Security Directory

T

TILL CONSULT a.s.

duna.cz

50

TILL CONSULT a.s. operates the website duna.cz, offering a suite of economic and accounting software products under the DUNA brand, targeting small to medium businesses, accounting firms, and specialized sectors such as medical offices and energy distributors. The company has a strong market presence with 28 years of experience and a comprehensive product portfolio including DUNA BUSINESS, TOP, SMART, TRADING, and related web extensions. The website is professionally designed, mobile-optimized, and provides clear navigation and rich content including testimonials and industry news. Technically, the site uses modern JavaScript libraries, Bootstrap framework, and integrates Google Tag Manager and Seznam retargeting for marketing purposes. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security policies and certifications are not published. Contact information is clearly provided with phone, email, and physical address. Overall, the site reflects a mature business with a solid digital presence but could improve transparency on privacy and security policies.

E

EPLAN

eplan.cz

57

EPLAN is a leading global provider of software and services focused on electrical engineering, automation, and mechatronics. The company operates a professional, multilingual website powered by TYPO3 CMS, reflecting a mature digital infrastructure with integrated marketing and analytics tools such as Google Tag Manager and HubSpot. The website demonstrates good design quality, mobile optimization, and clear navigation, targeting industrial and engineering professionals. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and vulnerability disclosures are not publicly available. Privacy compliance is supported by a cookie consent mechanism, but a formal privacy policy page was not detected in the provided content. Overall, the domain appears legitimate and professionally managed, though WHOIS data is privacy protected or unavailable, which is common for enterprises. Strategic recommendations include publishing detailed privacy and security policies, adding vulnerability disclosure mechanisms, and enhancing accessibility features to further strengthen trust and compliance.

A

AERS s.r.o.

aers.cz

53

AERS s.r.o. is a Czech-based company specializing in the development and manufacture of energy storage technologies, focusing on battery systems for residential and industrial applications. Their offerings include home battery systems, industrial battery storage, and energy optimization services, targeting customers seeking energy self-sufficiency and efficiency. The company positions itself as a niche player in the energy sector within the Czech Republic, with a professional online presence and clear contact information. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, and FontAwesome, with integration of Google Analytics and Tag Manager for user tracking. The site is mobile-optimized and presents content in a structured and navigable manner. However, it lacks advanced SEO and accessibility features and does not implement visible security headers, which could be improved. From a security perspective, the site uses HTTPS but does not display security policies, privacy notices, or cookie consent mechanisms, which are important for GDPR compliance. The absence of WHOIS data reduces trustworthiness and transparency. No forms or sensitive data collection points were detected, minimizing immediate risk exposure. Overall, the security posture is moderate but could benefit from enhanced compliance and security best practices. The overall risk assessment indicates a legitimate small business with a professional web presence but with gaps in transparency and privacy compliance. Strategic recommendations include adding privacy and cookie policies, implementing security headers, improving accessibility, and clarifying domain registration details to enhance trust and compliance.

F

Fenix Group

fenixgroup.cz

55

Fenix Group is a Czech-based manufacturer specializing in electric heating systems including radiant panels, heating cables, films, convectors, and control systems. The company targets residential, commercial, industrial, and agricultural sectors with a comprehensive product range and technical support services. Their market position is supported by certifications such as EUHA and a lifetime warranty program, indicating a strong commitment to quality and customer assurance. The website is professionally designed using Drupal 7, incorporating modern analytics and marketing tools with clear privacy compliance mechanisms including GDPR-aligned cookie consent. Security posture is solid with HTTPS enforced and bot management via Cloudflare, though security headers could be improved. WHOIS data is not publicly available, which slightly reduces transparency but does not detract from the overall legitimacy. The site is fully accessible with no blocking or WAF challenges detected.

Schmachtl CZ is a Czech-based company specializing in the distribution of components for industrial automation and electrical installations. They represent over 20 manufacturers and hold exclusive distributorship for the Wieland brand in the Czech market. Their offerings include advanced sensors, PLCs, electrical connectors, and installation components aimed at optimizing industrial processes and electrical infrastructure. The website is professionally designed, mobile optimized, and provides clear contact information, supporting their position as a reliable distributor in the manufacturing and energy sectors. Technically, the site leverages modern frameworks like Next.js and React, with integrated analytics from Google and Seznam.cz. Security posture is good with HTTPS enabled, but lacks some security headers and formal privacy/cookie policies, which are areas for improvement. WHOIS data is unavailable, which slightly impacts trust but the site content and contact details support legitimacy.

O

OSRAM Ceska republika s.r.o.

osram.cz

72

OSRAM Ceska republika s.r.o. operates a professional corporate website focused on innovative and sustainable lighting solutions, targeting B2B customers in automotive, industrial, and entertainment sectors. The company is positioned as a global leader in optical and lighting technologies, supported by its parent company ams OSRAM. The website provides comprehensive product information, contact details, and links to global and regional OSRAM sites, reflecting a mature digital presence. Technically, the website employs modern JavaScript libraries, Algolia search, and a consent management platform (Usercentrics), alongside Google Tag Manager for analytics and tracking. The site is mobile-optimized with good SEO practices and accessible navigation, although accessibility features are basic. Security posture is solid with HTTPS enforced and consent mechanisms in place, but lacks explicit security headers and dedicated security policy pages. The absence of WHOIS data limits domain registration trust analysis, but the website's professional branding, structured data, and consistent content strongly indicate legitimacy. No adult or questionable content is present, and privacy compliance is well addressed with clear policies and consent banners. Overall, the website demonstrates a good balance of business credibility, technical implementation, and privacy compliance, with room for improvement in security transparency and domain registration visibility.

