Security Directory

O

On-Fight

on-fight.fr

55

On-Fight is a French e-commerce retailer specializing in martial arts and combat sports equipment, offering a wide range of products including gloves, protections, shoes, textiles, and club materials. The website targets martial arts practitioners and combat sports enthusiasts primarily in France and European countries. The business operates a modern, well-structured online platform with clear navigation and professional branding. Technically, the site leverages modern frameworks such as SvelteKit, is hosted behind Cloudflare, and integrates multiple marketing and analytics tools with GDPR-compliant consent management. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. The domain registration data aligns well with the business claims, indicating legitimacy and consistency. Overall, the site presents a trustworthy and professional e-commerce presence in its niche.

N

Nauti-wave

nauti-wave.fr

46

Nauti-wave is a French e-commerce retailer specializing in nautical sports equipment including swimwear, diving gear, and accessories. The website offers a broad selection of products from multiple well-known brands, targeting French and European customers interested in water sports. The business is relatively new, founded in 2022, and positions itself as a niche player with competitive pricing and fast delivery options. Technically, the website is built on modern frameworks such as SvelteKit, uses Cloudflare for DNS and CDN, and integrates standard analytics and marketing tools like Google Analytics and Trustpilot for customer reviews. The site is mobile-optimized, fast, and accessible, with good SEO practices. Security posture is strong with HTTPS enforced, appropriate security headers, and domain registration protections. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, there is no dedicated security policy or incident response page, which could be improved. Overall, the website is professional, trustworthy, and well-suited for its retail business model.

M

Made in Paradis

madeinparadis.com

59

Made in Paradis is a French e-commerce retailer specializing in women's fashion, footwear, and accessories, offering over 300 brands with a focus on fast delivery and secure payment. The company operates multiple sister sites targeting different international markets, indicating a strategic expansion and solid market presence. The website is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content tailored to its target audience of fashion-conscious women. Technically, the site leverages modern frameworks such as SvelteKit and integrates various marketing and analytics tools including Google Tag Manager, Facebook Pixel, and Trustpilot, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced, domain protection statuses set, and GDPR compliance via a consent management platform. However, minor improvements such as enabling DNSSEC and publishing a formal security policy could enhance trust further. Overall, the site presents a professional, trustworthy, and compliant e-commerce platform with a good balance of business and technical maturity.

L

Le Motard Bleu

lemotardbleu.com

59

Le Motard Bleu is a well-established French e-commerce retailer specializing in motorcycle equipment and parts, founded in 2009. The website offers a broad range of products including helmets, gloves, jackets, and accessories, targeting motorcycle riders primarily in France and neighboring European countries. The business operates multiple related retail brands, indicating a medium-sized enterprise with a strong market presence in the motorcycle retail sector. Technically, the website is built using modern frameworks such as SvelteKit, hosted behind Cloudflare, and employs advanced tracking and consent management tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced, security headers present, and no critical vulnerabilities detected, although DNSSEC is not enabled. Privacy compliance is robust with clear GDPR consent mechanisms and comprehensive privacy policies. Overall, the website demonstrates good professionalism, trustworthiness, and user experience, making it a reliable platform for motorcycle gear retail.

L

La Sellerie de Maé

selleriemae.com

58

La Sellerie de Maé is a specialized French e-commerce retailer focused on equestrian equipment and accessories for both horses and riders. Established in 2011, the company offers a wide range of products from reputable brands, targeting equestrian enthusiasts primarily in France and neighboring European countries. The website presents a professional and well-structured digital storefront with clear navigation and a strong emphasis on customer service, including secure payment options and fast shipping. Technically, the site leverages modern web technologies such as SvelteKit, Cloudflare CDN, and integrates multiple marketing and analytics tools including Google Tag Manager and Facebook Pixel, ensuring a robust and performant user experience across devices. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the domain registration data aligns well with the business claims, supporting a high legitimacy score. Strategic recommendations include enabling DNSSEC, publishing a security policy, and adding a vulnerability disclosure channel to further enhance trust and compliance.

L

La Bagagerie du Motard

labagageriedumotard.com

58

La Bagagerie du Motard is a French e-commerce retailer specializing in motorcycle luggage and accessories, offering a wide range of products such as top cases, side bags, and rider gear. Established since 2012, the company targets motorcycle enthusiasts primarily in France and Europe, positioning itself as a niche market leader with a strong online presence and multiple brand partnerships. The website is professionally designed with good content quality, clear navigation, and mobile optimization, supporting a positive user experience. Technically, the site leverages modern frameworks like SvelteKit, integrates with major analytics and marketing tools, and is hosted with Cloudflare DNS and CDN services, ensuring fast performance and reliability. Security posture is strong with HTTPS enforcement, clientTransferProhibited domain status, and GDPR-compliant cookie consent mechanisms, although some security headers could be improved and a formal security policy is absent. Overall, the domain registration data aligns well with the business claims, enhancing trustworthiness. Strategic recommendations include enabling DNSSEC, publishing security policies, and adding vulnerability disclosure information to further strengthen security and compliance.

