Security Directory

U

UMB AG

umb.ch

59

UMB AG is a Swiss-based IT services company specializing in digital transformation, cloud solutions, cybersecurity, and consulting. The company positions itself as a leading provider in Switzerland, serving large enterprises and SMEs with a broad portfolio of IT services and innovative solutions. Their website reflects a mature digital presence with comprehensive service descriptions and a strong employer brand. Technically, the site is built on TYPO3 CMS, integrates modern analytics and marketing tools, and employs Cloudflare for security and performance. Security posture is strong with HTTPS, bot filtering, and cookie consent mechanisms, though a dedicated security policy and incident response contacts are absent. Overall, the website is professional, trustworthy, and compliant with GDPR, making it a reliable digital front for the company.

S

Sport is good

sportisgood.cz

56

Sport is good is a medium-sized e-commerce retailer specializing in sportswear, footwear, and lifestyle apparel primarily targeting consumers in the Czech Republic and other European countries. The website offers a broad range of products from well-known brands and emphasizes fast delivery and secure payment options. The company operates multiple associated retail domains, indicating a diversified retail network. Technically, the website is built on modern frameworks such as SvelteKit and is hosted behind Cloudflare, ensuring good performance and security. The presence of Google Analytics and a consent management platform demonstrates a commitment to privacy compliance. Security posture is strong with HTTPS enforced and security headers present, although no dedicated security policy or incident response information is published. The WHOIS data shows an unusual future domain creation date, which may be a data anomaly but warrants further verification. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

S

Sport is good

sportisgood-de.de

57

Sport is good is a European e-commerce retailer specializing in sportswear, shoes, and equipment, targeting primarily the German and wider European market. The website offers a broad range of products from major sports and fashion brands, emphasizing fast delivery and secure payment options. The business operates multiple affiliated stores and brands, indicating a medium-sized retail operation with a diversified portfolio. Technically, the website is built on a modern stack using SvelteKit, hosted behind Cloudflare, and integrates multiple marketing and tracking tools with a consent management platform to ensure GDPR compliance. Security posture is strong with HTTPS enforced and standard security headers present, though no dedicated security policy or incident response contact is published. Overall, the site is professional, well-branded, and trustworthy with good user experience and mobile optimization. Recommendations include publishing a security policy, incident response contacts, and enhancing accessibility features to further improve compliance and trust.

S

Sneakids

sneakids.com

10

Sneakids is a specialized e-commerce retailer focusing on children's sneakers and fashion clothing, offering a wide range of well-known brands at competitive prices. The company targets parents and guardians seeking quality children's footwear and apparel, positioning itself as a reliable and secure online shopping destination with customer service based in France. The website demonstrates a mature digital infrastructure leveraging modern technologies such as SvelteKit, Cloudflare CDN, and integrates key marketing and analytics tools including Google Analytics and Trustpilot for customer reviews. Security posture is strong with HTTPS enforced, clientTransferProhibited domain status, and cookie consent mechanisms in place, although DNSSEC is not enabled. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent management. Overall, the site is professional, trustworthy, and user-friendly, supporting a medium-sized retail business founded in 2020.

N

Nauti-wave

nauti-wave.com

62

Nauti-wave operates a professional e-commerce platform specializing in water sports equipment including wetsuits, swimsuits, and related accessories. The company targets water sports enthusiasts and athletes primarily in France and other international markets via country-specific domains. Their business model focuses on online retail with fast delivery and secure payment options, positioning them as a niche retailer in the water sports segment. Technically, the website leverages modern technologies such as SvelteKit, Cloudflare hosting, and integrates Google Analytics and Google Ads for marketing and analytics. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security posture is strong with HTTPS enforced, clientTransferProhibited domain status, and cookie consent mechanisms, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, the website is trustworthy, professional, and compliant with GDPR requirements.

B

Basket-Center

basket-center.com

41

Basket-Center is a specialized e-commerce retailer focused on basketball and American sports equipment and apparel. Established in 2015, it serves a broad audience of basketball players, fans, and sports enthusiasts primarily in the US and Europe. The company offers official brand merchandise from well-known manufacturers such as Adidas, Nike, Wilson, and Mitchell & Ness, positioning itself as a trusted distributor with fast delivery and secure payment options. The website reflects a professional and consistent brand image with clear navigation and comprehensive product categorization. Technically, the website is built using modern technologies including SvelteKit, Cloudflare CDN, and integrates Google Analytics and Google Ads for marketing and tracking. It is well optimized for mobile devices and demonstrates good performance and accessibility standards. The presence of a consent management platform indicates attention to privacy compliance, particularly GDPR. From a security perspective, the site enforces HTTPS, employs standard security headers, and maintains a secure domain registration status. No critical vulnerabilities or exposed sensitive data were detected. However, enabling DNSSEC and publishing a formal security policy or vulnerability disclosure could further enhance trust and security posture. Overall, Basket-Center presents a low-risk profile with strong business credibility, good technical implementation, and solid privacy compliance. Strategic improvements in DNS security and formal security disclosures are recommended to maintain and improve trustworthiness.

