Security Directory

A

AUTO POKORNÝ

renault-brno.cz

59

AUTO POKORNÝ is a well-established regional car dealership specializing in Renault and Dacia vehicles, offering new and used car sales, servicing, financing, and spare parts. The company emphasizes quality service and has a tradition spanning over 25 years in the Czech Republic. The website reflects a professional and consistent brand image aligned with Renault's corporate identity. Technically, the site employs modern JavaScript libraries such as jQuery and integrates multiple marketing and analytics tools including Google Analytics, Facebook Pixel, and Salesmanago, with a compliant cookie consent mechanism implemented via OneTrust. Security posture is solid with HTTPS enforced and standard security headers present, though no explicit security policy or incident response information is publicly available. The absence of WHOIS data for the domain is a notable gap, reducing trustworthiness from a domain registration perspective. Overall, the website is functional, user-friendly, and trustworthy for its intended audience.

M

Mobil México

mobil.com.mx

72

Mobil México is a regional branch of the global ExxonMobil corporation, specializing in the distribution and marketing of automotive and industrial lubricants and fuels. The website serves both consumer and commercial audiences, providing product information, distributor contacts, and service station locations. The brand is well-established and leverages a strong parent company reputation. Technically, the website is built on Sitecore CMS, hosted on AWS infrastructure, and integrates multiple third-party marketing and analytics tools including OneTrust for cookie consent management. The site demonstrates good security practices with a strict Content-Security-Policy and HTTPS enforcement. However, explicit privacy policies and terms of service are not clearly linked or found in the provided content, which is a compliance gap. Overall, the site is professional, well-branded, and trustworthy, with room for improvement in privacy transparency and incident response disclosures.

V

Vox Media, LLC

voxmedia.com

72

Vox Media, LLC is a prominent modern media company operating a diverse portfolio of editorial brands across multiple platforms including digital, podcasts, TV, streaming, live events, and print. The company is positioned as a leader in the media industry with a strong market presence, including a top 10 podcast network and a large advertising marketplace called Concert. Their business model leverages content creation, advertising, and technology platforms to engage a broad audience and generate revenue. Technically, the website employs modern web technologies such as jQuery, Google Tag Manager, and OneTrust for privacy compliance, delivering a well-optimized and mobile-friendly user experience. Security posture is solid with HTTPS enforced and comprehensive privacy and cookie policies, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR regulations, reflecting a mature digital infrastructure and business credibility.

N

Nokia Corporation

nokia.com

82

Nokia Corporation is a globally recognized leader in telecommunications and technology infrastructure, providing mobile, fixed, and cloud network solutions. The company operates as a B2B technology provider serving enterprises, governments, and technology professionals worldwide. With a founding date of 1865 and a large enterprise size, Nokia maintains a strong market position supported by subsidiaries such as Nokia Networks and Nokia Bell Labs. The website reflects this stature with professional design, consistent branding, and comprehensive corporate information. Technically, the website is built on Drupal 10 CMS and integrates advanced marketing and analytics tools including Marketo, Google Tag Manager, Google Analytics, and New Relic. Performance is moderate with good mobile optimization and SEO practices. Accessibility is basic but functional. The site employs modern security headers and enforces HTTPS, indicating a strong security posture. However, explicit security policy pages and incident response contacts are not evident. Security-wise, the site demonstrates best practices such as content security policies and cookie consent mechanisms, with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data is noted but attributed to registry restrictions rather than suspicious activity. Overall, the site is trustworthy and professionally maintained. Strategically, Nokia should consider publishing explicit security policies and vulnerability disclosure information to enhance transparency and trust. Improving accessibility and regularly auditing third-party scripts will further strengthen the security and user experience. These steps will support Nokia's reputation as a secure and reliable technology leader.

M

Mitsubishi Electric Corporation

mitsubishielectric.com

65

Mitsubishi Electric Corporation operates a comprehensive global website showcasing its leadership in manufacturing electrical and electronic products across diverse sectors including energy, transportation, and technology. The company targets a global industrial and commercial audience with a broad portfolio of products and solutions. The website reflects a mature digital presence with multiple regional domains and language options, indicating a well-established multinational operation. Technically, the site leverages modern web technologies such as jQuery, Google Tag Manager, and OneTrust for cookie consent, and is built on Adobe Experience Manager, ensuring a robust content management framework. Security posture is strong with HTTPS enforcement and consent management, though explicit security headers and vulnerability disclosure mechanisms are absent. The WHOIS data is unavailable, which slightly impacts transparency but the overall site content and branding strongly support legitimacy. Strategic recommendations include enhancing security header implementation, publishing a security policy, and improving contact information visibility for security and privacy inquiries.