H

House of Rugby

house-of-rugby.fr

55

House of Rugby is a specialized e-commerce retailer focused on rugby apparel, footwear, and equipment, primarily serving the French market and French-speaking rugby enthusiasts. The website offers a broad catalog of official club products, shoes, and accessories from major brands, positioning itself as a niche market leader with a strong emphasis on secure payment and customer service. The business is relatively new, founded in 2022, and operates with a medium-sized footprint in the retail sector. Technically, the website is built on modern technologies including SvelteKit and is hosted behind Cloudflare, ensuring fast performance and good mobile optimization. The site integrates multiple marketing and analytics tools such as Google Tag Manager and Facebook Pixel, with a compliant consent management platform to adhere to GDPR requirements. The design is professional and user-friendly, with clear navigation and good SEO practices. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. There is no evidence of exposed sensitive data or vulnerabilities in the visible content. However, the site lacks a dedicated security policy or incident response contact, which could be improved to enhance trust and preparedness. Overall, the security posture is strong for an e-commerce retailer. The overall risk assessment is low, with no critical issues detected. Strategic recommendations include publishing a formal security policy, adding incident response contacts, and implementing a security.txt file for vulnerability disclosures. These steps would further strengthen compliance and security culture. The website demonstrates a mature digital presence with good privacy compliance and business credibility.

G

Galop-Store

galop-store.fr

55

Galop-Store is a French e-commerce retailer specializing in equestrian equipment and animal care products. Founded in 2022, it targets horse riders, animal owners, and related enthusiasts with a broad catalog of products from reputable brands. The website demonstrates a solid market position within its niche, supported by a professional design, clear navigation, and secure payment options. The company maintains a medium-sized operation with a focus on the French market and some international reach through sister sites. Technically, the site leverages modern frameworks like SvelteKit and is hosted on Cloudflare, ensuring fast performance and good mobile optimization. Security practices include HTTPS enforcement, security headers, and GDPR-compliant cookie consent management, although no explicit security policy or incident response information is published. Overall, the site is trustworthy, professional, and well-maintained, with room for improvement in publishing dedicated security and incident response policies.

F

Foot-Store

foot-store.fr

56

Foot-Store is a well-established French e-commerce retailer specializing in football-related products including shoes, jerseys, and equipment. The website targets football players and fans primarily in France and Europe, offering a wide range of branded merchandise from Nike, Adidas, Puma, and others. The business has a solid market position supported by a domain age of over 9 years and multiple related partner sites. Technically, the website employs modern technologies such as SvelteKit, Cloudflare CDN, and integrates various marketing and tracking tools like Google Tag Manager and Facebook Pixel. The site is mobile-optimized, fast, and accessible, with good SEO practices. Security posture is strong with HTTPS enforced, comprehensive security headers, and GDPR-compliant cookie consent mechanisms. No critical vulnerabilities or suspicious activities were detected. Overall, the site demonstrates a professional and trustworthy e-commerce platform with good privacy and security practices.

E

Espace Golf

espace-golf.fr

54

Espace Golf is a specialized French e-commerce retailer focused on golf equipment, including clubs, bags, carts, clothing, and accessories. Founded in 2019, it serves golf enthusiasts primarily in France and surrounding European countries. The website demonstrates a professional market position with competitive pricing, fast delivery, and multiple payment options including secure installment plans. The presence of Trustpilot reviews and clear contact information enhances customer trust. Technically, the site uses modern frameworks such as SvelteKit, is hosted with OVH and Cloudflare, and integrates advanced tracking and consent management tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although a dedicated security policy and incident response contacts are absent. Overall, the site is compliant with GDPR and provides a good user experience with clear navigation and mobile optimization.

D

Direct-Volley : chaussures, ballons, vêtements et équipements de volleyball

direct-volley.fr

57

Direct-Volley.fr is a specialized e-commerce retailer focused on volleyball equipment, apparel, and accessories, serving primarily the French market with multiple localized European domains indicating a broader regional presence. The website offers a comprehensive catalog including shoes, balls, protective gear, club equipment, and lifestyle products related to volleyball. The business appears well-established with a domain age of nearly 9 years and uses reputable hosting and CDN services via Cloudflare. The technical infrastructure is based on Magento (OpenMage), supported by modern analytics and marketing tools such as Google Analytics, Facebook Pixel, TikTok Pixel, and Criteo, reflecting a mature digital marketing strategy. Security posture is solid with HTTPS enforced, security headers present, and domain registration practices consistent with a legitimate retail business. However, the site lacks explicit privacy policy and terms of service pages, which are critical for GDPR compliance and user trust. Contact information and incident response details are also missing, limiting transparency. Overall, the site is professional, secure, and functional but would benefit from enhanced privacy and compliance documentation.

B

Boulevard du Golf

boulevard-du-golf.fr

55

Boulevard du Golf is a specialized French e-commerce retailer focused on golf equipment and accessories, offering a wide range of products from leading brands such as Taylormade, Callaway, and Srixon. Established in 2012, the company has positioned itself as a trusted provider for golf enthusiasts, providing secure payment options, customer support, and a user-friendly online shopping experience. The website is well-structured, mobile-optimized, and integrates modern web technologies including SvelteKit and Cloudflare CDN for performance and security. From a security perspective, the site enforces HTTPS, employs security headers, and integrates a consent management platform to comply with GDPR regulations. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a dedicated security policy or incident response contact suggests room for improvement in transparency and readiness. The domain registration details are consistent with the business claims, enhancing trustworthiness. Overall, Boulevard du Golf demonstrates a mature digital presence with strong privacy compliance and a secure e-commerce environment. Strategic enhancements in security policy disclosure and incident response mechanisms would further strengthen its security posture and customer trust.