T

TEAM 7

team7.at

63

TEAM 7 is an Austrian company specializing in the design and manufacture of natural solid wood furniture, targeting consumers interested in traditional craftsmanship and natural living. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content focused on their product offerings. The technical infrastructure is built on TYPO3 CMS, enhanced by Cloudflare for performance and security, and integrates Cookiebot for GDPR compliance, demonstrating a commitment to privacy and regulatory adherence. Security posture is strong with HTTPS enforced and use of modern security practices, although explicit security headers could be verified further. The absence of WHOIS registration data limits domain trust verification but the overall website professionalism and compliance measures suggest a legitimate business. Strategic recommendations include enhancing visible contact information, publishing a security policy, and confirming security headers to improve trust and compliance.

S

Sneak'In

sneakin.cz

57

Sneak'In operates a professional e-commerce platform specializing in fashionable sneakers and clothing for men, women, and children. The website targets primarily the Czech Republic market but also supports multiple European countries through sister domains. The business model focuses on retail sales of well-known brands with fast delivery and secure payment options. The site demonstrates a mature digital presence with modern technologies such as SvelteKit and Cloudflare CDN, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, security headers, and GDPR-compliant cookie consent mechanisms, although no explicit security policy or incident response details are published. WHOIS data shows inconsistencies with a future domain creation date, which may indicate data errors but slightly impacts trust. Overall, the website is professional, trustworthy, and well-structured for its retail purpose.

S

Sneak'In

sneakin-shop.at

61

Sneak'In operates a professional e-commerce platform specializing in sneakers, fashion, and sportswear targeting customers primarily in Austria and the broader European market. The website offers a broad product range including shoes, clothing, and accessories for men, women, and children, supported by secure payment options and customer service based in Germany. The company maintains multiple country-specific domains, indicating a regional multi-market strategy. Technically, the website is built on modern frameworks such as SvelteKit, hosted behind Cloudflare for performance and security, and integrates Google Analytics and Tag Manager for marketing and analytics. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms implemented, although explicit security policies and incident response contacts are not published. Overall, the site is well-designed, mobile-optimized, and compliant with GDPR, reflecting a mature digital presence with moderate user tracking. The domain registration is consistent with the business claims, registered via a reputable registrar and using Cloudflare DNS services. No blocking or WAF challenges were detected, allowing full content access and analysis.

S

Sneak'In

sneakin.se

56

Sneak'In operates a professional e-commerce platform specializing in sneakers, fashion, and trendy clothing for men, women, and children. The company maintains a strong market presence with multiple localized domains targeting various European countries and the US. Their business model focuses on retail sales with fast delivery and secure payment options, supported by a clear customer service infrastructure based in France and Sweden. Technically, the website leverages modern frameworks such as SvelteKit, Cloudflare CDN, and integrates Google Analytics and Tag Manager for marketing and analytics purposes. The site is well-optimized for mobile and desktop users, with good SEO and accessibility practices. Security posture is solid with HTTPS, security headers, and GDPR-compliant cookie consent mechanisms, although no explicit security policy or incident response contacts are published. Overall, the website is trustworthy, professionally managed, and compliant with relevant privacy regulations.

S

Sneak'In

sneakin-de.de

58

Sneak'In operates a professional e-commerce platform specializing in sneakers, fashion, and trendy clothing for men, women, and children. The company maintains a strong market presence with multiple country-specific domains and a broad portfolio of well-known brands. Their business model focuses on retail sales with key services including fast delivery, secure payment options, and dedicated customer service in Germany. The website demonstrates consistent branding and trust indicators such as Trustpilot integration and secure payment logos. Technically, the website is built on modern technologies including SvelteKit, uses Cloudflare for DNS and CDN services, and integrates Google Analytics and Tag Manager for analytics. The site is well optimized for performance and mobile devices, with good accessibility and SEO practices. Consent management for GDPR compliance is implemented effectively. From a security perspective, the site enforces HTTPS, includes essential security headers, and manages user consent appropriately. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a dedicated security policy and incident response contact information, which are recommended for enhanced security posture. Overall, the website is trustworthy, professional, and compliant with privacy regulations, presenting a low risk profile. Strategic recommendations include publishing a security policy, establishing an incident response channel, and implementing a vulnerability disclosure program to further strengthen security and trust.

The website ictashkent.com is currently inaccessible due to a 502 Bad Gateway error served via Cloudflare, indicating an origin server failure. The page content is limited to an error message with no business or contact information, policies, or services described. This prevents a full assessment of the company's business operations, market position, or technical infrastructure. The only technology detected is Cloudflare acting as a proxy and WAF. Security posture is weak due to lack of security headers and absence of privacy or cookie policies. No forms, scripts, or analytics are present to evaluate data collection or user tracking. Overall, the site is non-functional and provides no trust or credibility signals.

