Security Directory

H

House of Rugby: specjalista od rugby

house-of-rugby.pl

58

House of Rugby is a specialized e-commerce retailer focused on rugby sportswear, official club merchandise, and equipment. The website targets rugby players, fans, and clubs primarily in Poland, offering a wide range of products including jerseys, boots, and protective gear. The business appears to be relatively new, founded in 2023, and operates a niche market position with a focus on quality and fast shipping services. Technically, the website is built on a Magento (OpenMage) platform, integrating modern marketing and analytics tools such as Google Analytics, Google Ads, and AppConsent for GDPR compliance. The site is mobile-optimized with good navigation and design quality, supporting a positive user experience. Security-wise, the site enforces HTTPS, has DNSSEC enabled, and integrates reCAPTCHA to protect forms, reflecting a good security posture. However, the absence of explicit privacy policy and terms of service pages, as well as missing visible contact information, are notable gaps in compliance and business transparency. Overall, the website is functional, secure, and professionally presented but would benefit from enhanced compliance documentation and clearer contact channels.

S

SPACEFOOT SAS

selleriemae.pl

60

La Sellerie de Maé is an e-commerce retailer specializing in equestrian equipment and accessories, operated by SPACEFOOT SAS, a French company. The website targets primarily Polish customers but is part of a broader international presence with multiple country-specific domains. The platform offers a wide range of products for horses and riders, including protective gear, clothing, and stable equipment, sourced from well-known brands. Customer service is based in France, with clear contact details and a 14-day return policy, enhancing trust and customer confidence. Technically, the website is built on Magento Open Source (OpenMage variant), leveraging modern web technologies such as Google Analytics, Google Tag Manager, Google Ads, and Actito marketing automation. It employs reCAPTCHA for form protection and uses lazy loading for images to optimize performance. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the website enforces HTTPS and uses invisible reCAPTCHA on forms, ensuring basic protection against automated abuse. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No vulnerabilities or exposed sensitive data were found. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Overall, the website demonstrates a solid security posture and good privacy compliance, with a trustworthy business presence supported by consistent WHOIS data. Recommendations include enabling DNSSEC, adding missing security headers, and publishing a security policy or vulnerability disclosure to further enhance security maturity.

T

Tripnbikers : Pokrowce i torby motocyklowe

tripnbikers.pl

57

Tripnbikers.pl is a specialized e-commerce platform focused on motorcycle luggage and accessories, serving primarily the Polish market with multi-language support for other European countries. The website offers a range of products including top cases, side cases, soft luggage, and related accessories from well-known brands such as Givi, Shad, and SW-Motech. The business model is retail e-commerce targeting motorcycle enthusiasts and riders seeking quality luggage solutions. The domain is relatively new, registered in 2023, consistent with the business age and market positioning. Technically, the website is built on Magento (OpenMage), leveraging modern web technologies including Google Analytics, Google Ads, reCAPTCHA, and a consent management platform compliant with IAB TCF v2 standards. The site is mobile optimized with good navigation and content quality. Performance is moderate, with room for improvement in accessibility and SEO. From a security perspective, the site enforces HTTPS and DNSSEC, uses reCAPTCHA to mitigate bots, and implements consent management for privacy compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no visible privacy policy or terms of service pages were found, which are critical for GDPR compliance. No contact information for security incidents or data protection officers is provided. Overall, the website presents a moderate risk profile with good business credibility but requires improvements in privacy transparency and security hardening. Strategic recommendations include publishing comprehensive privacy and terms policies, adding security headers, and providing clear contact channels for incident response.

D

Daily Bikers : Sprzęt i części motocyklowe

daily-bikers.pl

58

Daily Bikers is an e-commerce retailer specializing in motorcycle gear and parts, targeting motorcycle enthusiasts primarily in Poland and other European countries through localized websites. The business offers a wide range of products including jackets, helmets, gloves, protective gear, and motorcycle accessories, emphasizing competitive pricing and fast delivery. The website is built on a Magento (OpenMage) platform with integrations for Google Analytics, Google Ads, and marketing automation tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS, DNSSEC, and reCAPTCHA implementations, though explicit privacy and terms policies are not found in the provided content. Overall, the site presents a professional and trustworthy front for a medium-sized retail business founded in 2023.

P

Pecheur-Store : Internetowy sklep wędkarski

pecheur-store.pl

58

Pecheur-Store.pl is a Polish e-commerce retailer specializing in fishing equipment, including rods, reels, baits, and accessories for various fishing styles such as carp fishing, predator fishing, and sea fishing. The website targets fishing enthusiasts and hobbyists primarily in Poland but is part of a broader multi-country brand presence with sister sites in several European countries. The business model is retail e-commerce with a focus on fast shipping and secure payment options. The site is relatively new, founded in 2022, and maintains a consistent brand image across its digital presence. Technically, the website is built on Magento (OpenMage), leveraging modern web technologies including Google Analytics, Google Tag Manager, Google Ads, and reCAPTCHA for bot protection. The site is mobile-optimized with good navigation and SEO practices, although accessibility features are basic. Performance is moderate, with room for improvement in loading speed and security headers. From a security perspective, the site enforces HTTPS and integrates consent management for GDPR compliance, but lacks explicit privacy and cookie policy pages, which are critical for full compliance. DNSSEC is not enabled, representing a minor security gap. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is transparent and consistent with the business claims, registered with a reputable registrar and no privacy protection. Overall, Pecheur-Store.pl presents a professional and trustworthy e-commerce platform with moderate security and privacy compliance maturity. Strategic improvements in policy transparency, security headers, and contact information disclosure would enhance trust and compliance posture.

