Security Directory

S

Set-One-by-Musterring

set-one-by-musterring.de

54

Set-One-by-Musterring operates a professional e-commerce website specializing in modern furniture and interior design products targeted at young adults and families in Germany. The site leverages the Shopware platform, integrating advanced marketing and analytics tools such as HubSpot and Google Analytics, reflecting a mature digital infrastructure. The business model focuses on online retail with product customization options and dealer locator services, positioning itself as a trusted furniture brand with a 5-year guarantee. Technically, the website is well-structured, mobile-optimized, and secure with HTTPS, though it lacks some security headers and explicit privacy documentation. Security posture is solid with no visible vulnerabilities, but improvements in transparency and compliance documentation are recommended. Overall, the site is safe, professional, and trustworthy, with moderate tracking and marketing practices.

A

ASKÖ WAT Wien

askoewat.wien

42

ASKÖ WAT Wien is a well-established regional sports association based in Vienna, Austria, operating under the umbrella of the ASKÖ Bundesorganisation. The organization focuses on providing diverse sports programs, supporting sports clubs, and promoting health and fitness activities for a broad audience including athletes, clubs, and the general public. Their website reflects a professional and community-oriented approach with clear navigation and relevant content. Technically, the site uses a mix of established JavaScript libraries and a proprietary CMS, delivering moderate performance and good mobile responsiveness. Security posture is adequate with HTTPS enabled but lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in compliance and security best practices. The absence of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given the professional presentation and active content. Overall, the site is trustworthy and serves its community well, though enhancements in privacy compliance and security hardening are recommended.

H

HostGator | India

hostgator.in

75

HostGator India is a well-established web hosting provider offering a broad range of hosting services including shared, WordPress, cloud, VPS, dedicated servers, domain registration, and website security solutions. The company targets individuals and businesses in India seeking reliable and affordable hosting solutions. The website prominently announces an upcoming merger with BigRock, indicating strategic consolidation in the Indian hosting market. Technically, the website employs modern web technologies such as jQuery, Bootstrap, Google Analytics, and various marketing and tracking tools, reflecting a mature digital infrastructure. The site is mobile-optimized and SEO-friendly, with structured data enhancing search visibility. Security-wise, the site enforces HTTPS and uses reCAPTCHA and cookie consent mechanisms, but lacks explicit security policies or incident response contacts. Overall, the website is professional, trustworthy, and well-positioned in the Indian hosting sector, though it could improve transparency around privacy and security policies.

N

New Private Markets

newprivatemarkets.com

75

New Private Markets is a subscription-based intelligence service specializing in sustainable investment, ESG, and impact investing across private equity, real estate, infrastructure, and debt sectors. The website targets investors and financial professionals seeking in-depth research and insights in these niche markets. The company positions itself as a trusted source for ESG and impact investing intelligence, leveraging a professional digital presence and subscription model to monetize its content. Technically, the website is built on WordPress with a modern tech stack including WPBakery Page Builder, Slider Revolution, WooCommerce for e-commerce capabilities, Algolia for search, and multiple analytics and marketing integrations such as Google Tag Manager, Marketo, Sailthru, and Datadog. Cookie consent is managed via Cookiebot with compliance to IAB TCF v2.2 standards, indicating attention to privacy regulations. The site is mobile optimized and uses HTTPS, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs cookie consent mechanisms, and restricts copy-pasting of content to protect intellectual property. However, it lacks explicit privacy policy and terms of service pages, and no security.txt or incident response contacts are published. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website content. Overall, the site demonstrates a good security posture and technical maturity but would benefit from enhanced transparency in privacy and security policies. The absence of WHOIS data impacts trustworthiness and should be addressed. Strategic recommendations include publishing comprehensive privacy and terms policies, adding vulnerability disclosure information, and providing clear incident response contacts to improve compliance and trust.