Teleboy.ch is a Swiss telecommunications service provider specializing in TV streaming and media content delivery. The website is currently inaccessible due to Cloudflare Web Application Firewall blocking access, displaying a 'You are Blocked' message. This prevents a full content and security analysis. The visible content is minimal, with only a contact email provided for support. The technical infrastructure includes Cloudflare services and JavaScript-based analytics. No privacy, cookie, or terms of service policies are present on the landing page, indicating potential compliance gaps. Security headers and SSL configuration details are not available from the provided data, limiting security posture assessment. Overall, the site shows consistent branding but lacks accessible content and transparency for users.

C

Checkin — påmeldingssystemet som er regnskapets bestevenn

checkin.no

70

Checkin.no is a Norwegian technology company offering a SaaS event registration system that integrates with accounting processes, targeting event organizers and accounting professionals. The website is built on HubSpot CMS, uses Cloudflare for hosting and security, and integrates multiple marketing and analytics tools such as Google Analytics 4, Hotjar, and Cookiebot. The site demonstrates a good level of digital maturity with responsive design, clear navigation, and professional branding. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit privacy and terms of service pages are missing. No WHOIS data is available, likely due to privacy protection, which is common and justified for this business type. Overall, the website is trustworthy and professionally managed.

V

Vélo-Store

velo-store.fr

53

Vélo-Store is a French-based e-commerce retailer specializing in bicycles, cycling parts, apparel, and accessories. Founded in 2020, it serves primarily the French and broader European cycling community with a comprehensive product catalog and competitive pricing. The website demonstrates a mature digital presence with modern technologies such as SvelteKit, Cloudflare CDN, and integrated marketing and analytics tools. Security is robust with HTTPS enforcement, cookie consent management, and secure payment options clearly displayed. While no explicit security policy or incident response contacts are published, the overall security posture is strong and aligned with industry best practices. The site is well-optimized for performance, mobile responsiveness, and accessibility, providing a professional user experience.

T

Training-Fit

training-fit.fr

54

Training-Fit is a French-based e-commerce retailer specializing in fitness and musculation equipment, accessories, and apparel. The company offers a wide range of products from major brands such as Adidas, Nike, Garmin, and Mizuno, targeting fitness enthusiasts and sports professionals primarily in France and Europe. The website demonstrates a mature market position with multiple sister stores and a strong brand presence. Their business model focuses on online retail with fast delivery and secure payment options, supported by customer service and after-sales support. Technically, the site is built on modern frameworks like SvelteKit, hosted behind Cloudflare, and integrates advanced marketing and tracking tools such as Google Tag Manager, Facebook Pixel, and Criteo. The site is mobile-optimized, fast, and SEO-friendly, providing a good user experience. Security posture is strong with HTTPS, proper security headers, and GDPR-compliant cookie consent mechanisms, although a dedicated security policy and incident response contacts are not published. Overall, the website is professional, trustworthy, and well-maintained, with no signs of blocking or malicious activity.

S

Sport is good

sportisgood.fr

55

Sport is good is a French-based e-commerce retailer specializing in sportswear, sports equipment, and lifestyle apparel. Founded in 2016, it operates multiple country-specific domains and offers a wide range of products from major brands such as Adidas, Asics, Puma, and more. The website emphasizes fast shipping, secure payment options, and customer service, positioning itself as a reliable online sports retailer in the European market. The presence of multiple partner stores and a Trustpilot widget further supports its market credibility. Technically, the website is built using modern web technologies including the SvelteKit framework, Cloudflare CDN and DNS services, and integrates various marketing and tracking tools such as Google Tag Manager, Facebook Pixel, and AWIN affiliate tracking. The site is mobile-optimized, fast-loading, and well-structured with good SEO and accessibility features. From a security perspective, the site enforces HTTPS, uses Cloudflare for protection, and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly identified, and there is no publicly available security policy or incident response information. No vulnerabilities or suspicious activities were detected in the analysis. Overall, the website presents a professional and trustworthy e-commerce platform with good privacy compliance and technical maturity. Strategic improvements could include publishing a formal security policy, incident response contacts, and vulnerability disclosure information to enhance transparency and security posture.

S

Sneak'In

sneakin.fr

57

Sneak'In operates a French-based e-commerce platform specializing in sneakers, clothing, and fashion accessories for men, women, and children. The website positions itself as a mid-tier retailer offering popular brands with competitive pricing and fast delivery options. The business targets fashion-conscious consumers across multiple European countries, supported by localized domains and a broad partner network. The company was founded in 2019 and maintains a consistent brand presence with clear customer service channels and trust signals such as secure payment badges and Trustpilot integration. Technically, the website leverages modern web technologies including SvelteKit for frontend rendering, Cloudflare for DNS and CDN services, and integrates multiple marketing and tracking tools such as Google Tag Manager, Facebook Pixel, Criteo, and AWIN affiliate tracking. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices. Consent management is implemented via AppConsent, ensuring GDPR compliance. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, Sneak'In presents a trustworthy and professionally managed e-commerce platform with solid technical infrastructure and compliance posture. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure program, and enhancing incident response transparency to further strengthen security and customer trust.