T

Training-Fit: Sprzęt fitness i kulturystyczny

training-fit.pl

58

Training-Fit.pl is a Polish e-commerce website specializing in fitness, bodybuilding, crossfit, yoga, and combat sports equipment and apparel. The site offers a wide range of products from well-known brands, targeting fitness enthusiasts and athletes primarily in Poland. The business appears to be recently established in 2023, with a medium-sized market presence and a focus on online retail. Technically, the website is built on the Magento (OpenMage) platform, utilizing modern web technologies including Google Analytics, Google Ads, and reCAPTCHA for security and marketing. The site is mobile-optimized with good navigation and professional design. Security measures include HTTPS with DNSSEC enabled, and a GDPR consent mechanism is implemented, although explicit privacy and cookie policies are not found. Overall, the security posture is good with no critical vulnerabilities detected. Recommendations include publishing comprehensive privacy and cookie policies, adding terms of service, and providing clear contact information for improved trust and compliance.

S

SPACEFOOT SAS

trek-expert.pl

58

Trek-Expert is an e-commerce retailer specializing in outdoor clothing, footwear, and equipment, targeting outdoor enthusiasts primarily in European markets. The company operates under SPACEFOOT SAS, based in France, with a domain registered in 2023, reflecting a relatively new but professionally established business. The website offers a broad product range with multiple country-specific domains, indicating a strategic multi-market approach. Customer service is localized in France, and secure payment options are prominently featured, enhancing customer trust. Technically, the website is built on a Magento (OpenMage) platform, leveraging modern marketing and analytics tools such as Google Analytics, Google Tag Manager, Google Ads, and GDPR-compliant consent frameworks. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is strong with HTTPS, DNSSEC, reCAPTCHA, and cookie consent mechanisms in place, though explicit security policies and incident response contacts are absent. Overall, the website demonstrates a mature digital presence with good privacy compliance and business credibility. No critical vulnerabilities or suspicious activities were detected. Recommendations include publishing a dedicated security policy, incident response information, and implementing a security.txt file to enhance transparency and security readiness.

P

Pet & Garden - Twój internetowy sklep zoologiczny i centrum ogrodnicze

pet-and-garden.pl

59

Pet & Garden is a Polish e-commerce platform specializing in pet supplies, gardening products, and agricultural equipment. The website offers a broad range of products targeting pet owners, gardeners, farmers, and animal breeders. It positions itself as a comprehensive online store with a focus on quick shipping and a wide product catalog. The business appears to be recently established in 2024, aligning with the domain registration date. The website's content is professionally presented with consistent branding and clear navigation, supporting a positive user experience.

H

House of Rugby

houseofrugby.cz

60

House of Rugby is a specialized e-commerce retailer focused on rugby sportswear, official club merchandise, shoes, and equipment primarily targeting rugby enthusiasts in the Czech Republic and Europe. The website offers a broad catalog of products from major brands, supported by secure payment options and a user-friendly shopping experience. The company maintains a consistent brand presence and provides comprehensive customer support information including physical address and phone contact. Technically, the website is built on Magento (OpenMage), leveraging modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Actito for marketing automation. The site is mobile optimized with good SEO and accessibility basics. Security posture is strong with HTTPS enforced, security headers present, and GDPR compliance actively managed through consent mechanisms. No critical vulnerabilities or suspicious activities were detected. Overall, the website demonstrates a mature digital presence suitable for its retail business model.

S

SPACEFOOT SAS

espace-golf.cz

60

Espace Golf operates as a specialized e-commerce retailer focused on golf equipment and apparel, serving primarily the Czech Republic and broader European markets. The company, legally registered as SPACEFOOT SAS in France, offers a wide range of golf products from reputable brands, emphasizing competitive pricing, fast delivery, and secure payment options. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience for golf enthusiasts. Technically, the site leverages Magento (OpenMage), integrates Google Analytics, reCAPTCHA, and consent management platforms, reflecting a mature digital infrastructure. Security measures include HTTPS enforcement and form protection, though additional security headers and policies could enhance the posture. Privacy compliance is well addressed with visible policies and consent mechanisms. Overall, the site presents a trustworthy and professional e-commerce platform with a solid market position in the golf retail sector.

P

Pet & Garden - Vaše online centrum pro domácí mazlíčky a zahradu

pet-and-garden.cz

58

Pet & Garden is an e-commerce platform focused on providing a wide range of products for pets, gardening, and agricultural needs primarily targeting customers in the Czech Republic. The website offers various categories including pet food, accessories, garden furniture, and farming equipment, positioning itself as a comprehensive online retail center for these sectors. The business model revolves around online sales with a broad product catalog and multiple brand partnerships. Technically, the website is built on Magento/OpenMage, uses modern web technologies including Google Analytics, Google Ads, and reCAPTCHA, and is hosted on Gandi's infrastructure. The site demonstrates moderate to good digital maturity with responsive design and consent management for GDPR compliance. Security posture is solid with HTTPS and bot protection, though it lacks some advanced security headers and explicit security policies. The WHOIS data is inconsistent, showing a future domain creation date, which raises some concerns about domain registration legitimacy. Overall, the website is professional and safe for general audiences but would benefit from improved transparency in privacy and security policies.

