Security Directory

C

COSORI MAGYARORSZÁG

cosori.hu

59

COSORI MAGYARORSZÁG operates a professional Hungarian e-commerce website specializing in the retail of Cosori brand kitchen appliances, primarily air fryers and multifunctional cooking pots. The site targets Hungarian consumers seeking healthy and efficient cooking solutions, offering a range of products, accessories, recipes, and customer support. The business is relatively young, founded around 2021, and positions itself as an official distributor with strong trust signals such as awards and customer testimonials. Technically, the website leverages a modern e-commerce platform (ShopRenter) with a robust tech stack including jQuery, Bootstrap, and multiple marketing and analytics integrations such as Google Tag Manager, Facebook Pixel, TikTok Pixel, and Klaviyo. The site is mobile-optimized with good SEO practices and moderate performance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security policy pages and some recommended HTTP security headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear policies and consent banners. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements could focus on enhancing security headers and publishing dedicated security and incident response information.

Bubulakovo is a regional e-commerce retailer specializing in fabrics and meter goods, primarily serving the Hungarian market with multiple sister sites targeting other European countries. The website presents a professional and consistent brand image with a good quality user experience and moderate technical maturity, leveraging modern frameworks like Bootstrap 4 and marketing tools such as Google Tag Manager and SalesManago. Security posture is solid with HTTPS enforced and standard security headers, though the absence of explicit privacy and terms of service pages limits compliance maturity. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the site is trustworthy and well-positioned in its niche but would benefit from enhanced privacy and security disclosures.

C

COVE

coveocean.com

63

COVE is a well-established marine technology innovation hub based in Canada, founded in 2016. It serves as a collaborative community and physical space for marine technology organizations, offering programs and services that support testing, incubation, research, and commercialization. The website reflects a professional and modern digital presence with clear branding, comprehensive content, and active engagement through social media and newsletters. Technically, the site is built on WordPress with popular plugins and frameworks, hosted with reputable providers, and employs modern SEO and analytics tools. Security posture is solid with HTTPS, domain locking, and no visible vulnerabilities, though DNSSEC is not enabled and some security policies are not publicly disclosed. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the site is trustworthy, well-maintained, and positioned as a key player in the marine technology sector.

N

Nova Scotia Community College

nscc.ca

69

Nova Scotia Community College (NSCC) is a prominent public educational institution in Canada offering over 140 programs across 14 campuses in Nova Scotia. The website clearly targets prospective and current students, employers, and industry partners, providing comprehensive information on programs, admissions, student supports, and campus experiences. The institution positions itself as a leading community college with a strong emphasis on inclusive, flexible, and industry-driven education. Technically, the website employs a modern technology stack including jQuery, FontAwesome, Google reCAPTCHA, and various analytics and tracking tools such as Google Tag Manager, Facebook Pixel, CrazyEgg, and Monsido for accessibility and heatmaps. The site is mobile-optimized, accessible, and SEO-friendly with clear navigation and professional design. Security posture is strong with HTTPS enforced and bot protection via reCAPTCHA, though some security headers are missing and no incident response or vulnerability disclosure information is published. Privacy compliance is good with a comprehensive privacy policy, but lacks explicit cookie consent mechanisms. Overall, the domain WHOIS data is unavailable, likely due to privacy protection, but the website content and external references strongly support legitimacy. Strategic recommendations include enhancing security headers, adding cookie consent, publishing incident response and vulnerability disclosure policies, and auditing third-party scripts regularly.

T

Tech-Access Canada

tech-access.ca

47

Tech-Access Canada operates as a national network of 70 Technology Access Centres (TACs) across Canada, providing critical support to entrepreneurs and businesses by facilitating access to emerging technologies and applied research. The organization plays a pivotal role in driving innovation and business growth nationwide, positioning itself as a key enabler in the Canadian technology ecosystem. Their services include technology access, industry collaboration, and innovation facilitation, targeting primarily Canadian businesses and industry stakeholders. The website reflects a medium-sized, well-established non-profit entity founded in 2016, with a clear focus on supporting technology-driven economic development. From a technical perspective, the website is built on WordPress CMS with a modern but somewhat dated technology stack including jQuery 1.11.3 and several popular plugins such as RevSlider and Modern Events Calendar Lite. The site is mobile optimized, accessible, and incorporates SEO best practices. Analytics and tracking are implemented via Google Analytics, Google Tag Manager, and Clicky Analytics, with basic privacy compliance mechanisms including cookie consent and privacy policies. Security posture is generally good with HTTPS enforced and domain transfer protections in place. However, there are areas for improvement such as enabling DNSSEC, upgrading outdated JavaScript libraries, and implementing additional security headers like Content Security Policy. No explicit security policy or incident response information is published, which could be enhanced to improve trust and compliance. Overall, the website presents a professional and trustworthy digital presence aligned with its mission. The risk profile is low with no signs of malicious activity or content safety concerns. Strategic recommendations include technical security enhancements, improved transparency on security policies, and continued adherence to privacy regulations to maintain and strengthen stakeholder trust.