S

Sneakids

sneakids.fr

55

Sneakids is a French e-commerce retailer specializing in children's footwear and fashion clothing, targeting parents and guardians of babies, girls, and boys. The company offers a curated selection of top brands at competitive prices, supported by secure payment options and customer service based in France. The website demonstrates a solid market position within the children's retail segment in France, with a modern and responsive design optimized for mobile and desktop users. Technically, the site leverages modern JavaScript frameworks (SvelteKit), Cloudflare CDN, and integrates widely used marketing and analytics tools such as Google Tag Manager and Facebook Pixel, all managed with GDPR-compliant consent mechanisms. Security posture is strong with HTTPS enforcement, appropriate security headers, and no visible vulnerabilities, although the site lacks a dedicated security policy or incident response contact information. Overall, Sneakids presents a trustworthy and professional online presence with good compliance and technical maturity.

S

Smash-Expert

smash-expert.fr

55

Smash-Expert is a French-based e-commerce retailer specializing in racket sports equipment and accessories, including tennis, padel, badminton, table tennis, and squash. The company offers a wide range of branded products with a focus on fast delivery and secure payment options. Their market position is that of a specialist retailer targeting sports enthusiasts primarily in France and other European countries. The website demonstrates a modern technical infrastructure built on SvelteKit and hosted behind Cloudflare, ensuring good performance and mobile optimization. The presence of multiple tracking and advertising pixels indicates a mature digital marketing strategy. Security posture is strong with HTTPS, security headers, and GDPR-compliant cookie consent mechanisms in place, although no explicit security policy or incident response information is publicly available. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

P

Pet and Garden

pet-and-garden.fr

55

Pet and Garden is a French e-commerce retailer specializing in pet supplies, gardening, and agricultural equipment. Founded in 2024, the company targets pet owners and gardeners primarily in France and neighboring European countries. The website offers a broad range of products from well-known brands, emphasizing fast shipping and secure payment options. The business positions itself as a reliable and customer-focused online store with clear service policies and multiple partner stores.

P

Pecheur-Store

pecheur-store.fr

55

Pecheur-Store is a French e-commerce retailer specializing in fishing equipment including rods, reels, baits, and accessories for various fishing styles such as carp, carnassier, and sea fishing. Founded in 2022, it targets fishing enthusiasts primarily in France and neighboring European countries. The website demonstrates a solid market position with partnerships with well-known fishing brands and a broad product catalog. Technically, the site uses modern frameworks like SvelteKit, is hosted behind Cloudflare, and integrates advanced marketing and analytics tools such as Google Analytics, Google Ads, and Facebook Pixel. The site is well-optimized for performance and mobile devices, with good SEO and accessibility basics. Security posture is strong with HTTPS, security headers, and cookie consent management, though it lacks a dedicated security policy or incident response page. Overall, the site is professional, trustworthy, and compliant with GDPR regulations, making it a reliable platform for customers. Strategic recommendations include publishing explicit security and incident response policies and enhancing accessibility features.

O

On-Fight

on-fight.fr

55

On-Fight is a French e-commerce retailer specializing in martial arts and combat sports equipment, offering a wide range of products including gloves, protections, shoes, textiles, and club materials. The website targets martial arts practitioners and combat sports enthusiasts primarily in France and European countries. The business operates a modern, well-structured online platform with clear navigation and professional branding. Technically, the site leverages modern frameworks such as SvelteKit, is hosted behind Cloudflare, and integrates multiple marketing and analytics tools with GDPR-compliant consent management. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. The domain registration data aligns well with the business claims, indicating legitimacy and consistency. Overall, the site presents a trustworthy and professional e-commerce presence in its niche.

N

Nauti-wave

nauti-wave.fr

46

Nauti-wave is a French e-commerce retailer specializing in nautical sports equipment including swimwear, diving gear, and accessories. The website offers a broad selection of products from multiple well-known brands, targeting French and European customers interested in water sports. The business is relatively new, founded in 2022, and positions itself as a niche player with competitive pricing and fast delivery options. Technically, the website is built on modern frameworks such as SvelteKit, uses Cloudflare for DNS and CDN, and integrates standard analytics and marketing tools like Google Analytics and Trustpilot for customer reviews. The site is mobile-optimized, fast, and accessible, with good SEO practices. Security posture is strong with HTTPS enforced, appropriate security headers, and domain registration protections. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, there is no dedicated security policy or incident response page, which could be improved. Overall, the website is professional, trustworthy, and well-suited for its retail business model.

H

House of Rugby

house-of-rugby.fr

55

House of Rugby is a specialized e-commerce retailer focused on rugby apparel, footwear, and equipment, primarily serving the French market and French-speaking rugby enthusiasts. The website offers a broad catalog of official club products, shoes, and accessories from major brands, positioning itself as a niche market leader with a strong emphasis on secure payment and customer service. The business is relatively new, founded in 2022, and operates with a medium-sized footprint in the retail sector. Technically, the website is built on modern technologies including SvelteKit and is hosted behind Cloudflare, ensuring fast performance and good mobile optimization. The site integrates multiple marketing and analytics tools such as Google Tag Manager and Facebook Pixel, with a compliant consent management platform to adhere to GDPR requirements. The design is professional and user-friendly, with clear navigation and good SEO practices. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. There is no evidence of exposed sensitive data or vulnerabilities in the visible content. However, the site lacks a dedicated security policy or incident response contact, which could be improved to enhance trust and preparedness. Overall, the security posture is strong for an e-commerce retailer. The overall risk assessment is low, with no critical issues detected. Strategic recommendations include publishing a formal security policy, adding incident response contacts, and implementing a security.txt file for vulnerability disclosures. These steps would further strengthen compliance and security culture. The website demonstrates a mature digital presence with good privacy compliance and business credibility.

