologies including the Brz framework and Bunny Fonts, with moderate performance and good mobile optimization. Security posture is moderate due to lack of visible security headers and unknown SSL configuration. WHOIS data is unavailable, limiting domain trust assessment. Overall, the site is functional and informative but would benefit from enhanced privacy compliance and clearer contact channels.

S

sCO2 Energy

sco2energy.com

45

sCO2 Energy is a Czech-based company specializing in advanced energy systems focusing on supercritical CO2 technology. Their website provides detailed information on sCO2 Brayton cycles, applications in nuclear and renewable energy, and infrastructure for experimental setups. The company targets energy professionals and researchers interested in future energy technologies. The website is built on WordPress using modern themes and plugins, offering a good user experience with mobile optimization and clear navigation. Privacy compliance is well addressed with a comprehensive cookie policy and consent mechanism. Security posture is adequate with HTTPS and domain transfer protection, though improvements in security headers and incident response policies are recommended. Overall, the site is professional and trustworthy with moderate business credibility but lacks explicit public contact details.

E

Energy Well - small modular nuclear reactor

energywell.cz

57

The website www.energywell.cz presents a business focused on the development of a fourth generation small modular nuclear reactor characterized by high passive safety and innovative technologies. The site content is professionally designed and targeted at a general audience interested in advanced energy technologies. However, the absence of WHOIS registration data and lack of contact or policy information limits the ability to fully verify the business legitimacy and compliance. Technically, the site uses modern web fonts and standard web technologies but lacks visible security headers and privacy compliance mechanisms. The security posture is weak due to missing security best practices and absence of HTTPS verification in the provided data. Overall, the site is accessible and content-rich but requires improvements in transparency, security, and compliance to enhance trust and reduce risk.

C

CICRR Czech International Centre of Research Reactors

cicrr.cz

58

The Czech International Centre of Research Reactors (CICRR) operates as a significant national research infrastructure focusing on nuclear research reactors and supporting scientific facilities. The website presents detailed information about its reactors LVR-15, LR-0, and JHR-CZ, along with associated laboratories and analytical facilities, targeting the scientific and energy research community. The organization appears to hold an important position within the Czech Republic's energy and research sectors. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with fonts served via Bunny Fonts and content delivered through Bunny CDN. The site is mobile-optimized with good SEO practices but lacks advanced frameworks or CMS indications. Performance is moderate, and accessibility is basic. From a security perspective, the site lacks visible security headers and does not provide privacy, cookie, or incident response policies, which are critical for compliance and trust. No WHOIS data is available, suggesting privacy protection or domain registration issues, but the website content aligns with a legitimate research entity. No WAF or blocking mechanisms were detected, and no tracking or advertising scripts are present, indicating minimal user tracking. Overall, the site is professional and content-rich but would benefit from enhanced security practices, clear privacy and contact information, and WHOIS transparency to improve trust and compliance.

Ú

ÚJV Řež, a. s.

ujv.cz

64

ÚJV Řež, a. s. is a Czech-based technical and engineering company specializing in nuclear energy, radioactive waste management, and nuclear medicine. With over 70 years of experience, it serves the energy sector, healthcare, and industrial clients by providing project support, research, and development services. The company maintains a strong market position in the Czech Republic's nuclear and energy industries, offering key services such as safe operation support for energy sources, radiopharmaceutical production, and hydrogen technology development. Technically, the website employs modern web technologies including Google Tag Manager and Google Analytics, with a responsive design and good SEO practices. The site is well-structured, mobile-optimized, and provides a positive user experience. Security-wise, the site uses HTTPS and implements cookie consent mechanisms, but lacks some security headers and explicit security policies, which could be improved. The security posture is solid but could benefit from enhanced transparency through published security policies and vulnerability disclosure mechanisms. The absence of WHOIS data reduces domain registration transparency, but the website content, certifications, and contact details support the company's legitimacy. Overall, the site is professional, trustworthy, and compliant with GDPR requirements. Strategically, the company should focus on improving security headers, publishing incident response and vulnerability disclosure information, and enhancing WHOIS transparency to strengthen trust and compliance further.

M

monge

hodnejblbec.cz

53

The website hodnejblbec.cz is a personal blog operated by an individual known as 'monge' or Roman Sedláček, focusing on topics such as music, DJing, culture, politics, advertising, graphic design, web development, and photography. The site targets a general Czech-speaking audience interested in these cultural and personal topics. It operates on a WordPress CMS platform with Elementor as the page builder, indicating a moderate level of digital maturity and ease of content management. The site has been active since 2007, demonstrating longevity and consistent content delivery. Technically, the site uses modern web technologies including jQuery and Swiper.js for interactive elements and is hosted with a Czech registrar and name servers, suggesting local hosting.

