Security Directory

O

Pardon Our Interruption

office-discount.de

49

The website www.office-discount.de is currently inaccessible due to a Web Application Firewall (WAF) security challenge page served by Incapsula. This challenge blocks access to the actual website content, preventing extraction of business, contact, or policy information. The domain WHOIS data is minimal, showing only name servers and an unusual domain status 'connect', which limits trust and legitimacy assessment. No privacy, cookie, or terms of service policies are detectable, and no contact information or forms are present. The technical infrastructure appears minimal with only basic JavaScript used for the WAF challenge. Security posture cannot be fully assessed due to lack of accessible content and headers. Overall, the site is protected but not transparent, resulting in a low trust and quality score.

T

temu-europe.com

temu-europe.com

61

temu-europe.com is currently a placeholder website with a 'Launching Soon' message and minimal content. The site is built using GoDaddy Website Builder and hosted by GoDaddy.com, LLC. It includes a contact form protected by Google reCAPTCHA and a cookie consent banner linking to Google's privacy and terms policies. There is no detailed business description, contact emails, phone numbers, or social media presence visible. The domain WHOIS data is suspicious due to a future creation date (July 2025), which undermines trust and legitimacy. Technically, the site uses modern web fonts and scripts but lacks advanced security headers and DNSSEC. Overall, the website is in an early stage with limited digital maturity and business presence.

C

Connox GmbH

connox.de

72

Connox GmbH operates a well-established e-commerce platform specializing in design furniture, home accessories, and lighting products. With a strong market presence in Germany and multiple localized international domains, Connox targets consumers interested in high-quality home design products. The website demonstrates a mature digital infrastructure leveraging modern JavaScript frameworks, consent management tools, and performance optimization technologies. Security posture is robust with HTTPS enforcement, secure payment integrations, and comprehensive privacy and cookie policies aligned with GDPR requirements. While no explicit security policy or incident response page is found, the overall security hygiene is good. The business credibility is supported by consistent WHOIS data, clear contact information, and trust signals such as customer reviews and verified payment methods.

D

DOSB New Media GmbH

turn-deutschland.tv

59

Sport Europe, operated by DOSB New Media GmbH, is a German-based media platform specializing in streaming and broadcasting sports content targeted at European sports fans. The website presents a professional design with good content relevance and user experience, leveraging modern web technologies such as Bootstrap and Font Awesome. The technical infrastructure is hosted by IONOS SE, a reputable provider, and the domain registration aligns with the business entity and location, supporting legitimacy. However, the website lacks critical compliance elements such as privacy and cookie policies, and no contact information is readily available, which may impact user trust and regulatory compliance. Security posture is moderate with SSL enabled but missing key security headers and incident response information.

P

PressMatrix GmbH & Co. KG

pressmatrix.com

59

PressMatrix GmbH & Co. KG operates a mature SaaS platform specializing in digital publishing solutions, targeting publishers, associations, and enterprises. With over 20 years of experience, the company offers automated digital transformation of print publications enhanced by AI features such as chatbots and personalized reading modes. Their market position is strong, supported by reputable clients and a professional web presence. Technically, the website is built on WordPress with modern JavaScript frameworks and hosted on AWS, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and bot protection via FriendlyCaptcha, though improvements in security headers and incident response transparency are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR, though cookie consent mechanisms could be enhanced.

D

Deutscher Turner-Bund e.V.

dtb-gymnet.de

56

The website dtb-gymnet.de serves as the official online management and booking portal for the Deutscher Turner-Bund e.V., the German gymnastics federation. It provides event registration and administrative login capabilities for members, clubs, and associations affiliated with the federation. The platform targets a niche audience within the sports federation community in Germany, offering essential services for event participation and organizational management. The business model focuses on facilitating membership and event administration digitally, supporting the federation's operational needs. Technically, the website is built using basic HTML, CSS, and JavaScript without advanced frameworks or CMS detected. The hosting appears to be managed via generic German hosting providers, with no visible modern web technologies or analytics tools. The site performs moderately with basic mobile optimization and accessibility features. The absence of structured data and SEO enhancements suggests room for technical improvement. From a security perspective, the site uses HTTPS (implied by external links) and employs POST methods for login forms, but lacks visible security headers, anti-CSRF tokens, or bot mitigation measures. No incident response or security policies are publicly disclosed. Privacy compliance is partially addressed with a linked privacy policy PDF, but no cookie consent mechanism is present. The WHOIS data is minimal but consistent with the hosting environment, though lacking detailed registrant information. Overall, the website is functional and trustworthy for its intended audience but could benefit from enhanced security practices, improved privacy compliance, and technical modernization to strengthen its posture and user trust.