G

Galop-Store

galop-store.fr

55

Galop-Store is a French e-commerce retailer specializing in equestrian equipment and animal care products. Founded in 2022, it targets horse riders, animal owners, and related enthusiasts with a broad catalog of products from reputable brands. The website demonstrates a solid market position within its niche, supported by a professional design, clear navigation, and secure payment options. The company maintains a medium-sized operation with a focus on the French market and some international reach through sister sites. Technically, the site leverages modern frameworks like SvelteKit and is hosted on Cloudflare, ensuring fast performance and good mobile optimization. Security practices include HTTPS enforcement, security headers, and GDPR-compliant cookie consent management, although no explicit security policy or incident response information is published. Overall, the site is trustworthy, professional, and well-maintained, with room for improvement in publishing dedicated security and incident response policies.

F

Foot-Store

foot-store.fr

56

Foot-Store is a well-established French e-commerce retailer specializing in football-related products including shoes, jerseys, and equipment. The website targets football players and fans primarily in France and Europe, offering a wide range of branded merchandise from Nike, Adidas, Puma, and others. The business has a solid market position supported by a domain age of over 9 years and multiple related partner sites. Technically, the website employs modern technologies such as SvelteKit, Cloudflare CDN, and integrates various marketing and tracking tools like Google Tag Manager and Facebook Pixel. The site is mobile-optimized, fast, and accessible, with good SEO practices. Security posture is strong with HTTPS enforced, comprehensive security headers, and GDPR-compliant cookie consent mechanisms. No critical vulnerabilities or suspicious activities were detected. Overall, the site demonstrates a professional and trustworthy e-commerce platform with good privacy and security practices.

E

Espace Golf

espace-golf.fr

54

Espace Golf is a specialized French e-commerce retailer focused on golf equipment, including clubs, bags, carts, clothing, and accessories. Founded in 2019, it serves golf enthusiasts primarily in France and surrounding European countries. The website demonstrates a professional market position with competitive pricing, fast delivery, and multiple payment options including secure installment plans. The presence of Trustpilot reviews and clear contact information enhances customer trust. Technically, the site uses modern frameworks such as SvelteKit, is hosted with OVH and Cloudflare, and integrates advanced tracking and consent management tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although a dedicated security policy and incident response contacts are absent. Overall, the site is compliant with GDPR and provides a good user experience with clear navigation and mobile optimization.

B

Boulevard du Golf

boulevard-du-golf.fr

55

Boulevard du Golf is a specialized French e-commerce retailer focused on golf equipment and accessories, offering a wide range of products from leading brands such as Taylormade, Callaway, and Srixon. Established in 2012, the company has positioned itself as a trusted provider for golf enthusiasts, providing secure payment options, customer support, and a user-friendly online shopping experience. The website is well-structured, mobile-optimized, and integrates modern web technologies including SvelteKit and Cloudflare CDN for performance and security. From a security perspective, the site enforces HTTPS, employs security headers, and integrates a consent management platform to comply with GDPR regulations. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a dedicated security policy or incident response contact suggests room for improvement in transparency and readiness. The domain registration details are consistent with the business claims, enhancing trustworthiness. Overall, Boulevard du Golf demonstrates a mature digital presence with strong privacy compliance and a secure e-commerce environment. Strategic enhancements in security policy disclosure and incident response mechanisms would further strengthen its security posture and customer trust.

B

Basket-Center

basket-center.fr

57

Basket-Center is a well-established French e-commerce retailer specializing in basketball equipment and accessories, including official NBA merchandise and products from major brands such as Adidas, Nike, Wilson, and Mitchell & Ness. The company targets basketball players and fans primarily in France and Europe, offering a broad catalog with fast shipping and secure payment options. The website demonstrates a strong market position as an official distributor with a professional and consistent brand presence. Technically, the website is built on modern technologies including SvelteKit and is hosted behind Cloudflare, ensuring good performance and security. It employs multiple tracking and marketing tools such as Google Analytics, Facebook Pixel, TikTok Pixel, and a consent management platform to comply with GDPR. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, implements security headers, and manages cookie consent effectively. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not publicly available, which could be improved to enhance trust and compliance. Overall, Basket-Center presents a low-risk profile with a strong business and technical foundation. Strategic recommendations include publishing a dedicated security policy, incident response information, and a vulnerability disclosure policy to further strengthen security posture and transparency.