B

Basket-Center

basket-center.fr

57

Basket-Center is a well-established French e-commerce retailer specializing in basketball equipment and accessories, including official NBA merchandise and products from major brands such as Adidas, Nike, Wilson, and Mitchell & Ness. The company targets basketball players and fans primarily in France and Europe, offering a broad catalog with fast shipping and secure payment options. The website demonstrates a strong market position as an official distributor with a professional and consistent brand presence. Technically, the website is built on modern technologies including SvelteKit and is hosted behind Cloudflare, ensuring good performance and security. It employs multiple tracking and marketing tools such as Google Analytics, Facebook Pixel, TikTok Pixel, and a consent management platform to comply with GDPR. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, implements security headers, and manages cookie consent effectively. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not publicly available, which could be improved to enhance trust and compliance. Overall, Basket-Center presents a low-risk profile with a strong business and technical foundation. Strategic recommendations include publishing a dedicated security policy, incident response information, and a vulnerability disclosure policy to further strengthen security posture and transparency.

yesforever.ch is a Swiss-based small business operated by Optimize AG, offering a niche SaaS platform for creating personalized wedding websites. The platform provides tailored features such as gift registries, photo galleries, guest registration forms, and password-protected pages, targeting couples planning weddings and their guests. The business model is subscription-based with free trials and flexible pricing plans. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, Owl Carousel, and integrates analytics tools like Google Analytics and Hotjar, indicating a moderate level of digital maturity. The site is mobile-optimized and presents a professional user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and password protection for certain pages but lacks explicit security headers and published security policies, which are areas for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanisms. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

I

invitu

invitu.ch

43

invitu.ch is a Swiss-based online platform specializing in stylish and quick event invitations for private, corporate, and public events. The website offers a user-friendly interface with various event categories and customizable invitation templates, targeting individuals and companies in Switzerland. The business operates as a small-sized entity focusing on digital event invitation services with a clear market niche. Technically, the site employs modern web technologies including Bootstrap, jQuery, FontAwesome, and integrates analytics and user behavior tracking tools such as Google Analytics, Google Tag Manager, and Hotjar. The website is mobile-optimized and presents a professional design with good navigation and content relevance. Security-wise, the site uses HTTPS with appropriate security headers, but lacks some advanced security policies and incident response information. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR explicit statements. Overall, the site is legitimate and trustworthy with room for improvement in privacy and security documentation.

E

EXPO EVENT – Swiss LiveCom Association

expo-event.ch

61

EXPO EVENT – Swiss LiveCom Association is a national industry association representing the Live Communication sector in Switzerland. The organization provides membership services, industry events, education, and sustainability consulting to its members. The website reflects a professional and well-established entity with a clear market position as a leading voice for LiveCom in Switzerland. The technical infrastructure is modern, leveraging Nuxt.js and Vue.js frameworks, with integration of common analytics and marketing tools such as Google Analytics and LinkedIn Insight Tag. Security posture is strong with HTTPS and security headers implemented, although cookie consent mechanisms and explicit terms of service are missing. Overall, the site is well-designed, mobile-optimized, and provides comprehensive contact and event information, supporting a high level of trust and credibility.

D

D.SPORTS

d-sports.de

50

D.SPORTS is a German sports-related website powered by TYPO3 CMS, targeting a general audience interested in sports activities or services. The website employs modern technologies such as Google Tag Manager for analytics and Usercentrics for cookie consent management, indicating a moderate level of digital maturity. However, the absence of explicit privacy policies, terms of service, and clear contact information suggests room for improvement in compliance and user trust. The security posture is adequate with HTTPS enabled and no detected blocking mechanisms, but lacks comprehensive security headers and incident response details. Overall, the site is functional and professional but would benefit from enhanced transparency and security practices to improve trust and compliance.

A

Auto Centrum Lass GmbH

autocentrum-lass.de

67

Auto Centrum Lass GmbH is a medium-sized regional automobile dealership specializing in Toyota vehicles, serving customers primarily in Schleswig-Holstein, Germany. The company offers a comprehensive range of services including new and used car sales, financing options, vehicle servicing, test drives, and electric mobility solutions. Their market position is that of a trusted Toyota partner with a strong local presence. The website reflects a professional and consistent brand image with good content quality and clear navigation tailored to car buyers and service customers. Technically, the site is built on WordPress with Elementor and leverages modern web technologies such as Alpine.js and Swiper.js, hosted on INWX infrastructure. The site is mobile-optimized and implements structured data for SEO benefits. Security-wise, the website enforces HTTPS, uses security headers, and provides a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policy and incident response information, which could be improved. Overall, the domain registration data aligns well with the website content, supporting the legitimacy of the business.

R

REMONDIS Entsorgung

remondis-entsorgung.de

67

REMONDIS Entsorgung operates as a leading enterprise in the waste management and environmental services sector in Germany. The company offers a broad range of services including waste disposal, management, sorting, transport, and recycling solutions tailored for businesses. Their market position is strong, supported by a professional website that clearly communicates their services and target audience. The website is built on TYPO3 CMS and integrates modern consent management tools such as Cookiebot, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement and standard security headers, although explicit security policies and incident response information are not publicly available. Overall, the website demonstrates good compliance with privacy regulations, including GDPR, through comprehensive cookie consent mechanisms. The risk profile is low, with no critical vulnerabilities or suspicious indicators detected. Strategic recommendations include publishing detailed security and incident response policies, implementing a vulnerability disclosure program, and enhancing accessibility features to further improve compliance and user trust.

