Security Directory

I

Il Giornale d'Italia

ilgiornaleditalia.it

69

Il Giornale d'Italia is a national Italian news media outlet providing real-time news and video content covering politics, economy, culture, sports, and more. The website targets Italian-speaking audiences interested in comprehensive news coverage. It operates primarily on an advertising revenue model with a strong presence on major social media platforms. Technically, the site uses a mix of modern and legacy web technologies including jQuery, Bootstrap 3, and Google Analytics, indicating moderate digital maturity. The site is mobile responsive to a basic degree and implements cookie consent mechanisms to comply with GDPR. Security posture is good with HTTPS enforced and no major vulnerabilities detected, though some legacy libraries and lack of advanced security headers suggest room for improvement. Overall, the website is safe, professional, and trustworthy with moderate business credibility and good content quality.

K

KS-ORIGINAL GMBH

projekt-weiss.blog

52

KS-ORIGINAL GMBH operates the website projekt-weiss.blog, a professional German-language platform focused on promoting Kalksandstein (sand-lime brick) architecture and sustainable building projects. The site features project showcases, podcasts, and thematic content aimed at architects, builders, and construction professionals. The business positions itself as a niche leader in the Kalksandstein building materials sector, providing valuable content and engagement through multiple media formats. Technically, the site is built on Drupal 10 with modern web technologies, including lazy loading, responsive design, and integrated analytics via Matomo and Google Analytics. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response contacts are absent. The domain WHOIS data is privacy-protected, which is common and justified for business websites. Overall, the website is professional, trustworthy, and well-structured, serving its target audience effectively.

C

Cinéart

cineart.nl

56

Cinéart is an independent film distributor based in the Netherlands, specializing in releasing films in cinemas, on DVD and Blu-ray, and making films available on Video on Demand and TV platforms. The company targets cinema audiences and film enthusiasts, maintaining a strong presence in the Dutch and Benelux media market. Their website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site uses modern web technologies including Google Tag Manager and Typekit fonts, with a cookie consent mechanism in place, indicating awareness of privacy compliance. Security posture is solid with HTTPS enforced, though some security headers and explicit policies are missing. No direct contact emails or phone numbers are publicly listed, but multiple newsletter signup forms and social media channels provide user engagement avenues. WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website is well maintained, secure, and compliant with basic privacy regulations.

P

Poco

presto-changeo.com

10

Presto-Changeo is a technology company specializing in developing Wix apps and ecommerce modules designed to boost sales and productivity for online stores, particularly those using Wix and PrestaShop platforms. The company claims to have served over 100,000 customers worldwide since 2009, offering US-based dedicated support and a satisfaction guarantee. Their product suite includes tools for inventory management, email marketing integrations, shipping label printing, and conversion optimization. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience of ecommerce store owners. Technically, the website leverages modern web technologies including Google Fonts, Font Awesome, Material Design Icons, and Slick Carousel for UI components, and integrates Google Analytics for tracking. The backend ecommerce platform appears to be PrestaShop. The site uses HTTPS with good SSL configuration, though lacks some advanced security headers. Privacy compliance is basic, with a privacy policy and terms of service present but no cookie consent mechanism or GDPR-specific indicators. Contact is primarily via a web form, with no explicit company emails or phone numbers displayed. From a security perspective, the site shows good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy and ownership transparency. No security policy, incident response contacts, or vulnerability disclosure mechanisms are found, which could be improved to enhance trust and compliance. Overall, Presto-Changeo presents as a credible and professional ecommerce app provider with a solid product offering and customer base, but the missing domain registration data and limited privacy compliance features suggest areas for improvement in security posture and transparency.

I

ITIA Ltd

itia.tennis

61

The International Tennis Integrity Agency (ITIA) operates as a key global authority safeguarding the integrity of professional tennis worldwide. Established in 2021, the organization focuses on anti-corruption and anti-doping programs, providing education, sanctions reporting, and direct communication channels for players, coaches, and officials. The ITIA maintains partnerships with major tennis bodies such as ATP, WTA, ITF, and the Grand Slam tournaments, positioning itself as a trusted non-profit entity in the sports governance sector. The website reflects this mission with clear, professional content targeted at the tennis community and stakeholders. Technically, the website is built on the Umbraco CMS platform, utilizing modern web technologies including HTML5, CSS3, JavaScript, Google Fonts, and Google Analytics for tracking. The site is mobile-optimized with a responsive design and includes accessibility considerations, though these could be enhanced further. Performance is moderate with efficient use of external resources and asynchronous script loading. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements standard security headers. A cookie consent mechanism is in place, demonstrating compliance with GDPR and privacy best practices. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policy documentation and incident response contact details, which are recommended for enhanced transparency and readiness. Overall, the ITIA website presents a professional, trustworthy, and secure digital presence aligned with its mission. Strategic improvements in security policy disclosure, accessibility, and incident response communication would further strengthen its posture and stakeholder confidence.

W

Women's Tennis Association

wtatennis.com

72

The Women's Tennis Association (WTA) official website serves as a comprehensive digital platform delivering live scores, player rankings, tournament calendars, video highlights, and news related to women's professional tennis. It targets tennis fans, players, coaches, and media, positioning itself as the authoritative source for WTA content. The site demonstrates a high level of digital maturity with modern technologies such as Brightcove for video streaming, Google Analytics, Microsoft Clarity for user behavior analysis, and Amazon Ads for monetization. Cookie consent and privacy mechanisms are implemented, reflecting basic compliance with privacy regulations. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers should be verified. The absence of WHOIS data is a notable anomaly, potentially indicating privacy protection or registrar issues, but the website's professional content and branding strongly support its legitimacy. Overall, the site is well-designed, user-friendly, and trustworthy, with room for improvement in transparency of privacy policies and domain registration information.