D

Direct Running

direct-running.fr

54

Direct Running is a French-based e-commerce retailer specializing in running shoes, sportswear, and related equipment. The company offers a wide range of products from major brands such as Adidas, Saucony, Puma, and Mizuno, targeting runners and sports enthusiasts primarily in France and Europe. The website demonstrates a mature digital presence with a professional design, clear navigation, and mobile optimization. It integrates multiple marketing and analytics tools including Google Analytics, Facebook Pixel, TikTok Pixel, and Criteo, supported by a consent management platform to ensure GDPR compliance. Security posture is strong with HTTPS enforced and modern security headers implemented, although no dedicated security policy or incident response page was found. Overall, the site is trustworthy and well-positioned in the retail e-commerce market.

Jobbnorge.no is a Norwegian online recruitment platform focused on connecting job seekers with employers across Norway. The website offers job search functionality and recruitment tools, positioning itself as an important player in the Norwegian recruitment market. The platform targets both job seekers and employers, providing a streamlined experience for finding and posting jobs. The business model revolves around providing digital recruitment services and tools to facilitate hiring processes. Technically, the website employs modern technologies including ASP.NET, Matomo analytics, and Cloudflare for hosting and security. It features a comprehensive cookie consent mechanism compliant with GDPR, enhancing user privacy and transparency. Security posture is strong with HTTPS enforced and device fingerprinting used for security purposes, although some security headers could be improved. Overall, the website is professional, well-branded, and trustworthy, with good mobile optimization and accessibility. However, the lack of publicly available WHOIS data slightly reduces trust but is likely due to privacy protection. Strategic recommendations include publishing a privacy policy page, terms of service, and a vulnerability disclosure policy to further enhance compliance and trust.

M

Mondelez International

fcmilka.de

63

The website fcmilka.de serves as a promotional platform for the Milka brand's campaign in partnership with the Bundesliga football league. It offers consumers opportunities to participate in contests and win prizes by entering codes from Milka products. The site targets football fans and Milka consumers primarily in Germany, leveraging strong brand partnerships and official licensing to enhance engagement. The business model focuses on marketing and brand promotion through interactive fan experiences and contests. Technically, the website is built using modern web technologies including React and Next.js, hosted behind Cloudflare's CDN and security services. It employs Google Tag Manager and cookie consent tools to manage analytics and privacy compliance. The site is well-optimized for mobile devices, performs well, and follows good SEO and accessibility practices. From a security perspective, the site enforces HTTPS, uses security headers, and avoids exposing sensitive data. However, it lacks explicit security policy documentation and incident response contacts, which could be improved. Privacy compliance is strong with clear links to comprehensive privacy and cookie policies managed by Mondelez International. Overall, the website presents a low-risk profile with high legitimacy due to its association with a major global brand. Strategic recommendations include publishing a dedicated security policy, adding vulnerability disclosure information, and enhancing incident response visibility to further strengthen trust and compliance.

N

Nor-Shipping

nor-shipping.com

64

Nor-Shipping is a well-established maritime exhibition organizer with a domain registered since 2003, indicating a long-standing presence in the maritime industry. The website focuses on promoting the 2027 event, providing exhibitor and ticketing information, and leveraging modern web technologies such as WordPress with Elementor, Cloudflare CDN, and multiple analytics and tracking pixels. The technical infrastructure is solid, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and domain transfer protections, but could be improved by enabling DNSSEC and publishing explicit security policies. Privacy compliance is partial, with a cookie policy and consent mechanism present but no visible privacy or terms of service pages. Overall, the website is professional and trustworthy, targeting maritime industry professionals and exhibitors.

The website atomyhemohim.id is currently inaccessible due to a Cloudflare error 521 indicating the web server is down. The domain is newly registered in 2025 under the Indonesian registrar PT Dewabisnis Digital Indonesia and uses Cloudflare as its CDN and security provider. There is no accessible content beyond the error message, and no business or contact information is available on the site. The lack of privacy, cookie, or terms of service policies, combined with the server downtime, results in a very limited ability to assess the business or security posture comprehensively. Technically, the site relies on Cloudflare for CDN and security, but the origin server is offline, causing the error. No CMS, analytics, or marketing technologies are detected. The site lacks SEO optimization, accessibility features, and mobile responsiveness due to the error page nature. Security headers and advanced configurations are absent, and DNSSEC is not enabled, which could improve DNS security. From a security perspective, the primary concern is the server downtime causing unavailability. No other vulnerabilities or exposed sensitive data are detected due to the minimal content. The domain registration is consistent and legitimate, but the newness of the domain and lack of content reduce trustworthiness. No privacy compliance or incident response information is available. Overall, the site scores low on content quality, technical implementation, security posture, privacy compliance, and business credibility. Strategic recommendations include restoring server availability, enabling DNSSEC, implementing security headers, adding privacy and cookie policies, and publishing clear business contact information to improve trust and compliance.

The website blksamarinda.id is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking the visitor. The HTML content returned is a Cloudflare challenge page indicating the visitor has been blocked due to triggered security rules. No actual website content, metadata, or business information is accessible for analysis. The domain WHOIS data is suspicious, showing a creation date in the future (July 2, 2025), which is inconsistent with the current date and suggests erroneous or manipulated registration data. The domain uses Cloudflare name servers but does not have DNSSEC enabled, which is a missed opportunity for enhanced DNS security. Due to the blocking and lack of accessible content, no privacy policies, contact information, or security policies can be identified or evaluated. The overall digital maturity and security posture cannot be properly assessed, and the website scores very low on all AI scoring metrics.