K

KNX národní skupina České Republiky, z.s.

knxcz.cz

45

KNX národní skupina České Republiky, z.s. is a Czech non-profit association dedicated to promoting and supporting KNX technology for intelligent building installations. The website serves as an information hub offering training courses, community activities, and documentation for professionals and companies involved in KNX systems. The organization is well-established since 2015 and holds a national position within the Czech Republic. Technically, the website uses a mix of legacy and modern technologies including jQuery 1.4, CKEditor 5, and Google Analytics for tracking. While the site is functional and content-rich, some technical debt is evident, particularly the use of outdated JavaScript libraries which pose security risks. Security posture is moderate with no visible security headers and no explicit security policies published. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms. Overall, the site is trustworthy and professional but would benefit from technical and compliance improvements.

A

AXIMA, spol. s r. o.

axima-obchod.cz

63

AXIMA, spol. s r. o. is a Czech-based medium-sized company specializing in wholesale distribution of electrotechnical materials and industrial automation components. With over 24 years of market presence, it serves primarily B2B customers in the Czech Republic and Slovakia, offering a wide range of products including power supplies, connectors, sensors, and safety equipment. The website reflects a professional and well-structured digital presence with clear product categorization and manufacturer partnerships. Technically, the site uses modern JavaScript libraries and tracking tools such as Google Analytics and Google Tag Manager, and is mobile optimized with good SEO practices. Security posture is adequate with HTTPS enforced but lacks some recommended security headers like Content-Security-Policy and X-Frame-Options. Privacy and cookie policies are not explicitly found, indicating room for compliance improvement. WHOIS data is unavailable, limiting domain trust verification, but the website content and contact information suggest a legitimate business. Overall, the site scores well in content quality and business credibility but should enhance privacy compliance and security headers to improve trust and compliance.

B

Blue Panther s.r.o.

blue-panther.cz

43

Blue Panther s.r.o. is a Czech-based company specializing in measurement equipment, calibration services, audits, and professional training primarily targeting industrial maintenance, metrology laboratories, healthcare technology, and energy sectors. The company maintains a solid market position supported by partnerships with reputable brands such as Fluke and Kyoritsu and holds ISO 9001 certification, indicating a commitment to quality management. Their business model focuses on B2B sales and services, offering a comprehensive portfolio including equipment supply, calibration, audits, and educational seminars. Technically, the website employs a mix of legacy and modern technologies including jQuery 1.10.2, Klaro for cookie consent, Algolia for search, and multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Smartsupp chat. The site is well-structured, mobile-optimized, and includes GDPR-compliant cookie consent mechanisms. However, some technical debt is noted with the use of an outdated jQuery version and absence of explicit security headers. From a security perspective, the site enforces HTTPS and uses consent-based tracking scripts, reflecting good privacy practices. No critical vulnerabilities or exposed sensitive data were detected. The lack of WHOIS data for the domain is a concern for domain legitimacy verification, although the website content and business information appear professional and trustworthy. No explicit security policy or incident response contacts were found, suggesting room for improvement in transparency and preparedness. Overall, Blue Panther s.r.o. presents a professional and trustworthy online presence with good compliance and security posture, albeit with some technical and domain registration concerns. Strategic improvements in security headers, updating legacy libraries, and clarifying domain registration details would enhance trust and resilience.

R

Robelshoes.pl

robelshoes.pl

55

Robelshoes.pl is a professional e-commerce retailer specializing in branded women's and men's footwear and accessories, targeting primarily the Polish market and neighboring European countries. The website offers a broad selection of products with key services including free delivery for orders over 249 PLN and a 30-day return policy, positioning itself as a customer-friendly online shoe store. The presence of multiple regional partner domains indicates a broader regional footprint in Central and Eastern Europe. Technically, the website employs modern web technologies such as Google reCAPTCHA for bot protection, Sentry for error monitoring, and Google Tag Manager for marketing and analytics. The site is built on the CREATIVE shop CMS platform and uses HTTPS with a good SSL configuration, ensuring secure communications. However, some security best practices like security headers and cookie consent mechanisms are missing or not detected, which could be improved for better compliance and protection. The WHOIS data for the domain is not publicly available, which is common for .pl domains managed by NASK, but the website's professional design, structured data, and consistent branding support its legitimacy. Overall, the site presents a solid security posture with room for enhancement in privacy compliance and security headers. Strategic recommendations include implementing cookie consent banners, adding security headers, publishing a security policy, and maintaining regular audits of third-party scripts to strengthen security and compliance.

R

Robelshoes.ro

robelshoes.ro

49

Robelshoes.ro is an e-commerce retailer specializing in footwear and accessories for women, men, and children, offering a wide range of branded products. The website targets consumers primarily in Romania and neighboring European countries, providing a 30-day return policy and multiple localized country sites. The business model is focused on online retail with a multi-brand catalog, positioning itself as a regional player in the footwear market. Technically, the site uses a CREATIVE shop CMS platform with integrations such as Google Tag Manager, Facebook Pixel, and Sentry for error tracking, indicating a moderate level of digital maturity. Security measures include HTTPS enforcement, CSRF tokens, and Google reCAPTCHA on forms, though there is room for improvement in security headers and published policies. Overall, the site is professional and functional with good content quality and moderate trustworthiness. The domain WHOIS data is privacy protected by ROTLD, which is common for Romanian domains and does not raise immediate concerns. Strategic recommendations include enhancing privacy compliance with cookie consent, publishing security and incident response policies, and improving mobile optimization.

