Security Directory

P

Persimmon Homes

persimmonhomes.com

73

Persimmon Homes is a leading UK home builder established in 1972, operating nationwide with a strong market presence and recognized 5 Star builder status. The company offers a wide range of new homes and supportive buying schemes targeting first-time buyers and families. Their website reflects a mature digital infrastructure using Umbraco CMS, integrated analytics, and marketing tools, with a focus on user experience and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response disclosures could be improved. The absence of WHOIS data is a notable concern but does not detract from the overall legitimacy indicated by the website content and branding. Strategic recommendations include enhancing security headers, publishing security policies, and improving domain transparency.

OUTFRONT Media Inc. is a leading outdoor advertising company specializing in out-of-home (OOH) advertising services including billboards, digital media, transit advertising, and street furniture advertising. The company operates across 140+ markets in North America, targeting advertisers and brands seeking impactful real-world media solutions. Their business model focuses on leveraging creative excellence, audience data, and innovative ad technology to deliver measurable marketing impact. The website demonstrates a mature digital presence with modern technologies such as Next.js, React, and extensive use of analytics and marketing tools including HubSpot, TikTok Pixel, and Microsoft Clarity. Security posture is strong with HTTPS enforcement and modern security headers, though the absence of a public vulnerability disclosure or incident response contact is noted. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. The WHOIS data is unavailable or privacy-protected, which slightly reduces trust but the overall business credibility remains high based on website content and external references.

S

Synthesia

synthesia.io

73

Synthesia is a leading AI video generation platform founded in 2017, offering businesses a powerful SaaS solution to create professional-quality videos with AI avatars, voiceovers in over 160 languages, and customizable templates. Positioned as the #1 rated AI video platform for business, Synthesia targets enterprises seeking to streamline video production for training, marketing, and communication. The platform supports team collaboration, brand customization, and multilingual video capabilities, making it a comprehensive tool for modern digital content creation. Technically, the website leverages modern web technologies including Webflow CMS, Google Tag Manager, HubSpot, Optimizely, and dash.js for streaming video playback. The site is well-optimized for performance, mobile responsiveness, and accessibility, with strong SEO practices and a professional design. Analytics and marketing tools are integrated thoughtfully, balancing user tracking with privacy compliance. From a security perspective, Synthesia demonstrates a mature posture with HTTPS enforcement, SOC 2 Type II and ISO 42001 certifications, GDPR compliance, and a dedicated security policy site. The presence of cookie consent mechanisms and ethical AI usage policies further reinforce their commitment to responsible data handling. No critical vulnerabilities or suspicious indicators were found in the analysis. Overall, Synthesia presents a trustworthy, professional, and technically sound platform with strong business credibility and security practices. The lack of publicly available WHOIS data is consistent with privacy protection norms for technology companies and does not detract from the legitimacy of the business. Strategic recommendations include publishing a vulnerability disclosure policy and incident response contacts to enhance transparency and trust.

W

WaveSpeedAI

wavespeed.ai

63

WaveSpeedAI is a technology company specializing in accelerating AI-driven image, video, and audio generation. Their platform offers developers and enterprises access to a variety of AI models and APIs to build creative tools and workflows efficiently. Positioned as a leading AI media generation platform, WaveSpeedAI targets developers and businesses seeking advanced AI media capabilities. The website is modern, well-designed, and mobile-optimized, reflecting a mature digital presence for a company founded in 2025. The technical infrastructure leverages modern web frameworks like Next.js and integrates multiple analytics and marketing tools, hosted on AWS infrastructure. Security posture is solid with HTTPS, domain locking, and script integrity checks, though DNSSEC is not enabled and some security policies are not publicly disclosed. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the site is professional and trustworthy with room for improvement in privacy and security transparency.

A

AppViewX Pvt Ltd

appviewx.com

73

AppViewX Pvt Ltd is a technology company specializing in machine identity management solutions, including certificate lifecycle management, PKI-as-a-Service, SSH key lifecycle management, and application delivery automation. The company targets enterprise IT, security, DevOps, and cloud teams, positioning itself as a leader in preventing outages and ensuring network availability through automation and crypto-agility. The website is professionally designed, content-rich, and optimized for SEO, reflecting a mature digital presence. Technically, the site is built on WordPress with modern frameworks and integrates multiple marketing and analytics tools, indicating a well-developed digital infrastructure. Security posture is strong with HTTPS, security headers, and secure forms, though explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS registration data is a notable anomaly, suggesting either privacy protection or data source limitations, which slightly impacts trustworthiness. Overall, the site demonstrates a high level of professionalism and business credibility with room for improvement in transparency of security policies.

M

MySign

mysign.ch

68

MySign is a Swiss-based e-commerce platform provider offering a flexible, cloud-native solution tailored for both B2B and B2C businesses. The company emphasizes seamless integration with third-party systems and provides hosting services, positioning itself as a comprehensive e-commerce automation partner. The website reflects a mature digital presence with professional design and clear business messaging targeting Swiss and German-speaking markets. Technically, the site leverages modern marketing and analytics tools including HubSpot, Matomo, and Microsoft Clarity, indicating a strong digital marketing and data-driven approach. Security posture is solid with HTTPS enforced and external security audits claimed, though explicit security policies and incident response details are not published. Overall, the website is trustworthy, well-structured, and compliant with GDPR, with clear contact information and parent company affiliation to Allgeier (Schweiz) AG.