G

GetYourGuide

getyourguide.at

65

GetYourGuide operates as a leading global online marketplace specializing in booking tours, attractions, and travel activities worldwide. The platform targets travelers seeking convenient and direct access to local experiences, positioning itself strongly in the hospitality sector with a large-scale digital presence. The website demonstrates a mature technical infrastructure leveraging modern JavaScript frameworks, third-party analytics, and fraud prevention technologies, ensuring a fast, responsive, and user-friendly experience. Security posture is robust with HTTPS, Content Security Policy, and consent management integrated, although no explicit incident response or vulnerability disclosure pages were found. The absence of WHOIS data slightly impacts trust but is likely due to privacy protection measures common in large enterprises. Overall, the site is professional, secure, and compliant with GDPR, making it a trustworthy platform for travel bookings.

E

Europcar

europcar.at

69

Europcar Austria operates as a leading car rental service provider with a strong market position in Europe and worldwide. The company offers a broad fleet including electric vehicles and tailored business solutions, targeting both general consumers and corporate clients. The website reflects a mature digital infrastructure using modern frameworks like Nuxt.js and integrates performance and monitoring tools such as Dynatrace. Security posture is robust with HTTPS enforcement and security headers, though explicit security policies and incident response details are not prominently published. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

S

spodeco

spodeco.de

66

Spodeco is a German-based e-commerce retailer specializing in multibrand tennis and sports equipment, offering products such as rackets, strings, grips, fitness equipment, balls, and court supplies. The website is built on the Shopify platform, leveraging modern web technologies and integrating multiple third-party marketing and analytics tools to enhance customer engagement and operational efficiency. The site demonstrates good digital maturity with fast performance, mobile optimization, and clear navigation. Security posture is strong, with HTTPS enforced and standard security headers in place, although explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with comprehensive privacy and cookie policies and active consent mechanisms. Overall, the site is professional, trustworthy, and safe for general audiences.

B

Bielefeld Marketing GmbH

matchyourfuture.de

53

The website matchyourfuture.de is a professionally designed city marketing platform operated by Bielefeld Marketing GmbH, aimed at promoting the city of Bielefeld, Germany. It highlights the city's cultural, educational, economic, and recreational strengths through engaging content and an interactive quiz. The site targets potential residents, students, professionals, and tourists, positioning Bielefeld as a vibrant and attractive city. Technically, the site leverages modern web technologies including React and Next.js, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Overall, the site demonstrates high professionalism and trustworthiness, with strong social media integration and partner references.

W

Wissenswerkstadt Bielefeld

wissenswerkstadt.de

52

Wissenswerkstadt Bielefeld is a local educational and cultural institution focused on interactive science, technology, and DIY activities for children, youth, families, and educational institutions. The website presents a rich calendar of workshops, exhibitions, and events, emphasizing engagement and learning. Technically, the site is built on TYPO3 CMS, with good mobile optimization, accessibility, and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacking explicit security headers and incident response information. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

R

RBA Revistas S.A.

cuerpomente.com

65

Cuerpomente.com is a Spanish-language wellness media website focused on nutrition, psychology, and healthy living. It operates under the RBA Revistas S.A. group, offering editorial content, online courses, and subscription services. The website demonstrates a mature digital infrastructure with modern advertising and consent management technologies, including integration with Google Tag Manager, Didomi, and multiple ad networks. The site is well-branded and professionally designed, targeting Spanish-speaking wellness enthusiasts. Security posture is good with HTTPS and consent mechanisms, though some security headers could be improved. WHOIS data is unavailable, which raises some concerns but the website content and branding strongly indicate legitimacy. Privacy policy and terms of service pages were not explicitly found in the provided HTML snapshot, suggesting room for compliance improvement.

S

Saber Vivir · La web de referencia en salud

sabervivirtv.com

62

Saber Vivir is a well-established Spanish health and wellness media website providing updated and practical information on exercise, nutrition, and healthy living. It operates under the RBA group, a recognized media company, offering both digital and print magazine subscriptions. The website demonstrates a mature digital infrastructure with integration of modern advertising networks, consent management tools, and analytics services. The content is professionally curated, targeting a general audience interested in health and lifestyle topics. Security posture is solid with HTTPS and consent frameworks in place, though explicit privacy and terms policies are not clearly found in the analyzed content. The absence of WHOIS data is a notable anomaly but does not detract significantly from the site's legitimacy given its association with RBA. Overall, the site is a credible and authoritative source in its domain with room for improvement in transparency and contact information.

R

RBA Revistas S.A.

semana.es

65

Semana.es is a well-established Spanish online magazine specializing in celebrity news, lifestyle, fashion, wellness, and royal family coverage. It operates under the RBA Grupo umbrella, a recognized media group in Spain. The website offers rich, up-to-date content targeting Spanish-speaking audiences interested in entertainment and lifestyle. The business model relies heavily on advertising revenue complemented by subscription services. Technically, the site uses a modern stack including ASP.NET, various advertising and tracking SDKs, and a consent management platform to comply with privacy regulations. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, WHOIS data is restricted by Red.es policies, which is typical for .es domains, and no direct contact information is publicly available on the homepage. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie consent requirements.

