Security Directory

E

Event Express Ltd

eventexpressuk.com

59

Event Express Ltd is a UK-based company specializing in accommodation services for the events and exhibitions industry. Their website positions them as a partner to exhibition and event organizers, exhibitors, and visitors, providing tailored accommodation solutions to support successful events. The company demonstrates a clear business focus with professional branding and a consistent digital presence, including active social media channels and certifications from industry bodies such as HBBA and IATA. Technically, the website uses a modest technology stack including jQuery and Adobe Typekit fonts, with a responsive design suitable for mobile devices. While the site is functional and well-structured, there is room for improvement in performance optimization, accessibility, and SEO. No advanced CMS or hosting details are evident from the HTML content. From a security perspective, the site lacks visible security headers and explicit HTTPS enforcement details, though it does implement a cookie consent banner and a privacy policy indicating GDPR awareness. No forms or data collection points were detected on the main pages, reducing immediate exposure to input-based vulnerabilities. The absence of WHOIS data for the domain is a notable concern, potentially indicating domain registration issues that could affect trustworthiness. Overall, the website presents a professional and trustworthy front for a niche hospitality service provider, but the lack of WHOIS transparency and limited security hardening suggest areas for strategic improvement to enhance trust and compliance.

V

Vierte Orte GmbH

office-friends-olpe.de

36

Office & Friends Olpe, operated by Vierte Orte GmbH, is a coworking space provider located in Olpe, Germany. The company offers flexible workspace solutions including flex desks, private offices, meeting rooms, virtual offices, and event spaces tailored for freelancers, startups, and entrepreneurs. Their market position is regional with a focus on fostering community and productivity in a modern environment. The website is professionally designed using WordPress and Elementor, featuring clear navigation, mobile optimization, and integrated cookie consent mechanisms. Technically, the site uses modern web technologies and is hosted on kasserver.com with proper HTTPS configuration. Security posture is solid with no visible vulnerabilities, though security headers could be improved. Privacy compliance is addressed with a GDPR-compliant privacy and cookie policy. Contact information is clearly presented, enhancing business credibility. Overall, the website reflects a trustworthy and professional business presence.

C

Consensys Software Inc

consensys.net

74

Consensys Software Inc is a leading blockchain software company focused on building tools, infrastructure, and research that power Ethereum, the foundation for a more secure and open economy. Founded in 2019 by Ethereum's co-creator, Consensys holds a strong market position with flagship products such as MetaMask, Linea Layer 2, and Infura. Their target audience includes developers, enterprises, and users interested in Ethereum and decentralized technologies. The company operates primarily in the technology sector with a large organizational size and a global reach. Technically, the website leverages modern frameworks like SvelteKit and Three.js, hosted on Cloudflare, and integrates multiple analytics and marketing tools including HubSpot, Google Tag Manager, and Facebook Pixel. The site is well optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs standard security headers, and implements cookie consent mechanisms aligned with GDPR compliance. However, DNSSEC is not enabled, and there is no public security.txt or explicit incident response contact information, which could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website and business demonstrate a high level of professionalism, trustworthiness, and compliance. The domain registration details are consistent with the company's claims, reinforcing legitimacy. Strategic recommendations include enabling DNSSEC, publishing a security.txt file, and enhancing incident response transparency to further strengthen security posture and trust.

U

Unizen

unizen.io

71

Unizen is a cross-chain enabled decentralized finance (DeFi) and decentralized exchange (DEX) aggregator platform that provides users with seamless access to liquidity and trading across multiple blockchain networks. Positioned as a next-generation DEX aggregator and solver, Unizen leverages proprietary algorithms such as ULDM and UIP to optimize trade routing, minimize slippage, and enable efficient cross-chain swaps. The platform targets retail traders, wallets, exchanges, and traditional finance institutions seeking decentralized, low-fee, and high-return trading solutions. Unizen has established a strong market presence with partnerships across wallets, exchanges, and DeFi protocols, and has been featured in major press outlets including CoinDesk, The Wall Street Journal, CoinTelegraph, and Forbes. Technically, Unizen employs modern web technologies including React and Next.js, with integrations of analytics tools like Smartlook. The website is well-designed, mobile-optimized, and provides a rich user experience with clear navigation and professional content. Security practices include HTTPS enforcement, MEV protection, and external smart contract audits by reputable firms. However, explicit security policies, incident response contacts, and privacy/cookie policies are not visibly published, which could be improved to enhance user trust and compliance. The WHOIS data for the domain is unavailable due to privacy protection, which is common in the crypto industry and does not significantly detract from the platform's legitimacy given the strong trust signals and professional presentation. Overall, Unizen demonstrates a mature digital infrastructure, a solid security posture, and a credible business model in the DeFi space.

C

CHARLOTTE | Stiftung

charlotte-stiftung.org

49

CHARLOTTE | Stiftung is a small non-profit foundation based in Berlin, Germany, established in 2019 by the Charlottenburger Baugenossenschaft. The foundation focuses on providing financial support to residents in need, particularly for health-related home modifications and support for disabled youth and elderly care. The website is built on TYPO3 CMS and uses modern web technologies including jQuery and Google Maps API. It offers donation options via bank transfer and PayPal, with clear contact information and legal disclosures. The site is well-structured, mobile-optimized, and provides relevant content for its target audience. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and advanced security headers. Privacy compliance is good with a privacy policy present, though no cookie consent mechanism is detected. Overall, the website demonstrates a trustworthy and professional online presence for a local charitable foundation.