B

BECOMTECH

becomtech.fr

58

BECOMTECH is a French organization dedicated to promoting gender diversity and equality in the IT and digital sectors, where women are underrepresented. The website serves as an advocacy and educational platform targeting a general audience interested in technology and social inclusion. The organization appears to be a small-sized entity founded in 2018, with a clear mission to foster inclusivity in technology fields. Technically, the website is built on WordPress using the Divi theme, incorporating modern web technologies such as Google Analytics for user tracking and Google Fonts for typography. The site is mobile optimized and presents a professional design with good navigation and content relevance. Security-wise, the site enforces HTTPS and implements a cookie consent banner, but lacks advanced security headers and explicit security or incident response policies. WHOIS data confirms the domain's legitimacy and consistency with the organization's profile. Overall, the website is trustworthy and functional but could improve in privacy compliance and security best practices.

C

Caritas Regio

caritas-regio.ch

65

Caritas Regio is a Swiss non-profit organization dedicated to supporting people affected by poverty and social disadvantage across Switzerland. The website presents a comprehensive range of social, legal, and integration services, alongside opportunities for donations and volunteer engagement. The organization holds the ZEWO certification, indicating recognized trustworthiness in the Swiss charitable sector. The website is professionally designed, multilingual (German and French), and provides clear navigation and relevant content tailored to its target audience.

C

Caritas

kulturlegi.ch

57

KulturLegi.ch is a Swiss non-profit initiative operated by Caritas that provides a discount card to individuals with limited financial means, enabling access to over 4,200 offers in culture, sports, education, and health sectors across Switzerland. The website is well-branded, consistent, and targets socially disadvantaged groups to promote inclusion. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates Google Analytics and Tag Manager for analytics. The site is mobile-optimized and SEO-friendly with good navigation and content quality. Security posture is solid with HTTPS enforced and privacy compliance evident through cookie consent and a comprehensive privacy policy. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the domain registration aligns well with the business claims, enhancing trust and legitimacy.

R

Radio Munot Club

radiomunotclub.ch

32

Radio Munot Club is a non-profit organization supporting the local radio station Radio Munot in Schaffhausen, Switzerland. The club finances investments and supports the training of the radio team, fostering local media presence. The website is well-structured, professionally designed, and provides relevant content for its target audience of members and supporters. Technically, it is built on WordPress with modern plugins and SEO tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and security headers, but lacks explicit security policies and incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and credible, reflecting a legitimate local media support organization.

S

Schwabe

schwabe.ch

61

Schwabe is an established Swiss academic publisher specializing in humanities and social sciences, offering a broad range of scholarly books, e-books, journals, and databases. The website targets academics, researchers, libraries, and authors, providing a professional platform for content discovery and purchase. The business model centers on publishing and distributing academic content with a focus on quality and scholarly relevance. The company maintains a consistent brand presence and good content quality, positioning itself as a reputable player in its niche market. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, and Algolia Search integrated within a Shopware CMS platform. The site is mobile-optimized with good SEO and basic accessibility features. Performance is moderate, with room for improvement in accessibility and loading speed. Privacy considerations are evident through cookie consent mechanisms and IP anonymization in analytics. From a security perspective, the site enforces HTTPS and includes standard security headers, reflecting a good security posture. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. No critical vulnerabilities or exposed sensitive data were detected. Overall, Schwabe's website is professional, secure, and compliant with GDPR principles, though it could benefit from publishing more comprehensive security and legal policies. The risk level is low, with strategic recommendations focusing on improving transparency and accessibility to further strengthen user trust and regulatory compliance.

X

XWiki SAS

xwiki.com

73

XWiki SAS is a well-established technology company specializing in open source knowledge management and collaboration software. With over 20 years of experience, it offers a range of standard and custom solutions including cloud hosting, support, and consulting services. The company serves a broad business audience, including large enterprises such as Amazon and Lenovo, positioning itself as a trusted provider in the enterprise wiki and collaboration market. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the site is built on the XWiki platform with modern JavaScript libraries and frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, domain protection, and use of CAPTCHA, though explicit security policies and vulnerability disclosures are absent. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site demonstrates high business credibility and technical maturity with moderate user tracking for analytics and marketing purposes.