R

Robelshoes.at

robelshoes.at

58

Robelshoes.at is an Austrian e-commerce retailer specializing in branded footwear and accessories for women, men, and children. The website offers a broad selection of products with free shipping over a certain threshold and a 30-day return policy, positioning itself as a regional player with multiple country-specific domains. The site is built on the CREATIVE shop CMS platform and integrates modern technologies such as Google reCAPTCHA, Facebook Pixel, Google Tag Manager, and Sentry for error tracking, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and anti-bot measures in place, though some security headers are missing and privacy compliance could be improved. The absence of WHOIS data due to privacy protection slightly reduces transparency but is common for e-commerce businesses. Overall, the site is professional, secure, and user-friendly, targeting consumers in Austria and neighboring countries.

R

Robelshoes.eu

robelshoes.eu

58

Robelshoes.eu is an established European e-commerce retailer specializing in branded footwear and accessories. The website targets a broad audience across multiple European countries, offering a wide selection of products from well-known brands. The business model is focused on online retail with multi-language support and a clear product categorization structure. Technically, the site is built on the CREATIVE shop CMS platform, utilizing modern web technologies including HTTPS, Google reCAPTCHA for bot protection, and Sentry for error monitoring. While the site demonstrates good design and navigation, mobile optimization is basic and could be improved. Security posture is solid with HTTPS and some security best practices, but lacks explicit security headers and cookie consent mechanisms. WHOIS data is privacy protected, which is common for e-commerce but limits transparency. Overall, the site is professional and trustworthy with moderate risk.

R

Robelshoes.hu

robelshoes.hu

52

Robelshoes.hu is a Hungarian e-commerce retailer specializing in branded footwear and accessories, offering a wide range of quality shoes from world-renowned brands. The website targets general consumers seeking convenient online shopping with home delivery. The platform is part of a multi-country network with sister sites serving neighboring markets. Technically, the site uses a proprietary CMS (CREATIVE shop), integrates modern tracking and analytics tools such as Facebook Pixel, Google Tag Manager, and Sentry for error monitoring. Security measures include HTTPS, CSRF tokens, and Google reCAPTCHA, indicating a mature security posture. However, explicit security policies and incident response contacts are not published, which could be improved. Overall, the website is professional, trustworthy, and well-optimized for SEO and user experience, with moderate performance and good mobile optimization.

R

Rainer Winter Stiftung

rainer-winter-stiftung.de

67

The Rainer Winter Stiftung is a well-established non-profit foundation based in Fürth, Germany, founded in 1980. It focuses on supporting disadvantaged, sick, and socially weak children and youth primarily in the Nürnberg metropolitan area and internationally. The foundation operates with a transparent, unbureaucratic model, ensuring 100% of donations go directly to the cause, supported strongly by the uvex group and its partners. The website reflects a professional and consistent brand image, with clear messaging and good content quality. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including StencilJS and Amazon Cloudfront CDN for performance. It employs Usercentrics for consent management and Google Tag Manager for analytics, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly. From a security perspective, the site uses HTTPS with strong SSL configuration and implements consent mechanisms for privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security headers could be verified and incident response policies published to enhance security posture. Overall, the site presents low risk with a strong trust profile, good privacy compliance, and a clear business purpose. Strategic recommendations include enhancing security header implementation, publishing incident response and vulnerability disclosure policies, and maintaining regular security audits.

H

Hiplok

hiplok.com

70

Hiplok is a specialized e-commerce business focused on providing innovative bike security solutions including locks for bikes, motorbikes, e-bikes, and scooters. The company emphasizes product quality with Sold Secure Insurance Rated locks and offers lifetime warranties, positioning itself as a trusted niche player in the transportation security market. The website is built on a modern WordPress platform with WooCommerce, integrating various marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Klaviyo, indicating a mature digital marketing strategy. Technically, the site is well-structured, mobile optimized, and uses HTTPS with a valid SSL certificate, though it lacks some advanced security headers and explicit privacy and terms policies. The domain is long-established since 2009, registered transparently without privacy protection, which supports the legitimacy of the business. Overall, the security posture is moderate with room for improvement in policy transparency and security headers. The website content is safe for general audiences and professionally presented.

U

UVEX ARBEITSSCHUTZ GMBH

uvex-safety.com

72

UVEX ARBEITSSCHUTZ GMBH operates the uvex safety website, a professional platform offering a wide range of personal protective equipment (PPE) designed and certified in Germany. The company targets business clients, safety professionals, and retailers, positioning itself as a leading manufacturer and distributor of occupational safety products including helmets, glasses, gloves, footwear, and respirators. The website reflects a mature digital presence with comprehensive product information, dealer locator tools, and advisory content.

U

uvex laservision

uvex-laservision.de

59

uvex laservision is a German-based manufacturer specializing in the development, production, and distribution of laser protection products, serving industrial and medical sectors. The company positions itself as a global leader in laser safety equipment, offering a range of products accessible via an online shop. The website is professionally designed, primarily in German with English language support, and targets professionals requiring laser safety solutions. Technically, the site leverages modern web technologies including Shopware CMS, Amazon Cloudfront CDN, Google Tag Manager, and Usercentrics for cookie consent, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place; however, the absence of explicit security headers and published security policies suggests room for improvement. WHOIS data confirms domain legitimacy with consistent registration and authoritative nameservers. Overall, the site is trustworthy and professionally maintained but could enhance transparency by publishing privacy policies and security disclosures.