Drata Inc. is a leading technology company specializing in AI-native governance, risk, and compliance (GRC) automation. Their platform enables businesses to automate compliance processes, manage risk, and accelerate security reviews, positioning Drata as a market leader trusted by thousands of customers including major enterprises. The company leverages modern web technologies and cloud hosting to deliver a fast, mobile-optimized, and accessible user experience. Security is a core focus, with strong HTTPS enforcement, security headers, and support for multiple compliance frameworks such as SOC 2, ISO 27001, HIPAA, and GDPR. While the website lacks direct contact emails or phone numbers, it provides contact forms and comprehensive legal and privacy documentation. Overall, Drata demonstrates a mature digital presence with a strong security posture and business credibility.

B

Bluetree

bluetree.no

54

Bluetree is a Norwegian IT services company specializing in cybersecurity, IT operations, and digital projects focused on network and cloud solutions. Positioned as an award-winning strategic partner, Bluetree targets enterprise companies seeking secure and innovative IT solutions. The website is professionally designed using HubSpot CMS, integrating modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Hotjar, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced, security headers present, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a cookie consent banner and a comprehensive privacy policy, indicating GDPR awareness. The absence of public WHOIS data suggests privacy protection, which is justified for this business type. Overall, Bluetree presents a credible and trustworthy online presence with moderate to high technical and security maturity.

N

Norwegian Cybersecurity Cluster

cybersecuritycluster.no

65

Norwegian Cybersecurity Cluster is a Norwegian-based organization focused on building capacity and solutions for a secure digital society. It operates as a cluster facilitating partnerships, innovation, and export of cybersecurity solutions, aiming to position Norway as the most cyber secure country globally. The website reflects a professional and consistent brand with a clear mission and a strong network of reputable partners from academia, industry, and government sectors. Technically, the site is built on Webflow with modern web technologies and includes multilingual support via Weglot, indicating a moderate to high level of digital maturity. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure; however, the absence of security headers and incident response information suggests room for improvement. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms and explicit GDPR statements. Overall, the site is trustworthy and well-positioned but could enhance security and privacy practices to strengthen its risk posture.

C

Check Point Software Technologies Ltd.

checkpoint.com

76

Check Point Software Technologies Ltd. is a globally recognized leader in cybersecurity solutions, serving corporate enterprises and government entities. Founded in 1993 and headquartered in Tel Aviv, Israel, the company offers a comprehensive portfolio of products and services including network security, cloud security, endpoint protection, SASE, AI-driven threat prevention, managed security services, and cybersecurity training. The website reflects a mature digital presence with professional design, clear navigation, and extensive content tailored to a global enterprise audience. Technically, the site is built on WordPress with modern libraries and frameworks, optimized for SEO and mobile responsiveness. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and use of monitoring tools, though explicit security headers and incident response information could be enhanced. The absence of WHOIS data is notable but does not detract from the overall legitimacy and trustworthiness of the site. Strategic recommendations include improving transparency around security policies and incident response, and ensuring all security headers are implemented.

Mastercard Norway's website serves as a corporate portal for Mastercard's payment and financial services in Norway. The site presents a professional brand image consistent with Mastercard's global identity, targeting consumers and businesses in the Norwegian market. The business model focuses on payment processing and digital payment solutions, positioning Mastercard as a leading player in the finance sector. Technically, the website employs modern web technologies such as StencilJS web components, ensuring a contemporary user experience with good mobile optimization. However, the site lacks visible privacy and cookie policies, contact information, and security headers, which are important for compliance and user trust. Security posture is moderate with HTTPS enforced but missing additional security headers. Overall, the site appears legitimate and safe but could improve transparency and compliance aspects.

D

Defendable

defendable.no

72

Defendable is a prominent Norwegian cybersecurity company founded in 2021, offering a broad range of services including security monitoring, advisory, incident response, and security testing. Positioned as one of Norway's largest cybersecurity firms, it targets businesses seeking comprehensive cyber defense solutions. The website is professionally designed using HubSpot CMS, featuring multilingual support and a clear service structure. Technical infrastructure includes modern marketing and analytics tools such as Google Tag Manager and reCAPTCHA Enterprise, indicating a mature digital presence. Security posture is strong with HTTPS enforced, cookie consent mechanisms, and use of security best practices, though explicit security policies and vulnerability disclosures are absent. Overall, the site reflects a trustworthy and professional business with room for enhanced transparency in security and compliance documentation.

B

BDO Norge

bdo.no

75

BDO Norge is a leading international advisory and auditing firm with a strong presence in the Norwegian business and public sectors. The company offers a broad range of professional services including auditing, accounting, advisory, and legal services, targeting a diverse clientele from large multinational corporations to small and medium-sized enterprises. The website reflects a professional and consistent brand image aligned with its market position. Technically, the website employs modern technologies such as Google Tag Manager, Marketo Munchkin, Cookiebot for consent management, and Microsoft Application Insights for telemetry. The CMS identified is Kentico, indicating a robust content management infrastructure. The site is mobile-optimized and performs moderately well, with good SEO and accessibility features. From a security perspective, the site uses HTTPS with strong SSL configuration and implements a comprehensive cookie consent mechanism. However, explicit security headers are not detected in the provided content, and there is no visible security policy or incident response information published. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website is trustworthy and professional, with extensive analytics and marketing tools in use. The lack of publicly available WHOIS data is due to privacy protection, which is justified for this type of business. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and providing vulnerability disclosure information to improve transparency and trust.