D

Digitec

digitecgalaxus.ch

73

Digitec is a leading Swiss e-commerce platform specializing in consumer electronics, operating under Digitec Galaxus AG. The website serves a broad Swiss consumer audience with a comprehensive product range including smartphones, TVs, notebooks, and more. It maintains a strong market position as Switzerland's online market leader in this sector, supported by quality content, community engagement, and attractive deals. The technical infrastructure is modern, leveraging React and Next.js frameworks, GraphQL APIs, and robust third-party integrations for payments and analytics. Hosting is managed via Akamai, ensuring fast and reliable delivery. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates high professionalism, trustworthiness, and digital maturity.

G

Galaxus

galaxus.com

72

Galaxus is the largest Swiss online retail platform offering a wide range of products across multiple categories, targeting general consumers in Switzerland. It operates under the parent company Migros and maintains a strong market position with comprehensive services including daily deals, B2B purchasing, and customer support via an AI assistant. The website demonstrates a mature digital infrastructure leveraging modern technologies such as Next.js, GraphQL, and various marketing and analytics tools. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response details are not publicly disclosed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, Galaxus presents a professional, trustworthy, and technically advanced e-commerce platform with high user experience standards.

H

Hostinger

hosting24.com

71

Hostinger is a global web hosting provider offering a wide range of hosting solutions including shared, VPS, cloud hosting, domain registration, and email marketing services. The company targets individuals, small to medium businesses, and agencies seeking affordable and scalable online presence solutions. Their website demonstrates a mature digital infrastructure with modern technologies such as Vue.js and integrations with major analytics and advertising platforms. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. The absence of WHOIS registrant data suggests privacy protection, common for hosting providers. Overall, Hostinger presents a professional, trustworthy, and technically sound online presence with room for enhanced transparency in security and contact information.

Maplesoft is a well-established software company specializing in mathematics-based software and services for education, engineering, and research. As a subsidiary of Cybernet Systems Co. Ltd., it holds a strong market position with a comprehensive product suite including Maple, MapleSim, and Maple Flow. The company targets educational institutions, engineering professionals, and researchers, offering software sales, licensing, consulting, and training services. The website reflects a mature digital presence with multi-language support and clear business communication. Technically, the site uses a modern tech stack with Bootstrap and jQuery, supported by reputable analytics and advertising tools. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved and jQuery updated. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

Z

Zwift, Inc.

zwift.com

76

Zwift, Inc. operates a leading virtual cycling and fitness platform that revolutionizes indoor cycling through its app and hardware integrations. The company targets cycling enthusiasts and fitness users globally, offering subscription-based services alongside smart trainers and smart bikes. The website reflects a mature digital presence with excellent content quality, clear navigation, and strong branding consistency. Technically, the site leverages modern frameworks like Next.js and integrates advanced analytics and marketing tools, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement and consent-based tracking, though explicit security headers should be verified. Privacy compliance is robust, featuring comprehensive policies and TrustArc consent management. The WHOIS data is unavailable, likely due to privacy protection, but the website's legitimacy is supported by consistent branding and external references. Overall, Zwift presents a professional, secure, and user-friendly platform with a high trustworthiness rating.

D

Digitec

digitec.ch

73

Digitec is a leading Swiss e-commerce platform specializing in consumer electronics, operating under the parent company Migros. The website offers a broad range of digital products including smartphones, TVs, and notebooks, supported by a strong community and quality content. It holds a market leader position in Switzerland's consumer electronics online retail sector. The platform is technically mature, leveraging modern frameworks like Next.js and GraphQL, with robust integrations for payment and analytics services. Security posture is strong with HTTPS enforced and standard security headers implied, though explicit security policies and incident response details are not publicly disclosed. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, Digitec presents a professional, trustworthy, and user-friendly online shopping experience.

G

Galaxus

galaxus.ch

72

Galaxus is the largest Swiss online retail platform offering a wide range of consumer products across multiple categories. It operates under the parent company Migros and targets general consumers primarily in Switzerland and German-speaking Europe. The website is professionally designed with excellent content quality, clear navigation, and multi-language support. Technically, it leverages modern frameworks such as Next.js and React, integrates multiple analytics and marketing tools, and uses secure payment gateways like Stripe and Datatrans. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not publicly available. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a mature, trustworthy e-commerce business with a high level of digital maturity and security awareness.

H

Hotelplan

hotelplan.ch

65

Hotelplan.ch is a leading Swiss online travel agency specializing in personalized holiday and travel bookings including flights, hotels, cruises, and car rentals. The website targets Swiss travelers seeking convenient and comprehensive travel solutions. Technically, the site employs modern frameworks such as Next.js and integrates multiple analytics and marketing tools, indicating a mature digital infrastructure. Security posture is strong with HTTPS and security headers in place, though explicit privacy and cookie policies are not detected in the provided content, representing a compliance gap. Overall, the site is professional and trustworthy but would benefit from enhanced privacy disclosures and incident response documentation.