S

SPACEFOOT SAS

selleriemae.cz

57

La sellerie de Maé operates as a specialized e-commerce retailer focused on equestrian equipment and accessories, targeting primarily Czech and European horse riders and owners. The website offers a broad catalog of products for horses and riders, emphasizing quality brands and fast shipping services. The business is positioned as a medium-sized retail entity with a professional online presence and a network of related retail sites. Technically, the website is built on the Magento (OpenMage) platform, leveraging modern web technologies including Google Analytics, reCAPTCHA, and GDPR-compliant consent mechanisms. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Security posture is solid with HTTPS enforcement and form protections, but could be improved by adding explicit security headers and publishing a security policy. The WHOIS data presents inconsistencies, notably a future domain creation date, which reduces domain trustworthiness despite the professional website content. Overall, the site is trustworthy and well-maintained but would benefit from enhanced transparency in security and incident response policies.

S

SPACEFOOT SAS

on-fight.de

63

On-Fight is a specialized e-commerce retailer focused on combat sports and fitness equipment, operating primarily in the European market with a strong presence in Germany and France. The company, SPACEFOOT SAS, offers a wide range of products including gloves, protective gear, clothing, and training equipment, targeting athletes and sports enthusiasts. Their business model centers on online sales with customer service based in France, secure payment options, and customer-friendly policies such as easy returns and installment payments. The website demonstrates a professional and consistent brand image with good content quality and user experience.

T

Training-Fit : Fitness- und Muskelaufbaugeräte

training-fit-de.de

62

Training-Fit is a German-based e-commerce platform specializing in fitness and muscle building equipment, apparel, and accessories. The website targets fitness enthusiasts and athletes across multiple European markets, as evidenced by its multilingual sister sites. The business model focuses on retail sales of well-known fitness brands with an emphasis on fast shipping and secure payment options. The site demonstrates a professional and consistent brand presence with good content quality and navigation.

S

SPACEFOOT SAS

trek-expert.de

63

Trek-Expert is a medium-sized European e-commerce retailer specializing in outdoor clothing, footwear, and equipment. The company operates multiple localized websites targeting various European countries, with a strong presence in Germany and France. Their business model focuses on providing discounted outdoor gear with secure payment options and customer service based in France. The website is professionally designed with clear navigation and a consistent brand image, supported by multiple related sister stores in the sports retail sector. Technically, the website runs on an OpenMage (Magento) platform with modern marketing and analytics integrations including Google Analytics, Google Ads, and Actito marketing automation. The site is mobile optimized and uses a consent management platform to comply with GDPR requirements. Hosting is managed via Gandi, and the site uses HTTPS with a good SSL configuration. From a security perspective, the site enforces HTTPS and implements consent mechanisms for privacy compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not clearly present and could be improved. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data is consistent with the business information, indicating a legitimate and transparent registration. Overall, the website presents a low risk profile with good privacy compliance and a solid technical foundation. Strategic recommendations include enhancing security headers, publishing a formal security policy, and improving accessibility features to further strengthen the security posture and user trust.

S

SPACEFOOT SAS

velo-store-de.de

62

Vélo-Store is a French-based e-commerce retailer specializing in bicycles, bicycle parts, and cycling accessories, targeting primarily the German market and other European countries. The company operates multiple localized domains and offers a broad product catalog including helmets, bikes, parts, and apparel. The website demonstrates a professional and consistent brand presence with clear navigation and a good user experience. Technically, the site is built on Magento (OpenMage), leveraging modern marketing and analytics tools such as Google Analytics, Google Ads, AWIN affiliate tracking, and Actito marketing automation. Security measures include HTTPS, reCAPTCHA v3, and a consent management platform ensuring GDPR compliance. The WHOIS data confirms the legitimacy of the business with consistent registration details matching the website's claims. Overall, the site is well-positioned in the retail cycling market with a solid technical and security posture.

S

SPACEFOOT SAS

galop-store.dk

58

Galop Store is a specialized e-commerce retailer focusing on equestrian equipment and pet supplies, targeting customers primarily in Denmark and France. The company operates under SPACEFOOT SAS, with a newly registered domain consistent with its business launch in 2024. The website offers a broad catalog of products for horses, riders, dogs, cats, and other animals, supported by customer service based in France. The business model centers on online retail with fast shipping and secure payment options, positioning itself as a trusted niche provider in the equestrian and pet market segments. Technically, the website is built on the Magento (OpenMage) platform, leveraging modern web technologies including Google Analytics, Google Tag Manager, Google Ads, and marketing automation tools like Actito. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with room for improvement in loading speed and accessibility compliance. From a security perspective, the site enforces HTTPS and uses invisible reCAPTCHA on forms to mitigate spam and abuse. However, DNSSEC is not enabled, and some recommended security headers are missing, which could be addressed to enhance security posture. Privacy compliance is strong, with clear privacy and cookie policies and GDPR consent mechanisms implemented. No incident response or vulnerability disclosure information is published, which is a potential area for improvement. Overall, the website presents a professional and trustworthy front for its business, with solid technical and privacy foundations. Strategic enhancements in security headers, DNS security, and transparency around vulnerability handling would further strengthen its security and compliance stance.