Schleswig-Holstein Netz GmbH operates as a regional energy network operator serving Schleswig-Holstein and parts of Nordniedersachsen in Germany. The company provides essential services including electricity and gas network connections, energy feed-in, and customer support portals. The website is professionally designed, well-structured, and targets both residential and commercial customers in the energy sector. The presence of multiple customer portals and detailed service information indicates a mature digital presence. Technically, the site leverages modern JavaScript frameworks like React, integrates consent management via Usercentrics, and uses analytics tools such as Matomo and Google Tag Manager, reflecting a good level of digital maturity. Security posture is strong with HTTPS enforced, consent mechanisms in place, and no obvious vulnerabilities detected. However, the absence of publicly available WHOIS registration data for the domain www.sh-netz.com raises concerns about domain legitimacy and ownership transparency. This discrepancy should be addressed to improve trust. Overall, the site is a reliable and professional resource for energy network customers but would benefit from clearer domain registration information and enhanced security policy disclosures.

P

Provinzial Versicherung Aktiengesellschaft

provinzial.de

55

Provinzial Versicherung Aktiengesellschaft operates as a regional insurance provider in Germany, offering services focused on property protection, securing existence, and future planning. The website targets a general audience seeking insurance consultation and services within their region. The company positions itself as a trusted, established player in the finance and insurance sector with a clear regional focus. The website content is professionally presented with good branding consistency and accessibility features, including multiple accessibility profiles to support users with disabilities.

M

mylokalesuche AG

myls.ch

67

mylokalesuche AG operates as a specialized marketing agency and software developer focused on Swiss small and medium-sized enterprises (SMEs). Their core offerings include the myls App for synchronizing business profiles across multiple directories, website creation with SEO optimization, and management of Google and Meta advertising campaigns. The company positions itself as a Google Partner, enhancing its credibility and market presence within the local Swiss digital marketing landscape. The website is professionally designed, multilingual, and optimized for mobile devices, reflecting a mature digital infrastructure. Technically, the site leverages WordPress CMS with modern plugins and libraries, ensuring good performance and SEO compliance. Security posture is solid with HTTPS and some security best practices, though explicit security policies and incident response details are absent. Overall, the business demonstrates a trustworthy and professional online presence with strong customer trust signals, including numerous positive Google reviews.

P

Pfeifer & Langen GmbH & Co. KG

pfeifer-langen.de

76

Pfeifer & Langen GmbH & Co. KG is a well-established German sugar manufacturing company founded in 1870, specializing in regional and sustainable sugar production. Their website reflects a mature digital presence with a focus on B2B customers across food, chemical, pharmaceutical, and feed industries, as well as agricultural partners. The company emphasizes sustainability and regional sourcing as key differentiators. Technically, the website is built on the Sitefinity CMS platform, integrates Google Tag Manager for analytics, and uses modern UI components like Swiper.js for interactive content. The site is mobile-optimized and provides a professional user experience with clear navigation and rich content. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure; however, the absence of security headers and explicit security policies indicates room for improvement. The lack of WHOIS domain registration data is a notable concern, though the website's branding and external social media presence support its legitimacy. Overall, the site scores well on content quality and privacy compliance but should address domain registration transparency and enhance security disclosures.

S

Sportjugend Nordrhein-Westfalen

sportjugend.nrw

47

Sportjugend Nordrhein-Westfalen is a regional youth sports organization affiliated with the Landessportbund Nordrhein-Westfalen, focusing on youth engagement, sports education, volunteer services, and community programs in the German state of North Rhine-Westphalia. The website serves as a comprehensive portal for information on various youth sports initiatives, qualification programs, and events, targeting young people, sports clubs, and volunteers. Technically, the site is built on the TYPO3 CMS platform, integrating modern web technologies such as Google Tag Manager, Google Analytics, and accessibility tools like ReadSpeaker. The website is well-structured, mobile-optimized, and includes a cookie consent mechanism aligned with GDPR requirements. Security-wise, the site enforces HTTPS and uses cookie consent but lacks explicit security headers and a published security policy or incident response contacts. The WHOIS data is privacy protected, which is typical and justified for a non-profit organization. Overall, the website demonstrates a mature digital presence with good content quality and compliance, supporting its role as a trusted regional youth sports entity.

L

Landessportbund Nordrhein-Westfalen e.V.

lsb-nrw.de

46

The Landessportbund Nordrhein-Westfalen e.V. is a large, non-profit regional sports umbrella organization serving the state of North Rhine-Westphalia, Germany. It provides a broad range of sports programs, information, and funding opportunities for sports clubs and individuals. The website is professionally designed, well-structured, and targets sports organizations and enthusiasts within NRW. The technical infrastructure is based on TYPO3 CMS with integration of modern analytics and marketing tools such as Google Tag Manager, Google Analytics, and Facebook Pixel. Accessibility features and cookie consent mechanisms are implemented, reflecting a mature digital presence. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though security headers could be improved. WHOIS data is privacy protected, which is typical for such organizations, and does not raise legitimacy concerns given the website's professional nature and content. Overall, the site demonstrates a strong commitment to privacy compliance and user experience.