C

Conferenza dei vescovi svizzeri

ivescovi.ch

43

The website www.ivescovi.ch serves as the official online presence of the Swiss Bishops' Conference, a key religious and governmental entity representing the Catholic Church in Switzerland. It provides comprehensive information about the bishops, church history, committees, official documents, and news updates relevant to the Catholic community and the general public interested in religious affairs. The site targets primarily Italian-speaking users but offers links to German and French versions, reflecting Switzerland's multilingual context. The business model is non-profit, focusing on communication and information dissemination within the religious sector. Technically, the website is built on WordPress 6.6.2 with a Bootstrap-based theme, leveraging modern JavaScript libraries such as jQuery and Slick Carousel. It integrates Google Analytics via Google Site Kit for visitor tracking. The site demonstrates good mobile optimization and a professional design, though some accessibility features are basic. Performance is moderate, with no critical errors or broken elements detected. From a security perspective, the site enforces HTTPS with an excellent SSL configuration but lacks explicit HTTP security headers such as CSP or HSTS. No vulnerability disclosure or incident response policies are published, and cookie consent mechanisms are absent, which may affect GDPR compliance. Contact information is clearly provided, enhancing trust and credibility. Overall, the security posture is adequate but could be improved with additional headers and privacy compliance measures. The overall risk assessment indicates a well-maintained and trustworthy website with minor gaps in privacy compliance and security best practices. Strategic recommendations include implementing cookie consent, enhancing security headers, publishing security policies, and improving accessibility to strengthen the site's security and compliance posture.

The Secession website represents a well-established Austrian non-profit cultural institution dedicated to contemporary art exhibitions and events. It holds a strong market position as one of the oldest independent art exhibition houses globally, with a rich history dating back to 1897. The site targets art enthusiasts, visitors, and the contemporary art community, offering detailed information about exhibitions, events, and the institution's mission. The business model is non-commercial, focusing on cultural promotion and education. The website content is rich, professionally designed, and consistent with the institution's branding and reputation. Technically, the website employs a mix of legacy and modern JavaScript libraries, including jQuery 1.11.3, GSAP, and Slick Carousel, with no explicit CMS detected, suggesting a custom-built platform. Performance is moderate with good mobile optimization and accessibility features. SEO practices are well implemented with proper meta tags and Open Graph data. Hosting details are not explicitly identified. From a security perspective, the site enforces HTTPS and uses Google Analytics with consent mechanisms denying ad and analytics storage by default, indicating good privacy awareness. However, the use of outdated jQuery versions and missing explicit security headers like Content Security Policy and X-Frame-Options present moderate risks. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant. Overall, the website is trustworthy, professional, and safe for general audiences. It demonstrates a mature digital presence suitable for a cultural institution, with minor technical and security improvements recommended to enhance resilience and compliance.

C

Central Danube - Twin City Liner

twincityliner.com

52

Twin City Liner operates a ferry transportation service connecting Vienna and Bratislava, offering a fast 75-minute journey along the Danube River. The website presents a professional and consistent brand image focused on this niche regional transport market. The technical infrastructure employs modern web technologies including Bootstrap, jQuery, and multiple analytics and tracking tools such as Google Analytics, Microsoft Clarity, and Bing Ads. Cookie consent is managed via Cookiebot, indicating some level of privacy compliance. However, the site lacks explicit privacy policy, terms of service, and contact information pages, which are important for user trust and regulatory compliance. Security posture is moderate with HTTPS enabled but missing explicit security headers and incident response information. The domain WHOIS data is consistent with the business profile, showing a long-established domain registered since 2005 with no suspicious patterns. Overall, the website is functional and professional but could improve in privacy and security transparency.

J

JUNE - Online Marketing Cloud

juneapp.com

68

JUNE - Online Marketing Cloud is a German-based SaaS company founded in 2016, providing comprehensive online marketing solutions including email marketing, landing pages, workflow automation, and WhatsApp communication. The company targets businesses and marketers seeking flexible, no-code marketing tools. With over 1000 users and ISO 27001 certification, JUNE holds a reputable market position supported by strong branding and client trust signals. The website is professionally designed, mobile-optimized, and integrates multiple marketing and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, domain transfer protection, and certification, although DNSSEC is not enabled and explicit privacy and terms pages are missing. Overall, the site demonstrates a high level of business credibility and technical competence.

E

Elektro Lichtin AG

elektrolichtin.ch

48

Elektro Lichtin AG is a small regional electrical services company based in Möhlin, Switzerland, specializing in electrical installations, lighting, safety systems, network infrastructure, and household appliances. The website is primarily in German and targets local customers seeking professional electrical services. The business model focuses on service provision with a clear physical presence and contact information. The company maintains a moderate market position as a trusted local provider. Technically, the website uses standard HTML5 and CSS with JavaScript enhancements, including Google Analytics with IP anonymization and a cookie consent banner, indicating basic digital maturity and privacy awareness. The site is moderately optimized for mobile and accessibility but lacks advanced frameworks or CMS indications. Performance is moderate with no critical errors detected. From a security perspective, the site uses HTTPS (assumed from external Google Analytics scripts loaded over HTTPS), but no explicit security headers were detected in the provided data. The presence of cookie consent and anonymized analytics is positive, but the absence of published security policies or incident response information suggests room for improvement. No vulnerabilities or suspicious content were found. Overall, the website is professional, trustworthy, and safe for general audiences. The risk level is low, but strategic improvements in security headers, incident response transparency, and privacy policy detail would enhance compliance and trust.