Schneider Electric is a global leader specializing in energy management and automation, operating in over 100 countries. The company offers integrated energy solutions across multiple market segments, targeting industrial, commercial, and residential customers. Their website reflects a mature digital presence with comprehensive content, professional design, and clear navigation tailored for a global audience. The technical infrastructure leverages modern web technologies including Google Tag Manager, OneTrust for cookie consent, and performance monitoring tools, ensuring fast and responsive user experience across devices. Security posture is strong with HTTPS enforcement, security headers, and published security policies, although the absence of a security.txt file suggests room for improvement in vulnerability disclosure transparency. Privacy compliance is robust, featuring detailed privacy and cookie policies with GDPR adherence and consent mechanisms. Overall, the website demonstrates high business credibility and trustworthiness consistent with a large multinational enterprise.

L

LAUFEN Bathrooms

laufen.com

70

LAUFEN Bathrooms is a premium Swiss bathroom manufacturer with a rich heritage dating back to 1892. The company specializes in high-quality bathroom ceramics and furniture, emphasizing sustainability, innovative design, and craftsmanship. Positioned as a leader in the bathroom manufacturing sector, LAUFEN serves architects, designers, distributors, and discerning customers worldwide. The website reflects a mature digital presence with a modern tech stack, including Liferay DXP and React, supported by robust analytics and consent management tools. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates professionalism, trustworthiness, and compliance with privacy regulations, supporting LAUFEN's market position as a premium brand.

G

GCE Group

gcegroup.com

59

GCE Group is a leading European manufacturer specializing in gas control equipment, serving diverse sectors including industrial, healthcare, and high purity applications. The company operates through multiple business areas such as Process Applications, Cutting and Welding, Medical, and High Purity, positioning itself as a key player in the gas equipment market. Their website reflects a professional and comprehensive digital presence with clear product segmentation and regional subsidiaries to support global operations. Technically, the website employs a mature technology stack including jQuery, Modernizr, and video.js, alongside modern analytics and marketing tools like Google Analytics, Hotjar, and Microsoft Clarity. The site is well-optimized for mobile and SEO, with good accessibility and performance metrics. Security-wise, the site enforces HTTPS, uses security headers, and integrates Google reCAPTCHA and cookie consent mechanisms, indicating a solid security posture. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure pages suggests room for improvement in transparency and security governance. The lack of WHOIS data for the domain is a notable concern, potentially impacting trust and legitimacy assessments. Overall, the website presents a credible and professional business front with moderate risk due to incomplete domain registration information.

S

Sensitech Inc.

sensitech.com

74

Sensitech Inc. is a well-established company specializing in supply chain visibility solutions, particularly focusing on real-time temperature monitoring and cold chain logistics for industries such as life sciences, food, and industrial sectors. The company operates under the parent organization Carrier Global Corporation, indicating a strong market position and corporate backing. Their website reflects a mature digital presence with comprehensive product and solution offerings, targeting business customers requiring advanced supply chain monitoring technologies. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates third-party services like Google Tag Manager and OneTrust for analytics and privacy compliance. The site is mobile-optimized, accessible, and SEO-friendly, with a professional design and clear navigation structure. The use of Carrier CMS suggests a tailored content management approach. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, indicating attention to privacy and regulatory compliance. However, explicit security headers are not clearly visible in the provided data, and no dedicated security or incident response policies are published on the site. The WHOIS data for the domain is unavailable or not found, which is unusual for a company of this stature but does not detract significantly from the overall trustworthiness given the strong branding and parent company association. Overall, Sensitech's website demonstrates a high level of professionalism, technical maturity, and compliance with privacy standards, making it a trustworthy and credible source for its target audience. Strategic improvements in publishing explicit security policies and ensuring WHOIS transparency could further enhance trust and security posture.

P

PUMA

puma-catchup.com

61

PUMA CATch up is a corporate media platform operated by PUMA SE, focusing on delivering news, stories, and updates related to the brand's business, sports, sustainability, and employee engagement. The website serves as an internal and external communication channel targeting PUMA employees and brand enthusiasts. Technically, the site is built on WordPress, leveraging modern web technologies such as jQuery, Google Tag Manager, and OneTrust for cookie consent, with progressive web app capabilities. The site is well-optimized for mobile and SEO, with structured data enhancing search visibility. Security-wise, the site uses HTTPS with good SSL configuration but lacks explicit security headers and detailed privacy or security policies. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and branding appear professional and consistent with PUMA's corporate identity. Overall, the site demonstrates a moderate to good digital maturity level but would benefit from enhanced transparency and security practices.

L

Ledarna

ledarna.se

51

Ledarna is a Swedish trade union exclusively for managers, providing membership services, leadership development, legal support, and income insurance. The organization holds a unique market position as the only Swedish union dedicated solely to managers, targeting professionals in leadership roles across Sweden. Their website reflects a mature digital presence with comprehensive content and strong branding consistency. Technically, the site uses modern tools including Episerver CMS, Matomo analytics, OneTrust for cookie consent, and Azure Application Insights for monitoring, indicating a well-maintained infrastructure. Security posture is solid with HTTPS, bot protection, and privacy compliance, though some security headers and policies could be improved. The WHOIS data for the queried subdomain is missing, which is unusual but does not detract from the site's legitimacy given the professional content and contact information. Overall, Ledarna's website is a trustworthy and authoritative source for its audience.