D

Deutscher Turner-Bund e.V.

beactive-deutschland.de

47

The website www.beactive-deutschland.de serves as the official German portal for the European Week of Sports campaign, coordinated by the Deutscher Turner-Bund e.V. It provides comprehensive information about the campaign, events, partner engagement, and resources to promote physical activity across Germany and Europe. The site targets a broad audience including sports clubs, organizations, schools, and the general public. Technically, the site is built on TYPO3 CMS, leveraging modern JavaScript libraries and third-party services such as Google Tag Manager and SiteSearch360 for analytics and search functionality. The site is mobile-optimized and presents content in a clear, professional manner.

D

Deutscher Turner-Bund e.V.

dtb-akademie.de

55

The DTB-Akademie is a well-established German educational institution specializing in training and continuing education for trainers, coaches, and professionals in sports, fitness, health, and related fields. Founded in 1995 and operated by the Deutscher Turner-Bund e.V., it offers a broad range of courses including fitness training, group fitness, health sports, dance, Pilates, yoga, and programs for children and the elderly. The website reflects a professional and consistent brand presence targeting sports professionals and educators across Germany. Technically, the website is built on Concrete CMS and employs standard web technologies such as jQuery, Google Tag Manager for analytics, and Usercentrics for consent management, indicating a moderate to good level of digital maturity. The site is mobile-optimized with good navigation and SEO practices, although some accessibility features could be improved. From a security perspective, the site uses HTTPS with a good SSL configuration and implements cookie consent mechanisms. However, explicit security headers and incident response information are not present, which could be enhanced to improve security posture. No vulnerabilities or suspicious content were detected. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. The domain appears legitimate with consistent business information, and the site links to multiple official partner domains related to the Deutscher Turner-Bund network.

B

BVA BikeMedia GmbH

fahrrad-buecher-karten.de

67

BVA BikeMedia GmbH operates www.fahrrad-buecher-karten.de as a specialized e-commerce platform focused on cycling maps, books, and related media products. The company holds a strong market position in Germany as a leading provider of cycling literature and maps, targeting cycling enthusiasts and travelers. The website offers a well-structured catalog of products, including digital downloads and magazines, supported by clear navigation and professional design. Technically, the site uses modern web technologies including JavaScript, CSS3, and integrates Google Analytics with privacy-conscious configurations such as IP anonymization. The hosting is managed via INWX nameservers, and the site enforces HTTPS, ensuring secure data transmission. Privacy compliance is robust with a detailed cookie consent mechanism and accessible privacy policy. However, explicit security headers are not evident in the HTML content, suggesting room for improvement in security hardening. Contact information is comprehensive, including email, phone, physical address, and contact forms, enhancing business credibility. Overall, the site demonstrates a mature digital presence with good privacy and security practices, suitable for its retail and media business model.

Sportbunt.de is a professionally maintained non-profit website operated by Landessportbund Berlin e.V., focused on promoting integration through sports activities in Berlin, especially targeting refugees and local sports clubs. The site offers information on sports programs, training, events, and community engagement. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates mapping and analytics services, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit incident response policies are not publicly visible. Overall, the website is trustworthy, compliant with GDPR, and serves its community-oriented mission effectively.

T

Tennisverband Rheinland-Pfalz e. V.

rlp-tennis.de

57

The Tennisverband Rheinland-Pfalz e. V. operates as a regional tennis association in Germany, providing comprehensive tennis-related news, event management, training, and support services to clubs and players in Rheinland-Pfalz. The website serves as an information hub for tennis enthusiasts, clubs, and officials, reflecting a well-established organization with a strong regional presence and a history dating back to 1948. The association is positioned among the top ten tennis federations in Germany, emphasizing youth development, inclusion, and adult tennis activities. Technically, the website is built on the TYPO3 CMS platform with Bootstrap for responsive design, integrating accessibility tools such as eyeAble and analytics via Google Tag Manager. The site demonstrates good mobile optimization, clear navigation, and structured content, supporting a positive user experience. Hosting appears stable with dedicated nameservers, and the site uses HTTPS, although explicit security headers are not detected. From a security perspective, the site shows a moderate security posture with secure login forms and no visible sensitive data exposure. However, it lacks explicit security policies, incident response contacts, and cookie consent mechanisms, which are important for GDPR compliance and user trust. The WHOIS data aligns well with the organization's identity, showing consistent registration details and no privacy protection, indicating transparency and legitimacy. Overall, the website is professional, trustworthy, and serves its target audience effectively. Strategic improvements in security headers, privacy compliance, and published security policies would enhance its security posture and regulatory adherence.

Hamburger Tennis-Verband e.V. is a regional non-profit sports association dedicated to promoting tennis activities in Hamburg, Germany. The website serves as an information hub for players, clubs, trainers, and tennis enthusiasts, offering event calendars, tournament details, training programs, youth development initiatives, and inclusion projects. The association maintains partnerships with recognized tennis organizations and sponsors, reinforcing its position as a key regional tennis authority. Technically, the website employs a mix of established JavaScript libraries such as jQuery, Bootstrap 3.3.5, Owl Carousel, and jQuery.mmenu for responsive and interactive UI elements. Google Tag Manager and Google Analytics are used for visitor tracking and analytics. The site is mobile-optimized with a clear navigation structure, though it lacks a known CMS and some modern security headers. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism, indicating awareness of privacy regulations. However, no explicit security policies or incident response contacts are published, and security headers like CSP or HSTS are not detected. The WHOIS data shows a consistent and legitimate domain registration without privacy protection, aligning with the organization's transparency. Overall, the website is professional, trustworthy, and well-suited for its audience, with room for improvement in security best practices and formal policy disclosures.