D

Deep Blue Watches

deepbluewatches.com

61

Deep Blue Watches operates an e-commerce website specializing in dive watches and related accessories, targeting professional divers, military personnel, and watch enthusiasts. The company claims to have been established since 2007, positioning itself as a niche market leader with a focus on precision and durability. The website offers a range of products, customer service options, watch registration, and financing, supported by active social media channels. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and various tracking and marketing tools, hosted likely on Turbify with Cloudflare services. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is strong with HTTPS, CAPTCHA protections, and secure checkout domains, though some security headers and policies are missing. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. The WHOIS data is missing, raising concerns about domain legitimacy and consistency with the claimed business history. Overall, the site is functional and trustworthy from a user perspective but would benefit from improved transparency and security documentation.

R

Reach Food Group

reachfoodgroup.com

53

Reach Food Group is a premium international foodservice supplier specializing in high-quality seafood and gourmet products targeted at the luxury HoReCa market. Founded in 2022 by culinary professionals, the company emphasizes quality, sustainability, reliability, and honesty, supporting industry-leading chefs with innovative products and responsible sourcing. The website reflects a professional and well-branded digital presence with comprehensive content and clear navigation. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and WPBakery Page Builder, hosted likely via GoDaddy. Security posture is good with HTTPS enabled and cookie consent mechanisms in place, though security headers could be improved. Privacy compliance is strong with clear policies and GDPR adherence. No critical vulnerabilities or blocking mechanisms were detected, and the site maintains a high trustworthiness level.

3

3C Legal Limited

3clegal.co.uk

10

3C Legal Limited is a UK-based legal support services company founded in 2018, specializing in providing expert advice and representation in legal and business matters. The company serves a diverse clientele including legal professionals, government departments, businesses, and personal clients. Their services encompass inheritance tax planning, wills and estate planning, probate, and business legal support, with an emphasis on emergency services. The website reflects a professional and consistent brand image with clear contact information and trust indicators such as a data protection license and company registration details. Technically, the website is built on WordPress using modern plugins like Yoast SEO and Complianz for GDPR compliance, with moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Overall, the site is trustworthy, compliant, and well-positioned within its niche market.

N

Nemzeti Média- és Hírközlési Hatóság (NMHH)

buvosvolgy.hu

11

Bűvösvölgy is an educational media literacy center operated by the Hungarian National Media and Infocommunications Authority (NMHH). It provides free, experience-based media literacy programs targeted at children aged 9-16, with three physical centers in Budapest, Debrecen, and Sopron. The website is professionally designed, accessible, and provides comprehensive information about their programs, registration, and contact details. Technically, the site uses modern JavaScript libraries and Google Analytics with IP anonymization, ensuring privacy compliance. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. Overall, the site is trustworthy, well-maintained, and serves a clear educational mission.

S

SPACEFOOT SAS

golf-and-co.nl

62

Golf and Co is a specialized e-commerce retailer focused on golf equipment and accessories, serving primarily the Dutch market with a broader European presence. The company operates under SPACEFOOT SAS, a French legal entity, with customer service and logistics based in France. Their website offers a wide range of golf products including clubs, balls, trolleys, shoes, and apparel from well-known brands. The business model is direct online retail with a focus on quality, competitive pricing, and customer service. The market position is that of a specialist retailer with a strong brand presence in the golf niche.

S

SPACEFOOT SAS

golf-and-co.es

60

Golf and Co is a specialized e-commerce retailer focused on golf equipment and accessories, serving primarily the Spanish and broader European market. The company operates a professional website with a clear product catalog, multiple well-known golf brands, and customer service support based in France. Their business model centers on online sales with secure payment options and a customer-friendly return policy. The website demonstrates consistent branding and good content quality, targeting golf enthusiasts and players. Technically, the site is built on the Magento (OpenMage) platform, utilizing modern web technologies including Google Analytics, Google reCAPTCHA, and GDPR compliance tools such as AppConsent. The site is mobile-optimized and provides a good user experience with clear navigation and product categorization. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the website enforces HTTPS and uses reCAPTCHA to protect forms. While some security headers are not explicitly detected, no critical vulnerabilities or exposed sensitive data were found. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. However, WHOIS data is unavailable due to registry restrictions, limiting domain ownership transparency. Overall, Golf and Co presents a trustworthy and professional online retail presence with a solid technical foundation and good security posture. The main risk lies in the lack of WHOIS transparency, which is common for .es domains but should be monitored. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility compliance.

D

Direct-Volley : Nummer 1 Website für Online-Volleyball

direct-volley.ch

67

Direct-Volley.ch is a German-language e-commerce website specializing in volleyball equipment, apparel, and accessories. It positions itself as the leading online volleyball shop, targeting volleyball players and enthusiasts primarily in German-speaking regions such as Switzerland and Germany. The site offers a broad catalog including shoes, clothing, balls, protective gear, and club equipment, supported by a structured navigation and search functionality. The business model is retail-focused, leveraging an online platform to reach its audience efficiently. Technically, the website is built on the Magento OpenMage platform, integrating modern web technologies such as Google Analytics, Google Ads, and reCAPTCHA for security and marketing purposes. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses bot protection mechanisms. However, it lacks explicit security headers like Content-Security-Policy and X-Frame-Options, and no visible privacy policy or terms of service pages were found in the provided content. Contact information for security incidents or data protection officers is also absent, indicating areas for improvement in compliance and transparency. Overall, the website is professional and trustworthy for its retail purpose but would benefit from enhanced privacy disclosures, security header implementation, and clearer contact channels to improve its security posture and compliance with GDPR requirements.

S

SPACEFOOT SAS

golf-and-co.ch

67

Golf and co is a specialized e-commerce retailer focused on golf equipment and accessories, serving primarily the Swiss and broader European markets. The company operates under the legal entity SPACEFOOT SAS based in France, with customer service also located there. Their website offers a wide range of golf-related products including clubs, balls, bags, shoes, clothing, gloves, and accessories from well-known brands. The business model is retail e-commerce with a strong regional presence indicated by multiple country-specific domains. The site is professionally designed with clear navigation and product categorization, targeting golf enthusiasts and players.