H

HexArmor

hexarmor.com

70

HexArmor is a well-established global leader in the manufacturing and distribution of high-performance personal protective equipment (PPE), including gloves, eyewear, helmets, hearing protection, and body protection. The company targets safety professionals and industrial workers, providing innovative and reliable safety solutions designed to improve workplace safety and compliance. Their market position is strong, supported by extensive product lines and educational content that reinforce their brand as a trusted PPE provider. Technically, the website demonstrates a mature digital infrastructure with modern tracking and marketing technologies such as Google Tag Manager, Hotjar, and Facebook Pixel. The site is mobile-optimized, well-structured, and SEO-friendly, with good performance and accessibility features. The use of cookie consent tools and privacy policies indicates a commitment to privacy compliance. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and a public security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS registration data is a concern but may be due to privacy protection or registrar policies. Overall, the website is professional, trustworthy, and secure with minor areas for improvement in security transparency and WHOIS data clarity. Strategic recommendations include enhancing security headers, publishing a security policy, and verifying domain registration details to improve trustworthiness.

H

Heckel

heckel-securite.fr

57

Heckel is a French manufacturer specializing in safety footwear, offering a broad range of products from lightweight safety sneakers to shoes designed for extreme environments. The company is part of the uvex group, a well-established entity in the safety and sports equipment sectors. The website demonstrates a professional digital presence with a modern TYPO3 CMS infrastructure, CDN hosting, and integration of analytics and marketing tools such as Google Tag Manager and Facebook Pixel. Privacy and cookie compliance are well implemented, reflecting adherence to GDPR standards. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data limits full trust assessment but the overall website professionalism and branding consistency support legitimacy.

U

uvex sports

uvex-sports.com

61

uvex sports is a well-established brand specializing in the manufacturing and retail of sports protective equipment such as helmets and goggles for wintersports, biking, and equestrian activities. The company targets both professional athletes and amateurs, offering technologically advanced products designed for safety and performance. The website reflects a consistent brand image aligned with the parent company uvex group, indicating a strong market position in the sports safety equipment sector. Technically, the site is built on TYPO3 CMS with integrations for consent management and Google services, demonstrating a modern digital infrastructure with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though there is room for improvement in publishing explicit security policies and headers. Overall, the site is professional, trustworthy, and compliant with GDPR, but the lack of WHOIS data slightly reduces domain trustworthiness. Strategic recommendations include enhancing security transparency and adding incident response contacts to improve user trust and compliance.

U

uvex group

uvex-group.com

71

The uvex group is a large, internationally recognized manufacturer specializing in safety, sports, and leisure products. The company operates multiple strong brands and maintains a significant presence in Germany and Europe, with a focus on in-house production and quality control. Their website reflects a mature digital infrastructure built on TYPO3 CMS, leveraging modern web technologies and CDN delivery for optimal performance and user experience. Privacy compliance is well addressed through a comprehensive privacy policy and cookie consent management via Usercentrics. Security posture is strong with HTTPS enforcement and secure form handling, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site projects professionalism and trustworthiness consistent with a large manufacturing enterprise.

F

Formulayt

gatedcontent.com

64

Formulayt is an enterprise-focused SaaS platform specializing in scalable web form management and compliance for marketing operations teams. The company offers a solution that enables rapid deployment, governance, and updating of web forms integrated with major marketing automation platforms. The website presents a professional and polished digital presence with strong branding and customer trust signals, including testimonials and logos of reputable clients. Technically, the site is built on WordPress with modern performance and analytics tools, hosted with Cloudflare DNS and registrar services. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. Privacy compliance is partially addressed via a detailed cookie consent banner, but no explicit privacy policy or terms of service pages were found in the provided content. Overall, the domain registration is consistent with the business timeline and shows no suspicious patterns.

BSI Group is a globally recognized leader in standards development, certification, training, and consulting services, focused on helping organizations improve performance and achieve excellence with an emphasis on sustainability. The company serves a broad range of industries including energy, healthcare, government, ICT, manufacturing, and supply chain sectors. Their market position is strong, supported by internationally recognized certifications such as ISO 9001, ISO 27001, and the Kitemark™. Technically, the website employs modern analytics and marketing technologies such as Google Tag Manager, Optimizely, and LinkedIn Insight, combined with a robust cookie consent mechanism powered by OneTrust, indicating a mature digital infrastructure. The site is well-optimized for mobile and accessibility, with good SEO practices and a professional design. From a security perspective, the site enforces HTTPS and uses consent-based tracking, but lacks explicit security headers in the provided data. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces transparency but is likely due to privacy protection, which is common for enterprises. Overall, the security posture is strong but could be improved by adding and reporting security headers and enhancing incident response visibility. The overall risk assessment is low, with the site demonstrating high professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. Strategic recommendations include enhancing security header implementation, maintaining third-party script audits, and improving incident response contact availability to further strengthen trust and security culture.