C

CUPRA

cupraofficial.de

62

CUPRAofficial.de is the official German website for CUPRA, a premium automotive brand specializing in sporty and electric vehicles. The site offers comprehensive information on vehicle models, leasing and financing options, electric mobility solutions, and after-sales services. The brand targets automotive consumers in Germany who seek performance-oriented and modern electric vehicles. The website is built on Adobe Experience Manager and integrates modern web technologies, providing a good user experience with multimedia content and clear navigation.

A

Abteilung Kultur, Präsidialdepartement des Kantons Basel-Stadt

museenbasel.ch

61

Museen Basel is a government-affiliated cultural platform representing 37 museums in Basel, Switzerland. It provides comprehensive information about museums, exhibitions, events, and educational contacts, targeting the general public, families, and cultural enthusiasts. The website is professionally designed with consistent branding and clear navigation, supporting multiple languages with German as the primary language. The platform serves as a central hub for cultural engagement in Basel, enhancing the visibility and accessibility of local museums. Technically, the website leverages modern frameworks such as Nuxt.js and Vue.js, styled with Tailwind CSS, and integrates analytics tools like Google Tag Manager and Microsoft Clarity. The site is mobile-optimized and performs moderately well, with good SEO and accessibility features. The content is rich and relevant, supporting a positive user experience. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security policies, incident response contacts, and cookie consent mechanisms, which are areas for improvement. No critical vulnerabilities or suspicious patterns were detected, and the domain registration aligns well with the website's government affiliation, indicating high legitimacy. Overall, Museen Basel presents a trustworthy and professional digital presence for cultural promotion, with recommendations to enhance privacy compliance and security transparency to further strengthen user trust and regulatory adherence.

L

Le Rhin Bleu

lerhinbleu.ch

10

Le Rhin Bleu is a small hospitality business operating a seasonal restaurant located on the banks of the Rhine in Basel, Switzerland. The restaurant specializes in Mediterranean cuisine and offers additional services such as event hosting and gift voucher sales. The website is professionally designed using WordPress and integrates modern marketing and analytics tools including Google Tag Manager and Mailchimp. The business maintains a clear and consistent brand presence with active social media channels and partner affiliations. Technically, the website is well-implemented with HTTPS and cookie consent mechanisms, though it lacks explicit security and incident response policies. Overall, the site demonstrates a good security posture with no critical vulnerabilities detected. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

K

Kunstmuseum Basel

kunstmuseumbasel.ch

61

Kunstmuseum Basel is a prestigious and historic public art museum located in Basel, Switzerland, recognized as the oldest public art collection in the world. The museum offers a rich collection of paintings, sculptures, installations, videos, drawings, and prints spanning seven centuries. It serves a diverse audience including art enthusiasts, families, researchers, and educational groups through exhibitions, workshops, guided tours, and research initiatives. The museum operates as a non-profit cultural institution with a strong market position in the art and cultural sector. Technically, the website employs a modern JavaScript stack including Google Tag Manager, Google Analytics, Facebook Pixel, and Visual Website Optimizer for analytics and marketing purposes. The site is well-structured, mobile-optimized, and uses HTTPS with good SSL configuration. However, it lacks a visible cookie consent mechanism and explicit security policies, which are areas for improvement in privacy compliance and security transparency. From a security perspective, the website demonstrates good practices such as HTTPS enforcement and no visible sensitive data exposure. The WHOIS data confirms the legitimacy and consistency of the domain registration with the museum's identity. No WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, Kunstmuseum Basel's website is professional, trustworthy, and content-rich, but could enhance privacy compliance by implementing cookie consent and publishing security policies. Strategic improvements in these areas would strengthen user trust and regulatory adherence.

R

Restaurant Brauerei

brauerei-basel.ch

49

Restaurant Brauerei is a traditional Swiss hospitality business located in Basel, Switzerland, offering restaurant dining, an exclusive enothek wine shop, catering services, and event hosting. The business targets a general audience including locals and visitors seeking traditional and innovative Swiss cuisine, complemented by a curated wine selection. The website reflects a well-established local presence with clear contact information, partner affiliations, and a focus on customer experience. Technically, the site is built on WordPress with modern plugins and tools such as Yoast SEO, Google Tag Manager, and Mailchimp, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, supporting good user engagement. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with no critical vulnerabilities detected.

R

Rifonsa AG

safran-zunft.ch

50

Safran Zunft is a traditional yet modern restaurant located in the heart of Basel, Switzerland, operated by Rifonsa AG. The business offers a blend of traditional ambiance with innovative cuisine focusing on local and seasonal products. It caters to a diverse clientele including local residents, tourists, and corporate clients, providing services such as restaurant dining, event hosting, catering, and home delivery. The website reflects a well-established hospitality business with multiple certifications and a strong local presence. Technically, the website is built on WordPress using modern tools such as WPBakery Page Builder, Google Tag Manager, and Mailchimp for marketing automation. It employs HTTPS with good SSL configuration and uses lazy loading for images to optimize performance. The site is mobile optimized and SEO friendly with structured data implemented via JSON-LD. From a security perspective, the website enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, security headers are not explicitly present and there is no visible security policy or vulnerability disclosure page, which could be improved. The WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website is professional, trustworthy, and compliant with privacy regulations. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular audits of third-party scripts to further strengthen security posture.