W

World Vision Schweiz und Liechtenstein

myworldvision.ch

47

World Vision Schweiz und Liechtenstein operates as a humanitarian non-profit organization focused on child welfare and development aid. The website myWorldVision.ch serves as a portal for donors and sponsors, providing login access, donation links, and contact information. The organization holds a reputable market position within Switzerland's NGO sector, targeting individuals and entities interested in supporting children and humanitarian causes. Technically, the site is built on TYPO3 CMS with modern web technologies including Bootstrap and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and Visual Website Optimizer. Security measures include HTTPS enforcement and RSA encryption for login forms, though explicit security policies and headers are lacking. Privacy compliance is indicated by cookie consent mechanisms and links to comprehensive privacy policies on the main domain. Overall, the site is professional, trustworthy, and aligned with its non-profit mission.

N

Nemzeti Sportfejlesztési és Módszertani Intézet

nsmi.hu

56

The Nemzeti Sportfejlesztési és Módszertani Intézet (Sportintézet) is a Hungarian government-affiliated institution focused on advancing elite sports through applied science, health, diagnostics, analytics, dietetics, and education. It complements existing sports infrastructure and club work to accelerate Olympic sports development in Hungary. The website is professionally designed using WordPress and Elementor, with good navigation and mobile optimization. It employs modern SEO practices and includes a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and incident response contacts could be improved. Overall, the site reflects a legitimate, medium-sized government entity with a clear mission and target audience.

N

Nemzeti Média- és Hírközlési Hatóság

nmhh.hu

58

The Nemzeti Média- és Hírközlési Hatóság (NMHH) is the official Hungarian national authority responsible for media and telecommunications regulation. The website serves as a comprehensive portal offering regulatory information, consumer and professional services, research publications, and electronic administration tools. It targets a broad audience including consumers, media professionals, and telecommunications providers. The NMHH holds a strong market position as a government entity with a clear mandate and extensive service offerings. Technically, the website employs a mature technology stack including jQuery, Google Analytics with IP anonymization, and modern UI components, ensuring good performance and accessibility. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policy and incident response contacts are not found. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

M

Made In Paradis

madeinparadis.pt

60

Made In Paradis is a well-established online retail platform specializing in women's fashion, footwear, and sportswear, offering products from over 300 brands. The website targets female consumers interested in fashion and sports apparel, providing a broad catalog with clear navigation and a professional design. The business operates primarily in Portugal with a physical presence in France for after-sales service, indicating a cross-border retail operation. Technically, the site is built on the Magento (OpenMage) platform, integrating modern marketing and analytics tools such as Google Analytics, Google Ads, and Actito. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, the website enforces HTTPS, uses Google reCAPTCHA for bot protection, and manages cookie consent in compliance with GDPR. However, it lacks explicit security headers and a public vulnerability disclosure policy. Overall, the site is trustworthy, professional, and compliant with privacy regulations, with room for security enhancements.

ERISMANN AG Seengen is a well-established Swiss company specializing in the repair, sale, and trade of agricultural machinery and winter service equipment. With over 100 years of experience, the company serves primarily agricultural customers in Switzerland, offering hydraulic services, repairs, and a range of machinery products. The website reflects a solid regional market position with a focus on personalized customer service and quality. Technically, the website employs a moderate tech stack including jQuery, Bootstrap, and Google Analytics, indicating a reasonable level of digital maturity. However, the site lacks advanced security headers and a cookie consent mechanism, which are important for compliance and security. The security posture is adequate with HTTPS enabled but could be improved by implementing best practices such as security headers and privacy compliance features. Overall, the website is professional, trustworthy, and provides clear contact information, but should enhance privacy and security measures to align with modern standards.

D

DKV Debreceni Közlekedési Zrt.

dkv.hu

11

DKV Debreceni Közlekedési Zrt. is the primary public transportation operator in Debrecen, Hungary, providing bus, trolleybus, and tram services. The company offers ticket and pass sales, travel planning, and maintains a strong digital presence with a modern, well-structured website. Their market position is solid as a key local transportation provider serving a broad audience including daily commuters and visitors. The website is professionally designed, mobile-optimized, and integrates essential services such as ticket purchasing and real-time travel information. Technically, the site leverages modern frameworks like React and Next.js, integrates Google Maps API for location services, and uses tracking tools such as Google Analytics and Facebook Pixel with proper consent mechanisms. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers could be improved. Overall, the site reflects a mature digital infrastructure supporting a large transportation business with clear contact information and trust signals. No critical vulnerabilities or suspicious content were detected.

HugeDomains operates a professional domain marketplace specializing in premium domain name sales, including GrowthRepublic.com. The website offers transparent pricing, payment plans, and a 30-day money back guarantee, targeting businesses and individuals seeking quality domain names. The platform is established since 2005 and has a solid market position with thousands of satisfied customers. Technically, the site uses modern web technologies including jQuery, Google Analytics, and Google reCAPTCHA, with SSL encryption ensuring secure transactions. Cookie consent mechanisms are in place, supporting privacy compliance. Security posture is good with HTTPS and bot protection, though explicit security headers and incident response policies are not published. Overall, the site is trustworthy, professional, and user-friendly, with clear contact channels and customer testimonials enhancing credibility.