C

Carrier

carrier.com

75

Carrier is a globally recognized leader in intelligent climate and energy solutions, serving both residential and commercial markets as well as cold chain logistics. The website reflects a mature enterprise with a strong focus on innovation, sustainability, and customer-centric solutions. The digital infrastructure employs modern technologies including Bootstrap, Google Tag Manager, and OneTrust for privacy compliance, indicating a well-maintained and professional online presence. Security posture is robust with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly detailed. Overall, the site is trustworthy and professionally managed, though WHOIS data is unavailable from the provided raw output, which warrants further verification. Strategic recommendations include enhancing transparency around security and incident response, and publishing clearer contact information for support and security inquiries.

D

Deliveroo

deliveroostudents.co.uk

75

Deliveroo is a well-established online food and grocery delivery platform operating primarily in the UK and multiple international markets. The analyzed page focuses on a student partnership offering free delivery and exclusive discounts through the Deliveroo Plus Silver subscription, targeting students aged 18 and over enrolled in higher education. The company leverages a modern technology stack including React and Next.js, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS, security headers, and consent management in place, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable platform for its target audience.

E

Eplan

eplan.com

68

Eplan is a well-established provider of cloud-based engineering software solutions, targeting engineers and manufacturing professionals globally. Their website demonstrates a mature digital presence with comprehensive product offerings such as Eplan Platform, eStock, eManage, eView, eBuild, and Data Portal. The site is built on Adobe Experience Manager, leveraging modern web technologies and providing a seamless user experience with strong mobile optimization and accessibility. Security posture is robust with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. The WHOIS data for the domain is missing, which raises minor concerns but does not detract significantly from the site's professionalism and trustworthiness. Overall, Eplan's website reflects a large enterprise with consistent branding, good content quality, and a strong market position within the technology and manufacturing sectors.

G

GBG

gbg.com

72

GBG is a professional enterprise specializing in identity verification and fraud prevention solutions. Their website presents a comprehensive range of services targeting businesses that require secure and reliable customer identity validation. The company positions itself as a market leader with a broad client base and offers advanced technology-driven solutions including biometric verification, document authentication, and fraud risk management. The website is well-designed, mobile-optimized, and uses modern analytics and monitoring tools to ensure performance and user experience. Security posture is strong with HTTPS enforced and monitoring tools in place, though explicit security headers and policies could be improved. Privacy compliance is addressed with clear cookie and privacy policies, including GDPR adherence. However, the absence of WHOIS data for the domain introduces some uncertainty about domain registration legitimacy, warranting further investigation. Overall, GBG demonstrates a mature digital presence with a solid business model and trustworthy online representation.

T

Targito

targito.com

71

Targito operates as a data platform focused on personalized communication and email marketing for e-commerce businesses, primarily targeting the Czech Republic market. The website presents a professional and consistent brand image with clear navigation and multilingual support. Technically, the site is built on WordPress with modern marketing and analytics tools integrated, including Google Analytics, Facebook Pixel, and LinkedIn Insight Tag. Security posture is adequate with HTTPS and reCAPTCHA usage, though some security headers and explicit privacy policies are missing. The absence of WHOIS registration data reduces trustworthiness and calls for further verification. Overall, the site is functional and business-oriented but would benefit from enhanced transparency and security documentation.

E

EPLAN

eplan.cz

57

EPLAN is a leading global provider of software and services focused on electrical engineering, automation, and mechatronics. The company operates a professional, multilingual website powered by TYPO3 CMS, reflecting a mature digital infrastructure with integrated marketing and analytics tools such as Google Tag Manager and HubSpot. The website demonstrates good design quality, mobile optimization, and clear navigation, targeting industrial and engineering professionals. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and vulnerability disclosures are not publicly available. Privacy compliance is supported by a cookie consent mechanism, but a formal privacy policy page was not detected in the provided content. Overall, the domain appears legitimate and professionally managed, though WHOIS data is privacy protected or unavailable, which is common for enterprises. Strategic recommendations include publishing detailed privacy and security policies, adding vulnerability disclosure mechanisms, and enhancing accessibility features to further strengthen trust and compliance.

H

HexArmor

hexarmor.com

70

HexArmor is a well-established global leader in the manufacturing and distribution of high-performance personal protective equipment (PPE), including gloves, eyewear, helmets, hearing protection, and body protection. The company targets safety professionals and industrial workers, providing innovative and reliable safety solutions designed to improve workplace safety and compliance. Their market position is strong, supported by extensive product lines and educational content that reinforce their brand as a trusted PPE provider. Technically, the website demonstrates a mature digital infrastructure with modern tracking and marketing technologies such as Google Tag Manager, Hotjar, and Facebook Pixel. The site is mobile-optimized, well-structured, and SEO-friendly, with good performance and accessibility features. The use of cookie consent tools and privacy policies indicates a commitment to privacy compliance. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and a public security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS registration data is a concern but may be due to privacy protection or registrar policies. Overall, the website is professional, trustworthy, and secure with minor areas for improvement in security transparency and WHOIS data clarity. Strategic recommendations include enhancing security headers, publishing a security policy, and verifying domain registration details to improve trustworthiness.