S

SPORTUNION Österreich

sportunion.at

63

SPORTUNION Österreich is a major non-profit sports umbrella organization in Austria, representing a large membership base and numerous sports clubs nationwide. The website serves as an informational and service platform for sports enthusiasts and affiliated clubs, providing event information, member services, and organizational support. The organization holds a strong market position as one of the top three sports federations in Austria. Technically, the website is built on WordPress with a modern tech stack including popular plugins for event management, cookie consent, and SEO optimization. The infrastructure is hosted by netcup GmbH, a reputable hosting provider. The site demonstrates good mobile optimization and moderate performance, with comprehensive SEO and accessibility features. From a security perspective, the website enforces HTTPS, uses security plugins like Wordfence, and implements a robust cookie consent mechanism compliant with GDPR. Security headers are present, and no critical vulnerabilities or exposed sensitive data were detected. However, there is no publicly available security policy or incident response information, which could be improved. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. Strategic recommendations include publishing a dedicated security policy, establishing an incident response contact, and enhancing accessibility features to further strengthen the security posture and user experience.

A

Allgemeiner Sportverband Österreich

asvoe.at

49

The Allgemeiner Sportverband Österreich (ASVÖ) is a large, well-established non-profit sports federation in Austria representing over 5,500 member clubs across more than 120 sports. The organization focuses on promoting sports participation, health, and community engagement through diverse programs, education, and support services for sports clubs and individuals. The website reflects a professional and comprehensive digital presence built on WordPress with modern UIkit framework and includes essential features such as GDPR-compliant privacy and cookie policies, multiple social media integrations, and a service platform for clubs. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though additional security headers and incident response information could enhance trust. WHOIS data is unavailable due to privacy protection, which is justified for this type of organization. Overall, the website demonstrates a mature digital infrastructure and a trustworthy business profile.

A

Axon Enterprise, Inc.

axon.com

70

Axon Enterprise, Inc. is a leading technology company specializing in public safety solutions, including TASER devices, police body cameras, cloud-based evidence management, AI-powered tools, and drone detection systems. The company targets law enforcement, federal agencies, enterprise, fire, EMS, corrections, and campus safety sectors, positioning itself as a market leader with a comprehensive ecosystem designed to protect life and enhance public safety operations. The website reflects a mature digital presence with modern technologies such as React and Next.js, hosted on AWS with strong performance and mobile optimization. Security posture is robust with HTTPS, security headers, and privacy policies in place, though explicit vulnerability disclosure and incident response contacts are not publicly detailed. Overall, the site is professional, trustworthy, and compliant with privacy regulations, supporting Axon's reputation as a credible enterprise in the public safety technology market.

R

RBA

rba.es

59

RBA is a leading Spanish media group specializing in the publication of magazines, books, and collectibles. The company operates multiple business divisions with dedicated websites and e-commerce platforms, serving a broad general audience interested in media and publishing products. The website presents a professional and consistent brand image with clear navigation and relevant content. Technically, the site uses modern web technologies including Bootstrap, jQuery, Google Tag Manager, and a consent management platform (Didomi) to ensure GDPR compliance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though security headers are not explicitly detected and could be improved. WHOIS data is unavailable due to access restrictions from the Spanish domain registry, limiting full domain legitimacy assessment. Overall, the site is safe, compliant, and professionally maintained, with moderate user tracking and good privacy practices.

D

Direct-Volley : Nummer 1 på nätet för volleyboll

direct-volley.se

55

Direct-Volley is a specialized e-commerce retailer focused on volleyball equipment and accessories, primarily serving the Swedish market. The website offers a wide range of products including volleyball balls, shoes, protective gear, and club equipment. It positions itself as the number one online volleyball store in Sweden, targeting volleyball players, teams, and clubs. The business is relatively new, with domain registration in mid-2023, consistent with a startup or recently launched online store. Technically, the website is built on a Magento-based platform (OpenMage), utilizing modern marketing and analytics tools such as Google Analytics, Google Ads, and Actito for marketing automation. The site is mobile-optimized with good navigation and content relevance, although accessibility features are basic. Performance is moderate, and SEO practices are adequately implemented. From a security perspective, the site uses HTTPS and implements reCAPTCHA to mitigate bot traffic. However, it lacks DNSSEC, security headers, and published security policies or incident response contacts. Privacy compliance is partial; while a consent mechanism is in place, explicit privacy and cookie policies are not found. No contact emails or phone numbers are visible, which may impact customer trust. Overall, the website is functional and professionally presented but would benefit from enhanced security practices, clearer privacy documentation, and visible contact information to improve trust and compliance. The domain registration data supports legitimacy, with no suspicious patterns detected.