N

Nakladatelství Fraus, s.r.o.

skolasnadhladom.sk

54

Škola s nadhľadom is an educational online platform operated by Nakladatelství Fraus, s.r.o., targeting Slovak primary and secondary school students and their parents. The website offers interactive exercises linked with printed workbooks, aiming to support learning in various subjects such as mathematics, physics, chemistry, biology, geography, and Slovak language. The platform is positioned as a trusted educational resource with a professional design and consistent branding, supported by partnerships with recognized educational entities. Technically, the site employs modern JavaScript libraries and Google Tag Manager for analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not published. Overall, the site demonstrates a mature digital presence suitable for its educational mission.

A

ABCedu, a.s.

abcguru.sk

37

ABCguru is an educational platform operated by ABCedu, a.s., focused on providing autokorektívne kartičky (self-correcting cards) for mathematics learning targeted at primary school children in Slovakia. The business model combines physical product sales with an online application, catering to students, parents, and schools. The website is professionally designed with clear navigation and relevant content, including instructional videos and contact information. Technically, the site uses modern web technologies such as Bootstrap and Google Analytics, with responsive design suitable for mobile devices. However, there is a lack of publicly available privacy and cookie policies, and no visible security headers, which are areas for improvement. The security posture is moderate with HTTPS implied but no explicit security policy or incident response information. Overall, the website is safe, trustworthy, and focused on educational content without any adult or questionable material.

C

Campus

campus-cowork.com

42

Campus is a small business focused on providing tailored corporate innovation services such as hackathons, ideathons, and B2B partnerships primarily targeting businesses seeking innovation solutions. The website is built on WordPress using Elementor and integrates common analytics and marketing tools like Google Analytics, Facebook Pixel, Hotjar, and Google Tag Manager. The technical infrastructure is modern and mobile-optimized, offering a good user experience and professional design. However, the security posture is moderate due to the absence of visible security headers and lack of explicit privacy and cookie policies. The domain WHOIS data is missing or unavailable, which raises concerns about domain legitimacy and trustworthiness. Overall, the site is safe for general audiences and presents a professional business front but requires improvements in security and compliance documentation.

D

Darkmay s.r.o.

cestovnysystem.sk

53

Darkmay s.r.o. operates the CeSYS platform, a comprehensive system for travel agencies primarily in Slovakia, offering online tour sales and related services. The company holds a strong market position with over 100 active travel agencies using its data and services. The website is well-structured, professionally designed, and optimized for performance and mobile use. It integrates modern technologies such as jQuery, Bootstrap, Google Analytics, and Google Maps API, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, indicating a trustworthy and accessible platform. Overall, the website demonstrates good compliance with privacy regulations and provides clear business and partner information.

O

October CMS

octobercms.com

63

October CMS is a mature, developer-focused content management system built on the Laravel PHP framework. It targets developers, agencies, and businesses seeking a flexible, extensible CMS platform. The website demonstrates strong branding, professional design, and a comprehensive presentation of services including free licenses, premium support, and a marketplace for plugins and themes. The technical infrastructure leverages modern technologies such as Laravel, PHP, AWS hosting, and Google Tag Manager for analytics, indicating a solid digital maturity. Security posture is good with HTTPS enforced and domain transfer protections, though there is room for improvement in security headers and explicit security policies. Privacy compliance is basic with no visible cookie consent mechanism or detailed privacy policy disclosures. Overall, the website is trustworthy, well-maintained, and serves its target audience effectively.

O

Obsahová agentura

obsahova-agentura.cz

55

Obsahová agentura was a Czech content marketing agency that has now closed and rebranded as Hook & Tell. The website serves primarily as a closure notice and redirect to the new brand, providing visitors with a video introduction and newsletter subscription. The company targeted businesses and individuals interested in content marketing services. The site is professionally designed, mobile optimized, and uses modern tracking and analytics tools such as Google Analytics, Facebook Pixel, and Leady tracking. It is built on the Solidpixels CMS platform and enforces HTTPS for secure communication. However, WHOIS data is unavailable, which reduces transparency and trustworthiness. Privacy and cookie policies are present and GDPR compliant, but no explicit security or incident response policies are published. Overall, the site is safe, professional, and trustworthy, but could improve security posture and transparency.

B

BRAND FAMILY s.r.o.

brand.family

55

BRAND FAMILY s.r.o. operates the website brand.family, presenting itself as a marketing and brand consulting business under the brand 'Mindless'. The company targets business owners seeking honest and realistic advice on marketing, branding, and business growth. The website is professionally designed with clear navigation and content in Czech, indicating a focus on the Czech market. Key services include marketing consulting and brand advisory, positioning the company as a niche player in the consulting sector. Technically, the website employs modern JavaScript frameworks, Google Tag Manager, and Google Analytics, ensuring a contemporary digital presence with good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers and explicit security policies are absent. WHOIS data is privacy protected, which is reasonable for this business type, but limits direct verification of registrant details. Overall, the website is trustworthy, professional, and compliant with GDPR requirements.