N

Nordisk Media Utveckling AB

nmugroup.com

53

Nordisk Media Utveckling AB operates the NMU Group website as a trusted Nordic domain registrar and IT service provider specializing in domain name registration, DNS management, hosting, IT security, and domain legal services. Established since 1999, the company positions itself as a proactive domain agency with a strong focus on security and personalized service, targeting businesses and organizations requiring comprehensive domain and digital brand management solutions. The website reflects a professional and consistent brand image with detailed service offerings and customer testimonials, reinforcing its market credibility. Technically, the website is built on WordPress with modern technologies including Bootstrap 5, jQuery, and performance optimizations such as lazy loading and caching plugins. It employs Google Tag Manager for analytics and marketing, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and DNSSEC services promoted, although the absence of explicit security headers and a vulnerability disclosure page suggests room for improvement. The WHOIS data for the domain is missing or unavailable, which raises some concerns about domain registration transparency. However, the website content and business information are consistent and professional, mitigating immediate trust issues. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and support channels available. Overall, NMU Group presents a reliable and secure digital presence for domain and IT services in the Nordic region, with recommendations to enhance security headers, publish vulnerability disclosure information, and verify domain registration details to strengthen trust and compliance.

N

Nordisk Media Utveckling AB

nmugroup.se

53

Nordisk Media Utveckling AB operates the NMU Group website, providing comprehensive domain name registration, DNS, hosting, IT security, and domain legal services primarily targeting Nordic businesses and organizations. Established since 1999, the company positions itself as a trusted, accredited registrar and domain partner with a strong focus on security and personalized service. The website reflects a professional and consistent brand image with clear service offerings and customer testimonials, reinforcing its market position in the Nordic region. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses performance optimizations such as lazy loading and caching via WP Rocket. It integrates Google Tag Manager and Google Site Kit for analytics and marketing, with a cookie consent mechanism aligned with GDPR requirements. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS and promotes advanced DNS security features like DNSSEC and Anycast. However, it lacks visible HTTP security headers and a published security.txt file, which are recommended for enhanced security posture. The absence of WHOIS domain registration data raises concerns about domain legitimacy, despite the professional appearance and business credibility of the site. Overall, the website demonstrates a solid digital presence and security awareness but should address domain registration transparency and implement additional security headers to strengthen trust and compliance.

T

Thomas Publishing Company

thomasnet.com

72

Thomasnet.com is a leading B2B industrial supplier discovery platform operated by Thomas Publishing Company, with over 125 years of history connecting buyers and suppliers in North America. The website offers extensive services including supplier discovery, instant quotes, product catalogs, CAD models, and advertising solutions for suppliers. It targets procurement professionals, engineers, and business owners in manufacturing and industrial sectors. Technically, the site is built on modern frameworks such as React and Next.js, leveraging multiple analytics and marketing tools to optimize user experience and business insights. The website is well-optimized for SEO, mobile responsiveness, and accessibility, providing a professional and trustworthy user interface. Security posture is strong with HTTPS enforcement and bot protection, though explicit security policies and incident response information are not publicly disclosed. WHOIS data is unavailable, likely due to privacy or registry restrictions, but the site’s long-standing market presence and trust signals mitigate concerns. Overall, Thomasnet.com demonstrates a mature digital infrastructure and solid business credibility, with recommendations to enhance transparency around security and incident response.

G

GroundTruth

xad.com

72

GroundTruth, formerly known as xAd, is a leading location-based advertising platform that provides advertisers with powerful tools to drive in-store visits and real business results. The company offers a comprehensive suite of targeting products and media channels, leveraging its proprietary Blueprints technology and a global footprint across 21 countries. The website reflects a mature digital presence with professional branding, extensive use of modern marketing and analytics technologies, and a strong focus on privacy compliance. While the WHOIS data is unavailable, the website content and social media presence support the legitimacy of the business. The technical infrastructure is built on WordPress with integrations of multiple third-party analytics and advertising tools, ensuring robust tracking and user engagement capabilities. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though some security headers could be improved. Overall, the site provides a trustworthy and professional experience for its target audience of advertisers and marketers.

C

Combell

combell.nl

69

Combell is a well-established hosting specialist operating primarily in the Netherlands, offering a comprehensive suite of services including professional webhosting, cloud hosting, dedicated servers, domain registration, SSL certificates, email hosting, and website building tools. The company targets a broad audience ranging from starters and small to medium enterprises (KMO) to large enterprises, positioning itself as a premium hosting provider with a strong emphasis on security and customer support. The website reflects a mature digital presence with consistent branding and high-quality content, supporting its market position effectively. Technically, the website leverages modern web technologies such as Font Awesome, Google Fonts, Google Analytics, Google Tag Manager, Visual Website Optimizer, Hotjar, and Iubenda for cookie compliance. The site is hosted by Combell itself, indicating control over infrastructure. Performance is moderate with excellent mobile optimization and good accessibility and SEO practices. The presence of security headers, HTTPS enforcement, and CSRF tokens indicates a strong security posture, although there is room for improvement in publishing explicit security policies and incident response information. Security-wise, the site demonstrates good practices including HTTPS, security headers, and no visible vulnerabilities or exposed sensitive data. However, the absence of a public security policy or vulnerability disclosure program suggests an opportunity to enhance transparency and incident readiness. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, Combell presents a low-risk profile with a professional and trustworthy online presence. Strategic recommendations include publishing dedicated security and incident response policies, establishing a vulnerability disclosure program, and continuing to enhance privacy and security transparency to maintain and strengthen customer trust.