Č

Česká asociace cheerleaders

cach.cz

49

Česká asociace cheerleaders (ČACH) is a Czech non-profit organization dedicated to the promotion and development of cheerleading in the Czech Republic. The association organizes competitions, training camps, workshops, and certifies coaches and judges. It also manages national team representation and membership services. The website reflects a well-structured organization with a clear focus on cheerleading sports and community engagement. The association maintains partnerships with various sports and commercial entities and has an active presence on multiple social media platforms. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, and jQuery, with a CMS likely based on Perch. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content.

E

ECUNION

ecunion.eu

54

The website www.ecunion.eu represents a business entity named ECUNION, with a German-language homepage titled 'Heim - ECUNION'. The site is built on WordPress using the Divi theme and incorporates SEO optimization via the Yoast SEO plugin. However, the site lacks visible descriptive content about the business, contact information, and legal policies such as privacy or cookie policies. The technical infrastructure is modern but basic, with no advanced frameworks or hosting details identified. Security posture is limited, with no security headers detected and minimal SSL configuration information available. The absence of WHOIS registrant data due to EURid privacy restrictions limits the ability to fully assess domain legitimacy and business credibility. Overall, the site appears functional but lacks transparency and comprehensive business information, which impacts trust and compliance assessments.

V

Varsity.com

varsity.com

67

Varsity.com is a well-established online platform serving as the global authority for competitive cheerleading and dance. The website offers comprehensive information on cheer and dance competitions, uniforms, and related events, targeting cheerleading teams, coaches, and enthusiasts. The business model combines e-commerce with event information and community engagement, positioning Varsity.com as a leader in its niche market. The site demonstrates consistent branding and a professional online presence supported by active social media channels. Technically, the website is built on WordPress using WPBakery Page Builder, integrating modern analytics and marketing tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, Hotjar, and Klaviyo. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security practices include HTTPS enforcement and cookie consent mechanisms, though explicit security headers could be improved. The security posture is solid with no evident vulnerabilities or exposed sensitive data. However, the absence of explicit privacy and terms of service pages in the provided content and the lack of WHOIS registration data reduce the overall trustworthiness. The domain WHOIS query returned no match, which is unusual for a commercial entity and suggests privacy protection or data retrieval issues. Overall, Varsity.com presents a professional and trustworthy platform with strong business credibility and technical implementation. Strategic improvements in privacy disclosures and domain registration transparency would enhance compliance and trust further.

T

Talent Plzeň

talentplzen.cz

54

Talent Plzeň is a prominent Czech handball team with a strong market position as a multiple-time national champion. Their website serves as a comprehensive platform for fans and stakeholders, offering news, match schedules, ticketing information, and merchandise sales. The site integrates official social media channels and partner information, enhancing community engagement and brand presence. Technically, the website employs modern web technologies including Bootstrap Icons, jQuery, Swiper.js, Google reCAPTCHA, and Google Tag Manager, hosted likely via Forpsi with a CMS named K-CMS 3.0. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though some security headers are missing and no explicit incident response or security policy pages are found. Privacy compliance is basic but includes GDPR cookie consent and a privacy policy page. Overall, the site is trustworthy and professionally maintained, with no signs of malicious activity or blocking mechanisms.

A

Aktivní město

aktivnimesto.cz

63

Aktivní město is a Czech Republic-based platform focused on enabling families to access financial contributions from their local municipal authorities for leisure, education, sports, and cultural activities. The website offers a family account creation service to facilitate these benefits. The platform targets local residents and families seeking municipal support, positioning itself as a niche government-related service provider. Technically, the website is built on WordPress, enhanced with Yoast SEO for search optimization, and uses Cloudflare for DNS and CDN services. Cookie consent is managed via Cookiebot, ensuring GDPR compliance. Security measures include HTTPS enforcement and Google reCAPTCHA integration, although explicit security headers and incident response policies are not evident. Overall, the site demonstrates a good balance of content quality, technical implementation, and privacy compliance, suitable for its target audience and business model.