U

Unmarked Agency

unmarkedagency.co.uk

59

Unmarked Agency is a UK-based creative agency specializing in bold photography, immersive video, and standout sports and leisure campaigns. The company positions itself as a niche player focused on sports culture, delivering impactful visual content to clients primarily in the sports and leisure sectors. The website is professionally designed, mobile-optimized, and features rich multimedia content including videos and images showcasing their projects. The agency is part of The Jask Group, indicating a broader corporate structure. Technically, the website runs on WordPress 6.8.3 with modern JavaScript libraries such as jQuery and HLS.js, and integrates Google Tag Manager and Vimeo Player API for analytics and video playback. The site demonstrates good performance, accessibility, and SEO practices. Privacy compliance is strong with a comprehensive privacy policy and an embedded cookie consent mechanism allowing user control over analytical cookies. From a security perspective, the site enforces HTTPS and uses cookie consent best practices. However, no security headers were detected in the provided data, and there is no visible security policy or incident response information. The WHOIS data is unavailable due to domain naming issues, which slightly impacts trust but does not detract from the professional presentation and accessibility of the site. Overall, the website reflects a mature digital presence with good content quality and privacy compliance, moderate security posture, and clear business credibility. Strategic improvements in security headers and transparency around security policies would enhance trust and resilience.

N

Norsk Tipping AS

norsk-tipping.no

65

Norsk Tipping AS is the official Norwegian state-owned lottery and sports betting operator, providing a wide range of gaming products including lotteries, sports betting, and instant games. The website targets Norwegian adults over 18 years and emphasizes responsible gaming with clear age restrictions and links to support organizations. Norsk Tipping holds a leading market position in Norway's regulated gambling sector, offering trusted and popular gaming services. The website content is rich, professionally designed, and well-structured, supporting a positive user experience and clear navigation.

K

KLP

klp.no

70

KLP is a large Norwegian mutual insurance company specializing in managing public sector pensions and offering complementary banking, insurance, and fund services. The company targets Norwegian municipalities, health sector employees, and public organizations, positioning itself as a trusted financial partner in the public sector. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its audience. Technically, the site uses modern frameworks such as React and Enonic CMS, integrates analytics and personalization tools like Google Tag Manager and Kameleoon, and maintains good performance and accessibility standards. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly detailed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS data is due to privacy protection by Norid, which is common and justified for financial institutions. Overall, KLP's website demonstrates a high level of professionalism, trustworthiness, and compliance suitable for its sector.

L

Lerøy Seafood Group

leroyseafood.com

64

Lerøy Seafood Group is a world-leading seafood company with roots dating back to 1899, headquartered in Bergen, Norway. The company operates in seafood production and distribution, targeting a broad audience including consumers and business partners. The website reflects a professional corporate presence with consistent branding and good content quality. Technically, the site leverages Microsoft Azure hosting, Google Analytics, and various marketing and consent management tools, indicating a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and a comprehensive cookie consent mechanism, though explicit security policies and contact information are lacking. Overall, the site is trustworthy and compliant with privacy regulations, but WHOIS data is not publicly available, which is common for corporate domains using privacy protection services.

H

Horn Media

hornmedia.no

71

Horn Media is a Norwegian digital marketing agency specializing in serving small and medium-sized businesses (SMBs) with tailored marketing strategies including SEO, Google Ads, web design, and social media marketing. Positioned as a leading agency in Oslo, Horn Media boasts over 700 satisfied customers and a high customer rating of 4.9 out of 5. Their business model focuses on delivering comprehensive marketing plans rather than isolated services, aiming to increase client profitability through smarter investments and customer development. Technically, the website is built on the Webflow platform and integrates modern marketing and analytics technologies such as Google Tag Manager, Microsoft Clarity, Facebook Pixel, LinkedIn Insight Tag, and Cookiebot for GDPR-compliant cookie management. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and employs a robust cookie consent mechanism with granular user controls. While explicit security headers are not fully confirmed, the overall posture is strong with no visible vulnerabilities or exposed sensitive data. The lack of public WHOIS data suggests privacy protection for the domain registration, which is common and justified for this business type. Overall, Horn Media presents a professional, trustworthy, and compliant digital presence with strong business credibility and technical maturity. The main risk lies in the absence of publicly available WHOIS data, but this is mitigated by the transparency and quality of the website content and services offered.

S

Surfing Waves

surfing-waves.com

54

Surfing Waves is a well-established online resource dedicated to surfing enthusiasts, offering comprehensive tutorials, surf spot maps, community forums, news, and an e-commerce surf shop. Founded in 2003, the website has built a niche community and provides valuable content for surfers worldwide. The business model combines content delivery with product sales and community engagement, positioning it as a trusted surfing information hub. Technically, the website uses a mix of legacy and modern web technologies including jQuery, Google Tag Manager, and Typekit fonts. It is hosted behind Cloudflare DNS and uses HTTPS, ensuring basic security and performance. The site is moderately optimized for mobile and SEO, with a clear navigation structure and good content relevance. From a security perspective, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and several important security headers. There is no visible cookie consent mechanism, and privacy compliance is partial. No direct company contact emails or phone numbers are provided, limiting transparency. Advertising is managed via Monumetric and Google DoubleClick, with moderate user tracking. Overall, Surfing Waves presents a moderate risk profile with good content quality and business credibility but could improve security posture and privacy compliance. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent, and providing clearer contact information to enhance trust and compliance.