BSI Group is a globally recognized leader in standards development, certification, training, and consulting services, focused on helping organizations improve performance and achieve excellence with an emphasis on sustainability. The company serves a broad range of industries including energy, healthcare, government, ICT, manufacturing, and supply chain sectors. Their market position is strong, supported by internationally recognized certifications such as ISO 9001, ISO 27001, and the Kitemark™. Technically, the website employs modern analytics and marketing technologies such as Google Tag Manager, Optimizely, and LinkedIn Insight, combined with a robust cookie consent mechanism powered by OneTrust, indicating a mature digital infrastructure. The site is well-optimized for mobile and accessibility, with good SEO practices and a professional design. From a security perspective, the site enforces HTTPS and uses consent-based tracking, but lacks explicit security headers in the provided data. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces transparency but is likely due to privacy protection, which is common for enterprises. Overall, the security posture is strong but could be improved by adding and reporting security headers and enhancing incident response visibility. The overall risk assessment is low, with the site demonstrating high professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. Strategic recommendations include enhancing security header implementation, maintaining third-party script audits, and improving incident response contact availability to further strengthen trust and security culture.

D

Deliveroo

deliveroo.net

75

Deliveroo is a prominent UK-based online food delivery platform founded in 2012, offering a wide range of services including food, groceries, pharmacy, and gift deliveries. The company operates a large-scale digital marketplace connecting consumers with local restaurants and delivery riders, positioning itself as a leader in the transportation and e-commerce sectors within the UK. The website reflects a mature digital presence with a professional design, clear navigation, and mobile-optimized interfaces, supported by modern web technologies such as React and Next.js. Deliveroo employs robust security measures including HTTPS, security headers, and bot protection, alongside comprehensive privacy and cookie policies that demonstrate GDPR compliance. However, explicit security policies and incident response contacts are not publicly detailed, representing an area for improvement. Overall, the website is trustworthy, well-maintained, and aligned with the company's business model and market position.

D

Deliveroo

deliveroo.com

75

Deliveroo is a well-established online food delivery platform founded in 2012, operating primarily in the United Kingdom with a strong international presence. The company connects consumers with local restaurants, grocery stores, pharmacies, and gift services, offering fast and convenient delivery options. Deliveroo's market position is strong, supported by a large user base, extensive restaurant partnerships, and a robust rider network. The website reflects a mature digital presence with excellent design, clear navigation, and mobile optimization, supporting a seamless user experience across platforms. Technically, the site leverages modern frameworks such as React and Next.js, integrates Google Tag Manager for analytics, and employs OneTrust for cookie consent management, indicating a high level of digital maturity. Security-wise, the website enforces HTTPS, implements key security headers, and uses bot protection services, demonstrating a solid security posture. However, there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is professional, trustworthy, and compliant with GDPR, making it a reliable platform for users and partners alike.

D

Deliveroo

deliveroo.ae

69

Deliveroo.ae is a leading online food and grocery delivery platform operating in the United Arab Emirates. It connects consumers with local restaurants and shops, offering convenient takeaway and grocery delivery services through a modern web platform and mobile apps. The company maintains a strong market position with a comprehensive service offering including restaurant partnerships, rider recruitment, corporate meal solutions, and gift cards. The website is professionally designed, mobile-optimized, and provides a seamless user experience with clear navigation and rich content. Technically, the site leverages modern frameworks such as Next.js and React, supported by Cloudflare for hosting and CDN, and integrates third-party services like Google Tag Manager, OneTrust for cookie consent, and Stripe for payments. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policy and incident response information are not publicly available. Privacy compliance is well addressed with comprehensive privacy and cookie policies and GDPR adherence. Overall, the website demonstrates a mature digital presence with high trustworthiness and professional standards.

D

Deliveroo

deliveroo.es

73

Deliveroo is a well-established online food delivery platform founded in 2012, operating primarily in the United Kingdom and several international markets. The company connects consumers with local restaurants, takeaways, supermarkets, and other shops, offering fast delivery services typically within 30 minutes. Deliveroo also provides corporate food delivery solutions and gift card services, positioning itself as a leader in the food delivery sector with a strong digital presence and mobile app availability. The website reflects a mature business with consistent branding and comprehensive service offerings.

D

Deliveroo

deliveroo.nl

73

Deliveroo is a well-established online food delivery platform founded in 2012, operating primarily in the United Kingdom with a strong international presence. The company connects consumers with local restaurants, grocery stores, pharmacies, and gift providers, offering fast and convenient delivery services. Their business model leverages a marketplace approach, generating revenue through delivery fees, service charges, and partnerships with restaurants and riders. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive service offerings including corporate catering and gift cards.