S

SPACEFOOT SAS

nauti-wave.se

56

Nauti-Wave is an e-commerce retailer specializing in water sports apparel and equipment, including wetsuits, swimming gear, and related accessories. The company operates primarily in the Swedish market but is legally registered in France under SPACEFOOT SAS. The website offers a broad product catalog with a focus on quality brands and fast delivery, positioning itself as a niche player in the water sports retail sector. The business model is direct online sales with an emphasis on customer service and secure payment options. Technically, the website is built on a Magento (OpenMage) platform with modern integrations such as Google Analytics, Google Ads, and marketing automation tools like Actito. The site is mobile-optimized and features a clear navigation structure, although some accessibility features could be enhanced. Performance is moderate, with good SEO practices and structured data implemented for rich search results. From a security perspective, the site enforces HTTPS and uses invisible Google reCAPTCHA for form protection. However, it lacks some advanced HTTP security headers and DNSSEC is not enabled, which are areas for improvement. Privacy compliance is strong, with clear privacy and cookie policies and GDPR consent mechanisms in place. The WHOIS data aligns well with the website's business claims, supporting legitimacy. Overall, Nauti-Wave presents a professional and trustworthy online presence with a solid foundation in e-commerce and digital marketing. Security and privacy practices are adequate but could be strengthened to further enhance trust and resilience against threats.

S

SPACEFOOT SAS

nauti-wave.es

60

Nauti-Wave, operated by SPACEFOOT SAS, is a specialized e-commerce retailer focused on aquatic sports equipment and apparel, including neoprene suits, swimwear, and related gear. The company targets consumers interested in aquatic sports across multiple European countries, with a strong presence in France and Spain. Their business model centers on online retail with value propositions such as fast delivery, secure payment, and post-sale service in France. The website demonstrates a consistent brand identity and offers a broad product catalog with recognized brands.

S

SPACEFOOT SAS

nauti-wave.pt

60

Nauti-Wave is a specialized e-commerce retailer focused on aquatic sportswear and equipment, operating primarily in France and Portugal with a broad product catalog including diving suits, swimwear, and related accessories. The company, SPACEFOOT SAS, maintains a professional online presence with clear branding and customer service support. Their market position is that of a niche retailer with a strong focus on aquatic sports enthusiasts, offering competitive pricing and fast delivery services. Technically, the website is built on Magento (OpenMage), leveraging modern web technologies and integrating Google Analytics, Google Ads, and a consent management platform to ensure GDPR compliance. Security posture is solid with HTTPS enforcement, reCAPTCHA protection on forms, and secure payment options displayed, though some security headers could be improved. Overall, the site is well-structured, mobile-optimized, and provides a trustworthy shopping experience. Recommendations include enhancing security headers, publishing a formal security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.

S

SPACEFOOT SAS

nauti-wave.pl

58

Nauti-Wave is a specialized e-commerce retailer focused on water sports equipment and apparel, operating primarily in Poland and supported by customer service in France. The company offers a wide range of products including wetsuits, swimwear, diving gear, surfing equipment, and triathlon apparel, targeting water sports enthusiasts and athletes. The business is relatively new, founded in 2023, and operates under the legal entity SPACEFOOT SAS based in France. The website demonstrates a professional and consistent brand presence with clear navigation and a comprehensive product catalog.

S

SPACEFOOT SAS

nauti-wave.nl

10

Nauti-Wave is an e-commerce retailer specializing in watersport products including wetsuits, swimwear, and related equipment. The company operates primarily in France and the Netherlands, targeting watersport enthusiasts and athletes such as swimmers and triathletes. The website is professionally designed with a clear navigation structure and offers a broad product catalog from multiple brands. The business model focuses on online sales with customer service based in France, secure payment options, and easy returns. Technically, the site is built on Magento (OpenMage), leveraging modern marketing and analytics tools such as Google Analytics, Google Ads, and Actito marketing automation, all integrated with a GDPR-compliant consent management platform. Security posture is strong with HTTPS, DNSSEC, reCAPTCHA, and no visible vulnerabilities. Overall, the site demonstrates a mature digital infrastructure suitable for a medium-sized retail business.

S

SPACEFOOT SAS

nauti-wave.cz

10

Nauti-Wave is an e-commerce retailer specializing in water sports equipment including neoprene suits, swimwear, and accessories. The company operates primarily in the Czech Republic market but is registered in France under SPACEFOOT SAS. The website offers a broad product catalog with secure payment options and customer service support, positioning itself as a trusted retailer in the water sports niche. The business model focuses on online sales with a strong emphasis on customer experience and compliance with European data protection regulations. Technically, the website is built on Magento (OpenMage), leveraging modern web technologies and marketing tools such as Google Analytics and Actito. Security measures include HTTPS, reCAPTCHA, and a consent management platform, though some security headers could be improved. The WHOIS data shows an anomalous future domain creation date, which is a concern but does not currently impact the website's operational legitimacy. Overall, the site demonstrates a good balance of business professionalism, technical maturity, and privacy compliance.

S

SPACEFOOT SAS

slowood-interior.se

56

Slowood Interior is a small French-based e-commerce retailer specializing in modern interior design products including furniture, lighting, and home decoration. The company operates a professionally designed Magento-based website targeting consumers interested in Scandinavian and European style home furnishings. The business emphasizes customer service with a French contact center and clear return policies. Technically, the website uses modern web technologies, integrates Google Analytics and Ads, and implements GDPR-compliant consent management. Security posture is good with HTTPS, reCAPTCHA, and secure cookies, though some security headers and DNSSEC could be improved. Overall, the website is trustworthy, well-branded, and compliant with privacy regulations, making it a credible online retail presence.