Canon Norge operates as the Norwegian branch of the global imaging and printing giant Canon Inc., offering a comprehensive range of digital cameras, lenses, video cameras, printers, and scanners tailored for both consumers and businesses. The website reflects a mature digital presence with a well-structured product catalog, clear navigation, and localized content in Norwegian, targeting the Norwegian market effectively. Canon Norge maintains a strong market position as a leading technology provider in imaging solutions, supported by a consistent brand identity and extensive product offerings. Technically, the website employs modern web technologies including JSON-LD structured data, advanced analytics tools like Google Analytics, Tealium, and Optimizely, and integrates with Salesforce for customer account management. The site is mobile-optimized, accessible, and SEO-friendly, demonstrating a high level of digital maturity. Performance is moderate with room for optimization, but overall the technical infrastructure supports a robust user experience. From a security perspective, the site enforces HTTPS with strong SSL configurations and implements multiple security headers such as Content-Security-Policy and Strict-Transport-Security. Cookie consent mechanisms are in place, and privacy policies align with GDPR requirements. However, there is no publicly available security policy or incident response information, and no vulnerability disclosure program is evident, which could be areas for improvement. Overall, Canon Norge presents a trustworthy and professional online presence with strong business credibility and security posture. The lack of WHOIS data is due to registry privacy policies and is justified given the corporate nature of the entity. Strategic recommendations include publishing a dedicated security policy, establishing a vulnerability disclosure channel, and enhancing performance optimizations to further strengthen the site’s security and user experience.

A

Aiba

aiba.ai

71

Aiba is a Norwegian cybersecurity company specializing in AI-driven content moderation platforms designed to protect youth and gaming communities from harmful online behaviors. Their flagship product, Amanda, automates moderation tasks, enabling real-time threat detection and compliance with global regulations such as GDPR and the Digital Services Act. The company targets game studios, social media platforms, and other online communities, positioning itself as a next-generation solution provider in the AI moderation space. The website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence for a small-sized tech company founded in 2022. Technically, the site leverages WordPress with the Avada theme, integrates multiple analytics and marketing tools including Google Analytics, Google Tag Manager, HubSpot, and LinkedIn Insight, and uses AWS for hosting. Security practices include HTTPS enforcement and use of Google reCAPTCHA Enterprise, though the site lacks explicit security headers and published security policies. Privacy compliance is indicated through GDPR adherence claims, but no explicit privacy or cookie policies were found on the site. The security posture is solid with encrypted data handling and role-based access controls mentioned, but improvements are recommended in publishing security policies, incident response contacts, and implementing security headers. The domain is privacy protected via Domains By Proxy, consistent with the company’s profile, and shows no suspicious registration patterns. Overall, the site is trustworthy, safe, and professionally managed, with room for enhanced transparency and security documentation. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, establishing a vulnerability disclosure program, and enhancing incident response transparency to strengthen trust and compliance posture.

M

Minel AS

minel.no

66

Minel AS is a Norwegian company specializing in electrical installations for both private and commercial customers primarily in Oslo, Viken, and Innlandet regions. The company operates through a group of 12 subsidiaries, employing over 350 people and generating a turnover of approximately 550 million NOK. Their services include electric vehicle charging, smart home solutions, lighting, electrical safety, and energy-saving measures. The website is professionally designed, mobile-optimized, and uses modern web technologies including React, Google Tag Manager, and Google Maps API. Privacy and cookie policies are clearly presented with consent mechanisms in place. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. The domain registration is consistent with the business profile and age, supporting legitimacy. Overall, Minel AS presents a trustworthy and credible digital presence with a focus on customer service and compliance.

C

ClickFunnels

clickfunnels.com

70

ClickFunnels is a prominent SaaS platform specializing in marketing funnel creation and management, enabling businesses and entrepreneurs to market, sell, and deliver products online without extensive technical resources. The website demonstrates a professional and consistent brand presence with excellent design and user experience, targeting marketers and small to medium businesses. Technically, the site employs a modern technology stack including jQuery, Video.js, FontAwesome, and integrates multiple marketing and analytics tools such as Google Tag Manager, Microsoft Clarity, and Facebook Pixel. Security posture is strong with HTTPS enforced and CSRF tokens in use, though security headers are not explicitly detected in the provided data. Privacy compliance is limited due to absence of visible privacy and cookie policies, and no contact information is found, which impacts trust and compliance scores. WHOIS data is unavailable, indicating domain privacy or recent registration, which slightly reduces domain trustworthiness. Overall, the site is well-built and functional but would benefit from enhanced transparency and compliance documentation.

MediaFuse is a specialized consulting company focused on programmatic advertising and ad operations, targeting publishers and digital advertising professionals. The company offers services including ad tech operations, header bidding, and digital ad operations, positioning itself as an expert in the programmatic advertising space. The website is built on WordPress using the Divi theme and incorporates common marketing and analytics tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight Tag, indicating a moderate level of digital maturity and marketing sophistication. Security posture is generally good with HTTPS enabled and use of reCAPTCHA, but lacks some security headers and explicit privacy and cookie policies, which are important for compliance and trust. The absence of WHOIS data and registrant information raises concerns about domain legitimacy and transparency, impacting overall trustworthiness. Strategic recommendations include improving privacy compliance, adding clear contact and security incident response information, and enhancing security headers to strengthen the security posture.