M

Made In Paradis

madeinparadis.es

60

Made In Paradis is a medium-sized e-commerce retailer specializing in women's fashion, footwear, and accessories, operating primarily in Spain with multiple European localized domains. The company offers a wide range of products from over 300 brands, targeting women interested in fashion and footwear. Their business model focuses on online retail with fast delivery and secure payment options, supported by a professional website with clear navigation and brand consistency. The presence of multiple sister stores indicates a broader retail group with diversified offerings. Technically, the website is built on Magento (OpenMage), leveraging modern marketing and analytics tools such as Google Analytics, Google Tag Manager, Google Ads, and Actito marketing automation. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with room for improvement in loading speed and accessibility. From a security perspective, the site enforces HTTPS, integrates reCAPTCHA v3 for bot protection, and uses a consent management platform to comply with GDPR. However, additional security headers could be implemented to enhance protection. No critical vulnerabilities or exposed sensitive data were detected. The website maintains good privacy compliance with clear privacy and cookie policies. Overall, the website presents a low-risk profile with strong business credibility and a good security posture. Strategic improvements in security headers, incident response transparency, and accessibility could further strengthen their position.

P

Pet & Garden - Din online dyrehandel og havecenter

pet-and-garden.dk

57

Pet & Garden is a Danish online retailer specializing in pet supplies, gardening products, and agricultural equipment. The website offers a broad product catalog with categories for dogs, cats, small animals, birds, reptiles, and farming needs, targeting pet owners, gardeners, and farmers primarily in Denmark. The business appears to be newly established in 2024, with a domain registration date consistent with this timeline. The company emphasizes fast shipping and a wide selection of brands and products.

M

Made In Paradis

madeinparadis.nl

62

Made In Paradis is a medium-sized e-commerce retailer specializing in women's fashion, footwear, and accessories, operating primarily in the Netherlands and European markets. The website offers a broad catalog of over 300 brands with a focus on fast delivery and secure payment options. The business targets female consumers interested in trendy and diverse apparel and footwear selections. The company was founded in 2021, aligning with the domain registration date, indicating a relatively young but established online presence. Technically, the website is built on Magento (OpenMage), leveraging modern marketing and analytics tools such as Google Analytics, Google Tag Manager, AWIN affiliate tracking, and Actito marketing automation. The site is mobile-optimized with good SEO practices and a clear navigation structure. Security is robust with HTTPS enforced, DNSSEC enabled, and reCAPTCHA protecting forms. However, additional HTTP security headers could enhance the security posture further. From a security and compliance perspective, the site demonstrates good GDPR compliance with a visible cookie consent mechanism and a comprehensive privacy policy. Contact information including a physical address in France and a phone number is clearly provided, enhancing business credibility. No critical vulnerabilities or suspicious activities were detected. The absence of a public security policy or incident response information is noted but not uncommon for retail websites. Overall, Made In Paradis presents a trustworthy and professional online retail platform with a solid technical foundation and compliance posture. Strategic improvements in security headers and accessibility could further strengthen the site’s resilience and user experience.

D

Daily Bikers : Motorcykelutrustning och reservdelar

daily-bikers.se

56

Daily Bikers is an e-commerce retailer specializing in motorcycle equipment and spare parts, targeting motorcycle enthusiasts primarily in Sweden and other European markets. The website offers a wide range of products including helmets, jackets, gloves, and technical motorcycle parts, with a focus on fast delivery and secure payment options. The presence of multiple country-specific domains indicates a strategic international market approach. Technically, the website is built on Magento (OpenMage) platform, utilizing modern marketing and analytics tools such as Google Analytics, Google Tag Manager, Google Ads, and Actito for marketing automation. The site is mobile-optimized with good navigation and content relevance, although accessibility features are basic. Performance is moderate with room for improvement. From a security perspective, the site enforces HTTPS and integrates reCAPTCHA for bot protection. However, it lacks important security headers and DNSSEC is not enabled, which are areas for enhancement. Privacy compliance is limited as no explicit privacy or cookie policies are found, though a consent mechanism is implemented. No incident response or vulnerability disclosure information is provided. Overall, the website presents a professional and trustworthy e-commerce platform with moderate security posture and privacy compliance. Strategic improvements in security headers, privacy documentation, and incident response transparency would enhance trust and compliance.

P

Pet & Garden - Vaše online centrum pro domácí mazlíčky a zahradu

pet-and-garden.cz

58

Pet & Garden is an e-commerce platform focused on providing a wide range of products for pets, gardening, and agricultural needs primarily targeting customers in the Czech Republic. The website offers various categories including pet food, accessories, garden furniture, and farming equipment, positioning itself as a comprehensive online retail center for these sectors. The business model revolves around online sales with a broad product catalog and multiple brand partnerships. Technically, the website is built on Magento/OpenMage, uses modern web technologies including Google Analytics, Google Ads, and reCAPTCHA, and is hosted on Gandi's infrastructure. The site demonstrates moderate to good digital maturity with responsive design and consent management for GDPR compliance. Security posture is solid with HTTPS and bot protection, though it lacks some advanced security headers and explicit security policies. The WHOIS data is inconsistent, showing a future domain creation date, which raises some concerns about domain registration legitimacy. Overall, the website is professional and safe for general audiences but would benefit from improved transparency in privacy and security policies.

P

Pet & Garden – Ihre Online-Zoohandlung und Ihr Gartencenter

pet-and-garden.de

61

Pet & Garden is a German-based e-commerce retailer specializing in pet supplies, garden equipment, and agricultural products. The website offers a broad catalog of products targeting pet owners, gardeners, and farmers, with a business model focused on online retail and fast shipping services. The platform is built on Magento (OpenMage variant) and integrates multiple third-party services including Google Analytics, Google Ads, AWIN affiliate tracking, and Actito marketing tools, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and bot protection via Google reCAPTCHA, alongside a consent management platform compliant with IAB TCF v2 standards. However, the absence of explicit privacy and cookie policy pages, as well as lack of published contact information for security or incident response, represent compliance and transparency gaps. Overall, the website is professionally designed with good navigation and content relevance, serving a general audience safely without any adult or questionable content.