S

SPACEFOOT SAS

slowood-interior.de

62

Slowood Interior operates as a professional e-commerce retailer specializing in modern home decoration, furniture, lighting, and lifestyle products. The company targets general consumers interested in enhancing their living spaces with contemporary design elements. The business maintains a strong market position in the European home decor sector, supported by a multilingual website and a network of related partner stores. The company is legally registered as SPACEFOOT SAS in France, with clear contact and customer service information provided on the website. Technically, the website is built on the Magento (OpenMage) platform, leveraging modern marketing and analytics tools such as Google Analytics, Google Tag Manager, Google AdWords, AWIN affiliate tracking, and Actito marketing automation. The site demonstrates good mobile optimization and SEO practices, with a moderate performance profile. Hosting is managed via Gandi, as indicated by the DNS nameservers. From a security perspective, the website enforces HTTPS and integrates Google reCAPTCHA for form protection. A consent management platform ensures GDPR compliance, and privacy policies are comprehensive and accessible. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly implemented, representing an area for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include enhancing security headers, continuous monitoring of third-party scripts, and improving accessibility features to meet broader compliance standards.

S

SPACEFOOT SAS

on-fight.at

63

On-Fight is a specialized e-commerce retailer focused on providing equipment and accessories for combat sports and fitness enthusiasts. The company operates primarily in the European market, with a strong presence in France and German-speaking countries. Their product range includes gloves, protective gear, shoes, textiles, and club materials, targeting athletes and sports clubs. The website demonstrates a solid market position as a niche retailer with fast shipping and customer service based in France. Technically, the site leverages a Magento-based platform with modern marketing and analytics integrations, including Google Analytics, Google Ads, and GDPR-compliant consent management. Security measures such as HTTPS and invisible reCAPTCHA are implemented, reflecting a good security posture. Overall, the website is professional, user-friendly, and trustworthy, with clear business information and compliance with privacy regulations.

S

SPACEFOOT SAS

nauti-wave.at

63

Nauti-Wave is an established e-commerce retailer specializing in watersports apparel and equipment, including wetsuits, swimwear, and accessories. The company operates primarily in France, supported by a professional website that offers a broad product catalog and secure payment options. The business targets watersports enthusiasts and general consumers seeking quality sportswear and equipment. The website demonstrates a solid market position with a focus on customer service and reliable delivery. Technically, the website is built on a Magento (OpenMage) platform, integrating modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Actito marketing automation. The site employs GDPR-compliant consent management and invisible reCAPTCHA for form security, indicating a mature digital infrastructure. Performance and mobile optimization are good, though some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, suggesting room for improvement. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear policies and consent mechanisms in place. Overall, Nauti-Wave presents a trustworthy and professional online presence with moderate to high security and privacy standards. Strategic improvements in security headers and incident response documentation would further strengthen its posture.

M

Made In Paradis : Schuhe und Sportbekleidung für Frauen

madeinparadis.at

63

Made In Paradis is a professional e-commerce retailer specializing in women's fashion, shoes, and sportswear, offering over 300 brands online. The website targets primarily female customers across multiple European countries, with localized versions available. The platform demonstrates a solid market position as a boutique with a broad product range and trusted payment options. Technically, the site is built on Magento (likely OpenMage), integrating modern marketing and analytics tools such as Google Analytics, Google Ads, and Actito for marketing automation. The site is mobile-optimized and provides a good user experience with clear navigation and consistent branding. Security posture is strong with HTTPS enforced, reCAPTCHA on forms, and GDPR-compliant consent mechanisms, though some security headers are missing and no explicit security policy or incident response contacts are published. The WHOIS data is unavailable due to quota limits, but the domain likely uses privacy protection, which is justified for this business type. Overall, the website is trustworthy, professional, and compliant with privacy regulations, making it a reliable platform for online shopping.

S

SPACEFOOT SAS

velo-store.ie

63

Vélo-Store is a specialized e-commerce retailer focused on bicycles, bike parts, and cycling equipment, operating primarily in France and Ireland with multiple country-specific domains. The company, SPACEFOOT SAS, offers a broad catalog of cycling products and emphasizes customer service, secure payment, and easy returns. The website demonstrates a solid digital presence with modern marketing and analytics tools integrated, including Google Analytics, Google Ads, and Actito. The technical infrastructure is based on Magento (OpenMage), hosted by Gandi, and employs HTTPS with reCAPTCHA for form security. Security posture is good but could be enhanced by enabling DNSSEC and adding advanced security headers. Privacy compliance is strong with clear privacy and cookie policies and GDPR consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned in the e-commerce cycling market.