A

Atea

atea.no

72

Atea is Norway's largest IT company specializing in technology and IT services aimed at shaping a better Norway. The company offers a comprehensive range of products and services including digital workplace solutions, cloud services, IT operations, AI, IT security, sustainable IT, and sector-specific technologies such as healthcare and aquaculture. The website is professionally designed, well-structured, and optimized for mobile devices, reflecting a mature digital presence. Technically, the site employs modern JavaScript frameworks, Google Tag Manager, and personalization tools, indicating a robust technical infrastructure. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms, and follows best practices, though it lacks a publicly visible security policy or incident response contacts. Overall, the risk profile is low with no critical vulnerabilities detected, but improvements in transparency around security policies and incident response are recommended.

T

Telia

telia.no

64

Telia Norway is a major telecommunications provider offering mobile subscriptions, TV, and internet services targeted at families and general consumers. The website presents a professional and modern digital presence with a focus on service offerings and customer engagement. The technical infrastructure includes modern JavaScript frameworks, analytics via Microsoft Application Insights and Google Tag Manager, and a cookie consent mechanism indicating some level of privacy compliance. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies are not evident. The absence of WHOIS data limits full trust assessment but the site appears legitimate and well-maintained.

N

Netsecurity

netsecurity.no

71

Netsecurity is a Norwegian digital security company focused on enhancing safety for private companies and public sector organizations in an increasingly digital world. The company is approved by the Norwegian National Security Authority (NSM), indicating a strong market position in critical infrastructure protection. Their services target sectors such as energy, transportation, and telecommunications, emphasizing the security of complex, interconnected digital systems. The website content is professional and well-structured, with multimedia elements like videos to educate visitors on digital vulnerabilities. Technically, the website is built on the HubSpot CMS platform, utilizing modern web technologies including jQuery, Google Analytics, Google Tag Manager, and Hotjar for analytics and user behavior tracking. The site is mobile-optimized and implements standard security headers and HTTPS, reflecting a mature digital infrastructure. However, some accessibility features could be improved. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and security headers. There is no evidence of exposed sensitive data or vulnerable libraries. The presence of a cookie consent mechanism aligns with privacy regulations, though the absence of a dedicated privacy policy and terms of service pages indicates room for improvement in compliance and transparency. Overall, the website presents a low risk profile with strong trust indicators, though enhancing privacy disclosures and contact transparency would further strengthen its security posture and user trust.

I

Intility

intility.com

72

Intility is a well-established Norwegian technology company founded in 2000, specializing in providing a comprehensive enterprise cloud platform service. Serving over 650 companies across 2,500 locations primarily in Scandinavia, Intility offers a broad range of services including managed cloud, AI platform, digital workplace solutions, security and compliance, and consulting. The company positions itself as a catalyst for digital transformation with a strong emphasis on industrialized IT operations and platform development. Their market presence is supported by a consistent brand, active content updates, and a robust partner ecosystem. Technically, the website is built on WordPress using Elementor and Yoast SEO, leveraging modern web technologies and analytics tools such as Hotjar and Fathom Analytics. The site demonstrates good performance, mobile optimization, and accessibility. SEO practices are well implemented, enhancing discoverability and user experience. From a security perspective, Intility maintains a strong posture with HTTPS enforced, ISO 27001 certification, and clientTransferProhibited domain status. However, there is room for improvement in DNSSEC adoption and explicit security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, Intility presents a low-risk profile with a mature digital presence, strong business credibility, and a professional security approach. Strategic recommendations include enhancing DNS security, publishing a vulnerability disclosure policy, and improving security header implementation to further strengthen their security posture.

A

Aeger Group

aeger.no

73

Aeger Group is a Norwegian consulting company specializing in securing high-risk assets and establishing emergency preparedness capabilities internationally. Their market position is that of a specialized security consultancy offering a broad range of services including cybersecurity, risk management, crisis handling, training, and travel security. The company targets organizations requiring robust security and risk mitigation solutions globally. The website reflects a professional business model focused on consulting and training services with a clear international orientation. Technically, the website is built on the Webflow CMS platform, utilizing modern web technologies such as Google Tag Manager, Google Analytics, Google reCAPTCHA, and third-party marketing tools like Leadfeeder and Pipedrive Leadbooster Chat. The site is mobile-optimized with good SEO practices and moderate performance. Accessibility is basic but functional. From a security perspective, the website enforces HTTPS and employs reCAPTCHA on its contact form, alongside a comprehensive cookie consent mechanism supporting GDPR compliance. However, it lacks explicit security policies, incident response contacts, and security headers, which are recommended for enhanced security posture. No vulnerabilities or exposed sensitive data were detected. Overall, the website presents a trustworthy and professional front with good privacy compliance and business credibility. The absence of WHOIS data limits domain trust analysis, but the site content and contact details support legitimacy. Strategic improvements in security policy transparency and technical security headers would strengthen the security posture further.