R

RBA Revistas S.A.

lecturas.com

63

Lecturas.com is a well-established Spanish digital media platform specializing in celebrity news, royal family updates, lifestyle content including beauty, fashion, recipes, and horoscopes. The site targets Spanish-speaking audiences interested in entertainment and lifestyle news. Technically, the site is built on ASP.NET with a modern advertising and consent management infrastructure, including Prebid.js, Google Tag Manager, and Didomi for GDPR compliance. Security posture is good with HTTPS and consent mechanisms, though some security headers could be improved. The absence of WHOIS data is a notable transparency gap but the site is linked to RBA Revistas S.A., a reputable media company. Overall, the site is professional, content-rich, and safe for general audiences.

R

RBA Revistas S.A.

arquitecturaydiseno.es

10

Arquitectura y Diseño is a Spanish media website specializing in architecture, design, decoration, and sustainability content. It serves a niche audience of design enthusiasts and professionals, offering editorial content supported by advertising and subscription models. The site is part of the RBA group, a recognized media company in Spain. Technically, the website employs modern JavaScript libraries, ad networks, and a consent management platform to ensure compliance with privacy regulations. The security posture is solid with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly available. Overall, the site presents a professional and trustworthy digital presence with good content quality and user experience.

E

El Mueble

elmueble.com

65

El Mueble is a leading Spanish media company specializing in home decoration, lifestyle, and related content. The website offers a rich variety of articles, recipes, and subscription-based premium content, targeting Spanish-speaking audiences interested in home decor and lifestyle. The business operates under the RBA Grupo umbrella, leveraging advertising and subscription revenue streams. Technically, the site uses a modern tech stack including ASP.NET, JavaScript libraries for ads and consent management, and integrates multiple ad networks and analytics tools. Security posture is good with HTTPS enforced and partial security headers, but could be improved with additional headers and published security policies. Privacy compliance is strong, with GDPR-consent mechanisms implemented via Didomi. The lack of WHOIS data is a concern and warrants further investigation, but the website content and branding strongly indicate a legitimate and professional operation.

S

SpeakUp

speakup.es

66

SpeakUp is a Spanish educational media brand specializing in English language learning through engaging articles, audio content, and subscription services. It operates under the RBA publishing group, offering both free and premium content to Spanish-speaking learners at various proficiency levels. The website demonstrates a mature digital presence with a modern tech stack including consent management and advertising frameworks. Security posture is good with HTTPS and GDPR compliance, though some security headers could be improved. The site is well-designed, mobile-optimized, and provides clear navigation and subscription options. WHOIS data is unavailable due to registry restrictions, but the brand's legitimacy is supported by consistent branding and parent company association.

B

Bergzeit GmbH

bergzeit.de

11

Bergzeit GmbH operates a well-established online and physical retail platform specializing in outdoor sports equipment and apparel, targeting enthusiasts of mountain sports such as climbing, hiking, skiing, and biking. Founded in 1999 and based in Germany, Bergzeit offers a comprehensive product catalog with over 50,000 items from major brands, supported by professional customer service and a second-hand marketplace. The company maintains a strong market position as a trusted retailer with certifications such as EMAS and Trusted Shops. Technically, the website employs modern JavaScript frameworks, integrates multiple payment providers, and uses Azure DNS for hosting, reflecting a mature digital infrastructure. Security posture is robust with HTTPS, CSRF protections, and cookie consent mechanisms, although explicit security headers could be further confirmed. Privacy compliance is well addressed with clear policies and GDPR adherence. Overall, Bergzeit presents a professional, secure, and user-friendly platform with high trustworthiness and excellent content quality.

S

Sparkasse Kaiserslautern

sparkasse-kl.de

71

Sparkasse Kaiserslautern is a regional financial institution providing a broad range of banking and financial services including online banking, loans, insurance, investments, and real estate services. The website targets both private and corporate customers with a strong emphasis on accessibility and user-friendly digital services. The bank holds several awards recognizing its advisory quality and market position. Technically, the website is built on a modern stack likely powered by Adobe Experience Manager, with responsive design and good SEO and accessibility features. Security posture is strong with HTTPS, session management, and cookie consent mechanisms, although explicit security policies and vulnerability disclosure mechanisms are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

S

Sparkassenverband Rheinland-Pfalz

sv-rlp.de

49

The Sparkassenverband Rheinland-Pfalz (SVRP) operates as a central umbrella organization and service provider for the savings banks (Sparkassen) and their municipal sponsors in the Rheinland-Pfalz region of Germany. The website reflects a professional, well-structured digital presence focused on providing information about the association's services, educational offerings via its Akademie, and news updates relevant to its stakeholders. The organization holds recognized certifications such as the 'audit berufundfamilie' and supports diversity initiatives, enhancing its trustworthiness and social responsibility profile. Technically, the site is built on TYPO3 CMS, employs modern web standards, and is optimized for accessibility and mobile devices, though performance is moderate. Security posture is solid with HTTPS enforced and secure form handling, but lacks some advanced security headers and explicit incident response information. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is trustworthy, professional, and well-aligned with its business purpose.