H

Helvetia Insurance

helvetia.ch

70

Helvetia Insurance is a well-established Swiss insurance company with over 160 years of history, serving more than 1.3 million customers. The company offers a broad range of insurance and pension products targeting private customers in Switzerland. Their website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding. The technical infrastructure leverages Adobe Experience Manager CMS, integrates multiple analytics and marketing tools, and employs modern web technologies ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance mechanisms in place. However, WHOIS data is not publicly available, likely due to privacy protection, which is common for large enterprises. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

H

Hunkemöller

hunkemoller.be

10

Hunkemöller is a prominent European lingerie and swimwear retailer with a strong online presence in Belgium and other European markets. The website offers a comprehensive e-commerce platform featuring a wide range of lingerie, swimwear, and nightwear products targeted at a mature audience. The brand is well-established with consistent branding and a professional digital storefront. Technically, the site leverages a modern tech stack including Salesforce Commerce Cloud (Demandware), various analytics and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and Bloomreach, and is hosted on Microsoft Azure infrastructure. The website is mobile-optimized and implements privacy and cookie consent mechanisms in compliance with GDPR regulations. Security-wise, the site enforces HTTPS, uses security headers, and registers service workers, but lacks publicly available security policies or incident response information. WHOIS data for the domain is restricted, typical for .be domains, which slightly impacts trust but is mitigated by the brand's reputation and professional site quality. Overall, the site demonstrates a mature e-commerce operation with good security and privacy practices but could improve transparency around security policies and incident response.

E

Euronext Corporate Solutions

companywebcast.com

76

Euronext Corporate Solutions operates as a comprehensive platform offering corporate services, compliance solutions, and investor relations tools tailored for listed companies and capital market participants. The website positions itself as a trusted partner in governance, regulatory compliance, and market communications, leveraging its affiliation with the reputable Euronext group. The platform provides a broad suite of products including IR.Manager, Shareholder Analysis, ESG advisory, and governance tools, targeting corporate clients seeking to optimize their capital market readiness and compliance frameworks. Technically, the website is built on HubSpot CMS, integrating advanced marketing and analytics tools such as Google Analytics, Microsoft Clarity, and Segment, reflecting a mature digital infrastructure with good performance and mobile optimization. Security posture is strong with HTTPS enforced, use of Google reCAPTCHA Enterprise, and cookie consent mechanisms, although explicit security headers and a public security policy are not evident. The absence of WHOIS data for the subdomain is expected and does not detract from the legitimacy of the site, which aligns with the main euronext.com domain. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

Z

Zaptec

zaptec.com

70

Zaptec is a Norwegian company specializing in the manufacturing of electric vehicle (EV) charging solutions. The company positions itself as a reliable and user-friendly provider of EV charging hardware and software, targeting both residential and commercial customers. Their market presence is supported by a professional website with consistent branding and a clear focus on energy and transportation sectors. The website demonstrates a mature digital infrastructure, leveraging modern web technologies such as Next.js and React, and integrates multiple analytics and marketing tools including Google Tag Manager, HubSpot, and Facebook Pixel. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned privacy policies. Security posture is solid with HTTPS enforcement and standard security headers, although the absence of a public security policy and incident response contact points to areas for improvement. The lack of WHOIS data reduces domain trustworthiness, but the overall business credibility remains high based on website content and external references.

Credit24.ee is a well-established Estonian online consumer finance provider offering a variety of loan products including credit accounts, car loans, and personal loans. The company operates under IPF Digital AS and has a strong regional presence with subsidiaries and partner brands across the Baltics and Australia. The website is professionally designed using modern web technologies such as React and Next.js, hosted on AWS, and incorporates GDPR-compliant cookie consent mechanisms. Analytics and marketing tools like Microsoft Clarity and Google Tag Manager are used for user behavior tracking and advertising. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are not publicly detailed. WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility.

F

F1 Experiences

f1experiences.com

72

F1 Experiences operates as the official provider of Formula 1 race tickets, hospitality, and travel packages worldwide. The company holds a strong market position as the exclusive source for premium F1 experiences, targeting motorsport enthusiasts and corporate clients seeking high-end event access. Their website reflects a mature digital presence with multi-language support, comprehensive event calendars, and clear navigation, supporting a global audience. Technically, the site leverages modern JavaScript libraries, integrates secure payment gateways like Stripe, and uses reputable analytics and marketing tools, hosted on AWS with CDN support for performance and scalability. Security posture is robust with HTTPS enforcement, security headers, and domain registration protections, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Privacy compliance is addressed with cookie consent mechanisms and a basic privacy policy, indicating GDPR awareness. Overall, the site is professional, trustworthy, and well-optimized for user experience and business operations.

A

Applepie

applepie.nl

62

Applepie is a well-established full-service digital agency based in the Netherlands, specializing in branding, digital marketing, campaign content, and web development services primarily for small and medium-sized enterprises (SMEs). The company positions itself as a growth partner with over 20 years of experience and a strong client portfolio exceeding 200 organizations. Their service offerings are comprehensive, covering branding and positioning, digital marketing and data analytics, campaign and content creation, and web development technologies. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the website employs modern web technologies including jQuery, Google Tag Manager, Bing Ads, LinkedIn Insight Tag, and Leadinfo for analytics and marketing purposes. The site is built on a proprietary CMS (ApplepieCMS) and demonstrates good mobile optimization and SEO practices. Performance is moderate, with asynchronous loading of scripts to enhance speed. However, explicit security headers are not visibly implemented, though HTTPS is enforced, indicating a good SSL configuration. From a security standpoint, the website follows best practices such as HTTPS enforcement and cookie consent mechanisms compliant with GDPR. Certifications like Google Partner and Meta Certified, along with industry awards, enhance trustworthiness. However, the absence of a published security policy, incident response contacts, or a vulnerability disclosure mechanism suggests room for improvement in security transparency and readiness. Overall, Applepie presents a low-risk profile with a strong business credibility and digital maturity. Strategic recommendations include implementing explicit security headers, publishing a security policy and incident response information, and adding a security.txt file to facilitate vulnerability reporting. These steps would further strengthen their security posture and compliance stance.