M

mnemonic AS

mnemonic.io

81

mnemonic AS is a well-established cybersecurity company based in Norway, celebrating 25 years of operation in 2025. The company specializes in helping businesses manage security risks, protect data, and defend against cyber threats. Their market position is strong within Europe, offering a broad range of services including Managed Detection & Response, Threat Intelligence, Incident Response, Assessments & Testing, Consulting, and Security Products. The company targets businesses requiring advanced cybersecurity solutions and operates multiple offices across Europe and the US. Technically, the website is built on the EPiServer CMS platform with modern web technologies and demonstrates good mobile optimization, accessibility, and SEO practices. The site is performant with a professional design and clear navigation. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, though it lacks some advanced security headers and a public vulnerability disclosure policy. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies. The WHOIS data is privacy protected, which is typical for cybersecurity firms, and the domain's legitimacy is supported by consistent contact information and trusted client references. Overall, mnemonic presents a professional, trustworthy, and technically mature online presence with a strong focus on cybersecurity services for enterprise clients.

T

Teknisk Ukeblad Media AS

digi.no

61

Digi.no is a leading Norwegian IT industry news website operated by Teknisk Ukeblad Media AS, providing comprehensive news, analysis, and commentary focused on technology and digitalization. The site targets IT professionals and business decision makers in Norway, offering subscription-based content alongside advertising revenue. The technical infrastructure is modern, leveraging Next.js and React frameworks, with integration of multiple analytics and marketing tools such as Facebook Pixel, LinkedIn Insight, and Hotjar. The website demonstrates strong GDPR compliance through an integrated consent management platform and clear privacy policies. Security posture is robust with HTTPS enforcement and standard security headers, though explicit security policies and vulnerability disclosure mechanisms are not publicly available. Overall, Digi.no presents a professional, trustworthy, and well-maintained digital media presence with a high level of content quality and user experience.

J

Jask Creative

jaskcreative.co.uk

58

Jask Creative is a Birmingham-based creative agency specializing in branding, media, web design, photography, and videography. The company positions itself as a leading creative campaigns agency serving ambitious brands seeking impactful marketing solutions. Their website reflects a professional and modern digital presence, leveraging WordPress CMS and integrating multiple marketing and analytics tools such as HubSpot, Microsoft Clarity, and Google Tag Manager. The site features rich multimedia content, client testimonials, and a comprehensive cookie consent mechanism, indicating a mature approach to privacy compliance. However, the WHOIS data for the domain is unavailable and flagged by Nominet UK as invalid, which raises concerns about domain registration legitimacy despite the active and professional website.

U

UpVerso.cz

upverso.cz

61

UpVerso.cz operates a modern, flexible platform named Verso, focused on revolutionizing employee benefits, internal communication, and employee engagement for businesses. The platform targets companies seeking to enhance workforce motivation and streamline internal communication processes. The website is professionally designed, leveraging WordPress CMS with performance and SEO optimizations, including structured data and cookie consent mechanisms. Technical infrastructure includes modern JavaScript libraries and tracking tools such as Microsoft Clarity and Google Tag Manager, indicating a mature digital presence. Security posture is strong with HTTPS enforcement and security headers, though explicit privacy policies and contact information are lacking. Overall, the site presents a trustworthy and professional business platform with room for improvement in privacy compliance and transparency.

N

Nota Incorporated

netspresso.ai

57

NetsPresso, operated by Nota Incorporated, is a technology company specializing in AI chip optimization software. Their platform enables AI hardware developers to optimize, quantize, and benchmark AI models directly on their chips, targeting a niche market of AI hardware platform developers. The website presents a professional and consistent brand image with a focus on technical content relevant to their audience. Technically, the site is built using Framer CMS and hosted on AWS infrastructure, leveraging Google Analytics and Tag Manager for tracking. While the site is well-designed and mobile-optimized, it lacks visible privacy and cookie policies, as well as explicit contact information, which are important for compliance and user trust. Security posture is moderate with HTTPS enabled but missing security headers and DNSSEC. The domain registration details are consistent with the business claims, indicating legitimacy. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security practices.

Č

Česká pošta, s.p.

pohledniceonline.cz

53

PohledniceOnline.cz is an official online postcard creation and delivery service operated by Česká pošta, the Czech Republic's national postal service. The platform enables users to upload personal photos, customize postcards, and send them physically via postal delivery both domestically and internationally. The service is accessible via web and mobile applications, supporting multiple payment methods including prepaid vouchers and secure online payments through ComGate. The website is well-branded, professionally designed, and targets a broad audience seeking convenient postcard sending solutions. Technical infrastructure includes modern web technologies and integration with trusted payment gateways, hosted on Websupport servers. Security posture is adequate with HTTPS and CSRF protections, though improvements in security headers and incident response transparency are recommended. Overall, the website demonstrates a strong business credibility and trustworthy presence aligned with its parent postal organization.