B

Banf Crossmedia Group GmbH

banf-holz.de

64

Banf-Holz is a small German retail business specializing in handcrafted wooden products such as unique ballpoint pens and corkscrews. The company operates an e-commerce storefront powered by the ePages platform and actively participates in local exhibitions and cultural markets, targeting consumers interested in artisanal wooden goods. The website is professionally designed with good content quality, clear navigation, and mobile optimization. Technically, it uses modern JavaScript frameworks and lazy loading for images, with embedded YouTube videos enhancing user engagement. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although security headers could be improved. Privacy compliance is adequate with a cookie consent mechanism and GDPR-aligned privacy policy. Contact information and legal pages are clearly presented, supporting business credibility.

H

Heinze GmbH

baunetz-maps.de

58

BauNetz Maps is a well-established interactive platform dedicated to showcasing contemporary architecture projects worldwide. Operated by Heinze GmbH, a subsidiary of Infopro Digital, the platform aggregates over 10,000 architectural projects and related content from multiple BauNetz services, including news, architect profiles, and educational resources. The website targets a broad audience interested in architecture, including professionals and enthusiasts, and offers additional services such as job listings in the architecture and construction sectors. Technically, the website employs modern web technologies including JavaScript frameworks (likely Vue.js), Google Maps API for geolocation and mapping, and Cloudflare CDN for performance and security. Consent management and analytics are handled via ConsentManager and Webtrekk respectively, ensuring compliance with privacy regulations. The site is mobile-optimized and demonstrates good SEO and accessibility practices, though some accessibility improvements could be made. From a security perspective, the site enforces HTTPS and uses Cloudflare for DDoS protection and content delivery. Cookie consent mechanisms are implemented, and no critical vulnerabilities or exposed sensitive data were detected. However, explicit security headers could be enhanced, and the site lacks a public incident response or vulnerability disclosure policy. Overall, BauNetz Maps presents a professional, trustworthy, and content-rich platform with strong business credibility and compliance posture. Strategic improvements in security headers and incident response transparency would further strengthen its security maturity.

BauNetz Wissen is a specialized German-language online portal providing comprehensive knowledge and resources related to architecture and construction technology. It targets professionals such as architects, planners, and engineers, offering thousands of articles, glossary terms, and building case studies. The website is well-established within its niche, supported by a strong partner network of reputable companies in the construction sector. Technically, the site employs modern web technologies including JavaScript frameworks, consent management tools, and analytics services like Hotjar and Google Tag Manager, all integrated with GDPR-compliant consent mechanisms. Hosting and security are enhanced by Cloudflare services, ensuring good performance and SSL encryption. Security posture is solid with HTTPS and consent management, though explicit security headers and incident response policies are not publicly documented. Overall, the site demonstrates high professionalism, excellent content quality, and strong trust indicators, making it a reliable resource in its industry.

S

SEFE Energy UK

sefe-energy.com

60

SEFE Energy UK is a reputable business energy supplier operating primarily in the UK and Europe, offering a broad portfolio of gas, electricity, and renewable energy products tailored to business needs. The company positions itself as a leading supplier with over 50,000 customers and a strong focus on decarbonisation and sustainability solutions. The website reflects a mature digital presence with modern technologies such as Vue.js and Umbraco CMS, integrated analytics platforms including Matomo and Microsoft Clarity, and a comprehensive cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforcement and cookie management, though some security headers could be improved. The WHOIS data is unavailable due to a domain naming rules error from Nominet UK, which is unusual but the website content and business information strongly support legitimacy. Overall, the site demonstrates professionalism, trustworthiness, and a strong market position in the energy sector.

The website at ww1.asaplabs.io presents minimal accessible content, primarily consisting of an embedded iframe pointing to an external domain with obfuscated JavaScript and tracking pixels. There is no visible business information, contact details, or privacy-related policies on the site. The WHOIS data for the domain is malformed and provides no registrar, creation, or registrant information, which raises significant concerns about the legitimacy and transparency of the domain. Technically, the site lacks security headers and there is no confirmation of HTTPS usage, further diminishing trustworthiness. Overall, the site appears suspicious and potentially malicious, with a low security posture and poor compliance with privacy standards.

The website represents the Sportamt Stadt Graz, a municipal government entity providing an online platform for booking district sports fields in Graz, Austria. It offers a structured multi-step booking process including service selection, appointment scheduling, user data input, and payment options. The platform is designed primarily for local residents and sports teams, facilitating fair and organized access to public sports facilities. The business model is a public service, leveraging a third-party SaaS platform (eTermin) for appointment management. Technically, the website employs standard web technologies such as jQuery and SVG for UI elements, with a responsive design suitable for mobile devices. The site includes privacy and cookie policies linked to official city resources, indicating compliance with GDPR. However, no advanced security headers or explicit SSL configuration details were found in the provided data, suggesting room for security enhancements. From a security perspective, the platform shows good practices like encrypted data transmission and user authentication mechanisms. The absence of WHOIS data for the domain www.etermin.net raises questions about domain registration legitimacy, though the website content and contact details align with a legitimate municipal service. No critical vulnerabilities or adult content were detected. Overall, the website is a functional, government-backed service with moderate technical maturity and good privacy compliance. Strategic improvements in security headers, domain registration transparency, and enhanced security audits are recommended to strengthen trust and resilience.