The website tajukpapua.id is currently inaccessible due to an HTTP 521 error indicating the origin web server is down. The site is protected by Cloudflare, which is functioning correctly, but the backend server is not responding. There is no accessible content beyond the error page, and no business or contact information is available. The domain WHOIS data shows a suspicious future creation date, which raises concerns about data accuracy or domain legitimacy. No privacy, cookie, or security policies are present, and no forms or analytics scripts are detected, indicating a very low digital maturity level. The security posture is weak due to the lack of security headers and the server downtime. Overall, the site is not currently functional, and the trustworthiness is low.

S

Schinkels Brauerei

bier-moment.de

69

Schinkels Brauerei operates a regional e-commerce platform specializing in organic craft beers and related merchandise, targeting customers primarily in Germany. The business emphasizes regional and organic quality, offering a variety of beer styles and additional services such as brewery tours and event ticketing. The website is built on the Shopify platform, leveraging modern web technologies and third-party integrations for analytics and marketing. The digital infrastructure is robust, with good performance, mobile optimization, and accessibility features. Security posture is solid with HTTPS enforcement, security headers, and GDPR-compliant cookie consent mechanisms, although explicit security policies and incident response details are absent. Overall, the site presents a trustworthy and professional online presence suitable for its market segment.

B

Bizbrains

bizbrains.com

64

Bizbrains is a Denmark-based technology company specializing in supply chain integration and automation solutions. Their flagship product, Link™, offers scalable SaaS and on-premise deployment options designed to connect various business workflows including e-commerce, logistics, and customs. The company emphasizes compliance with key regulations such as NIS2 and GDPR, targeting medium-sized businesses in manufacturing, wholesale, retail, and logistics sectors. The website demonstrates a professional and modern digital presence with strong branding and customer testimonials.

N

Nasjonalmuseet

nasjonalmuseet.no

74

Nasjonalmuseet is Norway's largest national museum dedicated to art, architecture, and design, offering extensive collections from antiquity to modern times. The institution serves a broad audience including the general public, families, researchers, and art enthusiasts, operating primarily as a government-funded cultural entity. The website reflects a professional and comprehensive digital presence with clear navigation, multilingual support, and a strong emphasis on privacy and user consent. Technically, the site leverages modern frameworks such as Vue.js, is hosted on Microsoft Azure, and integrates multiple analytics and marketing tools while maintaining GDPR compliance through a detailed cookie consent mechanism. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the website demonstrates a mature digital infrastructure suitable for a large government cultural institution, with good privacy and security practices, and a high level of trustworthiness.

D

Design og arkitektur Norge (DOGA)

doga.no

55

Design og arkitektur Norge (DOGA) is a Norwegian non-profit foundation dedicated to promoting sustainable value creation and innovation through design and architecture in both the private and public sectors. The organization offers innovation programs, awards, courses, and tools aimed at fostering design-driven innovation and urban development. The website reflects a well-established entity with government ties, targeting Norwegian businesses and public institutions interested in design and architecture innovation. Technically, the website is hosted on Microsoft Azure, built with ASP.NET technologies, and employs modern tools such as Cloudflare for performance and security, Google Tag Manager and Analytics for tracking, and Cookie Information for GDPR-compliant cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is robust with detailed cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with relevant regulations.

The website eye-able.org is currently inaccessible due to a Cloudflare error 525 indicating an SSL handshake failure between Cloudflare and the origin server. This prevents any meaningful content from being delivered to visitors, resulting in a minimal error page with no business or contact information. The domain is very new, registered in March 2024, and hosted via IONOS SE with Cloudflare DNS. The lack of DNSSEC and SSL misconfiguration reduces the trustworthiness and security posture of the site. No privacy, cookie, or terms of service policies are present, and no forms or tracking technologies are detected. Overall, the website is effectively blocked from analysis due to the WAF error page.

The website bet-pmi.in is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking access with a 403 Forbidden error. This prevents any meaningful content analysis or business information extraction. The site uses HTTPS with modern TLS 1.3 and HTTP/2 protocols, indicating a secure hosting environment, but no visible security headers or policies are present on the blocked page. The lack of accessible content and privacy-protected WHOIS data limits the ability to verify the legitimacy or business details of the domain. Overall, the site appears to be either under strict security controls or potentially inactive, resulting in a low trust and credibility score.

The website termsfeedtag.com is currently inaccessible due to a security block resulting in a 403 Forbidden error page served via Cloudflare. The page content is minimal and only displays an unauthorized access message with instructions to authenticate or contact support. No business, legal, or privacy-related content is available for analysis. The domain is registered with NameCheap, Inc. since 2020 with a long expiry date, indicating a legitimate registration. However, the lack of accessible content and security block significantly limit the ability to assess the website's business model, services, or compliance posture. Technical infrastructure includes Cloudflare DNS and security services, but no further technology or CMS details are available. Security posture cannot be fully evaluated due to lack of accessible data, but the presence of a security block suggests some level of protection is in place. Overall, the website is currently not usable for end users or analysis, and improvements are needed to provide accessible content and clear security and privacy policies.