B

Balíkovna

balikovna.cz

65

Balíkovna is a Czech parcel delivery and pickup service offering a network of over 2,000 pickup points including post offices, partner retail locations, and self-service boxes. The website provides parcel tracking, sending options, and home delivery services, supported by a mobile application for enhanced customer convenience. The company targets consumers and e-commerce customers within the Czech Republic, positioning itself as a leading parcel logistics provider in the region. Technically, the website is built on the Liferay CMS platform, utilizing modern JavaScript libraries and frameworks, and implements HTTPS with Google reCAPTCHA for form security. However, explicit privacy and cookie policies are not clearly found, and WHOIS domain registration data is unavailable, which slightly impacts trust from a domain registration perspective. Overall, the site is professional, user-friendly, and secure, with room for improvement in privacy compliance and security policy transparency.

Č

Česká pošta

sipo.cz

51

The website sipo.cz represents the SIPO payment tool operated by Česká pošta, the Czech national postal service. It offers a consolidated payment solution for regular bills such as utilities, rent, and broadcasting fees, simplifying payment processes for the general public in the Czech Republic. The site is well-branded, consistent with the parent company, and provides clear information about the service and contact details. The domain is long-established, dating back to 2001, aligning with the service's history and legitimacy. From a technical perspective, the website uses standard web technologies including HTML5, CSS, and JavaScript. It is mobile-optimized and provides a good user experience with clear navigation and professional design. However, there is no explicit CMS or advanced frameworks detected, and some accessibility and SEO optimizations are basic. Security headers and explicit security policies are not visible in the provided content, though HTTPS usage is implied. No signs of tracking or advertising scripts were found, indicating a privacy-conscious approach. Security posture is moderate with no critical vulnerabilities detected in the content. The site links to comprehensive privacy and cookie policies hosted on the official Czech Post domains, indicating GDPR compliance. Contact information is clearly provided, but there is no visible incident response or vulnerability disclosure information. The domain WHOIS data is consistent with the business claims, enhancing trustworthiness. Overall, the website is a trustworthy, government-backed payment service platform with good content quality and business credibility. Strategic improvements could focus on enhancing security headers, adding explicit security and incident response policies, and implementing cookie consent mechanisms to further strengthen privacy compliance and security posture.

E

ebsygon.com

ebsygon.com

52

Ebsygon.com is a German-based digital solutions provider specializing in the digitalization of the energy sector. Founded in 2022, the company positions itself as a niche player offering technology-driven services to energy industry stakeholders. The website is professionally designed using WordPress with the Avada theme and includes essential business information such as privacy policies and legal imprint, targeting primarily German-speaking audiences in the energy domain. Technically, the site employs modern web technologies and plugins, ensuring good mobile optimization and SEO readiness. Security posture is solid with HTTPS enabled and domain transfer protections, though improvements like DNSSEC and enhanced security headers could be made. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned policies. Overall, the site reflects a trustworthy and professional business presence with moderate technical maturity and good compliance standards.

Seenotrettershop is a German e-commerce website specializing in maritime rescue-themed merchandise such as books, clothing, collectibles, and art prints. The site targets enthusiasts and supporters of maritime rescue services, offering a niche product catalog through an online retail model. The platform is built on the Gambio e-commerce software and integrates PayPal for payment processing, indicating a moderate level of digital maturity. The website is well-structured with clear navigation, responsive design, and product presentation, supporting a positive user experience. However, the absence of privacy and cookie policies, as well as terms of service, indicates gaps in compliance and transparency. Security posture is adequate with HTTPS and secure forms but lacks advanced security headers and documented incident response mechanisms. Overall, the site is functional and trustworthy for its niche audience but would benefit from enhanced privacy compliance and security best practices.

C

Concrete Pump Repair South

concretepumpssouth.com

62

Concrete Pump Repair South is a specialized service provider focused on concrete pump repair and parts distribution, particularly Schwing OEM parts. The company operates as a Small Line Dealer and satellite CPR Repair center in the Southeastern United States, emphasizing quality and customer support. The website is professionally designed using the Squarespace platform, featuring clear navigation and responsive design, though it lacks explicit contact details and privacy-related policies. Technically, the site benefits from HTTPS and HSTS, ensuring secure connections, but could improve by adding additional security headers and privacy compliance features. The absence of WHOIS data reduces domain trustworthiness, suggesting recent registration or privacy protection, which should be monitored. Overall, the site presents a credible business front but requires enhancements in privacy, contact transparency, and security best practices to strengthen trust and compliance.

W

wbv Media

wbv-media.de

57

wbv Media is a well-established German family-owned media and logistics company with over 150 years of history. It operates through three main business units: Distribution, Communication, and Publication, serving public clients, scientific communities, and online shops. The company positions itself as a reliable partner with scalable logistics and communication services, emphasizing tradition and innovation. Technically, the website uses modern frameworks like UIkit and jQuery, is mobile-optimized, and implements a cookie consent mechanism with blocking access until consent is given. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security headers and policies are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

R

Rynek.Pro | Lokalni-Profesjonalni

rynek.pro

53

Rynek.Pro is a local business directory portal primarily serving Polish and Lithuanian markets, offering categorized listings for production, retail trade, wholesale, and services. The platform targets local consumers and businesses seeking reliable contractors and professional services. It operates as an online advertisement and business listing service with an interactive map feature to enhance user experience. The website is built on WordPress using the TownHub theme and integrates modern technologies such as Elementor, WooCommerce, and Matomo Analytics, reflecting a moderate to good level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers and explicit security policies are absent. The domain WHOIS data is privacy protected but registered through a reputable registrar, consistent with the business type. Overall, the site demonstrates good professionalism, privacy compliance, and user experience, making it a trustworthy platform for local business promotion.