G

GUMMY LIFE

gummylife.cz

57

GUMMY LIFE operates an e-commerce platform specializing in CBD gummies and related wellness products, including offerings for pets. The company targets consumers seeking natural remedies for sleep improvement, stress relief, pain management, and pet wellbeing. The website is professionally designed, with clear navigation and a consistent brand presence, serving primarily the Czech market. The business is registered under MIRFA s.r.o., with contact details and social media presence supporting credibility. Technically, the site leverages the Shoptet e-commerce platform, integrating modern analytics and marketing tools such as Google Analytics 4, TikTok Pixel, and Facebook SDK. The site is HTTPS secured and implements cookie consent mechanisms, reflecting a moderate level of digital maturity. Performance and mobile optimization are adequate, though accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analysis. The absence of WHOIS data reduces domain trustworthiness, suggesting privacy protection or registration issues, which should be further investigated. Overall, the site presents a trustworthy and professional e-commerce presence with room for improvement in security policy transparency and technical hardening. Strategic recommendations include implementing comprehensive security headers, publishing incident response information, and verifying domain registration details to enhance trust and compliance.

P

Pavlová Eva

pavlovaeva.cz

55

The website pavlovaeva.cz serves as the official personal and advocacy platform for Eva Pavlová, the First Lady of the Czech Republic. It provides biographical information, details on her social and charitable activities, and links to her foundation and social media profiles. The site targets the Czech public, especially those interested in social causes and vulnerable groups. Technically, the site is built on WordPress with Elementor and uses modern plugins and themes, hosted by Czech providers. Security posture is adequate with HTTPS enabled but lacks security headers and formal privacy and cookie policies, which are compliance gaps. No vulnerabilities or suspicious elements were detected. Overall, the site is professional, trustworthy, and safe for general audiences.

K

Karel Komárek Family Foundation

komarekfoundation.org

66

The website www.komarekfoundation.org is currently inaccessible or blocked by security mechanisms, as indicated by the malformed WHOIS response and truncated HTML content. Due to this, no meaningful business, technical, or security information could be extracted. The lack of WHOIS data and registrant information further limits the ability to assess domain legitimacy or business credibility. The website appears to be protected by a generic WAF or security challenge, preventing full content access and analysis. Consequently, the security posture and privacy compliance cannot be evaluated, and no contact or policy information is available. This situation poses a risk for users seeking transparency or trust signals from the site.

Hugin Cybersecurity AS is a newly established Norwegian cybersecurity company focused on providing effortless cybersecurity solutions for small and medium businesses. The website's title and meta description emphasize this target audience and business focus. However, the website content is currently minimal and displays a client-side application error, limiting user engagement and information availability. The technical infrastructure leverages modern JavaScript frameworks such as Next.js and React, with integrations of HubSpot and Apollo tracking scripts, indicating a moderate level of digital maturity. Hosting is provided via Cloudflare, but DNSSEC is not enabled, and no security headers are detected, suggesting room for improvement in security hardening. The security posture is weak due to missing privacy and cookie policies, lack of incident response contact information, and absence of security best practices visible in the HTML content. Overall, the website presents a low trustworthiness level and poor user experience. Strategic recommendations include fixing the application errors, implementing comprehensive privacy and cookie policies with GDPR compliance, enabling DNSSEC and security headers, and providing clear contact and incident response information to enhance credibility and security posture.

H

Houmb AS | Industrial Cyber Security

houmbas.com

63

The domain www.houmbas.com is currently not registered according to the WHOIS data, indicating that the website is either inactive or the domain is unclaimed. The website content is minimal or blocked, with no meaningful business or contact information available. The site is built using the Wix platform, but lacks essential elements such as privacy policies, cookie consent mechanisms, terms of service, and security headers. There is no evidence of SSL or HTTPS enforcement, which is a critical security deficiency. Overall, the website does not present a credible or trustworthy business presence at this time.

T

Tagore | virtual CISO & GRC Automation

tagore.no

65

The website www.tagore.no is a small business site hosted on the Wix platform. The content is minimal and primarily technical, with no visible business descriptions, contact information, or privacy policies. The lack of WHOIS data suggests the domain is privacy protected or not registered in the public Norid database, which is common but reduces transparency. Technically, the site uses standard Wix scripts and polyfills, indicating a modern but basic technical infrastructure. Security posture is moderate due to HTTPS usage and some cookie security handling, but lacks explicit security headers and policies. Overall, the site presents a low trust profile due to missing business and compliance information, limiting its credibility and user confidence.

V

Verji

verji.no

51

Verji is a Norwegian IT security company specializing in enhanced IT security and encrypted communication solutions for businesses. The website presents a professional and business-oriented digital presence, targeting companies seeking secure communication services. The technical infrastructure is based on WordPress CMS with common plugins such as Yoast SEO and WP Rocket, ensuring good SEO and performance optimizations. The site uses HTTPS and includes GDPR-compliant privacy and cookie policies with consent mechanisms, reflecting a good privacy posture. However, the WHOIS data is suspicious due to a domain creation date set in the future, which raises concerns about the legitimacy or data accuracy. Security policies and incident response contacts are not explicitly published, which could be improved to enhance trust and compliance.