D

Direct-Volley : Nummer 1 Website für Online-Volleyball

direct-volley.de

60

Direct-Volley.de is a German e-commerce website specializing in volleyball equipment, including shoes, balls, clothing, protective gear, and club supplies. The site positions itself as the leading online volleyball shop in Germany, targeting volleyball players and enthusiasts. The business model is retail-focused, offering a wide range of branded products with a clear and structured navigation system. The website demonstrates a good level of digital maturity with a Magento-based platform and integration of modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and AWIN affiliate tracking. The site is mobile-optimized and provides a generally good user experience with clear product categorization and search functionality. Security posture is adequate with HTTPS enforced and consent management implemented, but lacks some security headers and explicit security policies. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy policy or terms of service found in the provided content. Overall, the website is professional and trustworthy but could improve transparency and security practices to enhance user trust and compliance.

D

Direct-Volley : Sitio web número 1 de voleibol en línea

direct-volley.es

57

Direct-Volley.es is a specialized e-commerce platform focused on volleyball equipment and accessories, targeting Spanish-speaking customers primarily in Spain. The website offers a wide range of products including volleyball shoes, clothing, balls, protections, and club equipment. It positions itself as a leading online volleyball store with fast delivery and competitive pricing. The technical infrastructure is based on Magento (OpenMage), integrating modern tracking and marketing tools such as Google Analytics, Facebook Pixel, and Google Ads, indicating a mature digital marketing strategy. The site is HTTPS secured and implements a consent management platform for GDPR compliance, although explicit privacy and terms of service pages are not clearly found in the provided content. Security posture is moderate with room for improvement in security headers and explicit security policies. WHOIS data is unavailable due to Red.es query restrictions, which is common for .es domains, but this limits full verification of domain legitimacy. Overall, the website is professionally designed, functional, and serves a niche retail market effectively.

D

Direct-Volley : Strona numer 1 dla siatkówki online

direct-volley.pl

58

Direct-Volley.pl is a specialized e-commerce website focused on retailing volleyball equipment and accessories primarily targeting Polish and European customers. The site offers a wide range of products including shoes, textiles, balls, protective gear, and club equipment, emphasizing fast delivery and competitive pricing. The business appears to be recently established in 2023, supported by consistent domain registration data and DNSSEC-enabled domain security. Technically, the website is built on the OpenMage CMS platform, a Magento fork, which is a mature and widely used e-commerce solution. The site integrates modern marketing and analytics tools such as Google Analytics, Google Ads, Facebook Pixel, and Actito marketing automation. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the website enforces HTTPS, uses DNSSEC, and implements GDPR-compliant cookie consent mechanisms. However, it lacks publicly accessible privacy policy and terms of service pages, which are critical for full compliance and user trust. No critical vulnerabilities or WAF blocking were detected, but the absence of explicit security policies and incident response contacts suggests room for improvement. Overall, the website presents a professional and trustworthy e-commerce platform with moderate risk. Strategic improvements in privacy documentation, contact transparency, and security disclosures would enhance compliance and user confidence.

B

Bank Austria

cashbackonline.at

62

The website cashbackonline.at is a cashback and discount platform affiliated with Bank Austria, targeting primarily Austrian customers interested in online shopping and travel deals. It offers cashback incentives across a wide range of partner shops and travel services, positioning itself as a value-added service for Bank Austria customers. The platform is built on Drupal 9 and employs modern web technologies including Google Tag Manager and Owl Carousel for enhanced user experience. Security posture is strong with HTTPS enforced and multiple security headers present, though there is room for improvement in cookie consent mechanisms and incident response transparency. The absence of WHOIS data limits domain trust assessment, but the website's branding and certifications indicate a legitimate and professional operation.