F

Formspree

formspree.io

65

Formspree, Inc is a US-based technology company founded in 2014 that provides a SaaS form backend, API, and email service tailored for developers and businesses seeking to embed custom forms without server code. The company enjoys a strong market position, trusted by over 500,000 users including freelancers, agencies, and Fortune 500 companies such as Amazon, OpenAI, and Adobe. Their key services include spam filtering, email notifications, third-party integrations, and easy-to-use popup forms, positioning them as a reliable form solution provider in the developer tools space. Technically, the website is built using the Hugo static site generator and leverages modern analytics platforms including Google Analytics, Amplitude, and PostHog. Hosting and DNS services are provided by Cloudflare, ensuring fast performance and robust infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security practices include HTTPS enforcement, machine learning spam filtering, reCaptcha integration, and custom spam rules, although DNSSEC is not enabled and some security headers may be missing. From a security standpoint, Formspree demonstrates a solid posture with no visible vulnerabilities or exposed sensitive data. Privacy and terms of service policies are comprehensive and GDPR compliant, though explicit incident response contacts and vulnerability disclosure policies are absent. The domain registration data aligns well with the website content, reinforcing legitimacy and trustworthiness. Overall, Formspree presents a professional, secure, and privacy-conscious service with excellent content quality and technical implementation. Strategic improvements could include enabling DNSSEC, publishing a security.txt file, and adding cookie consent mechanisms to enhance compliance and security transparency.

I

Ing. Jan Vince

webula.cz

50

Webula is a Czech-based web development and management company with over 20 years of experience and a portfolio exceeding 100 completed websites. They specialize in creating modern, reliable websites and provide ongoing support including content preparation, advertising, and social media assistance. Their market position is strengthened by client testimonials and partnerships, including official recognition as an OctoberCMS partner. Technically, the website is built on OctoberCMS, uses modern JavaScript libraries, and implements cookie consent mechanisms aligned with GDPR requirements. Security posture is solid with HTTPS enforced and consent-based analytics, though some security headers are missing. The absence of WHOIS data limits domain trust assessment but the business information and references support legitimacy. Overall, Webula presents a professional and trustworthy digital presence.

M

MAFRA, a.s.

harpersbazaar.cz

61

Harper's Bazaar Czech Republic is a well-established online fashion and lifestyle magazine operated by MAFRA, a.s., a recognized media company. The website offers daily fashion news, beauty tips, art, lifestyle, and celebrity content targeted primarily at Czech-speaking audiences interested in high-end fashion and culture. The business model includes content publishing and subscription sales, supported by a mature digital marketing and advertising infrastructure. Technically, the site uses modern JavaScript libraries, consent management platforms, and integrates multiple analytics and advertising services, reflecting a high level of digital maturity. Security posture is solid with HTTPS and consent mechanisms, though some security headers and explicit policies are missing. Overall, the site is professional, trustworthy, and compliant with GDPR, though it would benefit from publishing privacy and terms policies explicitly and enhancing security headers. The domain registration is consistent and legitimate, reinforcing the site's credibility.

N

Nominal CZ obchodní s.r.o.

nominal.cz

70

Nominal CZ obchodní s.r.o. is a Czech-based company specializing in the manufacturing and retail of gluten-free and healthy food products, with a history spanning over 30 years. The website presents a professional and consistent brand image targeting general consumers interested in healthy nutrition, particularly gluten-free options. The product range includes cereal porridges, flours, baking mixes, desserts, and oils. The company maintains an active presence on major social media platforms and uses modern web technologies including Google Tag Manager and reCAPTCHA for analytics and security. Technically, the website is hosted by Active24 and employs modern JavaScript libraries such as Swiper.js for UI components. The site is mobile-optimized and offers a good user experience with clear navigation. However, some broken image lazy loading issues and an empty Content-Security-Policy header indicate areas for technical improvement. Security posture is moderate with HTTPS enabled and basic security practices in place, but lacks comprehensive security headers and vulnerability disclosure mechanisms. Privacy compliance is limited as no explicit privacy or cookie policies were found in the provided content, and no consent mechanisms are evident. Contact information is partially available with a clear phone number but no public email addresses. The WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, improved security headers, and fixing technical issues to strengthen trust and security posture.

K

Inbound marketing - Síla příběhu, který prodává

kodo.cz

63

The website kodo.cz is a Czech inbound marketing service provider focused on helping small and medium honest businesses, farms, and local producers leverage internet marketing to grow their operations. The company appears to have been established since 2006, indicating a mature presence in the local market. The website uses modern frontend technologies such as React and service workers, hosted behind Cloudflare DNS, suggesting a reasonable level of technical maturity. However, the site lacks visible privacy and cookie policies, security headers, and explicit contact information, which are important for compliance and trust. The security posture is moderate with HTTPS implied but missing advanced security headers and vulnerability disclosures. Overall, the website is professional and well-designed but could improve in privacy compliance and security transparency to enhance trust and regulatory adherence.