B

Bühnen und Orchester der Stadt Bielefeld

theater-bielefeld.de

53

Bühnen und Orchester der Stadt Bielefeld is a public cultural institution in Germany offering theater, philharmonic orchestra, and concert hall events. The website serves as an information and ticketing portal for their performances and services, targeting a general audience interested in cultural activities. Technically, the site is built on TYPO3 CMS, uses modern JavaScript libraries, and integrates Google Tag Manager and reCAPTCHA for analytics and security. The security posture is moderate with HTTPS enforced but lacks explicit security headers and published security policies. Privacy compliance is limited as no privacy or cookie policies were found in the provided content. Overall, the website is professional, well-structured, and trustworthy, but could improve transparency and compliance documentation.

K

Kulturkreis Senne e.V.

kulturkreis-senne.de

39

Kulturkreis Senne e.V. is a local non-profit cultural organization serving the Senne district in Bielefeld, Germany. The organization offers a diverse cultural program including events such as multimedia shows, concerts, and literary gatherings. The website serves as an information hub for upcoming events, ticket sales, and community engagement, targeting local residents and culture enthusiasts. The business model focuses on community cultural enrichment rather than commercial profit. Technically, the website is built on WordPress with a modern tech stack including Bootstrap and jQuery. It uses common plugins such as Yoast SEO and Contact Form 7, indicating a moderate level of digital maturity. The site is mobile-optimized and SEO-friendly, with good performance and accessibility standards. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security policies, incident response information, and vulnerability disclosure mechanisms. Privacy compliance is well addressed with a cookie consent banner and a GDPR-compliant privacy policy. Contact information is clearly provided, enhancing business credibility. Overall, the website presents a low-risk profile with good content quality and technical implementation. Strategic improvements in security headers, incident response transparency, and vulnerability disclosure could further enhance trust and resilience.

W

Whatfix

whatfix.com

77

Whatfix is an established enterprise technology company founded in 2012, specializing in Digital Adoption Platforms and analytics solutions. Their platform helps businesses improve user onboarding, training, and support through interactive guidance and analytics. The company targets enterprise customers seeking to enhance digital transformation and user engagement. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to business audiences. Technically, the site is built on WordPress, uses Cloudflare for DNS and likely CDN services, and integrates modern technologies such as Google Tag Manager and Wistia for video content. Performance and mobile optimization are excellent, supporting a positive user experience. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though DNSSEC is not enabled. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Contact information is clearly provided, including emails, phone numbers, and physical address. Overall, Whatfix demonstrates a high level of digital maturity, security awareness, and business credibility.

S

Sportstiftung Hessen

sportstiftung-hessen.de

57

Sportstiftung Hessen is a regional non-profit foundation dedicated to supporting young athletes and trainers in the Hessen region of Germany. The foundation provides financial aid, scholarships, and advisory services to foster athletic talent, focusing on Olympic, Paralympic, Deaflympic, Special Olympics, and World Games disciplines. The website reflects a well-structured and professionally designed digital presence, leveraging modern web technologies including Webflow CMS, Usercentrics for consent management, and accessibility tools like eyeAble. The content is primarily in German and targets athletes, trainers, and sports supporters within Hessen. Security posture is strong with HTTPS enforced and GDPR compliance mechanisms in place, although explicit security policies and incident response contacts are not published. Overall, the website is trustworthy, accessible, and aligned with its mission to promote sports excellence in Hessen.

S

Sportjugend Hessen

sportjugend-hessen.de

66

Sportjugend Hessen is the largest youth sports association in Hessen, Germany, serving approximately 800,000 young sports enthusiasts across 7,500 clubs. The organization offers a broad range of services including training and further education, youth travel programs, volunteer services, and mobile sports experiences. Their market position is strong within the non-profit youth sports sector, with a focus on innovative approaches to youth sport and movement culture. Technically, the website is built on TYPO3 CMS, hosted by GWeb Solutions, and incorporates modern web technologies with good accessibility and privacy features such as Matomo analytics and the Eye-Able accessibility plugin. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is professional, trustworthy, and compliant with GDPR, targeting youth and sports organizations in Hessen.