K

Kovert

kovert.no

63

Kovert is a newly established Norwegian cybersecurity consultancy founded in 2023, specializing in vulnerability assessments and IT security testing. The company positions itself as a proactive security partner that identifies weaknesses before hackers can exploit them. The website content is minimal but professional, targeting businesses seeking expert cybersecurity services. The business model focuses on consultancy and tailored security solutions, with a clear emphasis on protecting clients from cyber threats. Technically, the website uses modern front-end technologies such as Bulma CSS and Font Awesome icons, providing a responsive and visually consistent user experience. However, the site lacks advanced technical features such as CMS integration, analytics, or marketing tools. Performance and mobile optimization are moderate to good, but accessibility and SEO optimizations are basic. No hosting or platform details are discernible from the provided data. From a security perspective, the website benefits from HTTPS but lacks essential security headers and published security policies, which lowers its overall security posture. There are no visible forms or interactive elements, reducing attack surface but also limiting user engagement. The absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. No incident response or vulnerability disclosure mechanisms are publicly available, which could impact trust from security-conscious clients. Overall, Kovert presents as a legitimate, small cybersecurity consultancy with a professional but basic online presence. The domain registration aligns well with the company’s founding date, supporting legitimacy. To improve risk posture and market trust, the company should enhance security headers, publish privacy and cookie policies, and provide clear incident response contacts. These steps will strengthen compliance and client confidence while supporting business growth.

The website at securenok.com is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. The domain is registered since 2010 with a reputable registrar, indicating a potentially legitimate business presence. However, the lack of accessible content, absence of privacy or cookie policies, and no contact information severely limit the ability to assess the business or security posture. The technical infrastructure shows no DNSSEC enabled, and no security headers or analytics scripts are present. Overall, the site appears to be either restricted intentionally or misconfigured, resulting in a poor user experience and low trustworthiness.

P

Piql

piql.com

66

Piql is a Norwegian technology company specializing in long-term, immutable data storage solutions using unique film-based media technology called piqlFilm. The company targets organizations requiring secure, sustainable, and future-proof data preservation, including cultural institutions, governments, and enterprises. Piql holds a strong market position with notable clients such as GitHub, the National Museum of Norway, and the Vatican Library, emphasizing its credibility and niche leadership in digital archiving. The website reflects a mature digital presence with modern technologies like Next.js and React, hosted behind Cloudflare DNS, and integrates scheduling and chat tools for customer engagement. Security posture is good with HTTPS and domain transfer protections, though DNSSEC is not enabled and no explicit security or privacy policies are published. Overall, Piql demonstrates a high level of professionalism and trustworthiness, though improvements in privacy compliance and security transparency are recommended.

M

Midlaier AS

midlaier.no

60

Midlaier AS is a Norwegian technology company founded in 2024 specializing in delivering tailored artificial intelligence applications through a model-agnostic platform. Their solutions target business sectors including healthcare, defense, and public administration, emphasizing security and compliance with standards such as ISO 27001 and GDPR. The company positions itself as a niche provider focusing on secure, customized AI solutions for sensitive data environments. Technically, the website is built using modern frameworks like SvelteKit, with good mobile optimization and SEO practices, though accessibility could be enhanced. Security posture is strong with HTTPS and compliance adherence, but could benefit from additional security headers and a cookie consent mechanism. Overall, the website reflects a professional and trustworthy business with clear market focus and solid technical implementation.

I

IdentityStream AS

identitystream.com

68

IdentityStream AS is a Norwegian software company specializing in identity and access management (IAM) solutions, primarily targeting banks and financial institutions. The company offers modular software designed to provide a solid foundation for effective enterprise governance, focusing on identity security as a key enabler for digital transformation. Their market position is strong within Norway, supported by notable clients in the banking sector and a clear focus on compliance and automation. The website reflects a professional and modern digital presence built with Gatsby and Tailwind CSS, optimized for performance and mobile devices. Security posture is good with HTTPS and modern frameworks, but lacks explicit security policies and privacy compliance documentation. Overall, the company demonstrates credibility and technical maturity, though improvements in privacy and security transparency are recommended.

G

Gjøvikregionen Utvikling

gjovikregionen.no

60

Gjøvikregionen Utvikling is a regional development organization focused on fostering innovation, sustainability, and community growth within the Gjøvik region of Norway. The website presents a professional and comprehensive overview of their services, including support for residents, education, industry, and entrepreneurship. The organization positions itself as a key regional player promoting a dynamic and responsible society. Technically, the website leverages modern frameworks such as Next.js and React, integrates Google Analytics for user insights, and employs Google reCAPTCHA for form security. The site is well-optimized for mobile devices and accessibility, with clear navigation and rich content. Security posture is solid with HTTPS and form protections, though additional security headers and a published security policy would enhance trust. Overall, the site demonstrates high professionalism and trustworthiness, though the lack of WHOIS data limits domain registration transparency. Strategic recommendations include enhancing security headers, publishing incident response contacts, and maintaining privacy compliance.