C

Creative SHOPPING GmbH

creative-shopping.com

54

Creative SHOPPING GmbH is a German-based technology company specializing in premium advantage and cashback solutions, operating over 120 shopping portals including the well-known GETMORE cashback portal. The company targets businesses seeking to enhance customer and employee loyalty through white-label and custom SaaS platforms. Their market position is strong, supported by awards and a minority investment by ProSiebenSat.1 Media SE. Technically, the website employs modern web technologies, including Google Analytics with privacy features and reCAPTCHA for form security, reflecting a mature digital infrastructure. Security posture is good with HTTPS and form protections, though some security headers and explicit policies are missing. Overall, the website is professional, trustworthy, and compliant with GDPR, with clear contact information and privacy policies. No critical vulnerabilities or suspicious content were detected.

L

Leuchtenmarkt

leuchtenmarkt.de

49

Leuchtenmarkt is a well-established German e-commerce retailer specializing in LED lighting products including LED Einbaustrahler, sets, and accessories. With over 30 years of experience, it holds a strong market position as a trusted provider in the residential lighting sector. The website offers a professional shopping experience with detailed product information, customer reviews, and a modern digital infrastructure. Technically, the site is built on the Shopware platform, leveraging Google Analytics, Google Tag Manager, Matomo, and reCAPTCHA for analytics and security. The site is mobile-optimized and provides a good user experience with clear navigation and consistent branding. Security posture is solid with HTTPS and bot protection, though explicit security headers could be enhanced. Privacy compliance is robust with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is trustworthy and professionally managed, with no signs of blocking or suspicious activity.

K

KM-Werbemittel GmbH

laprinta.de

66

laprinta.de is a well-established German e-commerce website specializing in promotional products and advertising gifts, operated by KM-Werbemittel GmbH since 1988. The site offers a broad product range including office supplies, USB and tech gadgets, bags, food and beverages, sustainable items, sports and leisure products, seasonal goods, and more. It targets businesses and organizations seeking customized promotional merchandise, positioning itself as a trusted specialist with over 30 years of market presence. The website features professional design, clear navigation, and consistent branding, supporting a positive user experience.

M

MEDIMAX

medimax.de

71

MEDIMAX operates as a large-scale retail and e-commerce platform specializing in consumer electronics, household appliances, and entertainment electronics primarily targeting the German market. The website demonstrates a professional and comprehensive digital presence with extensive product categories and a user-friendly interface. The business is well-positioned in the retail sector with a strong focus on online shopping convenience and local store integration. Technically, the site employs modern JavaScript frameworks, Google Tag Manager, and various third-party marketing and analytics tools, reflecting a mature digital infrastructure. Security posture is robust with HTTPS enforcement, CSRF protection, and a detailed cookie consent mechanism, although explicit security headers could be enhanced. Privacy compliance is strong, with GDPR-aligned policies and consent management. Overall, the site is trustworthy, professionally maintained, and suitable for general consumers.

É

Éditions Finitude

finitude.fr

46

Éditions Finitude is a French literary publishing company presenting its catalog and publishing activities through a professionally designed WordPress website using the Divi theme. The site targets French-speaking readers and literary enthusiasts, offering book publishing services and literary content. The technical infrastructure includes WooCommerce for e-commerce and analytics tools such as Google Analytics and Matomo, indicating a moderate level of digital maturity. Security posture is good with HTTPS and security headers implemented, but lacks visible privacy and cookie policies, as well as contact information for security incidents. The absence of WHOIS data limits domain trust assessment, suggesting the domain may be new or privacy protected, which slightly reduces overall trust. Strategic recommendations include adding comprehensive privacy and cookie policies, improving contact transparency, and implementing a vulnerability disclosure mechanism to enhance security and compliance.