V

Vonovia SE

vonovia-sozialstiftung.de

69

Vonovia Sozialstiftung is a social foundation affiliated with Vonovia SE, a leading real estate company in Germany. The foundation focuses on providing social support and assistance to tenants, fostering community engagement and social welfare. The website is professionally designed with consistent branding aligned to Vonovia, targeting tenants and social stakeholders. The technical infrastructure leverages Microsoft Azure DNS and Cookiebot for GDPR-compliant cookie management, indicating a mature digital presence. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit privacy policy visibility. Overall, the website is trustworthy, safe, and compliant with basic privacy regulations, serving its non-profit social mission effectively.

V

Vonovia SE

wohnen-und-gesellschaft.de

64

Vonovia SE operates the website wohnen-und-gesellschaft.de, focusing on housing and societal topics related to the concept of 'Heimat' (home). The site serves as a platform to engage residents and stakeholders in the real estate sector, reflecting Vonovia's position as a leading real estate enterprise in Germany. The website content is professionally presented with consistent branding and targets a general audience interested in housing and community issues. Technically, the site leverages Azure DNS infrastructure and integrates Cookiebot for GDPR-compliant cookie consent management, indicating a moderate level of digital maturity. However, explicit privacy policies and terms of service pages are not clearly found, which could be improved for transparency. Security posture is moderate with no visible security headers or incident response contacts, but the use of HTTPS is assumed given the domain and cookie consent implementation. Overall, the site is trustworthy and professionally managed but would benefit from enhanced security and compliance disclosures.

V

Vonovia SE

vonovia.com

70

Vonovia SE is a large enterprise operating in the real estate sector primarily in Germany. The company manages residential properties and offers related services to tenants and partners. The website serves as a corporate portal providing information about the company, its subsidiaries, and services. The site is professionally designed with consistent branding and targets a broad audience including tenants, investors, and partners. Technically, the website employs modern web technologies including JavaScript, CSS3, and uses Cookiebot for GDPR-compliant cookie consent management. Analytics tools such as econda and Google services are used for traffic analysis and marketing optimization. The site is mobile-optimized and has good SEO practices, although accessibility features are basic. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of WHOIS data reduces domain trust slightly, but the overall security posture is good. Overall, the website is a professional and trustworthy corporate site with moderate technical maturity and good privacy compliance. Strategic improvements include publishing privacy and security policies, enhancing security headers, and establishing a vulnerability disclosure program to further strengthen trust and compliance.

A

Akademie 21 Polička

akademie21.cz

52

Akademie 21 Polička is a regional educational and cultural center based in the Polička region of the Czech Republic, founded in 2020. The website serves as an informational portal for local educational programs, cultural events, and historical lectures, targeting the local community and learners interested in regional topics. The business model is non-commercial and focused on education and awareness. The website is built on WordPress CMS using Bootstrap and jQuery, indicating a moderate level of digital maturity with a responsive design and basic SEO features. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and formal privacy or cookie policies, which are important for GDPR compliance. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. Overall, the website is functional and professional but could improve in privacy compliance and security best practices.

T

TRENZ GmbH

trenz-ppu.com

67

TRENZ GmbH operates a specialized e-commerce website offering high-performance portable pilot units (PPUs) designed for the maritime industry. Their products focus on precise GNSS navigation, advanced sensor integration, and rugged design for maritime professionals and pilots. The company positions itself as a niche provider with a strong emphasis on product quality and customer support, including firmware updates and device management applications. The website is built on the Shopify platform, leveraging modern web technologies and e-commerce capabilities to serve its target audience effectively. Technically, the website demonstrates a mature digital infrastructure with fast performance, mobile optimization, and integration of analytics and marketing tools such as Google Analytics and Klaviyo. Security measures include HTTPS enforcement and hCaptcha for form protection, although some security headers are missing, which could be improved. Privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policies. The security posture is generally good, with no evident vulnerabilities or exposed sensitive data. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and trustworthiness. This discrepancy should be investigated further to ensure the domain's authenticity and reduce risk. Overall, the website presents a professional and trustworthy front for a specialized maritime technology business, but domain registration inconsistencies and minor security header gaps suggest areas for improvement to enhance trust and security.

The website centralni-adresa.net serves as an informational portal for a Czech government registry concerning declarations of activities, property, income, gifts, and liabilities under law 159/2006 Sb. The site is operated by Galileo Corporation s.r.o., a small company providing niche registry services to public officials and government entities. The content is primarily legal and regulatory in nature, targeting officials and citizens interested in conflict of interest declarations. The site is modest in design and content quality, with basic navigation and limited interactivity. Technically, the website employs standard web technologies including HTML5, CSS, and JavaScript, with resources hosted on the same domain. The site uses HTTPS, but lacks visible advanced security headers such as CSP or HSTS. There is no evidence of a CMS or modern frameworks, and the site appears to have been last updated in 2017, indicating potential technical debt and outdated content. Mobile optimization and accessibility are basic but present. From a security perspective, the site does not expose sensitive data or forms on the main page, which reduces risk. However, the absence of security headers and privacy/cookie policies indicates gaps in compliance and best practices. The WHOIS data is missing or unavailable, which raises concerns about domain registration transparency and legitimacy, although the site content and footer indicate a legitimate business operator. Overall, the site is functional and serves its informational purpose but requires improvements in security posture, privacy compliance, and domain registration transparency to enhance trustworthiness and regulatory compliance.