The website massage123.cz is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents any meaningful content or business information from being retrieved or analyzed. The domain has been registered since 2016 and uses Cloudflare for DNS and security services. Due to the block, no privacy policies, contact information, or business details are available on the site. The technical infrastructure relies on Cloudflare's security platform, but the lack of accessible content limits the assessment of the site's digital maturity and user experience. Security posture cannot be fully evaluated; however, the presence of Cloudflare indicates some level of protection against attacks. Overall, the site presents a high risk of poor user experience and low trust due to inaccessibility and lack of transparency.

Glassdoor is a prominent technology company offering an online platform for job seekers and employers, focusing on job listings, company reviews, and salary information. The website analyzed is the German localized domain (glassdoor.de), currently presenting a Cloudflare security challenge page that blocks direct content access. This indicates the use of advanced security measures to protect against bots and malicious traffic. The technical infrastructure leverages Cloudflare services including Turnstile CAPTCHA and Google Analytics for traffic analysis. However, the current page lacks visible privacy, cookie, or terms of service policies, and no contact or security incident response information is provided on this challenge page. The security posture is difficult to fully assess due to content blocking, but the use of Cloudflare suggests a baseline of security best practices. Overall, the site is legitimate and consistent with the Glassdoor brand but limited in accessible content for full analysis.

A

Almega

almega.se

53

Almega is Sweden's leading employer organization for the service sector, representing approximately 10,000 member companies and over 500,000 employees. The organization provides a broad range of services including membership benefits, legal advice, training, collective bargaining support, and advocacy. The website is professionally designed, well-structured, and optimized for SEO and accessibility, reflecting a mature digital presence. Technically, the site runs on WordPress with modern plugins such as Yoast SEO and integrates Google Tag Manager and CookieHub for analytics and cookie consent management. Security posture is strong with HTTPS enforced and Cloudflare protection, though explicit security headers could be verified. Privacy compliance is robust with detailed cookie policies and GDPR-aligned consent mechanisms. WHOIS data for the queried subdomain is missing, which is unusual but likely due to querying the 'www' subdomain rather than the root domain. Overall, the site demonstrates a high level of professionalism, security, and compliance suitable for a large, established organization.

A

Araxio Development N.V.

gransino-casino.de

60

Gransino Casino is a newly established online gambling platform founded in 2024, targeting primarily the German market. Operated by Araxio Development N.V. and licensed in Curaçao, it offers a broad range of casino games including slots, live dealer games, and sports betting. The platform emphasizes attractive bonuses, secure payment methods, and a user-friendly mobile experience. Its market position is that of an emerging competitor with a focus on quality gaming and customer engagement through social media and positive user reviews. Technically, the website employs modern web standards with HTML5, CSS3, and JavaScript, and leverages Cloudflare for DNS and CDN services, enhancing security and performance. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is solid with HTTPS enforced and no exposed sensitive data, but could benefit from additional security headers and a visible cookie consent mechanism to improve privacy compliance. Overall, the security maturity is moderate with no critical vulnerabilities detected. The site maintains GDPR compliance through its privacy policy and offers multiple contact channels, though direct phone support is absent. The domain registration aligns with the business timeline and ownership claims, supporting legitimacy. Strategic improvements in security headers and privacy transparency would enhance trust and compliance. The risk profile is moderate, typical for online gambling platforms, with recommendations focusing on strengthening security policies, enhancing privacy mechanisms, and maintaining transparent communication with users to foster trust and regulatory adherence.

S

Science Park Kassel GmbH

sciencepark-kassel.de

10

Science Park Kassel GmbH operates as an innovation and startup support center located on the Nordcampus of the University of Kassel. Since 2015, it has provided office and workshop spaces, consulting services, and networking opportunities primarily targeting founders, startups, and companies seeking proximity to academic research. The organization fosters knowledge transfer between academia and industry and offers event spaces used regionally and nationally. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, it employs modern web standards, uses Matomo and Google Analytics for tracking, and integrates a robust cookie consent mechanism via CCM19. Security posture is strong with HTTPS enforced and Cloudflare protection, though explicit security policies and incident response details are not published. Overall, the site is trustworthy, compliant with GDPR, and well-positioned in its niche.

E

Eversports GmbH

eversports.com

58

Eversports GmbH operates a leading online platform in Austria for booking sports activities, classes, and venues. The website offers a comprehensive range of sports including yoga, pilates, tennis, and fitness, targeting sports enthusiasts seeking flexible and convenient booking options. The platform supports both online and on-site participation, with social features to connect users. Technically, the website is built on modern frameworks such as React and Apollo GraphQL, hosted behind Cloudflare, and integrates error monitoring via Rollbar. It is mobile optimized and performant, with good SEO and accessibility practices. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy and cookie policies are present and GDPR compliant. Overall, the site demonstrates a mature digital presence with high professionalism and trustworthiness.