B

Berufsverband Deutscher Nuklearmediziner e.V.

berufsverband-nuklearmedizin.de

47

The Berufsverband Deutscher Nuklearmediziner e.V. (BDN) is a professional association representing nuclear medicine physicians in Germany. The organization focuses on advocating for the professional and political interests of its members, providing resources, organizing events, and offering services such as a physician search and job marketplace. The website reflects a clear and professional presentation of these services, targeting both medical professionals and patients seeking nuclear medicine expertise. Technically, the website is built on the TYPO3 CMS platform, utilizing standard web technologies including JavaScript and CSS. The site is hosted on servers associated with 'agenturserver' as indicated by the nameservers. The website demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. The presence of structured data and meta tags supports search engine visibility. From a security perspective, the site enforces HTTPS and uses secure login forms with CSRF tokens. However, it lacks several security headers and does not publish explicit security policies or incident response contacts. No cookie consent mechanism was detected, which is a compliance gap given GDPR requirements. No vulnerabilities or exposed sensitive data were found in the analyzed content. Overall, the website is trustworthy and professional, with a solid business credibility score. The main areas for improvement include enhancing privacy compliance with cookie consent, publishing security and incident response policies, and implementing additional security headers to strengthen the security posture.

S

Sparkassenakademie NRW

sparkassenakademie-nrw.de

53

Sparkassenakademie NRW is a medium-sized educational institution focused on providing training and solutions to Sparkassen and financial service providers in North Rhine-Westphalia, Germany. The website presents a professional image with a clear focus on finance and education sectors, offering modern educational products and services. The technical infrastructure is based on TYPO3 CMS, integrated with modern consent management tools like Cookiebot and analytics via Google Tag Manager. The site is accessible, mobile-optimized, and includes a comprehensive cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and opt-out mechanisms for analytics, but lacks explicit security headers and visible security policies. No contact emails or phone numbers are directly visible, which could be improved for better business credibility. Overall, the site is trustworthy, safe, and well-positioned in its niche.

P

pitcom GmbH

pitcom.de

59

pitcom GmbH is a well-established digital agency and internet service provider based in Plauen, Germany, founded in 1997. The company specializes in comprehensive digital communication solutions, serving primarily B2B clients including over 200 Sparkassen, banks, municipalities, and medium-sized enterprises. Their service portfolio spans web development, digital business processes, marketing, hosting, and IT consulting, supported by their own data center infrastructure. The website is professionally designed, content-rich, and optimized for usability and accessibility, reflecting a mature digital presence. Technically, the site is built on TYPO3 CMS, employs modern web technologies, and integrates privacy-conscious analytics via Matomo. Hosting is managed internally, indicating control over infrastructure and data security. The website implements GDPR-compliant cookie consent mechanisms and provides clear contact information, enhancing trust and compliance. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The absence of advanced security headers and formal security documentation suggests room for enhancement in defense-in-depth strategies. Overall, the site demonstrates a high level of professionalism, security awareness, and regulatory compliance, positioning pitcom GmbH as a credible and trustworthy digital service provider. Strategically, the company should focus on formalizing and publishing security policies, enhancing incident response transparency, and adopting additional security headers to further strengthen their security posture and client confidence.

S

Schleswig-Holstein Netz

sh-netz-shop.com

67

Schleswig-Holstein Netz operates an e-commerce platform focused on energy-related products such as building introductions, smart home devices, and electric vehicle charging stations. The website targets consumers, businesses, and installers primarily in Germany. The platform is built on modern web technologies, likely using Shopware CMS, and features responsive design with clear navigation and user account management. Analytics are implemented via Google Tag Manager, and cookie consent mechanisms are in place. However, the absence of publicly available WHOIS data for the domain raises concerns about domain legitimacy and transparency. Additionally, the website lacks explicit privacy policy and terms of service pages, which are critical for compliance and user trust. Security posture is generally good with HTTPS and secure login forms, but could be improved by adding security headers and incident response contact information.

H

Handball-Store: Numer 1 wśród stron internetowych poświęconych piłce ręcznej

handball-store.pl

56

Handball-Store.pl is a specialized e-commerce platform focused on providing comprehensive handball equipment, apparel, and accessories primarily targeting handball players and enthusiasts in Poland and Europe. The website offers a wide range of products including shoes, balls, textiles, protective gear, and club equipment, positioning itself as a leading online store in its niche. The business appears to be recently established in 2023, with a consistent domain registration and a clear market focus. Technically, the website is built on Magento (OpenMage), leveraging modern web technologies and integrated with Google Analytics and Google Ads for marketing and performance tracking. Security measures include HTTPS with DNSSEC enabled and Google reCAPTCHA to mitigate bot traffic. However, explicit privacy and cookie policies are not found, though a consent management platform is implemented, indicating partial GDPR compliance. Contact information is not prominently displayed, which may affect user trust and support accessibility. Overall, the site demonstrates a good balance of content quality, technical implementation, and security posture, but could improve in privacy transparency and contact availability.

H

House of Rugby

house-of-rugby.co.uk

61

House of Rugby is a specialized e-commerce retailer focused on rugby sportswear, official club products, shoes, and equipment. Founded in 2022 and operating primarily in the UK, it offers a wide selection of products from major brands such as Nike, Adidas, and Mizuno. The website demonstrates a professional and consistent brand presence with secure payment options and customer service based in France. Technically, the site uses modern frameworks like SvelteKit and integrates Google marketing and analytics tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and GDPR-compliant consent management, although explicit security policies and incident response details are not publicly available. Overall, the site is trustworthy, well-maintained, and suitable for its target audience of rugby enthusiasts and players.