Laughing Dog Brewing is a small craft brewery based in Northern Idaho, known for its award-winning beers and community-focused taproom experience. The company emphasizes quality and variety in its beer offerings, targeting craft beer enthusiasts and local patrons. The website is hosted on WordPress using the Divi theme and integrates common marketing and analytics tools such as Google Analytics and Facebook SDK. While the site is well-designed and provides relevant content, it lacks critical privacy and cookie policies, as well as explicit contact information, which impacts its privacy compliance and user trust. Security posture is moderate with HTTPS enabled and Cloudflare DNS usage, but missing DNSSEC and security headers reduce overall security maturity. The domain registration data is consistent and trustworthy, supporting the legitimacy of the business. Overall, the website is functional and professional but would benefit from enhanced privacy, security, and contact transparency.

Johnson Brothers Mountain State Beverage is a leading distributor and broker of wine, craft beer, and spirits in West Virginia, serving all 55 counties with a large portfolio of products. The company has a strong market position and a medium-sized team, supported by a professionally designed website built on WordPress with modern technologies such as Divi theme and Revolution Slider. The website demonstrates good SEO and mobile optimization but lacks critical privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Contact information is available primarily via a contact form and social media links, with no direct emails or phone numbers published. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

D

Deliveroo

deliveroo.net

75

Deliveroo is a prominent UK-based online food delivery platform founded in 2012, offering a wide range of services including food, groceries, pharmacy, and gift deliveries. The company operates a large-scale digital marketplace connecting consumers with local restaurants and delivery riders, positioning itself as a leader in the transportation and e-commerce sectors within the UK. The website reflects a mature digital presence with a professional design, clear navigation, and mobile-optimized interfaces, supported by modern web technologies such as React and Next.js. Deliveroo employs robust security measures including HTTPS, security headers, and bot protection, alongside comprehensive privacy and cookie policies that demonstrate GDPR compliance. However, explicit security policies and incident response contacts are not publicly detailed, representing an area for improvement. Overall, the website is trustworthy, well-maintained, and aligned with the company's business model and market position.

D

Deliveroo

deliveroo.com

75

Deliveroo is a well-established online food delivery platform founded in 2012, operating primarily in the United Kingdom with a strong international presence. The company connects consumers with local restaurants, grocery stores, pharmacies, and gift services, offering fast and convenient delivery options. Deliveroo's market position is strong, supported by a large user base, extensive restaurant partnerships, and a robust rider network. The website reflects a mature digital presence with excellent design, clear navigation, and mobile optimization, supporting a seamless user experience across platforms. Technically, the site leverages modern frameworks such as React and Next.js, integrates Google Tag Manager for analytics, and employs OneTrust for cookie consent management, indicating a high level of digital maturity. Security-wise, the website enforces HTTPS, implements key security headers, and uses bot protection services, demonstrating a solid security posture. However, there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is professional, trustworthy, and compliant with GDPR, making it a reliable platform for users and partners alike.

D

Deliveroo

deliveroo.ae

69

Deliveroo.ae is a leading online food and grocery delivery platform operating in the United Arab Emirates. It connects consumers with local restaurants and shops, offering convenient takeaway and grocery delivery services through a modern web platform and mobile apps. The company maintains a strong market position with a comprehensive service offering including restaurant partnerships, rider recruitment, corporate meal solutions, and gift cards. The website is professionally designed, mobile-optimized, and provides a seamless user experience with clear navigation and rich content. Technically, the site leverages modern frameworks such as Next.js and React, supported by Cloudflare for hosting and CDN, and integrates third-party services like Google Tag Manager, OneTrust for cookie consent, and Stripe for payments. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policy and incident response information are not publicly available. Privacy compliance is well addressed with comprehensive privacy and cookie policies and GDPR adherence. Overall, the website demonstrates a mature digital presence with high trustworthiness and professional standards.

D

Deliveroo

deliveroo.es

73

Deliveroo is a well-established online food delivery platform founded in 2012, operating primarily in the United Kingdom and several international markets. The company connects consumers with local restaurants, takeaways, supermarkets, and other shops, offering fast delivery services typically within 30 minutes. Deliveroo also provides corporate food delivery solutions and gift card services, positioning itself as a leader in the food delivery sector with a strong digital presence and mobile app availability. The website reflects a mature business with consistent branding and comprehensive service offerings.

D

Deliveroo

deliveroo.nl

73

Deliveroo is a well-established online food delivery platform founded in 2012, operating primarily in the United Kingdom with a strong international presence. The company connects consumers with local restaurants, grocery stores, pharmacies, and gift providers, offering fast and convenient delivery services. Their business model leverages a marketplace approach, generating revenue through delivery fees, service charges, and partnerships with restaurants and riders. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive service offerings including corporate catering and gift cards.

D

Deliveroo

deliveroo.it

75

Deliveroo.it is a well-established online food and grocery delivery platform operating in Italy since 2014. It connects consumers with local restaurants and shops, offering convenient takeaway and grocery delivery services. The website demonstrates a strong market position with a large user base and comprehensive service offerings including partner and rider recruitment as well as corporate meal solutions. The platform is supported by modern web technologies such as Next.js and React, ensuring a fast, responsive, and accessible user experience across devices. Security measures include HTTPS enforcement, robust security headers, and bot protection via PerimeterX, reflecting a mature security posture. Privacy compliance is well addressed with clear privacy and cookie policies and active consent mechanisms. Overall, the website is professional, trustworthy, and aligned with industry best practices.