T

Training-Fit : Fitness and bodybuilding equipment

training-fit.ie

48

Training-Fit.ie is an e-commerce website specializing in fitness and bodybuilding equipment, offering a wide range of products including cardio devices, professional fitness machines, bodybuilding accessories, crossfit gear, yoga apparel, fighting sports equipment, clothing, shoes, and related accessories. The site targets fitness enthusiasts, athletes, and consumers seeking quality fitness products from well-known brands. The business model is retail-focused, leveraging online sales with fast delivery and secure payment options. The domain is newly registered in December 2023, indicating a recent market entry or brand launch. Technically, the website is built on Magento (OpenMage), utilizing modern web technologies such as Google Analytics, Google Tag Manager, Google Ads, and reCAPTCHA for security and marketing. The site is hosted with Gandi, with HTTPS enabled and a clientTransferProhibited domain status, indicating basic domain security. Mobile optimization and navigation are good, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags. From a security perspective, the site uses HTTPS and reCAPTCHA, and implements a consent management platform to comply with privacy regulations. However, no DNSSEC is enabled, and security headers are missing, which are areas for improvement. No privacy policy or terms of service were found, which is a compliance gap. No contact information for security incidents or data protection officers is provided, limiting incident response readiness. Overall, the website presents a professional and trustworthy e-commerce platform with moderate security posture and technical maturity. Strategic improvements in privacy documentation, security headers, and contact transparency would enhance compliance and trustworthiness.

S

SPACEFOOT SAS

nauti-wave.ie

63

Nauti-Wave is a specialized e-commerce retailer focused on water sports equipment and apparel, including wetsuits, swimsuits, and related accessories. The company operates primarily in France and Ireland, targeting water sports enthusiasts and athletes. The website presents a professional and well-structured platform with a broad product catalog and multiple brand partnerships, positioning itself as a competitive player in the niche water sports retail market. The business model is direct online sales with fast delivery and secure payment options, supported by customer service based in France. Technically, the website is built on the Magento (OpenMage) platform, leveraging modern web technologies such as Google Analytics, Google Ads, reCAPTCHA, and marketing automation tools like Actito. The site is mobile-optimized and provides a good user experience with clear navigation and product categorization. Performance is moderate, with room for improvement in accessibility and advanced security headers. From a security perspective, the site enforces HTTPS, uses clientTransferProhibited domain status, and integrates reCAPTCHA for form protection. Consent management is implemented to comply with GDPR, and privacy policies are comprehensive. However, DNSSEC is not enabled, and some recommended security headers are missing. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a solid security posture and compliance with privacy regulations, supporting a trustworthy online retail environment. The domain registration details align well with the business claims, enhancing legitimacy. Strategic recommendations include enabling DNSSEC, adding security headers, and publishing a security policy to further strengthen trust and security maturity.

S

samra Co.,Ltd

smgroup.co.kr

61

SM그룹 is a large South Korean conglomerate operating across multiple sectors including manufacturing, construction, shipping, media, and leisure. The company presents itself as a global leader with a diversified portfolio of subsidiaries, targeting general consumers, business partners, and potential employees. The website reflects a professional corporate identity with consistent branding and comprehensive information about its subsidiaries and business areas. Technically, the website uses modern JavaScript libraries and tracking tools such as Google Analytics and Tag Manager, hosted by Megazone, a Korean hosting provider. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features. Security-wise, the domain registration is transparent and consistent with the business, but the website lacks DNSSEC and security headers, and no cookie consent mechanism is present, which may affect compliance. Overall, the website is trustworthy and professional but could improve its security posture and privacy compliance to align with best practices.

S

Stiftung Zewo

zewo.ch

11

Stiftung Zewo operates as a Swiss non-profit foundation providing certification and trust assurance services to charitable organizations through the Zewo-Gütesiegel. The website serves donors and NPOs by offering verified information about certified organizations, ensuring transparency and confidence in charitable giving. It holds a strong market position as a leading certification body in Switzerland, offering key services such as NPO certification, donor guidance, and coordination of national fundraising efforts. The digital infrastructure is built on WordPress with modern technologies including Algolia search, Foundation framework, and various analytics and marketing tools, reflecting a mature and well-maintained technical environment. Security posture is robust with HTTPS enforcement, security headers, and no visible vulnerabilities, although formal security policies and incident response information are not publicly detailed. Overall, the website demonstrates high professionalism, excellent content quality, and strong trust indicators, making it a reliable resource for its target audience.

U

Up Romania

upromania.ro

10

Up Romania is a well-established financial services company specializing in employee motivation solutions such as meal vouchers, gift cards, and social benefits. The company serves a broad audience including companies, public institutions, affiliated partners, and end users, positioning itself as a key player in the Romanian employee benefits market. With over 25,000 companies and 1.2 million beneficiaries, Up Romania demonstrates significant market penetration and brand recognition. The website reflects a professional and consistent brand image, supported by comprehensive legal and privacy documentation.

U

Up Portugal

up-portugal.pt

55

Up Portugal is a well-established company specializing in employee benefit solutions such as meal cards, education support, fuel payment, and multi-service vouchers. The company operates primarily in Portugal but is part of a larger international group with presence in 28 countries and over 26 million users. Their website reflects a professional and consistent brand image targeting companies and their employees. Technically, the website uses a variety of JavaScript libraries and Google Tag Manager for analytics, with a custom CMS platform. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies are missing. Privacy compliance is evident with GDPR-aligned privacy and cookie policies. No direct contact emails or phone numbers are provided, relying on contact forms instead. Overall, the domain registration data aligns well with the business claims, supporting legitimacy.