K

Kargo HQ

kargo.com

10

Kargo is an advertising technology company specializing in breakthrough ad solutions across mobile, connected TV (CTV), social media, and e-commerce platforms. Positioned as a major supply-side platform (SSP), Kargo emphasizes premium inventory quality, brand safety, and innovative targeting powered by AI. Their business model focuses on delivering high-impact advertising campaigns for leading brands, leveraging contextual and cohort intelligence to maximize campaign effectiveness. The company maintains a professional online presence with a well-structured website hosted on Squarespace, integrating modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and HubSpot. Technically, the website is built on a modern CMS platform with good mobile optimization, SEO practices, and performance. The presence of a detailed cookie consent mechanism indicates attention to privacy compliance, although explicit privacy policy and terms of service pages are not found, which is a gap in compliance. Security posture is strong with HTTPS and HSTS enabled, but lacks explicit security policy or incident response information. The WHOIS data is notably missing or unavailable, which raises some concerns about domain registration transparency. However, the website content and business information appear legitimate and professional. Overall, the site scores well on content quality, technical implementation, and business credibility, with room for improvement in privacy compliance and WHOIS transparency.

D

Daily Mail

mol.im

10

Daily Mail Online is a prominent UK-based media outlet providing a wide range of news content including breaking news, showbiz, sports, and viral videos. The website serves a broad general audience with a business model primarily based on advertising revenue. The site demonstrates a consistent brand presence and good content quality, positioning itself as a major player in the UK media landscape. Technically, the site employs modern tracking and advertising technologies such as Google Tag Manager, DoubleClick, and Rubicon Project, and uses HTTPS with some security headers implemented. However, there is room for improvement in security header completeness and privacy compliance, as no explicit privacy or cookie policies were detected in the provided content. The WHOIS lookup for the exact subdomain 'www.dailymail.co.uk' failed due to domain naming rules, but this is consistent with the domain registration practices for UK domains where the base domain 'dailymail.co.uk' is registered. Overall, the site is legitimate and professionally maintained but should enhance privacy transparency and security headers to improve compliance and trust.

A

Arribatec Norge

arribatec.no

56

Arribatec Norge is a medium-sized Norwegian branch of the global Arribatec Group, specializing in technology consulting and integration services. The company offers a broad range of services including business system consulting, cloud services, program development, and analytics. Their market position is solid within the Norwegian technology sector, targeting businesses seeking comprehensive IT and consulting solutions. The website is professionally designed with clear navigation and multilingual support, reflecting a mature digital presence. Technically, the site is built on WordPress with Elementor and integrates modern analytics and marketing tools such as HubSpot and Google Tag Manager. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit security and incident response policies are not published. Overall, the site demonstrates good compliance with privacy regulations and business credibility, with transparent WHOIS data supporting legitimacy.

F

Fagskolen Innlandet

fagskolen-innlandet.no

66

Fagskolen Innlandet is a Norwegian vocational college providing specialized education in fields such as health, agriculture, logistics, technical disciplines, and economics and management. The institution offers flexible study options including modular courses and online learning, targeting students seeking practical and career-oriented education. The website is professionally designed, mobile-optimized, and provides comprehensive information about courses, news, and student resources. Technically, the site is built on modern frameworks like Next.js and React, with good performance and accessibility features. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is evident through a detailed privacy policy and cookie consent mechanism. Although WHOIS data is unavailable due to privacy protection, the site shows strong legitimacy indicators including official contact details and certifications such as Miljøfyrtårn and Erasmus+. Overall, the website reflects a credible and well-managed educational institution with a solid digital presence.

O

Ontrack

ontrack.com

73

Ontrack, a business unit of KLDiscovery, is a well-established provider specializing in data recovery, email extraction and restoration, data destruction, and tape management services. The company targets businesses and individuals requiring professional data recovery solutions and operates globally with a strong market presence. Their website reflects a professional and consistent brand image, supported by a robust technical infrastructure leveraging HubSpot CMS and modern marketing and analytics tools. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response details are not publicly available. The absence of WHOIS data reduces domain trust slightly but does not undermine the overall legitimacy of the business. Strategic recommendations include publishing detailed security and incident response policies and adding vulnerability disclosure information to enhance transparency and trust.

E

EarthDaily Analytics

earthdailyanalytics.com

75

EarthDaily Analytics is a medium-sized company specializing in providing science-grade satellite data and Earth Observation analytics to empower industries and governments. Their business model focuses on leveraging satellite constellations to revolutionize environmental monitoring and data-driven decision making. The company appears well-established with a domain age dating back to 1999, indicating longstanding market presence. The website is professionally designed using HubSpot CMS and integrates multiple marketing and analytics tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS, Cloudflare protection, and cookie consent mechanisms in place, though DNSSEC is not enabled and no explicit security policies or incident response contacts are published. Overall, the site demonstrates good privacy compliance and business credibility but could improve transparency by adding terms of service and security disclosure information.