D

Deliveroo.ie

deliveroo.ie

77

Deliveroo.ie is a prominent online food and grocery delivery platform operating in Ireland, offering consumers convenient access to local restaurants and shops. The company leverages a robust digital infrastructure including modern web frameworks and cloud-based hosting to deliver a seamless user experience across web and mobile platforms. The website demonstrates strong branding consistency, comprehensive legal and privacy documentation, and effective integration of consent management tools. Security posture is solid with HTTPS enforcement, security headers, and bot protection, although DNSSEC is not enabled and no explicit incident response contacts are published. Overall, the platform is well-positioned in the Irish market with a large user base and extensive partner network.

D

Deliveroo

deliveroo.be

73

Deliveroo is a leading online food and grocery delivery platform operating in Belgium and multiple international markets. The company connects consumers with local restaurants and shops, providing convenient takeaway and grocery delivery services. Their business model focuses on partnering with restaurants, managing delivery logistics, and offering a seamless digital ordering experience via web and mobile apps. Deliveroo holds a strong market position with a well-established brand and extensive service coverage. Technically, the website leverages modern frameworks such as Next.js and React, supported by robust third-party services including Google Tag Manager, OneTrust for cookie consent, and PerimeterX for bot detection. The site is optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, comprehensive security headers, and privacy compliance aligned with GDPR. However, explicit security policy and incident response information are not publicly detailed, representing an area for improvement. Overall, the website demonstrates high professionalism, trustworthiness, and compliance, supporting Deliveroo's reputation as a reliable service provider.

D

Deliveroo

deliveroo.com.au

73

Deliveroo is a leading UK-based online food delivery platform founded in 2012, offering customers quick access to local restaurants, groceries, pharmacy items, and gifts. The company operates a large-scale marketplace connecting consumers, restaurants, and delivery riders, positioning itself as a major player in the e-commerce and transportation sectors. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. It supports multiple platforms including web, iOS, and Android, and uses modern technologies such as React and Next.js for a performant and responsive user experience. Security is robust with HTTPS enforcement, comprehensive security headers, and bot mitigation tools in place. Privacy compliance is strong, with clear GDPR-aligned policies and cookie consent mechanisms. Overall, Deliveroo demonstrates a mature digital presence with high trustworthiness and business credibility.

D

Deliveroo

deliveroo.co.uk

73

Deliveroo is a well-established UK-based online food delivery platform founded in 2012, offering a wide range of services including food, groceries, pharmacy, and gift deliveries. It operates a large-scale digital marketplace connecting consumers with local restaurants and delivery riders, positioning itself as a leading player in the transportation and e-commerce sectors. The website demonstrates a high level of digital maturity, utilizing modern web technologies such as React and Next.js, supported by robust analytics and marketing tools. The platform is optimized for performance, mobile responsiveness, and accessibility, providing an excellent user experience. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit security policy documentation and vulnerability disclosure mechanisms are not publicly evident. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms, reflecting adherence to GDPR requirements. Overall, the website and business exhibit high professionalism, trustworthiness, and operational legitimacy.

A

api.video

api.video

67

api.video is a technology company specializing in providing a comprehensive video API platform that enables businesses and developers to host, manage, encode, and deliver on-demand and live-stream videos efficiently. The company targets developers, digital agencies, and enterprises seeking to integrate high-quality video content into their websites, software, or applications. With a strong market presence evidenced by thousands of users and notable clients, api.video offers a robust set of services including AI-powered transcription and summarization, video analytics, and a global delivery infrastructure. The technical infrastructure is modern and mature, leveraging Next.js for frontend, AWS for hosting assets, and integrating multiple analytics and marketing tools such as HubSpot, Google Tag Manager, and Microsoft Clarity. The website is well-optimized for performance, mobile responsiveness, and SEO, reflecting a high level of digital maturity. Security best practices are observed with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response contacts are not publicly detailed. Overall, the security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR considerations. The domain WHOIS data is limited due to TLD restrictions and privacy protection but does not raise concerns given the professional website content and external trust signals. The risk assessment indicates a low risk profile with recommendations to enhance transparency by publishing dedicated security and incident response information. Strategic improvements in security communication and vulnerability disclosure would further strengthen trust and compliance.

R

Repromeda

repromeda.cz

50

Repromeda is a healthcare provider specializing in assisted reproduction and infertility treatment, serving primarily the Czech Republic and surrounding regions through multiple localized websites. The company has a strong market presence, having helped bring over 6000 children into the world, indicating a well-established position in the fertility treatment sector. Their website is professionally designed using WordPress and Elementor, with multilingual support and SEO optimization, targeting individuals and couples seeking fertility assistance. Technically, the website employs modern web technologies including Google Tag Manager, Google reCAPTCHA for form security, and Leaflet.js for map functionalities. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and security headers. The absence of WHOIS data reduces transparency and trustworthiness, but the website's content and social media presence support its legitimacy. Security posture is generally good with HTTPS enforced and anti-bot measures in place, but the lack of explicit security headers and absence of published security or incident response policies are areas for enhancement. Privacy compliance is basic, with a cookie consent mechanism present but no clear privacy policy or terms of service detected. Overall, Repromeda presents a credible and professional online presence in the healthcare sector, with recommendations to improve transparency, security headers, and privacy documentation to strengthen trust and compliance.