O

Optimize AG

eventlokale.ch

62

eventlokale.ch is a well-established Swiss event portal operated by Optimize AG, offering a comprehensive marketplace for event locations, service providers, and event-related job listings. The platform targets event planners and individuals in Switzerland, positioning itself as the largest event portal in the country. The website provides rich content including editorial articles, event ideas, and the Swiss Location Award information, enhancing its market presence and user engagement. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with integrations of Google Analytics, Google Tag Manager, and Hotjar for analytics and user behavior tracking. The site is mobile-optimized and features good SEO practices, although accessibility could be improved. Security-wise, the site enforces HTTPS and includes standard security headers, but lacks visible privacy and cookie policies, which are critical for GDPR compliance. No contact emails or phone numbers were found, which may impact user trust and compliance. Overall, the site is professional and trustworthy but should address privacy compliance and contact transparency to enhance its security posture and user confidence.

i-Run is a well-established French e-commerce retailer specializing in sports shoes, apparel, and equipment for running, trail, hiking, and fitness. The website targets French-speaking sports enthusiasts and offers a wide range of products from major brands with fast delivery options. The digital infrastructure incorporates modern web technologies, including JavaScript frameworks, consent management via Didomi, and analytics tools such as Realytics and Ab Tasty, indicating a mature digital presence. Security posture is strong with HTTPS enforced and multiple security headers present, though the absence of a public security policy and incident response contacts suggests room for improvement in transparency. Privacy compliance is robust with clear cookie consent mechanisms and a comprehensive privacy policy in French. Overall, the website presents a professional, trustworthy, and user-friendly experience with no signs of malicious activity or content blocking.

D

Direct Running

direct-running.fr

54

Direct Running is a French-based e-commerce retailer specializing in running shoes, sportswear, and related equipment. The company offers a wide range of products from major brands such as Adidas, Saucony, Puma, and Mizuno, targeting runners and sports enthusiasts primarily in France and Europe. The website demonstrates a mature digital presence with a professional design, clear navigation, and mobile optimization. It integrates multiple marketing and analytics tools including Google Analytics, Facebook Pixel, TikTok Pixel, and Criteo, supported by a consent management platform to ensure GDPR compliance. Security posture is strong with HTTPS enforced and modern security headers implemented, although no dedicated security policy or incident response page was found. Overall, the site is trustworthy and well-positioned in the retail e-commerce market.

S

Les experts du running sont ici! - Shop4Runners

shop4runners.fr

70

Shop4Runners.fr is a French e-commerce website specializing in running shoes, apparel, and accessories from well-known brands such as Asics, Adidas, and New Balance. The site targets running enthusiasts primarily in France and French-speaking regions, offering competitive pricing, free delivery, and a 30-day return policy. The business appears to be a small-sized retailer founded in 2020, operating on a Magento platform with a modern Hyva theme frontend. The website infrastructure leverages Cloudflare for DNS and CDN services, ensuring good performance and security. Marketing and tracking tools such as Google Tag Manager, SalesManago, and Kwanko are integrated for analytics and advertising purposes. The site implements a GDPR-compliant cookie consent mechanism but lacks visible privacy policy and terms of service pages in the provided content. Contact information is limited to a company email address, with no phone or physical address found. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, though security headers and incident response policies are absent. Overall, the website is professional, functional, and trustworthy with room for improvement in privacy disclosures and security transparency.

V

Verein Sakrallandschaft Innerschweiz

sakrallandschaft-innerschweiz.ch

67

Verein Sakrallandschaft Innerschweiz is a non-profit organization dedicated to promoting the rich cultural and spiritual heritage of Central Switzerland, focusing on churches, chapels, monasteries, and sacred sites. The website serves as an informational and promotional platform targeting tourists, pilgrims, families, and cultural enthusiasts interested in spirituality and history. It offers event information, guided tours, newsletters, and partner collaborations to enhance visitor engagement. Technically, the site is built on the Jimdo CMS platform, leveraging common web technologies such as jQuery, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is mobile-optimized with good navigation and content quality, though accessibility features are basic. Security posture is adequate with HTTPS enforced and cookie consent implemented, but could be improved by adding more security headers and explicit security policies. Overall, the website is trustworthy, professional, and compliant with basic privacy regulations, though it lacks detailed terms of service and incident response information.

B

Building

building.co.uk

62

Building.co.uk is a leading UK-based online magazine and resource portal for construction professionals, offering news, CPD modules, events, and industry data. The website is well-established with a professional design, consistent branding, and a comprehensive content offering targeted at construction industry stakeholders. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, and Amazon CloudFront CDN, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced and standard security best practices observed, although explicit security policies and vulnerability disclosure mechanisms are not publicly available. Overall, the site presents a trustworthy and authoritative presence in its sector, though WHOIS data for the exact domain is unavailable due to domain naming rules, indicating the domain is likely a subdomain or alias under a registered parent domain.