F

fireTMS.com Sp. z o.o.

firetms.com

76

fireTMS.com Sp. z o.o. operates a mature and well-established transport management system platform targeting carriers and forwarders globally, with a strong presence in Poland and Europe. The company offers a comprehensive SaaS solution integrating transport planning, order management, invoicing, GPS tracking, and mobile applications, supported by a freight exchange service (fireXgo). The business is part of the Eurowag Group, enhancing its market credibility and reach. Technically, the website is built on modern frameworks like Next.js and React, optimized for performance and mobile responsiveness, and integrates multiple marketing and analytics tools. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security policies and vulnerability disclosure mechanisms are absent. Overall, the website and business demonstrate high professionalism, trustworthiness, and compliance with GDPR, making fireTMS a credible and competitive player in the transport software industry.

S

Sysco Corporation

sysco.com

67

Sysco Corporation operates as the global leader in foodservice distribution, providing a comprehensive portfolio of food and related products to customers preparing meals away from home, including restaurants, healthcare, education, lodging, and entertainment sectors. The company maintains a strong market position as the largest food-away-from-home distributor, supported by an extensive network of distribution centers and a large workforce. Their business model focuses on B2B wholesale distribution with value-added services such as culinary consulting and supply chain solutions. The website reflects a mature digital presence with modern technologies and integrated marketing and analytics tools, supporting a seamless user experience and effective customer engagement. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS data is a notable anomaly but does not detract from the overall legitimacy given the company's established brand and digital footprint. Strategic recommendations include enhancing transparency on security policies, vulnerability disclosures, and data protection officer contacts to further strengthen trust and compliance.

H

Hager Group

elcom.de

66

Hager Group operates a professional website focused on door communication and security solutions, targeting primarily B2B customers in the energy sector. The company has a long-standing market presence since 1976, supported by a domain registered since 1997. The website content is well-structured, professionally designed, and consistent with the company's branding and business model. The technical infrastructure leverages modern technologies including Sitecore CMS, Akamai CDN, and advanced search capabilities via Algolia, indicating a mature digital presence. Security posture is generally good with HTTPS enforced and domain transfer protections in place, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is partially addressed with a cookie consent mechanism but lacks visible privacy policy and terms of service on the analyzed page. Overall, the website reflects a credible and trustworthy enterprise with room for enhanced security and privacy transparency.

T

Ton

ton.com.br

64

Ton is a Brazilian fintech company specializing in payment processing solutions including card machines, mobile payment apps, and digital banking services. Positioned as a competitive player in the Brazilian market, Ton offers low transaction fees and integrated financial products targeting small and medium businesses, individual microentrepreneurs (MEI), and legal entities (PJ). The website demonstrates a professional and modern digital presence with comprehensive product information and customer testimonials. Technically, the site leverages modern frameworks such as Next.js and integrates multiple analytics and marketing tools, hosted on AWS infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although explicit security and incident response policies are not publicly available. Overall, Ton presents a trustworthy and well-structured online presence suitable for its target audience.

T

TableOnline.fi

tableonline.fi

65

TableOnline.fi is a professional online restaurant reservation platform targeting consumers in Finland and Tallinn. It offers services such as restaurant bookings, user reviews, and special offers, positioning itself as a leading service in the hospitality sector within its geographic focus. The website demonstrates a modern technical infrastructure leveraging Preact, AWS hosting, and integrations with major analytics and advertising platforms like Google Analytics, Facebook Pixel, and Stripe for payment processing. Security posture is strong with HTTPS enforcement, security headers, and secure payment mechanisms, although explicit security policies and incident response information are not publicly available. Privacy compliance is supported by a comprehensive cookie consent mechanism, but lacks a clearly accessible privacy policy and terms of service. Overall, the site is well-designed, mobile-optimized, and trustworthy, with no adult or questionable content detected.

S

SCONTO Nábytok s. r. o.

sconto.sk

65

SCONTO Nábytok s. r. o. is a well-established furniture retailer in Slovakia, operating both physical stores and an online e-commerce platform. As part of the German Hoffner group, it benefits from a strong market position and brand recognition since its founding in 1990. The website offers a broad range of furniture and home accessories targeting general consumers seeking quality home furnishings. Technically, the site employs modern web technologies including Google Tag Manager, Facebook SDK, and advanced analytics tools like Exponea, ensuring a mature digital presence. Security posture is strong with HTTPS enforced and multiple security headers present, although explicit security policies and incident response information are not publicly detailed. Privacy compliance is good with clear privacy and cookie policies and GDPR adherence. Overall, the site is professional, trustworthy, and well-optimized for user experience and marketing effectiveness.