U

United World Wrestling

uww.org

71

United World Wrestling (UWW) is the international governing body for amateur wrestling, overseeing both Greco-Roman and freestyle wrestling disciplines. The organization operates as a non-profit entity with a global reach, providing governance, event organization, and promotion of wrestling worldwide. The website serves as the official digital presence for UWW, targeting athletes, sports organizations, and fans of wrestling. Technically, the website employs modern web technologies including Nuxt.js framework, AWS hosting infrastructure, and popular JavaScript libraries such as Swiper.js for interactive elements. The site is mobile-optimized and demonstrates good SEO practices with comprehensive meta tags and Open Graph data. However, some accessibility features appear basic, and performance is moderate. From a security perspective, the site uses HTTPS and has domain transfer protections in place. However, DNSSEC is not enabled, and security headers are not explicitly detected in the provided content. Privacy and cookie policies are not found, indicating potential compliance gaps with GDPR and other privacy regulations. No incident response or vulnerability disclosure information is published. Overall, the website is professional and trustworthy with a solid business credibility score. The lack of visible privacy and cookie policies and security headers slightly reduce the security and privacy posture scores. Strategic improvements in these areas would enhance compliance and user trust.

I

Internationaler Rhönradturn-Verband

wheelgymnastics.sport

57

The International Wheel Gymnastics Federation (IRV) operates the website wheelgymnastics.sport as the official global governing body for the sport of Wheel Gymnastics. The organization provides comprehensive resources including event information, competition regulations, membership details, and training materials targeted at athletes, clubs, and officials worldwide. The website demonstrates a professional and consistent brand presence with active social media integration and multimedia content such as livestreams and news updates. Technically, the site is built on WordPress with the Avada theme and integrates modern analytics and marketing tools like Google Tag Manager and HubSpot. Performance and mobile optimization are good, though accessibility features are basic. Security posture is solid with HTTPS enforced and domain registration consistent with the organization's identity, but could be improved by enabling DNSSEC and adding security headers and vulnerability disclosure information. Privacy compliance is basic, with a privacy policy present but only in German and no explicit terms of service or incident response contacts. Overall, the site is trustworthy and well-maintained, serving its niche audience effectively.

W

World Snowboard Federation

worldsnowboardfederation.org

62

The World Snowboard Federation (WSF) is a specialized international non-profit organization dedicated to the development and promotion of snowboarding at all levels, with a strong focus on youth competitive programs, event organization, and education. The website reflects a well-structured digital presence with clear navigation, comprehensive content, and active social media engagement, positioning WSF as a key player in the snowboarding community. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates essential tools such as Google Analytics and Tag Manager for performance and marketing insights. Privacy and cookie compliance are well implemented, including a consent management system, reflecting good adherence to GDPR requirements. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and policies could be enhanced. WHOIS data is unavailable, likely due to privacy protection, which is common and justified for non-profits. Overall, the site is professional, trustworthy, and serves its target audience effectively.

I

International Council of Sport Science and Physical Education (ICSSPE)

icsspe.org

46

The International Council of Sport Science and Physical Education (ICSSPE) is a globally recognized non-profit organization dedicated to advancing research, education, and policy in physical activity and sport. The website serves as a comprehensive platform for disseminating scientific resources, promoting events, and supporting its membership community. It targets professionals, researchers, and policymakers in the sport science and physical education sectors worldwide. Technically, the website is built on Drupal 7, utilizing common web technologies such as jQuery and Google services for analytics and maps. While the site is functional and moderately optimized for performance and mobile devices, there is room for modernization and enhanced accessibility. The presence of privacy and cookie policies with consent mechanisms reflects a good level of digital maturity and compliance with GDPR. From a security perspective, the site enforces HTTPS and anonymizes IPs in analytics, but lacks visible security headers and explicit incident response or security policy documentation. The WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of organization. Overall, the site demonstrates a solid security posture but could benefit from additional hardening and transparency. The overall risk assessment is low, with no critical vulnerabilities or suspicious indicators detected. Strategic recommendations include updating the CMS, implementing security headers, and publishing security policies to enhance trust and compliance.

C

Connect4Climate

connect4climate.org

65

Connect4Climate is a globally recognized partnership platform dedicated to fostering climate action through youth engagement, innovative campaigns, and community storytelling. The website serves as a hub for connecting organizations and individuals to co-create sustainable solutions and amplify climate awareness. The platform targets a diverse audience including youth, creatives, business leaders, and climate advocates worldwide. Technically, the site is built on Drupal 10 with Bootstrap 5, leveraging modern web technologies and analytics tools such as Google Analytics and Adobe DTM, ensuring a responsive and accessible user experience. Security posture is solid with HTTPS and IP anonymization in analytics, though it lacks explicit security headers and formal privacy/cookie policies. The absence of WHOIS data due to privacy protection is common for non-profit entities and does not detract significantly from the site's legitimacy. Overall, Connect4Climate presents a professional, trustworthy, and content-rich platform with room for improvement in privacy compliance and security best practices.

C

Cosmo Films

cosmofilms.com

78

Cosmo Films is a specialty films manufacturer and supplier focusing on packaging, lamination, and labeling films such as BOPP, CPP, and Polyester films. The company serves various industries including food, beverage, personal care, and pharmaceuticals, emphasizing sustainability. Their market position is that of an established large manufacturer with a global footprint, supported by multiple regional contact points and active social media presence. Technically, the website employs a modern tech stack including jQuery, Bootstrap, Google Analytics, Pardot, and Cookiebot for marketing, analytics, and compliance. Hosting assets on Amazon S3 indicates a scalable infrastructure. Security posture is good with HTTPS enforced and bot protection via reCAPTCHA; however, some security headers are not explicitly detected, and no public security or incident response policies are found. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. The absence of WHOIS data is a concern for domain legitimacy, though the website content and business presence suggest a legitimate operation. Overall, the site is professional, well-branded, and trustworthy but would benefit from improved transparency on security policies and domain registration details.