VDMA is a prominent German and European industry association representing approximately 3,600 companies in the machinery and plant engineering sector. The organization focuses on innovation, export orientation, and supporting medium-sized enterprises. Their website reflects a mature digital presence with comprehensive content, professional design, and clear navigation tailored to industry professionals and stakeholders. The technical infrastructure is based on the Liferay CMS platform, leveraging modern JavaScript frameworks and analytics tools, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS enforcement, consent management, and use of security best practices, although explicit security headers could be enhanced. Overall, the site demonstrates compliance with GDPR and provides clear contact and privacy information, supporting trust and credibility.

O

Otak

otak.com

55

Otak, Inc. is a professional integrated design and project delivery firm specializing in architecture, engineering, environmental consulting, planning, and project management services. The company emphasizes sustainability, integrity, and community engagement as core values, serving government agencies, developers, and communities primarily in the United States. Their market position is that of a medium-sized, reputable firm with a strong focus on delivering community-centric projects and sustainable solutions. Technically, the website is built on WordPress with a modern technology stack including Google Analytics, Google Tag Manager, and various performance and SEO optimization plugins. The site is well-optimized for mobile devices, features good accessibility, and demonstrates excellent SEO practices. The infrastructure appears robust with fast loading times and a professional design. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks visible security headers, a published security policy, and incident response contact information. The absence of WHOIS domain registration data raises some concerns about domain transparency, although the website content and social media presence support its legitimacy. Overall, Otak presents a professional and trustworthy online presence with minor gaps in security transparency and domain registration information. Strategic improvements in security policy publication and domain WHOIS transparency would enhance trust and compliance.

U

US Green Building Council California

usgbc-la.org

53

US Green Building Council California (USGBC-CA) is a regional non-profit organization dedicated to advancing sustainability, green building, climate action, and environmental justice within California. Founded in 2023, it serves sustainability professionals and advocates by providing resources, networking opportunities, and certification programs aimed at transforming the built environment. The organization positions itself as a leader in the energy and sustainability sector within the state, leveraging partnerships and community engagement to drive impact. Technically, the website is built on WordPress CMS, enhanced with NitroPack for performance optimization, and uses modern web technologies including jQuery, Google Tag Manager, and Font Awesome. The site demonstrates good mobile optimization, fast loading times, and solid SEO practices. Hosting appears to be managed via GoDaddy, consistent with the domain registrar information. From a security perspective, the site enforces HTTPS and employs domain status protections to prevent unauthorized domain changes. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data. There is no visible privacy policy, cookie policy, or vulnerability disclosure page, which are areas for improvement. Social media presence and structured data markup enhance trust and visibility. Overall, the website is professional, trustworthy, and well-positioned within its niche. The absence of explicit privacy and cookie policies slightly reduces privacy compliance scores. Strategic recommendations include enabling DNSSEC, publishing comprehensive privacy and cookie policies, implementing security headers, and establishing a vulnerability disclosure policy to strengthen security posture and compliance.

L

LEI Register

leikode.no

70

LEI Register is an official Legal Entity Identifier registration agent operating in Norway, providing fast and reliable LEI code issuance and renewal services. The company positions itself as a trusted intermediary partnering with accredited Local Operating Units (LOUs) such as Ubisecure Oy and Nasdaq CSD SE, ensuring compliance with global LEI standards. The website targets Norwegian legal entities requiring LEI codes for regulatory and financial transparency purposes. The business model revolves around facilitating LEI registrations, renewals, and providing related certificates and badges to demonstrate compliance and transparency.

C

Charles Dickens Museum

dickensmuseum.com

68

The Charles Dickens Museum operates as a well-established cultural and educational institution located in London, dedicated to preserving and promoting the legacy of Charles Dickens. The website serves as both an informational portal and an e-commerce platform offering museum tickets, educational resources, events, and themed merchandise. The museum targets a broad audience including tourists, educators, students, and literary enthusiasts. The business model is primarily non-profit with revenue streams from admissions, retail sales, and memberships. The museum holds a reputable market position supported by cultural funders and charity status. Technically, the website is built on the Shopify platform, leveraging modern web technologies such as jQuery, Google Tag Manager, and Facebook Pixel for marketing and analytics. The site is mobile-optimized with good SEO and accessibility basics, though some accessibility enhancements could be made. Hosting and domain registration are consistent with a legitimate, long-standing organization. From a security perspective, the site enforces HTTPS, uses secure Shopify checkout, and implements client transfer protection on the domain. However, DNSSEC is not enabled, and there is no publicly available security policy or incident response information, which are areas for improvement. Privacy compliance is strong with GDPR-consistent cookie consent and a comprehensive privacy policy. Overall, the website presents a professional, trustworthy, and secure online presence for the Charles Dickens Museum, with minor recommendations to enhance security transparency and DNS security. The risk profile is low, and the site effectively supports the museum's mission and business objectives.

S

South London Gallery

southlondongallery.org

71

South London Gallery is a well-established non-profit cultural institution in London, providing free access to contemporary art exhibitions, film, performance events, and educational programs for diverse audiences including children and adults. The gallery has a strong community focus and a history spanning over 125 years, positioning it as a key player in the local and broader art scene. The website reflects this with rich content, clear navigation, and consistent branding. Technically, the site is built on WordPress with modern JavaScript libraries and integrates Google Analytics, Tag Manager, and Klaviyo for marketing and analytics. Security measures include HTTPS and Google reCAPTCHA, though some security headers are not explicitly detected. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. The absence of WHOIS data limits domain trust verification but does not detract significantly from the overall legitimacy given the institution's public presence and external references.