N

NCE Manufacturing

ncemanufacturing.no

63

NCE Manufacturing is a Norwegian cluster organization established in 2021 that fosters collaboration between industry, education, and research to advance a sustainable and profitable export manufacturing sector in Norway. The organization partners with prominent institutions such as NTNU and SINTEF and targets industrial companies and stakeholders in manufacturing and export. The website reflects a professional and consistent brand presence with clear contact information and partnership links. Technically, the site uses modern frontend technologies including Bootstrap 4, jQuery, Google Fonts, and Google reCAPTCHA, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS and bot protection but lacks important security headers and published privacy or cookie policies, indicating compliance gaps. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

C

CenSec

censec.dk

55

CenSec is a Danish innovation cluster focused on the defense, space, and security industries. The organization supports business development, market knowledge expansion, and competence building within these sectors. The website reflects a professional presence with a clear focus on its niche market, targeting industry professionals and companies in Denmark. The domain has been active since 2006, indicating an established business history. Technically, the website is built on WordPress using Elementor and WooCommerce plugins, supported by modern JavaScript libraries such as jQuery and Moment.js. Cookie consent is managed via Cookiebot, ensuring compliance with cookie regulations. The site is hosted likely via Simply.com A/S, consistent with the Danish domain registration. Performance and mobile optimization are good, though accessibility features are basic. From a security perspective, the site uses HTTPS and a consent management platform but lacks DNSSEC and visible security headers, which are recommended for enhanced protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is moderate, with cookie consent mechanisms in place but no explicit privacy policy or terms of service found in the analyzed content. Overall, the website presents a trustworthy and professional digital presence for CenSec, with room for improvement in security headers, DNSSEC implementation, and explicit privacy documentation to strengthen compliance and security posture.

D

Digin

digin.no

59

Digin is Norway's largest IT and digitalization cluster based in the Agder region, comprising over 130 member companies. The organization focuses on fostering collaboration, knowledge sharing, and innovation through networking, projects, courses, and events tailored to the IT sector. Their website reflects a professional and consistent brand presence, targeting IT businesses and stakeholders in the region. Technically, the site is built on the Umbraco CMS platform, leveraging modern JavaScript libraries and frameworks such as jQuery, Bootstrap, and Cookiebot for consent management. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the website enforces HTTPS and includes cookie consent mechanisms but lacks explicit security policy pages and advanced security headers. The domain is well-established since 2013, aligning with the organization's maturity and market position. Overall, the site demonstrates a solid digital presence with room for improvement in security transparency and compliance documentation.

F

FM CyberSecurity

fmcybersecurity.com

59

FM CyberSecurity is a specialized cybersecurity and GRC consulting firm based in Oslo, Norway. The company positions itself as a provider of high-quality, ownership-driven cybersecurity services including ServiceNow expertise in GRC and SecOps, on-demand CISO leadership, and Microsoft Purview data protection solutions. Their market focus is on organizations seeking expert cybersecurity and governance, risk, and compliance consulting. The website reflects a professional and consistent brand image with clear contact information and a LinkedIn presence. Technically, the website is built on WordPress with WooCommerce and Elementor, leveraging modern web technologies such as jQuery and Google Analytics. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security-wise, the site enforces HTTPS and uses Google reCAPTCHA for form protection but lacks visible security headers and published security policies, which are areas for improvement. The WHOIS data for the domain is missing or inaccessible, which raises some concerns about registration transparency. However, the professional website content and business information support the legitimacy of the company. Overall, the site demonstrates a solid digital presence but would benefit from enhanced privacy compliance and security disclosures to strengthen trust and regulatory adherence.

J

Jupiter System Partner AS

jupiter.no

61

Jupiter System Partner AS is a Norwegian technology company established in 1999, specializing in system development, system architecture, and project management across both private and public sectors. The company offers cloud-based publishing solutions, data integration services, and digital tools for formal meetings, positioning itself as a trusted partner with over two decades of expertise. Their market presence is solidified by membership in the Norwegian Cyber Security Cluster and a professional digital footprint. Technically, the website employs modern web technologies with a clean, responsive design, though no major CMS or third-party frameworks are explicitly detected. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and published security policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site reflects a credible and professional business with room for improvement in security transparency and privacy practices.