C

Centrála cestovního ruchu – Jižní Morava, z.s.p.o.

jizni-morava.cz

45

The website www.jizni-morava.cz serves as the official regional tourism portal for South Moravia, Czech Republic, managed by Centrála cestovního ruchu – Jižní Morava, z.s.p.o. It offers comprehensive information on local attractions, events, and cultural experiences, targeting tourists interested in nature, history, gastronomy, and wine. The site is well-branded and consistent with its regional tourism mission, supported by partnerships with national and regional tourism authorities. Technically, the website employs modern web technologies including Bootstrap for responsive design, jQuery for interactivity, and Google Tag Manager for analytics and marketing. It features a cookie consent mechanism compliant with GDPR, ensuring user privacy preferences are respected. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site uses HTTPS but lacks visible security headers in the provided data. No WHOIS information is available, which limits domain legitimacy verification. No explicit security policies or incident response contacts are published, indicating room for improvement in transparency and security posture. Overall, the website is professional, trustworthy, and serves its business purpose effectively. However, enhancing security headers, publishing security and incident response policies, and resolving WHOIS data visibility would strengthen its security and compliance profile.

K

Kreatura - kreativní agentura

kreatura.cz

46

Kreatura is a small creative agency based in Brno, Czech Republic, specializing in meaningful visual communication projects and offering proprietary CMS and mass mailing solutions. The website reflects a professional and client-focused business with clear contact information and a consistent brand presence. Technically, the site uses a mix of jQuery, Google Analytics, Google Tag Manager, and Google Maps API, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks explicit security headers and incident response information. Overall, the site is trustworthy and compliant with GDPR, though WHOIS data is unavailable, likely due to privacy protection. Strategic improvements in security headers and transparency could enhance trust further.

Č

Člověk v tísni

doucujte.cz

56

Doučujte.cz is a Czech non-profit educational platform affiliated with the reputable organization Člověk v tísni. The website focuses on supporting children in need through tutoring and provides methodological support to volunteers, non-profit workers, students, parents, and teachers. It offers curated materials, tips, and recommendations to facilitate and enhance tutoring efforts. The platform targets a broad audience involved in educational support and operates primarily in the Czech Republic. Technically, the website is built on WordPress CMS, utilizing popular plugins such as Yoast SEO for optimization, Cookiebot for cookie consent management, and Google Tag Manager for analytics. The site is well-structured with good mobile optimization and moderate performance. It employs HTTPS with a strong SSL configuration and includes cookie consent mechanisms, reflecting a reasonable level of digital maturity. From a security perspective, the site enforces HTTPS and uses cookie consent to comply with privacy regulations. However, some advanced security headers like Content-Security-Policy are not confirmed, and no security.txt or vulnerability disclosure pages are present. No exposed sensitive data or vulnerabilities were detected in the HTML content. The absence of explicit privacy policy and terms of service pages slightly impacts privacy compliance. Overall, Doučujte.cz presents a trustworthy and professional online presence for a non-profit educational initiative. The lack of WHOIS data is consistent with privacy protection practices common among non-profits. Strategic recommendations include publishing clear privacy and terms policies, enhancing security headers, and providing explicit contact information for security and privacy concerns to strengthen trust and compliance.

J

JSNŠ

jsns.cz

59

The website www.jsns.cz represents an educational initiative named Jeden svět na školách (JSNS), focused on providing free and legal documentary film screenings for schools in the Czech Republic. The platform supports educators by offering activities and projects to enrich teaching. The site targets schools and educators, positioning itself as a niche non-profit educational content provider. Technically, the website employs modern web technologies including Google Tag Manager, Cookiebot for consent management, Leaflet.js for mapping, and standard web libraries such as Font Awesome and Select2. The site is mobile optimized and demonstrates good SEO and accessibility basics. Security-wise, HTTPS is enforced with appropriate security headers, and no vulnerabilities or exposed sensitive data were detected. Cookie consent mechanisms are implemented, indicating GDPR awareness, although no explicit privacy policy or terms of service pages were found in the provided content. WHOIS data is unavailable, which reduces transparency and trustworthiness from a domain registration perspective. Overall, the website is professionally designed, secure, and serves a clear educational purpose, but would benefit from enhanced privacy disclosures and contact information to improve compliance and trust.

P

Pimcore GmbH

pimcore.com

70

Pimcore GmbH is an established Austrian technology company founded in 2009, specializing in enterprise data and experience management platforms. Their offerings include PIM, MDM, DAM, DXP/CMS, CDP, and digital commerce solutions targeting medium to large enterprises seeking rapid digitization and efficient data management. The company maintains a strong market position with global clients and partners, supported by a professional and content-rich website. Technically, the site leverages modern technologies such as HubSpot CMS, Cloudflare DNS, and integrates Google Analytics 4 and Cookiebot for analytics and privacy compliance. The website is fast, mobile-optimized, and SEO-friendly, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced, security headers present, and no exposed sensitive data, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, Pimcore demonstrates high business credibility and trustworthiness with consistent WHOIS data and transparent policies.

U

U2P

u2p-france.fr

46

U2P is a French non-profit organization representing small and medium-sized enterprises in artisanat, commerce, and liberal professions. It serves as a key advocacy body for proximity businesses in France, providing information, events, and publications to support its members. The website reflects a mature digital presence with modern technologies such as Remix framework, Google Tag Manager, and Plausible Analytics, combined with a cookie consent mechanism ensuring GDPR compliance. Security posture is good with HTTPS and standard best practices, though explicit security policies and incident response contacts are not publicly available. Overall, the website is professional, trustworthy, and well-positioned to serve its target audience effectively.