F

Fundacja Polska Bezgotówkowa

polskabezgotowkowa.pl

52

Fundacja Polska Bezgotówkowa is a Polish non-profit foundation dedicated to promoting cashless payments across Poland by providing payment terminals and educational initiatives. The foundation targets Polish businesses and merchants aiming to adopt modern payment technologies. The website reflects a professional and consistent brand image with a clear focus on its mission. Technically, the site is built on a modern Next.js and React stack, integrating multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Cookiebot for consent management. The site is mobile-optimized and performs moderately well, though accessibility could be improved. Security posture is strong with HTTPS enforced and standard security headers likely in place. However, the absence of explicit privacy policy and terms of service pages, as well as lack of direct contact information, slightly reduce privacy compliance and business credibility scores. Overall, the domain registration data aligns well with the website's claims, indicating legitimacy and transparency. Strategic recommendations include publishing comprehensive privacy and terms pages, enhancing accessibility, and providing clear contact channels for security and general inquiries.

I

Icelandair ehf.

icelandair.is

66

Icelandair ehf. operates a professional and comprehensive airline website targeting travelers primarily in Iceland, Europe, and North America. The company offers direct flights to over 25 European destinations and more than 20 in the United States and Canada, along with hotel and car rental bookings and package holidays. The website is well-branded, consistent, and provides a rich user experience with clear navigation and booking functionalities. The business is well-established, founded in 1937, and holds a significant market position in the transportation sector in Iceland. Technically, the website leverages modern web technologies including React and Next.js frameworks, and integrates major analytics and marketing tools such as Google Analytics, Google Tag Manager, and Bing Ads. The site is mobile-optimized, accessible, and SEO-friendly, ensuring good performance and user engagement. Security best practices are observed with HTTPS enforcement and appropriate security headers, although no explicit public security policy or incident response page was found. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is good, with clear privacy and cookie policies and consent mechanisms in place, indicating adherence to GDPR requirements. However, the absence of direct contact emails or phone numbers in the HTML and lack of a vulnerability disclosure program are areas for improvement. Overall, the website represents a trustworthy and professional airline business with a mature digital presence. The lack of WHOIS data is likely due to privacy protection, which is justified for a company of this size. Strategic recommendations include publishing a security policy, establishing a vulnerability disclosure channel, and enhancing transparency around data protection officer contacts to further strengthen trust and compliance.

C

Château de Berne

chateauberne-vin.com

62

Château de Berne operates a premium e-commerce platform specializing in the sale of wines from the Côtes de Provence region. The website targets mature wine consumers primarily in France and the European Union, offering a range of rosé, red, and white wines under AOP certification. The business model is focused on direct-to-consumer online sales, supported by loyalty programs and professional partnerships. The company appears to be medium-sized, founded around 2020, and maintains a consistent brand presence with professional design and clear navigation. Technically, the website is built on the Shopify platform, leveraging a modern tech stack including JavaScript, jQuery, and various third-party marketing and analytics tools such as Klaviyo, Smile.io, and Gorgias. The site is mobile-optimized, accessible, and performs moderately well. Security practices include HTTPS enforcement and domain transfer protection, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is strong with visible cookie consent mechanisms and comprehensive privacy policies. The security posture is solid but could benefit from enhancements such as explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or blocking WAFs were detected. The site uses extensive tracking and marketing pixels, indicating a mature digital marketing strategy but requiring ongoing privacy vigilance. Overall, Château de Berne presents a trustworthy and professional online presence with good business credibility and technical implementation. Strategic improvements in security transparency and DNS security would further strengthen its posture.

M

Manucurist

manucurist.com

70

Manucurist is a French e-commerce retailer specializing in natural, vegan, and bio-sourced nail polish products. The company positions itself as a responsible and green alternative in the beauty industry, targeting consumers who prioritize ethical and eco-friendly personal care. The website is professionally designed, multilingual, and hosted on the Shopify platform, leveraging modern e-commerce technologies and marketing tools to reach a broad audience. The business model focuses on direct online sales with a strong emphasis on product quality and sustainability. Technically, the website demonstrates a mature digital infrastructure with extensive use of third-party analytics, marketing, and customer engagement tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, Klaviyo, and Yotpo. The site is optimized for performance, mobile responsiveness, and accessibility, ensuring a positive user experience. Security best practices are observed, including HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly disclosed. From a security perspective, the site maintains a strong posture with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. However, the lack of WHOIS transparency due to privacy protection limits domain registration insights, though the overall legitimacy of the business is supported by professional presentation and operational maturity. Overall, Manucurist presents a trustworthy and well-managed online retail presence with opportunities to enhance transparency around security policies and incident response. Strategic recommendations include publishing explicit security and vulnerability disclosure policies, improving contact channels for security matters, and continuous monitoring of third-party integrations to mitigate risks.

B

Bobcat Company

bobcat.com

72

Bobcat Company Europe is a leading manufacturer and distributor of compact construction machinery and attachments, serving primarily the European market. The company emphasizes performance, robustness, and versatility in its products, targeting construction professionals and industrial users. The website is professionally designed, localized in German, and provides comprehensive product and dealer information, reflecting a mature digital presence. Technically, the site leverages modern JavaScript frameworks like Vue.js and BootstrapVue, integrates advanced media hosting via Cloudinary, and employs consent management tools to comply with privacy regulations. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS registration data is a notable anomaly but does not detract significantly from the overall legitimacy given the brand's global recognition and consistent online presence. Strategic recommendations include publishing detailed security and incident response policies and improving transparency around vulnerability disclosures and data protection officer contacts.