F

Fortytwo

fortytwo.io

75

Fortytwo is a cybersecurity and compliance service provider offering consulting and risk management solutions to businesses. The website is professionally designed using the Wix platform and includes comprehensive privacy and cookie policies with GDPR compliance. The technical infrastructure leverages modern analytics and marketing tools, including Google Tag Manager, Plausible Analytics, and LinkedIn Insight, with appropriate consent mechanisms in place. Security posture is good with HTTPS enforced and some security headers present, though there is room for improvement in CSP implementation and incident response transparency. The domain WHOIS data is unavailable, likely due to privacy protection, which is common in this sector but reduces transparency. Overall, the website presents a trustworthy and professional image with moderate technical maturity.

M

Moveo AS

moveo.no

60

Moveo AS is a Norwegian IT service provider specializing in effective and secure IT solutions with over two decades of experience. Their offerings include Microsoft cloud services, IT hardware, network infrastructure, security, consulting, and training, targeting businesses primarily in maritime, aquaculture, industry, and commercial sectors. The company positions itself as a reliable partner focused on flexibility, efficiency, and security. Technically, the website is built on WordPress with modern plugins and frameworks, providing a good user experience and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements in security headers and privacy compliance are recommended. Overall, the website reflects a professional and trustworthy business presence, though the lack of WHOIS transparency and cookie consent mechanisms slightly reduce compliance and trust scores.

P

Posten Bring AS

postenbring.no

65

Posten Bring AS is a leading Nordic post and logistics group providing comprehensive postal and logistics solutions under the Posten and Bring brands. The website reflects a professional corporate presence targeting both business and private customers in the Nordic region. The technical infrastructure leverages modern web technologies including React and Font Awesome, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS usage and no visible vulnerabilities, though explicit security headers and incident response information are not publicly disclosed. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the website is trustworthy and professionally maintained, though the absence of WHOIS data slightly reduces domain trustworthiness.

O

Omny AS

omnysecurity.com

57

Omny AS is a Norwegian cybersecurity company specializing in integrated security solutions for operational technology (OT), information technology (IT), and physical systems, primarily targeting industrial and critical infrastructure sectors such as energy and manufacturing. The company offers a platform that provides real-time security insights, continuous monitoring, and compliance support to help organizations reduce risk and maintain operational continuity. Their key services include strategic risk management, dynamic asset inventory, threat intelligence, and compliance facilitation, supported by advisory services. The company positions itself as a trusted partner with ISO 27001 certification and collaborations with notable industry partners.

A

Alte Brennerei Oelde

alte-brennerei-oelde.de

38

Alte Brennerei Oelde operates a coworking space in Oelde, Germany, providing flexible workspaces, meeting rooms, virtual office services, and event spaces tailored to freelancers, startups, and entrepreneurs. The business emphasizes a creative and productive environment with amenities such as lounge areas, kitchens, and a rooftop terrace. Their market position is that of a local coworking and office space provider targeting small businesses and independent professionals. Technically, the website is built on WordPress using the Elementor page builder, hosted on kasserver.com. The site is moderately performant, mobile-optimized, and uses HTTPS, but lacks advanced security headers and cookie consent mechanisms. The site collects minimal user data via a newsletter signup form and does not appear to use analytics or tracking services, indicating a privacy-conscious approach. From a security perspective, the site benefits from HTTPS and no visible sensitive data exposure. However, it lacks published security policies, incident response contacts, and security headers, which are recommended for improved security posture. There are no detected vulnerabilities or malware indicators. Overall, the website is professional, trustworthy, and suitable for its business purpose. Strategic improvements in security headers, privacy compliance (cookie consent), and transparency around security policies would enhance trust and compliance.

V

Vierte Orte GmbH

zuseworks.de

37

zuseworks.de is a professionally operated coworking space located in Hünfeld, Germany, managed by Vierte Orte GmbH. The company offers a variety of flexible workspace solutions including flex desks, private offices, meeting rooms, virtual office services, event spaces, and coaching rooms. The business targets creatives, entrepreneurs, and self-employed professionals seeking a modern and community-driven work environment. The website is well-structured, visually appealing, and provides clear contact information and social media links, supporting a positive user experience. Technically, the website is built on WordPress using the Elementor page builder, leveraging modern web technologies such as jQuery and Google Tag Manager for analytics. The site is hosted on servers associated with kasserver.com, with HTTPS enabled and cookie consent managed via Usercentrics, indicating a good level of digital maturity and privacy compliance. Performance and mobile optimization are adequate, though accessibility could be improved. From a security perspective, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and publicly available security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The domain WHOIS data is consistent with the business information, enhancing trustworthiness. Overall, zuseworks.de presents a low-risk profile with a solid business presence and good technical implementation. Strategic improvements in security headers, incident response transparency, and accessibility would further strengthen its posture.