H

House of Rugby: Der Rugby-Experte

house-of-rugby.at

62

House of Rugby is a specialized e-commerce retailer focused on rugby sportswear, official club products, shoes, and equipment. The website targets rugby players, fans, and sports enthusiasts primarily in Austria and German-speaking regions, offering a wide range of products from well-known brands. The business model centers on online retail with a comprehensive catalog and brand partnerships. The site demonstrates consistent branding and good content quality, with a professional design and clear navigation. Technically, the website is built on Magento (OpenMage), leveraging modern technologies such as Google Tag Manager, Google Analytics, Google Ads, and reCAPTCHA for marketing, analytics, and security. The site is mobile-optimized and uses HTTPS, ensuring secure communication. Performance is moderate, with room for improvement in accessibility and SEO. From a security perspective, the site employs HTTPS and reCAPTCHA, and integrates a consent management platform for GDPR compliance. However, explicit privacy policies, terms of service, and security policies are not found, which reduces transparency and compliance confidence. No critical vulnerabilities or exposed sensitive data were detected. The domain uses privacy protection for WHOIS data, which is common and justified for this business type. Overall, the website presents a moderate risk profile with good business credibility but could improve privacy compliance and security transparency. Strategic recommendations include publishing clear privacy and terms policies, enhancing security headers, and providing direct contact information to improve trust and compliance.

B

Basket-Center

basket-center.at

62

Basket-Center.at is a professional e-commerce website specializing in basketball equipment, apparel, shoes, and accessories. It serves primarily the Austrian market and German-speaking customers, offering official merchandise from well-known brands such as Mitchell & Ness, Spalding, Adidas, and Wilson. The website positions itself as a trusted distributor with fast shipping and secure payment options. Technically, the site is built on Magento (OpenMage), leveraging modern tracking and marketing tools including Google Analytics, Google Ads, and a consent management platform to comply with GDPR requirements. Security measures include HTTPS and reCAPTCHA integration, though explicit security headers and published policies are lacking. Overall, the site demonstrates a solid business and technical foundation with room for improvement in privacy transparency and security documentation.

P

PIN Computers

pinsoft.com

56

PIN Computers is a Serbian company specializing in the distribution of IT equipment and consumer electronics, with additional services before and after sales. Founded in 1997 and headquartered in Novi Sad with a branch in Belgrade, it serves business customers and end users primarily in Serbia. The company offers a range of services including distribution, logistics, service, education, and sales support, positioning itself as an established regional distributor with over 25 years of experience. Technically, the website uses legacy technologies such as jQuery 1.3.2 and Google Analytics for tracking. The site lacks modern CMS frameworks and shows basic mobile optimization and SEO practices. Hosting and DNS are managed through InterNetX GmbH and managed-ip.com name servers. Performance is moderate, with room for modernization and improved accessibility. From a security perspective, the site uses HTTPS for analytics scripts but lacks visible security headers and uses an outdated jQuery version with known vulnerabilities. DNSSEC is not enabled, and no cookie consent mechanism is present, indicating gaps in privacy compliance. The domain registration is consistent with the company's founding date and business claims, supporting legitimacy. Overall, the website is functional and provides clear business information but requires technical and security improvements to enhance user trust and compliance. Strategic recommendations include upgrading legacy libraries, implementing security headers, enabling DNSSEC, and adding privacy and cookie policies to meet GDPR standards.

The International Gymnastics Federation (FIG) operates the official website www.gymnastics.sport, serving as the global governing body for gymnastics. The site provides comprehensive information about gymnastics disciplines, events, news, and organizational details, targeting athletes, officials, and fans worldwide. The business model is that of a non-profit international sports federation with a large global presence. Technically, the website employs modern web technologies including FontAwesome for icons, tarteaucitron.js for cookie consent management, Google Analytics, and Facebook Pixel for analytics and marketing. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices, though some accessibility features could be enhanced. Security posture is strong with HTTPS enforced and privacy policies in place, but lacks explicit security policy documentation and vulnerability disclosure mechanisms. WHOIS data is privacy protected, which is typical for such organizations, and no suspicious patterns were detected. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though it could improve transparency around terms of service and security policies.

H

Handball-Store: Online-Handball-Spezialist

handball-store.de

60

Handball-Store.de is a specialized e-commerce platform focused on providing comprehensive handball sports equipment including shoes, balls, clothing, and protective gear. The website targets handball players, teams, and enthusiasts primarily in Germany but supports multiple European markets through sister domains. The business model is retail e-commerce with a niche focus on handball, positioning itself as a specialist in this sports segment. The site features a well-structured navigation system and a professional design consistent with its market niche. Technically, the website is built on a Magento-based platform (OpenMage variant) and integrates modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and affiliate tracking via AWIN. Hosting is managed through Gandi.net, a reputable provider. Security posture is solid with HTTPS enforced and bot protection via reCAPTCHA, though some security headers could be improved. Privacy compliance is partially addressed with a cookie consent mechanism and GDPR scripts, but no explicit privacy policy or terms of service were found in the provided content. Overall, the site demonstrates a good balance of business professionalism and technical maturity but could enhance transparency and security documentation. The risk level is moderate with recommendations to improve security headers, publish privacy and security policies, and add vulnerability disclosure information.