H

House of Rugby

house-of-rugby.com

62

House of Rugby is a specialized e-commerce retailer focused on rugby sportswear, official club merchandise, and rugby equipment. Founded in 2022, it serves rugby players and fans primarily in France and internationally through localized domains. The website offers a wide range of products from major brands such as Nike, Adidas, Mizuno, and Puma, with secure payment options and fast shipping. The business positions itself as a trusted rugby specialist with a strong online presence and customer engagement via Trustpilot and social media. Technically, the website is built on a modern SvelteKit framework, hosted behind Cloudflare DNS and CDN services, and integrates Google Analytics and Google Ads for marketing and analytics. It is mobile-optimized, fast-loading, and implements GDPR-compliant cookie consent mechanisms. The site uses secure HTTPS connections and enforces security headers, although DNSSEC is not enabled. From a security perspective, the site demonstrates good practices including HTTPS, clientTransferProhibited domain status, and no visible vulnerabilities or exposed sensitive data. However, it lacks a dedicated security policy or incident response contact information, which could enhance trust and preparedness. Privacy compliance is strong with clear privacy and cookie policies. Overall, House of Rugby presents a professional, secure, and user-friendly e-commerce platform with a solid business model and trustworthy domain registration. Strategic improvements could include enabling DNSSEC, publishing a security policy, and providing incident response contacts to further strengthen security posture and customer confidence.

M

Made in Paradis

madeinparadis.co.uk

61

Made in Paradis is a UK-based e-commerce retailer specializing in women's fashion, including clothing, shoes, and accessories from over 300 brands. The website positions itself as a boutique offering fast delivery and secure payment options, targeting women interested in fashionable footwear and apparel. The business is relatively new, founded in 2022, and operates with a medium-sized market presence in the retail sector. The company maintains a consistent brand image and offers multiple trusted payment methods, enhancing customer trust. Technically, the website is built using modern web technologies including SvelteKit, with integrations for Google Analytics, Google Ads, and a consent management platform ensuring GDPR compliance. Hosting appears to be via Cloudflare, contributing to fast performance and good mobile optimization. The site demonstrates good SEO practices and basic accessibility features, though there is room for improvement in accessibility. From a security perspective, the site enforces HTTPS, employs multiple security headers, and integrates cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a dedicated security policy or incident response contact reduces transparency in security governance. The domain registration data is consistent with the business claims, enhancing legitimacy. Overall, the website presents a professional, secure, and privacy-conscious e-commerce platform with good user experience and trust indicators. Strategic improvements in security policy transparency and accessibility could further strengthen its posture.

S

Sneak'In

sneakin.cz

57

Sneak'In operates a professional e-commerce platform specializing in fashionable sneakers and clothing for men, women, and children. The website targets primarily the Czech Republic market but also supports multiple European countries through sister domains. The business model focuses on retail sales of well-known brands with fast delivery and secure payment options. The site demonstrates a mature digital presence with modern technologies such as SvelteKit and Cloudflare CDN, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, security headers, and GDPR-compliant cookie consent mechanisms, although no explicit security policy or incident response details are published. WHOIS data shows inconsistencies with a future domain creation date, which may indicate data errors but slightly impacts trust. Overall, the website is professional, trustworthy, and well-structured for its retail purpose.

S

Sneak'In

sneakin.ie

61

Sneak'In is a medium-sized e-commerce retailer specializing in sneakers, streetwear, and fashion clothing for men, women, and children. The company operates primarily in Ireland with a strong European presence, offering a wide range of branded footwear and apparel with fast delivery and secure payment options. The website is professionally designed with clear navigation and a focus on customer service, including a dedicated contact phone number and physical address in France. Technically, the site leverages modern web technologies such as SvelteKit, Cloudflare DNS/CDN, and integrates Google Analytics and Google Ads for marketing and tracking, with a GDPR-compliant cookie consent mechanism in place.

S

Sneak'In

sneakin-shop.at

61

Sneak'In operates a professional e-commerce platform specializing in sneakers, fashion, and sportswear targeting customers primarily in Austria and the broader European market. The website offers a broad product range including shoes, clothing, and accessories for men, women, and children, supported by secure payment options and customer service based in Germany. The company maintains multiple country-specific domains, indicating a regional multi-market strategy. Technically, the website is built on modern frameworks such as SvelteKit, hosted behind Cloudflare for performance and security, and integrates Google Analytics and Tag Manager for marketing and analytics. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms implemented, although explicit security policies and incident response contacts are not published. Overall, the site is well-designed, mobile-optimized, and compliant with GDPR, reflecting a mature digital presence with moderate user tracking. The domain registration is consistent with the business claims, registered via a reputable registrar and using Cloudflare DNS services. No blocking or WAF challenges were detected, allowing full content access and analysis.