D

Deliveroo

deliveroo.it

75

Deliveroo.it is a well-established online food and grocery delivery platform operating in Italy since 2014. It connects consumers with local restaurants and shops, offering convenient takeaway and grocery delivery services. The website demonstrates a strong market position with a large user base and comprehensive service offerings including partner and rider recruitment as well as corporate meal solutions. The platform is supported by modern web technologies such as Next.js and React, ensuring a fast, responsive, and accessible user experience across devices. Security measures include HTTPS enforcement, robust security headers, and bot protection via PerimeterX, reflecting a mature security posture. Privacy compliance is well addressed with clear privacy and cookie policies and active consent mechanisms. Overall, the website is professional, trustworthy, and aligned with industry best practices.

D

Deliveroo.ie

deliveroo.ie

77

Deliveroo.ie is a prominent online food and grocery delivery platform operating in Ireland, offering consumers convenient access to local restaurants and shops. The company leverages a robust digital infrastructure including modern web frameworks and cloud-based hosting to deliver a seamless user experience across web and mobile platforms. The website demonstrates strong branding consistency, comprehensive legal and privacy documentation, and effective integration of consent management tools. Security posture is solid with HTTPS enforcement, security headers, and bot protection, although DNSSEC is not enabled and no explicit incident response contacts are published. Overall, the platform is well-positioned in the Irish market with a large user base and extensive partner network.

D

Deliveroo

deliveroo.hk

62

Deliveroo is a global online food delivery platform that previously operated in the Hong Kong market but has now exited, as clearly stated on the website. The platform connects customers with local restaurants and takeaways, offering convenient food delivery services. The website maintains consistent branding and provides links to other international Deliveroo domains, reflecting its broad market presence. The Hong Kong site serves primarily as an informational landing page to communicate the market exit and thank customers and partners. Technically, the website is built using modern web technologies including React and Next.js, hosted behind Cloudflare DNS and CDN services, and incorporates cookie consent mechanisms via OneTrust. Security posture is good with HTTPS enforced and some security-related scripts in use, though explicit security headers and policies are not publicly documented. Privacy compliance is partial, with a cookie consent banner present but no visible privacy policy or terms of service on the landing page. Contact information such as emails or phone numbers is not directly available on the page. Overall, the site is professional and trustworthy but could improve transparency around privacy and security policies.

D

Deliveroo

deliveroo.be

73

Deliveroo is a leading online food and grocery delivery platform operating in Belgium and multiple international markets. The company connects consumers with local restaurants and shops, providing convenient takeaway and grocery delivery services. Their business model focuses on partnering with restaurants, managing delivery logistics, and offering a seamless digital ordering experience via web and mobile apps. Deliveroo holds a strong market position with a well-established brand and extensive service coverage. Technically, the website leverages modern frameworks such as Next.js and React, supported by robust third-party services including Google Tag Manager, OneTrust for cookie consent, and PerimeterX for bot detection. The site is optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, comprehensive security headers, and privacy compliance aligned with GDPR. However, explicit security policy and incident response information are not publicly detailed, representing an area for improvement. Overall, the website demonstrates high professionalism, trustworthiness, and compliance, supporting Deliveroo's reputation as a reliable service provider.

D

Deliveroo

deliveroo.com.au

73

Deliveroo is a leading UK-based online food delivery platform founded in 2012, offering customers quick access to local restaurants, groceries, pharmacy items, and gifts. The company operates a large-scale marketplace connecting consumers, restaurants, and delivery riders, positioning itself as a major player in the e-commerce and transportation sectors. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. It supports multiple platforms including web, iOS, and Android, and uses modern technologies such as React and Next.js for a performant and responsive user experience. Security is robust with HTTPS enforcement, comprehensive security headers, and bot mitigation tools in place. Privacy compliance is strong, with clear GDPR-aligned policies and cookie consent mechanisms. Overall, Deliveroo demonstrates a mature digital presence with high trustworthiness and business credibility.

D

Deliveroo

deliveroo.co.uk

73

Deliveroo is a well-established UK-based online food delivery platform founded in 2012, offering a wide range of services including food, groceries, pharmacy, and gift deliveries. It operates a large-scale digital marketplace connecting consumers with local restaurants and delivery riders, positioning itself as a leading player in the transportation and e-commerce sectors. The website demonstrates a high level of digital maturity, utilizing modern web technologies such as React and Next.js, supported by robust analytics and marketing tools. The platform is optimized for performance, mobile responsiveness, and accessibility, providing an excellent user experience. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit security policy documentation and vulnerability disclosure mechanisms are not publicly evident. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms, reflecting adherence to GDPR requirements. Overall, the website and business exhibit high professionalism, trustworthiness, and operational legitimacy.

R

RevNGo.com - Book here, pay at the Hotel!

revngo.com

65

RevNGo.com is an established online travel accommodation booking platform founded in 2014, targeting travelers seeking hotels, apartments, and wellness packages primarily in Central Europe. The website offers a multilingual experience with a large inventory and emphasizes guaranteed lowest prices and pay-at-hotel convenience. Technically, the site uses a modern tech stack including Google Tag Manager, analytics, and personalization tools, hosted on Amazon AWS infrastructure. The site is well-optimized for desktop and mobile with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and domain locking, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a visible privacy policy or terms of service. Overall, the site is professional and trustworthy but could improve transparency and security documentation.