H

Habitat Vision

habitat-vision.fr

9

Habitat Vision is a French-language website dedicated to providing content and advice on home living, including interior decoration, gardening, real estate, moving, and home equipment. The site targets French-speaking homeowners and individuals interested in improving their living spaces. It operates as a content publishing platform with a niche focus on lifestyle and home improvement topics. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, leveraging modern web technologies such as jQuery and WP Rocket for performance optimization. The site is well-structured with SEO best practices and mobile optimization in place. Security-wise, the website enforces HTTPS and includes basic security headers, but lacks advanced security policies or incident response information. The absence of WHOIS registration data limits the ability to fully verify domain legitimacy, though the website content and technical setup appear professional and trustworthy. Privacy compliance is basic, with a privacy policy and cookie consent mechanism present but no detailed GDPR or data protection officer information. Overall, the site presents a moderate risk profile with room for improvement in transparency and security documentation.

W

Web Internet

web-internet.fr

9

Web Internet is a French media website providing news and lifestyle content focused on internet-related topics and general interest categories such as Auto, Business, Family, Finance, Real Estate, Leisure, Home, Fashion, Health, and Technology. The site targets a general French-speaking audience interested in internet news and lifestyle updates. The business model appears to be content publishing with monetization likely through advertising and affiliate links. The website is small in size and operates within the media industry in France. Technically, the website is built on WordPress CMS using popular plugins such as Yoast SEO and Elementor for content management and design. It employs modern web technologies including jQuery, Google Fonts, and WP Rocket for performance optimization. The site is well optimized for SEO and mobile devices, with fast loading times and structured data implemented via JSON-LD. The hosting provider is not explicitly identified. From a security perspective, the website enforces HTTPS and includes a Content-Security-Policy header to upgrade insecure requests. It uses deferred and lazy loading scripts to improve performance and reduce attack surface. However, additional security headers like HSTS, X-Content-Type-Options, and X-Frame-Options are missing. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is limited as no explicit privacy or cookie policies were found, and no contact information for incident response or data protection officers is provided. Overall, the website presents a professional and trustworthy front with good content quality and technical implementation. The main risk factor is the absence of WHOIS data, which limits domain legitimacy verification. Strategic recommendations include adding comprehensive privacy and cookie policies, enhancing security headers, publishing a security.txt file for vulnerability disclosure, and providing clear contact information to improve trust and compliance.

LibreriadelSanto.it is an established Italian online bookstore specializing in Catholic religious books, articles, and media. The website offers a broad catalog exceeding 100,000 items including new, used, and ebook formats. It targets Italian-speaking customers interested in religious literature and related products. The business operates an e-commerce model with customer support and a clear focus on religious retail. Technically, the site uses a mix of legacy and modern technologies including jQuery, Google Tag Manager, and Iubenda for privacy compliance. The site is hosted on Amazon Cloudfront CDN, ensuring reasonable performance and availability. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected. WHOIS data aligns well with the business profile, indicating legitimacy and transparency. Overall, the site is professional, privacy-conscious, and well-positioned within its niche market.

P

Photoclimat

photoclimat.com

48

Photoclimat is a French non-profit organization that organizes environmental and social photography biennales and exhibitions, primarily in Paris and surrounding regions. The website serves as a platform to promote these cultural events, providing information about upcoming biennales, exhibitions, and opportunities to support or volunteer. The business model is focused on cultural promotion and public engagement through free outdoor exhibitions. Technically, the website is built on WordPress with a modern theme and several plugins for galleries, forms, and analytics. The site is mobile-optimized and uses Google Analytics for visitor tracking. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanism. Contact information is not explicitly provided on the analyzed pages, which may impact user trust. Overall, the website is professional and relevant to its niche but would benefit from enhanced privacy and security practices.

D

Direct-Volley

direct-volley.pt

58

Direct-Volley is a specialized e-commerce retailer focused on volleyball equipment and accessories, primarily serving the Portuguese market with multilingual support for other European countries. The website offers a wide range of products including shoes, clothing, balls, protections, and club equipment, positioning itself as the number one online volleyball store in its niche. The business model is retail e-commerce with emphasis on fast delivery and competitive pricing. Technically, the website is built on the OpenMage platform (a Magento fork), utilizing modern web technologies and integrating Google Analytics, Google Ads, and marketing automation tools. The site is mobile-optimized and provides a good user experience with clear navigation and product categorization. Security posture is solid with HTTPS enforcement and reCAPTCHA integration, but lacks some advanced security headers and publicly disclosed security policies. Privacy compliance is partially addressed with a cookie consent mechanism, but lacks explicit privacy and terms of service documentation. Overall, the website is professional and trustworthy, though improvements in transparency and security documentation are recommended.

S

South London Gallery

southlondongallery.org

71

South London Gallery is a well-established non-profit cultural institution in London, providing free access to contemporary art exhibitions, film, performance events, and educational programs for diverse audiences including children and adults. The gallery has a strong community focus and a history spanning over 125 years, positioning it as a key player in the local and broader art scene. The website reflects this with rich content, clear navigation, and consistent branding. Technically, the site is built on WordPress with modern JavaScript libraries and integrates Google Analytics, Tag Manager, and Klaviyo for marketing and analytics. Security measures include HTTPS and Google reCAPTCHA, though some security headers are not explicitly detected. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. The absence of WHOIS data limits domain trust verification but does not detract significantly from the overall legitimacy given the institution's public presence and external references.

융

융코리아 일렉트릭(주)

jung-korea.com

64

융코리아 일렉트릭(주) is a Korean-based manufacturer and distributor specializing in premium electrical wiring devices and smart building automation solutions, representing the German brand JUNG. The company operates a professional e-commerce website hosted on the Cafe24 platform, targeting both B2B and B2C customers interested in high-quality electrical products and smart home/building solutions. Their market position is that of a premium brand distributor with a solid presence in Korea, supported by a comprehensive product catalog and active social media engagement. Technically, the website employs modern JavaScript libraries and frameworks such as jQuery, Fullpage.js, and AOS for animations, with Google Analytics integrated for user tracking. The site is hosted on Cafe24, a popular Korean e-commerce platform, ensuring stable infrastructure but with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enforced and domain transfer protections, but lacks advanced DNS security (DNSSEC) and security headers, which are recommended for enhanced protection. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy but could improve in security and privacy compliance to meet higher standards.