M

MicroPower Group

micropower-group.com

54

MicroPower Group is a small-sized company founded in 2015 operating in the energy sector, providing power solutions and related services primarily targeting business clients. The website presents basic but relevant content aligned with the energy industry, though it lacks comprehensive business and contact information. The technical infrastructure includes modern web technologies such as HTTPS, Google Tag Manager, and Cookiebot for cookie consent management, indicating a moderate level of digital maturity. However, the absence of security headers and privacy policy pages suggests room for improvement in security and compliance. The WHOIS data is transparent and consistent with the business claims, supporting the legitimacy of the domain. Overall, the website is functional but basic, with moderate security posture and privacy compliance.

A

AWSNA

waldorfeducation.org

60

The website www.waldorfeducation.org represents AWSNA, an established educational organization promoting Waldorf education across North America. The site highlights over 100 years of educational legacy, serving a broad audience of parents and educators interested in Waldorf pedagogy. The business model is non-profit, focusing on providing resources, community engagement, and support for independent Waldorf schools. The website is professionally designed with consistent branding and strong content relevance, targeting families and educational stakeholders. Technically, the site is built on WordPress using modern themes and plugins such as Astra, Yoast SEO, and Smart Slider 3. It employs Google Tag Manager for analytics and tracking. The site is mobile-optimized and performs moderately well, though some accessibility features could be enhanced. Security-wise, HTTPS is enforced, and reCAPTCHA is used to protect forms, but explicit security headers and privacy policies are missing, which could be improved to strengthen compliance and trust. Overall, the security posture is solid but could benefit from enhanced transparency around privacy and incident response. The absence of WHOIS data limits domain trust verification, but the website's professional presentation and social media presence support its legitimacy. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, and providing clear incident response contacts to improve compliance and user trust.

F

FARA

fara.no

64

FARA is a Norwegian-based technology company specializing in public transport solutions, including ticketing systems, passenger information, and real-time monitoring. Established in 2005, the company offers a comprehensive suite of products targeting passengers, operators, and public transport authorities. Their market position is that of an established player in the Nordic and European transportation technology sector, with a medium-sized business profile and a clear B2B focus. The website reflects a professional and consistent brand image with good content quality and clear navigation tailored to their target audience. Technically, the website is built on WordPress with modern integrations such as Google Analytics, Google Tag Manager, Cookiebot for consent management, and HubSpot for marketing automation. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Performance is moderate, with room for improvement in hosting transparency and technical optimizations. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong with clear privacy and cookie policies and GDPR indicators. Business credibility is supported by trust signals such as client logos, social media presence, and comprehensive legal documents. Overall, the website presents a low-risk profile with a solid security posture and good privacy compliance. Strategic recommendations include enhancing security headers, publishing a security policy and incident response contacts, and improving accessibility compliance to further strengthen trust and security culture.

M

Metroland Media

metroland.com

38

Metroland Media is a well-established Canadian media company specializing in local print and digital advertising solutions. With a domain registered since 1995 and a strong market presence reaching over 4.2 million readers weekly, the company offers tailored marketing plans to local businesses, national retailers, and startups. Their business model focuses on leveraging multiple media platforms including daily newspapers and digital sites to connect advertisers with engaged local audiences. The website reflects a professional and consistent brand image with clear navigation and relevant content.

M

MDA Space

mda.space

67

MDA Space is a well-established technology company specializing in space mission partnerships with over 55 years of industry experience and more than 450 missions completed. The company operates globally with a large workforce and offers key services in communications satellites, earth and space observation, and space exploration infrastructure. Their market position is strong, recognized as one of Canada's top growing companies, and they maintain a professional and consistent brand presence online. Technically, the website is built on modern frameworks like Next.js and React, hosted on Netlify, and integrates Prismic CMS for content management. The site is fast, mobile-optimized, and SEO-friendly. Security posture is solid with HTTPS enforced and domain protections in place, though there is room for improvement in DNSSEC and explicit security policies. Privacy compliance is good with clear policies and cookie consent mechanisms. Overall, the website reflects a credible and professional organization with a high level of digital maturity.

H

Hearst Networks Germany GmbH & Co. KG

hearstnetworks.de

50

Hearst Networks Germany GmbH & Co. KG operates prominent Pay-TV channels and streaming services in the German-speaking market, including The HISTORY Channel and Crime + Investigation. As part of Hearst Networks EMEA, the company leverages content from A+E Global Media and local productions to serve a broad audience interested in factual entertainment. The website reflects a professional media business with consistent branding and clear business information. Technically, the site is built on TYPO3 CMS, uses modern JavaScript libraries, and integrates a comprehensive consent management platform to comply with GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site is well-structured, user-friendly, and trustworthy, supporting the company's market position as a regional media operator.