S

Sneak'In

sneakin.co.uk

62

Sneak'In is a UK-based e-commerce retailer specializing in sneakers, streetwear, and fashion clothing for men, women, and children. Founded in 2022, the company offers a wide range of well-known brands at competitive prices with a focus on fast delivery and secure payment options. The website is professionally designed with clear navigation and a strong brand presence, targeting fashion-conscious consumers seeking quality sneakers and apparel. The business operates multiple country-specific domains, indicating a broad European market reach. Technically, the website leverages modern web technologies including SvelteKit, Google Tag Manager, and AppConsent for GDPR compliance. Hosting appears to be via Cloudflare, ensuring good performance and security. The site is mobile-optimized and implements standard SEO and accessibility features, although accessibility could be further enhanced. Analytics and marketing tools are used responsibly with consent mechanisms in place. From a security perspective, the site enforces HTTPS, employs security headers, and manages cookie consent effectively. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a dedicated security policy or incident response contact is noted as an area for improvement. Overall, the security posture is strong for an e-commerce platform. The overall risk assessment is low, with the website demonstrating good business credibility, technical maturity, and privacy compliance. Strategic recommendations include publishing explicit security and incident response policies, enhancing accessibility, and maintaining vigilance on third-party scripts. These steps will further strengthen trust and compliance in a competitive retail market.

S

Sneak'In

sneakin.se

56

Sneak'In operates a professional e-commerce platform specializing in sneakers, fashion, and trendy clothing for men, women, and children. The company maintains a strong market presence with multiple localized domains targeting various European countries and the US. Their business model focuses on retail sales with fast delivery and secure payment options, supported by a clear customer service infrastructure based in France and Sweden. Technically, the website leverages modern frameworks such as SvelteKit, Cloudflare CDN, and integrates Google Analytics and Tag Manager for marketing and analytics purposes. The site is well-optimized for mobile and desktop users, with good SEO and accessibility practices. Security posture is solid with HTTPS, security headers, and GDPR-compliant cookie consent mechanisms, although no explicit security policy or incident response contacts are published. Overall, the website is trustworthy, professionally managed, and compliant with relevant privacy regulations.

S

Sneak'In

sneakin.pl

46

Sneak'In operates an e-commerce platform specializing in sneakers, fashion clothing, and accessories targeting men, women, and children primarily in Poland and other European markets. The website presents a professional and consistent brand image with a clear focus on retail fashion and footwear, offering fast delivery and secure payment options. The company appears to be relatively new, founded in 2023, with a domain age consistent with its business history. The site is well-structured, mobile-optimized, and integrates modern web technologies such as SvelteKit and Google Analytics for performance and marketing insights. Security posture is strong with HTTPS enforcement and GDPR-compliant cookie consent mechanisms, although some security policies and incident response contacts are not explicitly published. Overall, the website demonstrates a mature digital presence suitable for its retail business model.

S

Sneak'In

sneakin.pt

58

Sneak'In operates a professional e-commerce platform specializing in footwear, clothing, and accessories for men, women, and children. The company maintains a strong market presence across multiple European countries, supported by a network of affiliated stores. Their business model focuses on offering branded products with fast delivery and secure payment options, targeting fashion-conscious consumers seeking quality and convenience. The website's content and branding are consistent and trustworthy, supported by customer reviews via Trustpilot and clear contact information.

S

Sneak'In

sneakin-es.es

57

Sneak'In operates a professional e-commerce platform specializing in sneakers, casual clothing, and accessories targeting men, women, and children primarily in Spain and other European countries. The website demonstrates a solid market position with a broad brand portfolio and multiple country-specific domains, indicating a mature and geographically diverse business model. The platform offers fast delivery, secure payment options, and easy returns, enhancing customer trust and satisfaction. Technically, the site is built on modern frameworks such as SvelteKit, integrates Google Analytics and Tag Manager for data insights, and uses a consent management platform to ensure GDPR compliance. Security posture is strong with HTTPS enforced and visible trust signals, although some security headers could be improved. The WHOIS data is restricted due to registry policies, which is typical for .es domains, but the website's professionalism and transparency mitigate concerns. Overall, the site is safe, well-structured, and trustworthy for general audiences.

S

Sneak'In

sneakin.it

59

Sneak'In operates a professional e-commerce platform specializing in sneakers, streetwear, and related fashion accessories targeting men, women, and children. The company maintains a strong market presence across multiple European countries and the US through localized domains. Their business model focuses on retail sales with fast delivery and secure payment options, supported by a network of partner stores. Technically, the website leverages modern frameworks like SvelteKit and integrates advanced analytics and consent management tools, reflecting a mature digital infrastructure. Security posture is robust with HTTPS enforcement, GDPR compliance, and secure payment indicators, although DNSSEC is not enabled and some security headers could be explicitly confirmed. Overall, the site is trustworthy, professionally designed, and safe for general audiences.