S

Szallas.hu - Úgy is lett!

szallas.hu

10

Szallas.hu is a well-established Hungarian online accommodation booking platform founded in 2000, offering a wide range of lodging options including hotels, guesthouses, apartments, and wellness packages primarily targeting Hungarian and regional travelers. The website demonstrates a professional design with consistent branding and good content quality, supporting its position as a leading player in the Hungarian hospitality market. Technically, the site employs a modern tech stack with multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, Microsoft Clarity, and Visual Website Optimizer, alongside cookie consent mechanisms to comply with privacy regulations. Security-wise, the site enforces HTTPS and uses error monitoring tools like Sentry, but lacks visible security headers and explicit security policies, indicating room for improvement in security posture. Overall, the domain age and WHOIS data corroborate the site's legitimacy and long-term operation. The site is free from adult or questionable content and does not exhibit any WAF or blocking mechanisms, allowing full accessibility and analysis.

A

Alfred Kärcher GmbH & Co. KG

karcher.cz

10

Kärcher Česká republika operates as the official Czech branch of Alfred Kärcher GmbH & Co. KG, a leading global manufacturer and retailer of cleaning technology for both household and professional markets. The website offers a comprehensive catalog of cleaning products including window vacuums, steam cleaners, floor washers, vacuum cleaners, and pressure washers, supported by services such as repair, warranty extensions, and rental of professional equipment. The company holds a strong market position in the Czech Republic as a trusted brand with extensive product and service offerings tailored to both consumers and professionals. Technically, the website employs a modern technology stack including Bootstrap for responsive design, Adobe Dynamic Tag Management for analytics and marketing tag control, and OneTrust for GDPR-compliant cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search engine understanding. Performance is moderate with asynchronous loading of scripts and preloading of key assets. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR. Security headers are partially observed, and third-party scripts are managed via Adobe DTM. However, explicit security headers like Content-Security-Policy and incident response contacts are not clearly published, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website presents a professional, trustworthy, and compliant digital presence for Kärcher in the Czech market. The absence of WHOIS data limits domain trust assessment, but the brand consistency and compliance signals support legitimacy. Strategic recommendations include enhancing security header implementation, publishing incident response and vulnerability disclosure information, and improving transparency of contact details to strengthen trust and security posture.

L

LVMH

lvmh.com

66

LVMH is a leading global luxury goods conglomerate managing a portfolio of prestigious brands across fashion, cosmetics, wines, and spirits. The company positions itself as a world leader in high-quality products, emphasizing heritage, identity, and expertise of its Houses. The website reflects this positioning with professional design, multilingual support, and comprehensive corporate information targeting luxury consumers, investors, suppliers, and press. Technically, the site leverages modern frameworks such as Next.js and React, supported by Akamai CDN for performance and global reach. Privacy and cookie compliance are robustly implemented with OneTrust and clear policies. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response information are not prominently published. Overall, the site demonstrates a mature digital presence consistent with a large enterprise luxury brand, with minor recommendations to enhance transparency on security and vulnerability disclosures.

I

ILUNION Hotels

ilunionhotels.co.uk

65

ILUNION Hotels operates as a hospitality chain offering accessible 3, 4, and 5-star accommodations primarily in Spain. The website serves as the official booking platform, providing multi-language support and a loyalty program to enhance customer engagement. The business targets a broad audience seeking accessible and quality hotel services. Technically, the site is built on Adobe Experience Manager, integrating modern analytics and cookie consent tools, indicating a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking explicit security policies and vulnerability disclosures. The absence of WHOIS data for the .co.uk domain suggests the domain may be a subdomain or alias rather than a registered domain, which warrants further verification. Overall, the website is professional, secure, and compliant with privacy norms, suitable for general audiences.

I

ILUNION Hotels

ilunionhotels.fr

57

ILUNION Hotels operates a professional and accessible hotel chain primarily in Spain, offering 3 to 5-star accommodations with a focus on family and business travelers. The website is well-structured, multilingual, and integrates modern technologies such as Adobe Experience Manager, Google Tag Manager, and OneTrust for cookie consent. Contact information is clearly provided, and the site promotes a loyalty program and event hosting services. However, the absence of WHOIS data and explicit privacy and security policies slightly reduce trustworthiness. The site uses HTTPS and implements cookie consent, but could improve by publishing clear privacy policies and security incident contacts.

I

ILUNION Hotels

ilunionhotels.de

63

ILUNION Hotels operates a professional, accessible hotel chain website targeting German-speaking customers interested in accessible and family-friendly accommodations in Spain. The site is built on Adobe Experience Manager with integrated Adobe Analytics and Google Tag Manager, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly visible. The domain registration is consistent with the business claims, and the website content is comprehensive and professionally presented. Overall, the site demonstrates good business credibility and technical implementation with room for improvement in privacy policy transparency and security header implementation.