The Österreichisches E-Commerce-Gütezeichen website serves as a certification and trust-building platform for Austrian online shops, emphasizing legal compliance, consumer protection, and e-commerce best practices. Supported by key Austrian institutions such as the Wirtschaftskammer, Arbeiterkammer, and the Ministry for Digitalization and Economic Location, it holds a strong market position as a trusted certification authority since 2000. The site targets both online retailers seeking certification and consumers looking for secure shopping options. Technically, the website is built on TYPO3 CMS with privacy-respecting Matomo analytics, offering a modern and responsive user experience with good SEO and accessibility basics. Security posture is solid with HTTPS and no visible vulnerabilities, though some improvements in security headers and explicit policies are recommended. Overall, the site is professional, trustworthy, and well-aligned with its business goals.

R

RBA Brands

rbabrands.com

60

RBA Brands is a leading Spanish media company specializing in magazine publishing and digital content distribution. The website showcases a broad portfolio of magazine brands and emphasizes its market leadership in Spain. The technical infrastructure is based on ASP.NET WebForms with modern JavaScript libraries and integrates a comprehensive consent management platform to comply with GDPR regulations. The site uses multiple analytics and advertising services, indicating a mature digital marketing approach. Security posture is generally good with HTTPS enforced and consent mechanisms in place, though some security headers and policies could be improved. The absence of WHOIS data for the domain is a concern but the professional presentation and content quality support legitimacy. Overall, the website is well-designed, user-friendly, and compliant with privacy standards, though contact and security policy transparency could be enhanced.

R

RBA

serienegra.es

66

RBA Libros is a well-established Spanish publishing group specializing in various literary genres, including the crime-focused 'Serie Negra' imprint. The website serves as a digital storefront and informational portal for their crime genre books, offering features such as book listings, author information, and newsletter subscriptions. The site is professionally designed with consistent branding and targets readers interested in crime novels, essays, and biographies. Technically, the website employs a modern JavaScript stack including RequireJS, jQuery, and lazy loading libraries, hosted partially on Microsoft Azure Blob Storage, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and GDPR-compliant consent management via Didomi, though security headers are not explicitly detected and could be improved. The absence of WHOIS data limits domain trust verification, but the website's content and external references strongly indicate legitimacy. Overall, the site presents a trustworthy and professional digital presence for RBA's crime literature segment.

L

Linking Tourism and Conservation e.V. (Ö.T.E.-LT&C e.V.)

ltandc.org

63

Linking Tourism and Conservation e.V. (Ö.T.E.-LT&C e.V.) is a small non-profit organization focused on promoting sustainable tourism and conservation efforts primarily in Europe. The website serves as an information hub showcasing projects, publications, news, and membership opportunities. The organization targets environmental groups, tourism professionals, and the general public interested in sustainable development. Technically, the site is built on a Verwaltungsportal CMS platform using common JavaScript libraries like jQuery and Slick Carousel, with good mobile optimization and accessibility features. Security posture is moderate with cookie consent implemented but lacking visible security headers and unknown SSL configuration. The WHOIS data is incomplete and malformed, which reduces domain trustworthiness, but the website content and social media presence support legitimacy. Overall, the site is professional and trustworthy but could improve security and transparency.

H

Heitech Service GmbH

lausitz-hosting.de

46

Lausitz-Hosting, operated by Heitech Service GmbH, is a regional and national internet service provider specializing in web hosting, domain registration, email services, and SSL certificates. The company emphasizes personal customer service and caters to a diverse clientele including small and medium enterprises, large industrial companies, municipalities, and associations primarily in Germany. Their market position is strengthened by a focus on regional identity and trusted certifications such as ISO/IEC 27001 and ITIL frameworks. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, and Slick Carousel, hosted on servers associated with Heitech. The site is mobile-optimized and presents a professional design with clear navigation. Performance is moderate, with room for improvement in accessibility and SEO optimization. Security posture is solid with HTTPS enforced and hosting in a certified Tier 3 data center, though security headers and incident response details are lacking. From a security and compliance perspective, the site demonstrates adherence to recognized standards and provides privacy and cookie policies, albeit without explicit consent mechanisms. No vulnerabilities or exposed sensitive data were detected. The absence of a vulnerability disclosure policy and security.txt file suggests an area for enhancement. Overall, the risk profile is low with recommendations to strengthen security headers and privacy compliance. Strategically, Lausitz-Hosting is well-positioned in its niche with a clear business model and trusted service offerings. The website supports business credibility through customer references and certifications, though it could benefit from enhanced transparency in security incident handling and privacy consent.

A

Agirc-Arrco

agirc-arrco.fr

58

Agirc-Arrco is a French government-related organization managing supplementary pension schemes for private sector employees. The website provides information and services related to retirement and pension rights, targeting private individuals and retirees. The organization holds a leading position in the French pension market, offering key services such as pension management and online account access. Technically, the website is built on Drupal 11 with modern web technologies and is mobile-optimized, providing a good user experience. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though security headers and explicit privacy policies are missing. The absence of WHOIS data limits domain ownership verification but does not detract from the site's professional appearance and trustworthiness. Overall, the site is safe, well-structured, and serves its audience effectively.

I

Input interior

inputinterior.dk

46

Input interior is a leading independent interior design and furnishing group operating across the Nordic region, specializing in tailored solutions for offices, hospitality, education, and care sectors. The company emphasizes sustainability and offers a broad product range supported by multiple regional websites and active social media engagement. The website demonstrates a mature digital presence with multilingual support and comprehensive content showcasing projects, news, and services. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies are not publicly documented. The absence of WHOIS data limits domain trust verification, but the professional presentation and business transparency mitigate concerns. Overall, Input interior presents a credible and well-established business with a strong online footprint.