Č

Česká pošta

postaonline.cz

69

Česká pošta operates the PoštaOnline website as the official online portal for the Czech national postal service. The site provides a comprehensive suite of postal and logistics services including parcel tracking, branch location, online parcel sending, and business-oriented services. It also integrates eGovernment services and an eShop for postal goods, targeting both general public and business customers within the Czech Republic. The website is well-branded, consistent, and professionally designed, reflecting its position as a large enterprise and national postal operator. Technically, the site is built on the Liferay CMS platform, utilizing common JavaScript libraries such as jQuery and SlickNav for UI components. The site is mobile-optimized, accessible, and performs moderately well. Security is enforced through HTTPS and cookie consent mechanisms, though some advanced security headers are missing. The site integrates Google Analytics for user tracking with a GDPR-compliant cookie banner. From a security perspective, the site demonstrates good practices with encrypted connections and session management. However, the absence of WHOIS data limits domain registration trust analysis. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies and cookie information are clearly presented, supporting GDPR compliance. Overall, the site is trustworthy and safe for general users. Strategically, the site should improve domain registration transparency, add security headers, and publish explicit security policies and incident response contacts to enhance trust and compliance. These steps will strengthen the security posture and business credibility further.

T

Tomáš Michálek, fyzická osoba

meteo-roven.cz

49

The website meteo-roven.cz serves as a regional weather information portal focused on eastern Czech Republic, providing real-time data from multiple local meteorological stations. It also offers additional services such as webcams and an e-shop for weather-related products. The business appears to be a small, locally focused entity operated by an individual, with a domain age consistent with its operational history since 2016. The website uses a modern frontend technology stack including Bootstrap 4, jQuery, and various UI plugins, hosted on infrastructure associated with the WEDOS registrar and nameservers. The site is mobile responsive and offers a generally good user experience, though some minor code quality issues are present as evidenced by PHP notices in the navigation menu.

The website www.dopravapk.cz currently displays only a brief message indicating that the project was terminated as of January 22, 2024. There is no additional content, metadata, or business information available on the site. The lack of WHOIS data further complicates verification of domain ownership and legitimacy. Technically, the site lacks any detectable technologies, security headers, or HTTPS configuration, indicating a very low digital maturity level. From a security perspective, the absence of privacy policies, contact information, and security best practices suggests a minimal security posture with significant room for improvement. Overall, the site appears inactive or abandoned, posing a low risk but also offering no business value or trust signals.

M

Ministerstvo financí České republiky

statnipokladna.cz

73

The website statnipokladna.cz serves as the official portal for the Ministry of Finance of the Czech Republic, specifically focusing on the State Treasury functions. It provides centralized financial management services including revenue centralization, expenditure control, asset management, liquidity and debt management, financial planning, payment processing, and reporting. The site targets government entities and public sector organizations, positioning itself as a critical government service platform. The content is professionally presented, with clear navigation and good mobile optimization, reflecting a mature digital presence. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript, with integrations of Cookiebot for cookie consent management and analytics tools such as Google Analytics and Matomo. The site uses HTTPS and shows good security practices, although explicit security headers are not visible in the HTML source. The performance is moderate, and accessibility features are adequately implemented. From a security standpoint, the site benefits from HTTPS encryption and a robust cookie consent mechanism compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in transparency and security maturity. Overall, the website demonstrates a strong business credibility as a government portal with high trustworthiness. The risk profile is low, but strategic enhancements in security policy publication and contact information disclosure would further strengthen its posture.

T

T.J. SOKOL ROVEŇ

tjsokolroven.cz

42

T.J. Sokol Roveň is a small local sports and cultural organization based in the Czech Republic, primarily focused on football and other community sports activities. The website serves as an information hub for club members and local residents, providing schedules, results, historical data, and news updates. The site is built on Backdrop CMS and uses common web technologies including jQuery, Featherlight lightbox, and Google Analytics for visitor tracking. While the site is accessible and well-structured with good content quality, it lacks formal privacy and cookie policies, security headers, and publicly available contact information, which are important for compliance and trust. The absence of WHOIS data limits the ability to verify domain registration legitimacy, although the website content appears consistent with a legitimate local sports club. Overall, the site demonstrates moderate technical maturity and security posture but would benefit from enhanced privacy compliance and security best practices.

Golfový klub Osyčina is a regional golf club located in Dobříkov u Chocně, Czech Republic, operating a 9-hole golf course with additional facilities such as a driving range, practice areas, and a golf simulator. The club offers services including training, tournaments, children's activities, and accommodation in a traditional wooden clubhouse and partner pension. The website reflects a small but active community-focused business with a clear target audience of golf enthusiasts and families in the region. Technically, the website uses a custom CMS (Web-SOUL) with legacy technologies such as jQuery 1.11.3 and FancyBox for galleries. It integrates Google Analytics, Google Tag Manager, and Facebook SDK for tracking and marketing. The site has basic mobile optimization and accessibility features but could benefit from modernization and performance improvements. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, indicating GDPR awareness. However, no explicit security headers were detected, and the use of an outdated jQuery version poses potential vulnerabilities. WHOIS data is unavailable, which reduces domain trustworthiness, but the active social media presence and detailed content support legitimacy. Overall, the website is functional and professional for its business scope but should address technical and security improvements to enhance trust and compliance.