I

ILUNION Hotels

ilunionhotels.pt

58

ILUNION Hotels operates a large chain of accessible hotels primarily in Spain and Portugal, offering 3 to 5-star accommodations with a focus on family, business, and accessible travel. Their website is professionally designed using Adobe Experience Manager, with multilingual support and integrated booking and loyalty programs. The technical infrastructure includes modern analytics and cookie consent tools, ensuring a good digital maturity level. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit privacy and terms of service pages are missing. Overall, the site is trustworthy and well-positioned in the hospitality market.

I

ILUNION Hotels

ilunionhotels.it

63

ILUNION Hotels operates a chain of accessible hotels in Spain offering 3, 4, and 5-star accommodations with direct online booking capabilities. The website presents a professional and consistent brand image targeting tourists seeking accessible lodging options. Technically, the site leverages Adobe Experience Manager CMS, integrates Google Tag Manager and Adobe Analytics for marketing and user tracking, and implements cookie consent via OneTrust. Security posture is solid with HTTPS and standard security headers, though explicit security policies and vulnerability disclosures are absent. Overall, the site is well-structured, mobile-optimized, and trustworthy, supporting a large hospitality business presence in Spain and Italy.

P

Perficient Inc

smedix.com

70

Perficient Inc is a global enterprise specializing in AI-first digital consulting and technology services. The company focuses on helping innovative brands leverage AI and digital transformation to drive business growth and customer engagement. Their market position is strong, serving large enterprises across multiple industries including technology, healthcare, financial services, manufacturing, and energy. The website reflects a mature digital presence with comprehensive content, case studies, and thought leadership. Technically, the site uses modern technologies such as Sitecore CMS, Google Tag Manager, OneTrust for cookie consent, and various analytics and marketing tools, indicating a high level of digital maturity. Security posture is robust with HTTPS, security headers, and privacy compliance mechanisms in place, though the absence of WHOIS data reduces transparency. Overall, the site is professional, trustworthy, and well-optimized for performance and accessibility.

E

EndNote

endnote.com

78

EndNote is a well-established academic reference management software owned by Clarivate, serving researchers, academics, and students globally. The website presents a professional and consistent brand image, offering citation management and research collaboration tools. The business model is SaaS-based, targeting the education and technology sectors with a strong market position as a leader in its niche. The digital infrastructure is built on WordPress CMS, leveraging modern marketing and analytics tools such as Google Tag Manager, OneTrust, and Visual Website Optimizer, hosted on AWS infrastructure. The website demonstrates good mobile optimization and SEO practices, ensuring accessibility and user engagement. Security posture is solid with HTTPS enforcement and consent management, though there is room for improvement in security headers and incident response transparency. Overall, the site is trustworthy, compliant with GDPR, and free from critical vulnerabilities or blocking mechanisms.

V

Verve

lkqd.net

79

Verve operates a digital advertising marketplace platform focused on enabling sellers to maximize revenue through performance and brand advertising solutions. The company offers a suite of services including Performance+ Marketplace, Brand+ Marketplace, mobile user acquisition, and demand side platform capabilities. The website reflects a mature and professional business with a consistent brand presence and a clear focus on digital advertising technology. Technically, the site is built on WordPress with modern plugins and frameworks such as Elementor and Yoast SEO, hosted likely on AWS infrastructure. The site implements cookie consent via OneTrust and uses analytics and tracking tools like Crazy Egg, Google Tag Manager, and HubSpot. Security posture is good with HTTPS enabled and domain transfer protection, though DNSSEC is not enabled and security headers are not evident. No privacy policy or terms of service were found on the analyzed page, which is a compliance gap. Overall, the domain is longstanding and consistent with a legitimate business. The site is safe for general audiences and does not contain adult or questionable content.

C

Cision

c212.net

67

Cision operates as a global provider of cloud-based communications and PR software services, targeting professionals in marketing, media relations, and content marketing. The company offers a suite of services including media monitoring, media list building, distribution, and analysis, positioning itself as an established player in the media industry. The website content is professional but limited in depth on the privacy policy page, with no direct contact information or detailed security policies presented. Technically, the website employs modern tracking and marketing technologies such as Google Tag Manager, OneTrust for cookie consent, and third-party attribution tools. The site is accessible without any WAF or blocking mechanisms, but lacks explicit security headers and detailed accessibility features. Mobile optimization and SEO are basic but functional. From a security perspective, the site uses HTTPS and cookie consent mechanisms, but the absence of WHOIS data and registrant information raises concerns about domain registration transparency. No incident response or security contact details are provided, limiting the ability to assess compliance fully. Overall, the security posture is moderate but could be improved with better header implementation and transparency. The overall risk is moderate with recommendations to enhance security headers, provide clear contact information for security incidents, improve accessibility, and clarify domain registration details to increase trustworthiness.