D

DiscoverCars.com

discovercars.com

74

DiscoverCars.com is a global online car rental comparison and booking platform offering users the ability to save up to 70% by comparing deals from over 1000 suppliers across more than 10,000 locations worldwide. The website emphasizes free cancellation and 24/7 multilingual customer support, positioning itself as a trusted intermediary in the transportation sector. The platform targets travelers seeking convenient and cost-effective car rental options globally. Technically, the website employs a modern technology stack including Google Tag Manager, Google Analytics, Bing Ads, reCAPTCHA Enterprise, and CookiePro for consent management. The site is well-optimized for desktop and mobile, with good SEO and accessibility features. Performance is moderate, with a professional and consistent design that enhances user experience. From a security perspective, the site uses HTTPS with strong SSL configuration and implements security best practices such as reCAPTCHA and cookie consent banners. However, explicit security policies, incident response contacts, and vulnerability disclosure programs are not publicly available, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a high level of professionalism and trustworthiness, though the absence of WHOIS data and domain registration details slightly reduces the confidence in domain legitimacy. Strategic recommendations include publishing detailed security policies, establishing incident response contacts, and enhancing transparency around vulnerability disclosures to further strengthen security posture and user trust.

S

Sense4code s.r.o.

scormium.com

65

Scormium is a Czech-based company operating under Sense4code s.r.o., providing a modern, scalable learning management system (LMS) and learning experience platform (LXP) designed for corporate training and customer education. The platform emphasizes personalized, multimedia-rich content delivery, actionable reporting, and seamless integration with enterprise systems. It holds recognized certifications such as ISO 27001, ISO 9001, and GxP validation, underscoring its commitment to security and compliance. The company is part of the OKsystem Group, enhancing its market credibility. Technically, the website is built on Webflow CMS and leverages modern web technologies including Google Tag Manager, Facebook Pixel, Bing Ads, and LinkedIn Insight Tag for analytics and marketing. The site is well-optimized for performance, mobile responsiveness, and accessibility, with a comprehensive cookie consent mechanism ensuring GDPR compliance. Hosting and security are supported by Cloudflare services, including bot management. Security posture is strong with HTTPS enforced, penetration testing mentioned, and adherence to international standards. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. No explicit incident response or vulnerability disclosure information is provided, which could be improved to enhance trust. Overall, Scormium presents as a professional, trustworthy educational technology provider with robust technical and security foundations. Strategic recommendations include improving domain registration transparency, publishing incident response contacts, and enhancing security header implementation to further strengthen its security posture.

O

OKsystem a.s.

okskoleni.cz

10

OKškolení, operated by OKsystem a.s., is a well-established certified training center specializing in authorized IT courses including Microsoft, Cisco, and Linux. The company targets IT professionals, corporate clients, and government institutions, offering both standard and tailored training solutions. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content that supports their market position as a trusted education provider in the Czech Republic. The site integrates multiple marketing and analytics tools with user consent mechanisms, demonstrating compliance with GDPR and modern privacy standards. Security posture is solid with HTTPS and reCAPTCHA protections, though there is room for improvement in HTTP security headers and explicit security policies. Overall, the domain and website present a credible and professional business with strong trust indicators.

O

OKsystem a.s.

okbase.cz

47

OKsystem a.s. operates the OKbase platform, a comprehensive HR digitalization system targeting companies seeking to streamline HR processes such as attendance, payroll, personnel management, and catering. The company holds a strong market position in the Czech Republic and Slovakia with over 350 large implementations and more than 330,000 users. The website reflects a mature, professional B2B SaaS business model with additional outsourcing services. Technically, the site employs modern JavaScript frameworks, integrates multiple analytics and advertising tools, and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS and reCAPTCHA protections, though explicit security headers and policies could be improved. Overall, the site is well-designed, mobile-optimized, and trustworthy, though the absence of WHOIS data slightly reduces domain trust. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to further strengthen trust and compliance.

W

Whow Games GmbH

jackpot.de

66

Jackpot.de is a German-based free-to-play social casino platform operated by Whow Games GmbH. It offers a variety of slot games and casino-style entertainment without real money gambling, targeting adult users aged 18 and above. The platform is positioned as a popular online destination for casual casino gaming with a strong presence in Germany and other European countries, supported by multiple international partner domains. Technically, the website employs modern web technologies including Google Analytics, Facebook SDK, and OneTrust for cookie consent, hosted on AWS infrastructure. The site is mobile-optimized and provides social login options for user convenience. Security-wise, the site enforces HTTPS and uses secure forms but lacks explicit security policies or incident response contacts. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, Jackpot.de demonstrates a mature digital presence with good security posture and compliance, suitable for its business model and audience.

P

PRO.Laika

prolaika.sk

63

PRO.Laika is a well-established Slovakian e-commerce and retail business specializing in photographic and video equipment. Founded in 1993, it holds a strong market position as the largest specialized photo equipment store in Slovakia, offering authorized sales of major brands such as Nikon, Canon, Panasonic, Olympus, Fujifilm, and Leica. The company targets photography enthusiasts and professionals, providing a broad range of products and services including sales, servicing, and workshops. Technically, the website is built on a custom e-commerce platform powered by Unisite CMS, utilizing modern JavaScript libraries and tracking tools. The site is mobile-optimized and SEO-friendly, with a good user experience and clear navigation. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms in place, although formal security policies and incident response information are not publicly available. WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, PRO.Laika demonstrates a mature digital presence with room for improvement in privacy policy transparency and security disclosures.