I

Input interior

inputinterior.com

56

Input interiör is a leading independent Nordic interior design group specializing in tailored interior solutions for offices, hospitality, education, and healthcare sectors. The company emphasizes sustainability and offers a broad product range supported by certifications such as Svanen and EcoLabel. Their website demonstrates a mature digital presence with multilingual support, comprehensive content, and active social media engagement. Technically, the site is built on WordPress with modern plugins and performance optimizations, ensuring fast and accessible user experience. Security posture is strong with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers could be enhanced. WHOIS data for the exact www subdomain is unavailable, but this is typical and does not detract significantly from trust given the professional site content. Overall, Input interiör presents a credible and well-managed online presence aligned with their business stature.

I

Input interior

inputinterior.se

47

Input interiör is a leading independent interior design group in the Nordic region, specializing in tailored interior solutions for offices, hospitality, education, and healthcare sectors. The company operates multiple showrooms and offers a broad product range with a strong emphasis on sustainability and functionality. Their market position is strong, supported by certifications and a professional digital presence. Technically, the website is built on WordPress with modern plugins and frameworks, optimized for performance, SEO, and mobile responsiveness. The use of Google Tag Manager and reCAPTCHA indicates a mature digital infrastructure. Security practices are good with HTTPS and cookie consent mechanisms, though some HTTP security headers could be improved. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent. Contact information is clearly presented, enhancing business credibility. Overall, the website and business present a low risk profile with strong trust indicators. The missing WHOIS data for the subdomain is not a significant concern given the overall professionalism and transparency of the site. Strategic recommendations include enhancing HTTP security headers and publishing a vulnerability disclosure policy.

Y

YellowMap AG

yellowmap.de

54

YellowMap AG operates a comprehensive local business directory platform for Germany, offering over 5 million listings including companies, services, maps, events, and more. The website targets general users seeking local business information and related services such as hotels, pharmacies, and restaurants. The platform is well-established with visible partnerships and affiliate programs enhancing its market position. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript libraries like jQuery and Slick Carousel, and integrates Piwik analytics for user tracking. The site is mobile-optimized with good SEO and accessibility basics. Security posture is moderate with HTTPS enforced and cookie consent implemented, but lacks visible advanced security headers and explicit security policies. Overall, the site is professional, trustworthy, and safe for general audiences.

G

Gewaltinfo

gewaltinfo.at

62

Gewaltinfo is a reputable Austrian non-profit informational platform dedicated to violence prevention and support. It provides comprehensive resources, including expert knowledge, legal information, and access to multiple hotlines and support organizations targeting vulnerable groups such as children, women, older adults, and LGBTIQA+. The platform serves victims, families, and professionals seeking assistance and information on violence-related issues. Technically, the website is built on a modern stack with Magnolia CMS, uses responsive design, and includes accessibility features, though some security headers and explicit security policies are absent. The site employs anonymized cookies with a consent mechanism, aligning well with GDPR requirements. Security posture is moderate with room for improvement in explicit security policies and incident response information. Overall, the domain registration and website content are consistent and trustworthy, reflecting a stable and legitimate entity. Recommendations include enhancing security headers, publishing security policies, and adding incident response contacts to strengthen trust and compliance.

T

Transports Baudouin

transports-baudouin.fr

46

Transports Baudouin is a medium-sized French transportation and logistics company established in 2017, offering a wide range of freight and vehicle rental services across France and 45 European countries. The company maintains a professional and consistent online presence with a well-structured Drupal 9 website, providing detailed service information and customer testimonials. The technical infrastructure is modern and includes standard analytics and cookie consent mechanisms, reflecting a good level of digital maturity. Security posture is adequate with HTTPS and cookie consent, though improvements in HTTP security headers and incident response disclosures are recommended. Overall, the website is trustworthy, compliant with GDPR, and serves its business audience effectively.

J

Jublasurium

jublasurium.ch

45

Jublasurium is a Swiss non-profit organization focused on organizing a national Pentecost camp for youth under the Jungwacht Blauring umbrella. The website serves as an informational and community engagement platform, targeting youth members and supporters within Switzerland. It provides event details, media resources, and social media integration, reflecting a well-established niche presence in the non-profit youth sector. Technically, the site is built on a custom CMS framework called Ongoing Base, utilizing modern web technologies such as HTML5, CSS3, and JavaScript with slick carousel for interactive content. The site is mobile-optimized and performs moderately well, with good SEO practices including structured data markup. Security-wise, the website enforces HTTPS and avoids exposing sensitive data but lacks some security headers and explicit incident response or vulnerability disclosure information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professional, though improvements in security headers and privacy mechanisms are recommended.

C

compass private pflegeberatung GmbH

compass-pflegeberatung.de

11

Compass private pflegeberatung GmbH is a German healthcare service provider specializing in free and independent care consultation for privately insured individuals and their families. The company operates nationwide with regional teams and offers telephone, on-site, and video consultations. It is affiliated with the PKV-Verband and recognized as a trusted care consultation service with a strong market presence. The website is professionally designed, content-rich, and well-branded, targeting a general audience seeking care advice and support.