S

St Johann Konstanz

st-johann-konstanz.de

43

St Johann Konstanz is a small local business focused on providing coworking spaces and promoting new work concepts in the city of Konstanz, Germany. The website presents a professional and consistent brand image, targeting professionals and entrepreneurs interested in innovative workspace solutions. The business model revolves around shared workspaces and community building. Technically, the website is built on WordPress using the Elementor page builder and optimized with the Seraphinite Accelerator plugin, hosted on kasserver.com. The site is moderately performant and mobile-optimized, with good SEO practices evident in meta tags and structured data. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is functional and trustworthy but would benefit from enhanced privacy and security measures.

Vierte Orte GmbH is a German company specializing in the development and operation of multifunctional real estate spaces primarily in rural and suburban areas. Their offerings combine coworking, cultural activities, accommodation, and community engagement with a strong focus on social and ecological value. The company operates under the parent entity Gründerschiff Holding and targets local communities and businesses seeking innovative shared spaces. Technically, the website is built on WordPress using Elementor, with modern tracking and cookie consent mechanisms implemented. Security posture is adequate with HTTPS and cookie consent but lacks explicit security policies or vulnerability disclosure. Overall, the site is professional, accessible, and compliant with GDPR requirements, reflecting a trustworthy business presence.

A

Anthroposophische Gesellschaft in Deutschland e.V.

anthroposophie-gegen-rassismus.de

46

The website 'Anthroposophie gegen Rassismus' is operated by the Anthroposophische Gesellschaft in Deutschland e.V. and serves as an informational platform dedicated to clarifying misconceptions about Anthroposophy related to racism, antisemitism, and right-wing extremism. It provides educational content, publications, blog articles, and official statements to promote a humanistic and inclusive understanding of Anthroposophy. The target audience includes individuals interested in Waldorf education, biodynamic products, and those seeking critical discourse on these topics. Technically, the site is built on TYPO3 CMS, hosted by Infomaniak, and employs modern frontend libraries ensuring good mobile optimization and user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy and cookie policies are present and GDPR compliant, but no explicit security or incident response policies are published. Overall, the site is trustworthy, professional, and serves a niche educational purpose effectively.

A

Anthroposophische Gesellschaft in Deutschland

anthroposophie.de

53

The website www.anthroposophie.de represents the Anthroposophische Gesellschaft in Deutschland, a non-profit organization dedicated to promoting and educating about Anthroposophy, a spiritual and philosophical movement. The site serves as a central hub for information, events, and community engagement related to Anthroposophy in Germany. It targets a broad audience including interested individuals, critics, and practitioners. The business model is educational and community-focused, with a medium-sized organizational footprint in the non-profit sector.

The website medienzentrum-ekm.de is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. This prevents extraction of business, contact, or policy information. The domain is hosted on manitu.net name servers, a known German hosting provider, but no registrant details or company information are available to verify legitimacy or business operations. The lack of accessible content and absence of privacy, cookie, or terms of service policies indicates a very low digital maturity and poor user experience. Security posture cannot be properly assessed due to lack of accessible data and no visible security headers or SSL information. Overall, the site is effectively blocked from public access, resulting in a critical limitation for analysis and a very low trust and credibility score.

T

Thüringer Literaturrat e.V.

literaturland-thueringen.de

45

Literaturland Thüringen is a cultural-literary initiative focused on presenting the literary heritage and contemporary literary scene of the Thüringen region in Germany. It operates as a non-profit platform supported by recognized cultural institutions such as the Thüringer Literaturrat e.V., Sparkassen-Kulturstiftung Hessen-Thüringen, and media partners MDR Kultur and MDR Thüringen. The website offers a rich repository of articles, images, indexes of places and persons, and multimedia content aimed at literature enthusiasts and the general public interested in regional culture. Technically, the website is built on WordPress 4.9.26 with several plugins enhancing user experience, including Leaflet.js for interactive maps and cookie consent mechanisms for GDPR compliance. While the site uses HTTPS and has a cookie consent banner, it relies on outdated WordPress and jQuery versions, which may expose it to security vulnerabilities. The site lacks explicit security headers and visible contact emails or phone numbers on the homepage, although a contact form is available. From a security perspective, the site demonstrates basic good practices such as HTTPS and cookie consent but requires updates to its CMS and libraries to mitigate potential risks. No advanced security policies or incident response contacts are published. The absence of a vulnerability disclosure policy and security.txt file indicates room for improvement in transparency and security readiness. Overall, Literaturland Thüringen is a trustworthy and professionally presented cultural platform with good content quality and user experience. Strategic updates to its technical stack and enhanced security measures are recommended to maintain and improve its security posture and compliance.