W

Web Revolution s.r.o.

wikyhracky.cz

53

Wikyhracky.cz is a Czech Republic-based retail and wholesale e-commerce platform specializing in toys, games, school, and office supplies. The company boasts over 30 years of tradition and operates more than 70 physical stores nationwide, positioning itself as a significant player in the Czech toy retail market. The website offers a broad product catalog with recommended and new products, supported by social media channels and a B2B e-shop. Technically, the site uses a mix of legacy and modern web technologies including jQuery 1.11.1, Select2, PrettyPhoto, and integrates marketing and analytics tools such as Google Tag Manager, Google Analytics, Facebook Pixel, and Bing Ads. While the site is accessible and well-structured with good content quality and user experience, it lacks explicit privacy and cookie policies, and uses an outdated jQuery version that may pose security risks. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the business presence and content suggest a legitimate operation. Security headers and SSL configuration details are not available, limiting a full security posture assessment.

W

World Heart Federation

worldheartobservatory.org

63

The World Heart Federation operates the World Heart Observatory, a global platform dedicated to aggregating and disseminating cardiovascular health data and insights. The organization targets healthcare professionals, policymakers, researchers, and advocates to support global heart health initiatives. The website reflects a non-profit model focused on advocacy and data transparency, positioning itself as a global leader in cardiovascular health information. Technically, the website is built on WordPress with a custom child theme and leverages modern web technologies including Bootstrap, jQuery, and multiple analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Hotjar. The site is hosted with Cloudflare DNS and uses HTTPS, ensuring secure communications. Mobile optimization and SEO practices are good, though accessibility is basic. From a security perspective, the site employs HTTPS and domain transfer protection but lacks DNSSEC and advanced security headers, which are recommended for enhanced protection. No privacy policy or terms of service were detected on the analyzed page, which is a compliance gap. The site uses cookie consent mechanisms, indicating some level of GDPR awareness. Overall, the website is professional, trustworthy, and serves its mission well, but could improve privacy compliance and security hardening. Strategic recommendations include enabling DNSSEC, publishing comprehensive privacy and terms policies, and enhancing security headers to strengthen the security posture.

G

Generali

generali.sk

56

Generali is a well-established insurance company operating in Slovakia, offering a broad range of life and non-life insurance products including travel, vehicle, and property insurance. The website positions Generali as a strong partner in the Slovak insurance market, targeting local residents seeking insurance solutions. The business model focuses on direct online insurance services with an emphasis on ease of use and accessibility from home. The company enjoys a positive reputation as indicated by a high aggregate rating from customers. Technically, the website is built on WordPress with modern SEO and analytics tools integrated, including Yoast SEO, Google Tag Manager, Microsoft Clarity, and various tracking pixels for marketing and retargeting. The site is mobile optimized and uses HTTPS with strong security headers, reflecting a mature digital infrastructure. However, some accessibility features could be improved. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, security headers, and cookie consent management. There is no evidence of exposed sensitive data or vulnerable libraries. However, the absence of a published security policy, incident response information, or vulnerability disclosure program suggests room for improvement in transparency and security maturity. Overall, the website is professional, trustworthy, and compliant with GDPR, with a strong business credibility score. The risk profile is low, but strategic enhancements in security communication and accessibility would further strengthen the company's digital trustworthiness.

K

Krytoland.cz

krytoland.cz

59

Krytoland.cz is an established Czech e-commerce retailer specializing in mobile phone accessories including cases, tempered glass, and custom-designed products. The website offers a broad product catalog targeting consumers seeking affordable and customizable mobile accessories. Technically, the site employs modern web technologies such as jQuery, Font Awesome, Google Tag Manager, and tracking tools like Facebook Pixel and Smartlook, indicating a mature digital infrastructure. Security-wise, the site uses HTTPS and some security best practices but lacks comprehensive security headers and explicit privacy and cookie policies, which are critical for GDPR compliance and user trust. The absence of WHOIS data limits the ability to fully verify domain legitimacy, which slightly impacts business credibility. Overall, the site is functional, user-friendly, and safe for general audiences but would benefit from enhanced privacy compliance and clearer contact information.

Status.net is a small business resource website founded in 2000, providing useful business templates and educational articles focused on management and organizational topics. The site targets business professionals and organizations seeking practical resources to improve operations and decision-making. Technically, the website is built on WordPress with a moderate technology stack including jQuery and various analytics and advertising scripts. Hosting appears to be on Amazon AWS infrastructure. The site demonstrates good mobile optimization and SEO practices but has basic accessibility features. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers, and does not provide a cookie consent mechanism. Privacy compliance is limited, with a basic privacy policy but no cookie or terms of service pages. No direct contact information or security policies are published, which limits transparency. Overall, the domain registration data is consistent and supports the legitimacy of the business. The website content is safe and appropriate for a general audience.

H

Heimstaden

heimstaden.cz

51

Heimstaden.cz is a professionally maintained real estate website focused on rental apartments, commercial spaces, and new construction projects primarily in the Moravskoslezský region of the Czech Republic. The company is part of the larger Heimstaden group, a significant player in the European real estate market. The website offers a user-friendly experience with clear navigation, modern design, and multiple customer support channels. Technically, the site uses modern frameworks such as Next.js and is hosted on Microsoft Azure, ensuring reliable performance and scalability. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with visible privacy and cookie policies and consent mechanisms. Overall, the site reflects a mature digital presence suitable for a large real estate company.