T

The Educated Patient

theeducatedpatient.com

67

The Educated Patient is a healthcare education platform providing expert-driven resources on treatment options, medications, and therapies to empower individuals in making informed health decisions. The website targets patients and individuals seeking reliable health information and offers a structured navigation of health conditions and related topics. Technically, the site is built on modern frameworks such as Next.js and React, integrating multiple analytics and marketing tools including Google Analytics, HubSpot, and Algolia Insights. Cookie consent and privacy mechanisms are implemented, reflecting a basic level of privacy compliance. Security posture is moderate with HTTPS implied but lacking visible security headers or published security policies. The absence of WHOIS data for the domain is a notable concern, potentially indicating privacy protection or recent registration, which impacts domain trustworthiness. Overall, the site presents professional content and a good user experience but would benefit from enhanced transparency in privacy and security policies.

Contemporary OB/GYN is a specialized healthcare media platform focused on delivering clinical updates, expert commentary, and educational resources in obstetrics and gynecology. The website serves healthcare professionals with a comprehensive range of content including news, podcasts, conference coverage, and continuing medical education. The platform demonstrates a mature market position within the healthcare media niche, supported by professional design and consistent branding. Technically, the website employs modern web technologies such as Astro framework, Sanity CMS, and integrates advanced analytics and consent management tools like Segment Analytics and OneTrust. The site is mobile-optimized, accessible, and SEO-friendly, ensuring a positive user experience across devices. From a security perspective, the site enforces HTTPS, implements key security headers, and uses cookie consent mechanisms aligned with GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a public security policy or incident response contact suggests room for improvement in transparency and readiness. Overall, Contemporary OB/GYN presents a low-risk profile with strong business credibility and technical maturity. Strategic enhancements in security policy publication and incident response communication would further strengthen trust and compliance.

A

American Heart Association

empoweredtoserve.org

67

EmPOWERED to Serve is a community-focused initiative under the American Heart Association aimed at empowering local communities through health education, economic mobility, and opportunity. The website serves as a platform to provide resources, programs, and volunteer opportunities to diverse audiences including students, entrepreneurs, and community leaders. The brand is strongly aligned with the reputable American Heart Association, enhancing its credibility and trustworthiness. Technically, the website employs modern web technologies such as Bootstrap, Sitecore CMS, and integrates multiple analytics and marketing tools including Google Tag Manager, Facebook Pixel, and Hotjar. The site is mobile-optimized, accessible, and demonstrates good SEO practices. Privacy and cookie policies are implemented with consent mechanisms, reflecting compliance with GDPR and related regulations. From a security perspective, the site uses HTTPS with strong SSL configuration and security headers. However, it lacks publicly available security policies and incident response information, which could be improved to enhance transparency and trust. No vulnerabilities or suspicious content were detected during analysis. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing a security policy, establishing a vulnerability disclosure program, and providing incident response contacts to further strengthen security posture and user trust.

A

American Heart Association

wellbeingworksbetter.org

68

The Well-being Works Better website is a platform operated under the American Heart Association, focusing on promoting workforce health and well-being. It provides resources such as CPR training, mental well-being toolkits, and newsletters aimed at business leaders and employers to foster healthier work environments. The site leverages established branding and offers recognized organizational tiers to build trust and engagement. Technically, the website is built on the Sitecore CMS platform and integrates modern technologies including Google Tag Manager for analytics, Fundraise Up for fundraising, and OneTrust for cookie consent management. The site is mobile optimized, accessible, and demonstrates good SEO practices. Performance is moderate with asynchronous loading of scripts enhancing user experience. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, though explicit security headers are not fully confirmed in the provided data. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with cookie consent but lacks a clearly identified privacy policy page in the provided content. Contact information is limited to a newsletter signup form, with no direct emails or phone numbers found. Overall, the website presents a low risk profile with strong business credibility and technical maturity. Recommendations include enhancing security headers, publishing clear privacy and terms of service policies, and providing direct contact information to improve transparency and compliance.

A

American Heart Association

heartpowered.org

63

HeartPowered.org is a professionally maintained website representing the American Heart Association's advocacy arm focused on advancing health policies to improve cardiovascular outcomes. The site targets advocates, volunteers, policymakers, and the general public interested in health advocacy. It leverages a modern WordPress infrastructure with SEO and accessibility best practices, including Yoast SEO and OneTrust for cookie consent management. The website demonstrates a strong security posture with HTTPS and no exposed sensitive data, though it could improve by enabling DNSSEC and publishing explicit security policies. Overall, the site is trustworthy, well-branded, and provides comprehensive content relevant to its mission.

A

American Heart Association

shopheart.org

74

ShopHeart.org is the official merchandise e-commerce store for the American Heart Association (AHA), a large non-profit organization dedicated to cardiovascular health. The website offers branded products such as apparel, pins, cookbooks, and educational materials, with proceeds supporting the AHA's mission. The site is built on the Shopify platform using the Impulse theme, integrating modern e-commerce technologies and analytics tools to provide a smooth user experience. The presence of privacy and cookie policies with consent mechanisms reflects a commitment to regulatory compliance. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although formal security policy and incident response information are not publicly available. WHOIS data is privacy protected, which is typical for non-profit entities, and does not detract from the site's legitimacy given the consistent branding and official social media links. Overall, the site demonstrates a professional and trustworthy online presence aligned with the American Heart Association's brand and mission.