A

Agentur Frontal AG

frontal.ch

72

Agentur Frontal AG is a Swiss advertising agency specializing in branding and digital marketing with over 20 years of experience. The company offers a broad range of creative services including branding, communication design, campaigns, packaging, websites, social media, trade shows, and storytelling. Their website reflects a professional and consistent brand image targeting businesses seeking comprehensive branding and digital solutions. Technically, the site uses modern JavaScript libraries and a CMS platform (Contens CMS), with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some HTTP security headers are missing and no explicit security or incident response policies are published. Overall, the website is trustworthy, content-rich, and well-maintained, supporting the company's credibility and market position.

C

Cooperfidi Italia Soc. Coop

cooperfidiitalia.it

54

Cooperfidi Italia Soc. Coop is a well-established cooperative society founded in 2009, specializing in providing credit guarantee services primarily to cooperative, non-profit, and primary sector businesses in Italy. The organization positions itself as a key partner facilitating accessible and sustainable credit to promote business growth within its target sectors. The website reflects a professional and consistent brand image, with clear navigation and relevant content tailored to its audience. Technically, the site is built on WordPress with modern plugins and technologies, including Yoast SEO and GDPR-compliant cookie management, indicating a mature digital infrastructure. Security posture is strong with HTTPS and DNSSEC enabled, though some improvements in security headers and explicit policies could enhance trust further. Overall, the site demonstrates good privacy compliance and business credibility, supported by clear contact information and social media presence.

C

Consorzio Cooperativo Finanziario per lo Sviluppo

fin4coop.it

40

FIN4COOP is a cooperative financial intermediary operating nationally in Italy, focusing on providing financial services and support to cooperative members. The website serves as an information portal offering details on financial activities, brochures, membership procedures, financial statements, and news updates. The company targets cooperative organizations and mutual societies, positioning itself as a niche player in the cooperative finance sector with strategic partnerships and a cooperative business model. The website is professionally designed, consistent in branding, and includes trust signals such as privacy compliance and social media presence. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Maps API, and Google Analytics integrated with consent management. The site shows moderate performance and good mobile optimization. SEO practices are well implemented with proper meta tags and structured data. However, a visible PHP warning indicates a plugin issue that should be resolved to improve security and user experience. From a security perspective, the site uses HTTPS with excellent SSL configuration and employs a cookie consent mechanism via Iubenda. No critical vulnerabilities were detected, but the absence of security headers and the PHP warning reduce the security posture score. No incident response or security policy pages were found, suggesting room for improvement in transparency and preparedness. Overall, the website is trustworthy and professional with a good balance of content quality, technical implementation, and privacy compliance. Addressing the minor security issues and enhancing security headers would further strengthen the site's security and user trust.

O

ORDRE DES ARCHITECTES - ORDE VAN ARCHITECTEN FCGOA

nroa-cnoa.be

44

The website represents the National Council of the Order of Architects (NROA) in Belgium, a governmental regulatory body overseeing architects. It provides information about the council's assignments, composition, and offers a service to find architects via an external API. The site is multilingual, targeting Dutch, French, and German-speaking audiences in Belgium. The business model is regulatory and service-oriented, focusing on governance and professional oversight within the architecture sector. The organization is relatively new online, with domain registration in 2023, consistent with the website's recent content updates. Technically, the website is built on WordPress with Elementor and uses modern SEO and cookie consent plugins. Hosting is provided by OVH, a reputable provider. The site is mobile-optimized, has good SEO practices, and uses Google Analytics with consent-based loading. Performance is moderate, and accessibility is basic but functional. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers are not explicitly detected. Security-wise, no critical vulnerabilities or exposed sensitive data were found. The site lacks explicit security policies or incident response contacts, which could be improved. Privacy compliance is good with a clear cookie policy and consent mechanism. Business credibility is supported by consistent branding, structured data, and trust signals such as official logos and partner links. Overall, the website is professional, secure, and compliant with GDPR requirements, serving its role as a national architectural regulatory authority effectively.

M

Meier + Cie AG

meier-cie.ch

47

Meier + Cie AG is a well-established regional media company based in Schaffhausen, Switzerland, with a history dating back to 1861. It operates multiple media channels including print newspapers, online news portals, radio (Radio Munot), and television (SHf). The company is majority-owned by the Carl Oechslin Stiftung, which supports its independence and liberal stance. The website reflects a professional and comprehensive digital presence, targeting residents of Schaffhausen and the broader Swiss audience interested in regional and national news. The business model focuses on multi-channel media delivery and crossmedia advertising services.

P

Pilgerzentrum St. Jakob Zürich

jakobspilger.ch

49

Pilgerzentrum St. Jakob Zürich is a small non-profit organization affiliated with the reformierte Kirche Zürich, focused on offering spiritual pilgrimage experiences, thematic pilgrimages, community events, and educational programs. Their website provides detailed event listings, newsletter signups, and community engagement features targeting pilgrims and spiritually interested individuals primarily in Switzerland. Technically, the site uses modern JavaScript libraries such as jQuery and Swiper.js, integrates Google Analytics and Tag Manager for tracking, and is built on the Redaxo CMS platform. The site is mobile optimized with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and email obfuscation implemented, though it lacks advanced security headers and explicit security policies. Privacy and cookie policies are present and GDPR compliant. WHOIS data confirms the domain is registered consistently with the organization's identity, enhancing trust. Overall, the site is professional, trustworthy, and well-suited for its community-focused mission.