E

Emarsys

emarsys.com

68

Emarsys is a well-established enterprise marketing software provider specializing in AI-powered personalized omnichannel customer engagement solutions. The company operates under the SAP umbrella, reflecting a strong market position and extensive industry experience since 2000. Their website demonstrates a mature digital infrastructure with comprehensive content, professional design, and clear navigation aimed at marketers and businesses seeking advanced marketing automation and personalization services. The technical stack leverages WordPress CMS with modern marketing and analytics tools such as Marketo, Google Tag Manager, and Facebook Pixel, ensuring robust data collection and user engagement tracking. Security posture is solid with HTTPS enforced and no critical vulnerabilities detected, though some security headers could be improved. Privacy compliance is evident with accessible privacy and cookie policies and GDPR considerations. Overall, the website and domain registration data indicate a trustworthy and credible business presence.

Nuki Home Solutions GmbH is an Austrian technology company specializing in innovative smart lock solutions designed for easy retrofitting. The company has established a strong market position in Europe by offering a range of smart locks and accessories that integrate seamlessly with major smart home platforms. Their business model focuses on direct consumer sales and business reseller partnerships, supported by a comprehensive digital presence including mobile apps and web management tools. Technically, the website is built on modern frameworks such as Next.js and React, with robust analytics and marketing integrations, ensuring a fast, mobile-optimized, and accessible user experience. Security-wise, the site enforces HTTPS, employs standard security headers, and maintains good privacy compliance with clear policies and consent mechanisms. However, there is room for improvement in publishing explicit security policies and incident response information. Overall, the domain registration and website content are consistent and trustworthy, reflecting a mature and professional business entity.

M

Make: Community

makezine.com

60

Make: DIY Projects and Ideas for Makers is a well-established media platform and community dedicated to makers and DIY enthusiasts. Founded in 2004, it offers a rich collection of project guides, ideas, and community engagement opportunities, positioning itself as a leading brand in the maker media space. The website leverages WordPress CMS with modern plugins and integrates multiple social media channels to engage its audience effectively. Technically, the site uses a robust tech stack including Bootstrap, Google Fonts, and various advertising and analytics tools, hosted with GoDaddy and utilizing Cloudflare DNS services. Security posture is solid with HTTPS enabled and domain protections in place, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is currently limited, with no explicit privacy or cookie policies detected in the provided content. Overall, the site is professional, trustworthy, and safe for general audiences, with a moderate to good technical and security maturity level.

B

Baker Hughes

bakerhughes.com

77

Baker Hughes is a leading energy technology company focused on advancing safer, cleaner, and more efficient energy solutions globally. The company offers a broad portfolio of services and technologies including energy transition, hydrogen technologies, geothermal solutions, carbon capture, emissions abatement, remote operations, AI-driven energy operations, liquefied natural gas, industrial technology, and mature asset solutions. Their market position is that of a large, established enterprise headquartered in the United States, serving energy industry professionals and partners worldwide. Technically, the website is built on Drupal CMS with modern JavaScript integrations, including analytics and consent management tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit security policies and incident response information are not publicly detailed. Overall, the website presents a professional, trustworthy, and well-structured digital presence aligned with enterprise standards.

E

European Society of Cardiology

escardio.org

60

The European Society of Cardiology (ESC) is a leading independent, nonprofit organization dedicated to reducing the burden of cardiovascular disease through education, research, and advocacy. The website serves as a comprehensive platform for cardiology professionals, offering access to guidelines, congresses, eLearning, and community engagement. The ESC maintains a strong market position as a trusted authority in cardiovascular health across Europe and globally. Technically, the website is built on a robust infrastructure using modern web technologies including Bootstrap for responsive design, and integrates multiple analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Adobe DTM. The site is hosted with performance and security in mind, leveraging Akamai CDN and enforcing HTTPS with strong security headers. From a security perspective, the ESC website demonstrates good practices including HTTPS enforcement, cookie consent management via OneTrust, and no visible vulnerabilities or exposed sensitive data. However, there is an opportunity to enhance transparency by publishing a dedicated security policy and vulnerability disclosure information. Overall, the ESC website is a professional, secure, and user-friendly platform that effectively supports its mission. Strategic recommendations include improving security transparency, maintaining up-to-date third-party scripts, and enhancing accessibility features to further strengthen trust and compliance.

J

Jacques Lemans

jacques-lemans.com

72

Jacques Lemans operates a professional e-commerce platform specializing in wrist watches and jewellery, positioning itself as Austria's largest watch brand. The website targets consumers interested in fashion and luxury retail products, offering a broad range of collections and selections for men and women. The business model is retail-focused with online sales and international shipping capabilities. Technically, the website leverages modern technologies including Shopware 6 CMS, Google Tag Manager, reCAPTCHA, and OneTrust for cookie consent, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security posture is strong with HTTPS enforcement, security headers, and secure payment integrations, though the absence of a public security policy and incident response contact reduces transparency. The lack of WHOIS data for the domain is a notable concern, potentially indicating privacy protection or registration issues, which slightly impacts trustworthiness. Overall, the site is professional and trustworthy but would benefit from enhanced transparency in domain registration and security disclosures.