I

IPOWER

ipower.com

65

iPower is a small business web hosting provider offering domain registration, email hosting, and various web services primarily targeting small businesses and individual users. The website serves as a secure login portal for customers to access control panel and webmail services. The brand is now part of iPage by Network Solutions, under the parent company Newfold Digital, indicating a stable market position within the web hosting industry. The business model focuses on providing hosting solutions, domain services, and related add-ons to a broad customer base. Technically, the website employs a modern technology stack including Bootstrap, jQuery, Google Tag Manager, and Genesys for live chat support. Accessibility is enhanced with AudioEye integration. The site is mobile optimized and demonstrates good SEO and usability practices. Performance is moderate with a well-structured navigation system and clear content presentation. Security posture is solid with HTTPS enforced, secure login forms with CSRF tokens, and cookie consent mechanisms. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with comprehensive privacy and cookie policies linked and GDPR compliance indicated. Overall, the website is trustworthy and professional, with no signs of malicious activity or suspicious WHOIS data for the subdomain. The lack of WHOIS data for the subdomain is typical for subdomains managed under a parent domain. Strategic recommendations include enhancing security headers, publishing explicit security policies, and continuous monitoring of third-party scripts.

C

Crime + Investigation

crimeandinvestigation.de

52

Crime + Investigation is a specialized True Crime TV channel serving Germany, Austria, and Switzerland, offering pay-TV and streaming services including partnerships with providers like Sky and Amazon Prime Video Channels. The website reflects a professional media outlet with a focus on True Crime documentaries, podcasts, and related content, targeting German-speaking audiences interested in crime investigation media. The business operates within the media sector and is supported by partnerships with AE Networks and related entities. Technically, the site is built on TYPO3 CMS with modern web technologies and includes a comprehensive cookie consent mechanism, social media integration, and advertising via Google AdSense and Facebook Pixel. Security posture is good with HTTPS, security headers, and reCAPTCHA, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, well-branded, and compliant with GDPR requirements.

H

Hearst Networks Germany GmbH & Co. KG

aenetworks.de

50

Hearst Networks Germany GmbH & Co. KG operates Pay-TV channels and streaming services focused on factual entertainment in the German-speaking market. As part of Hearst Networks EMEA, it leverages content from A+E Global Media and local productions to serve a niche audience interested in documentary and factual programming. The website is built on TYPO3 CMS and integrates modern web technologies including jQuery, Slick Slider, and consent management platforms, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the site presents a professional and trustworthy front with good compliance to GDPR and privacy standards.

T

The HISTORY Channel

history.de

56

The HISTORY Channel (www.history.de) is a German-language pay-TV broadcaster specializing in history documentaries and related educational content. It offers traditional TV programming alongside streaming services such as HISTORY Play via Amazon Prime Video Channels. The website demonstrates a professional media presence with consistent branding, a clear target audience of general viewers interested in history, and a business model focused on content distribution through multiple platforms. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates third-party services for analytics, advertising, and consent management. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and use of Google reCAPTCHA, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, compliant with GDPR, and well-positioned in the German media market.

H

Healthshots

healthshots.com

65

HealthShots is a digital media platform specializing in women's health and wellness content, offering articles, videos, podcasts, and wellness tools. The site targets women interested in fitness, nutrition, mental health, and lifestyle improvements. It leverages a modern technology stack including WordPress CMS, Google Analytics, and various advertising networks to deliver content and monetize through ads and affiliate marketing. The website is well-structured with good mobile optimization and SEO practices, providing a positive user experience. Security posture is adequate with HTTPS enforced, but lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. WHOIS data is unavailable, which slightly impacts trustworthiness but the site content and technical setup suggest a legitimate operation. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving security headers to strengthen trust and compliance.

VARTA AG operates a professional corporate website focused on consumer battery and energy storage products. The site is well-structured, multilingual, and uses TYPO3 CMS with modern web technologies. It targets consumers seeking reliable energy solutions including primary batteries, rechargeable batteries, special batteries, hearing aid batteries, lighting, and mobile power solutions. The website demonstrates good digital maturity with SEO optimization, cookie consent, and privacy policy compliance. Security posture is solid with HTTPS and some security best practices, though additional security headers could be implemented. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but does not detract from the overall legitimacy. No blocking or WAF challenges were detected, allowing full content access.

S

Status

status.si

10

Status.si is a Slovenian e-commerce company specializing in vacuum packaging products and kitchen accessories, serving both domestic and professional markets including horeca. The company has a strong market presence with operations dating back to 1995 and distribution in 40 countries. The website is built on WordPress with WooCommerce and uses modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and Klaviyo. The site is well-designed, mobile-optimized, and provides clear product information and contact details. However, it lacks explicit privacy and cookie policies, as well as visible security policies or incident response contacts, which are important for compliance and trust. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims.

R

Russell Hobbs

russellhobbs.co.uk

48

Russell Hobbs UK operates a comprehensive e-commerce platform specializing in home and kitchen appliances, including kettles, toasters, irons, and cookware. The brand has a long-standing market presence, serving general consumers primarily in the UK and Europe. The website demonstrates a professional design with clear navigation and a consistent brand identity. Technically, the site is built on Magento CMS with modern JavaScript libraries and monitoring tools such as New Relic and Google Tag Manager, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. The absence of WHOIS data for the subdomain limits full domain trust verification, but the overall site content and structure support legitimacy. Privacy compliance is well addressed with GDPR-aligned policies and user consent features. Overall, the site is a reliable and professional retail platform with moderate to high trustworthiness.