L

Lese-Zeichen e.V.

lesezeichen-ev.de

40

Lese-Zeichen e.V. is a small non-profit cultural association based in Germany, dedicated to promoting literature and organizing literary events, readings, and podcasts. The website serves as a hub for event information, news, and cultural content targeting literature enthusiasts primarily in the Thuringia region. The organization maintains an active presence with detailed event calendars and multimedia content, including podcasts and videos. Technically, the website uses a modern Bootstrap framework with common JavaScript libraries and custom scripts, providing a responsive and user-friendly experience. However, some technical aspects such as mixed content loading and lack of security headers indicate room for improvement in security practices. The security posture is moderate, with client-side password hashing implemented but lacking comprehensive protections like CSRF tokens and secure script delivery. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a significant gap given GDPR requirements. Overall, the website is functional and professional but would benefit from enhanced security and privacy measures to improve trust and compliance.

The Landesarbeitsgemeinschaft Jazz in Thüringen e. V. is a regional non-profit organization dedicated to promoting jazz music within the Thuringia region of Germany. The website serves as a cultural hub, providing information and networking opportunities for jazz enthusiasts and local jazz clubs. It maintains partnerships with several regional jazz clubs, as evidenced by multiple external links. The site is built on the Contao CMS platform and utilizes common JavaScript libraries such as jQuery and Colorbox, indicating a moderate level of technical maturity. The website is accessible, mobile-optimized, and presents a consistent branding aligned with its cultural mission. However, it lacks advanced privacy and security features such as cookie consent mechanisms and security headers, which are important for compliance and protection.

B

Bundesministerium für Bildung und Forschung

digitalpaktschule.de

56

The website digitalpaktschule.de is an official German government platform managed by the Bundesministerium für Bildung und Forschung (Federal Ministry of Education and Research). It serves as the authoritative source for the DigitalPakt Schule initiative, which aims to enhance digital infrastructure and competencies in German schools. The site provides comprehensive information, resources, and updates targeted at schools, educators, students, parents, and related stakeholders. It holds a strong market position as a government-backed educational resource with clear branding and trust signals. Technically, the website employs modern JavaScript libraries such as jQuery and Modernizr, uses the Slick Carousel for UI elements, and integrates Matomo analytics with a privacy-conscious opt-in mechanism. The site is mobile-optimized, accessible, and SEO-friendly, though it appears to use a custom or proprietary CMS. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms to comply with GDPR. However, it lacks explicit security policy pages, incident response contacts, and advanced security headers. No vulnerabilities or exposed sensitive data were found. Overall, the security posture is solid but could be improved with additional transparency and security best practices. The website is safe for general audiences, contains no adult or questionable content, and maintains high trustworthiness. The domain registration data aligns well with the website content, confirming legitimacy and consistency with a government entity. Strategic recommendations include publishing security policies, incident response information, and implementing additional security headers to enhance trust and compliance.

M

Mitteldeutsche Bildungsakademie in Trägerschaft der MMB gGmbH

bildungsakademie-mmb.de

49

Mitteldeutsche Bildungsakademie in Trägerschaft der MMB gGmbH is a non-profit educational organization based in Germany, focused on supporting schools and leadership teams in their development and transformation processes. The organization offers key services including school development, educational events, and leadership qualification programs. The website is professionally designed, well-structured, and targets educational institutions primarily in the central German region. Technically, the site is built on WordPress with modern libraries such as jQuery and Swiper.js, hosted on host-on.net servers. It employs cookie consent management via Borlabs Cookie, ensuring compliance with GDPR regulations. Security posture is good with HTTPS enforced and no visible vulnerabilities, although some security headers could be improved. Contact information is clearly provided, enhancing business credibility. Overall, the website presents a trustworthy and professional digital presence for the educational sector.

G

Gemeindedienst der EKM

gemeindedienst-ekm.de

46

The Gemeindedienst der EKM is a non-profit church service organization affiliated with the Evangelische Kirche in Mitteldeutschland (EKM). It provides a broad range of services including consulting, education, event organization, fundraising, and material provision primarily targeted at church communities and church districts. The website reflects a well-structured and professional presence with clear contact channels and relevant content for its audience. Technically, the site employs modern frontend technologies such as Bootstrap, jQuery, and slick carousel, hosted on Eastlink infrastructure, and is mobile optimized with moderate performance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks some security headers and explicit incident response information. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and aligns well with its church affiliation.