A

Amedia Kreativ

amediakreativ.no

45

Amedia Kreativ is a Norwegian creative service provider established in 2018, offering consulting and production services primarily targeting a general audience in the media sector. The website is built on WordPress using the Divi theme and integrates modern analytics tools such as Google Analytics and Google Tag Manager, indicating a moderate level of digital maturity. The site is well-designed with good mobile optimization and SEO practices, although accessibility features are basic. Security posture is adequate with HTTPS enabled but lacks important security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Overall, the website presents a professional image but would benefit from enhanced privacy and security measures to improve trust and compliance.

I

IngenCO2.dk

co2neutralwebsite.de

54

IngenCO2.dk operates the CO2-neutral website certification platform, www.co2neutralwebsite.de, providing brands and website owners with a service to offset their websites' carbon footprint by supporting global CO2 reduction projects certified by the Gold Standard. The platform is well-positioned in the sustainability market with over 32,000 websites certified, trusted by notable partners and audited by BDO for CO2 compensation accuracy. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content in German, targeting environmentally conscious businesses and organizations. Technically, the site leverages modern frameworks such as Next.js and React, integrates Google Analytics and Tag Manager for analytics, and uses Cloudflare for DNS and likely CDN services, ensuring fast and secure delivery. Security posture is strong with HTTPS enforced and bot protection via Google reCAPTCHA, though explicit security headers and incident response policies could be improved. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility.

L

Luca Brunoni

lucabrunoni.com

54

The website lucabrunoni.com serves as the official online presence of Swiss author Luca Brunoni, showcasing his literary works, biography, and multimedia content related to his novels. The site targets readers interested in contemporary literature, particularly French and Italian-speaking audiences. The business model centers on personal branding and book promotion, with a niche market position in the literary domain. Technically, the site is built on the Adobe Portfolio platform, utilizing modern web technologies such as HTML5, CSS3, JavaScript, Google Analytics, and Adobe Typekit fonts. The site demonstrates good mobile optimization and moderate performance but lacks advanced accessibility features and comprehensive SEO optimization. Security-wise, the site benefits from HTTPS encryption and uses sandboxed iframes for embedded content, but it lacks important security headers and DNSSEC is not enabled, which could be improved to enhance security posture. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanisms, which poses compliance risks under GDPR. The site does not provide explicit contact information or incident response channels, limiting business credibility and user trust. Overall, the website is professional and functional but would benefit from enhanced security, privacy compliance, and contact transparency to improve trust and regulatory adherence.

3W-Room is a Swiss-based company specializing in creating virtual 360-degree tours using advanced 3D scanning technology to produce digital twins of physical spaces. Their business model uniquely integrates sustainability and social inclusion by supporting global reforestation projects, reducing CO2 emissions, and making spaces accessible to people with mobility or cognitive impairments. The website reflects a professional and consistent brand image with good content quality and clear navigation aimed at businesses and organizations interested in sustainable virtual tours and inclusive tourism. Technically, the website employs modern web technologies including Google Maps API, Facebook Pixel, Google Analytics, and YouTube background video integration. The site is mobile-optimized with good performance and basic accessibility features. Security posture is strong with HTTPS enforced and appropriate security headers, although explicit security and privacy policies are missing. Cookie consent is managed via a third-party service, indicating some level of privacy compliance. Security-wise, the site shows no critical vulnerabilities or exposed sensitive data. However, it lacks a vulnerability disclosure policy and incident response contact information, which are recommended for enhanced security maturity. The WHOIS data confirms a legitimate Swiss registration consistent with the website's claims, supporting high trustworthiness. Overall, 3W-Room presents a credible and professional online presence with a focus on sustainability and inclusion. Strategic improvements in privacy policy transparency and security disclosure would further strengthen their security posture and compliance standing.

B

Building4Jobs

building4jobs.com

9

Building4jobs.com is a specialized online job board focused on the construction sector, primarily serving jobseekers and recruiters in the UK construction industry. The platform offers job search, job alerts, CV uploads, and recruiter services such as job posting and candidate search. The website is powered by the Madgex Job Board Platform and integrates standard digital marketing and analytics tools including Google Analytics and Google Tag Manager. The site is well-structured, mobile-optimized, and provides a professional user experience with clear navigation and relevant content. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and business model appear credible and consistent with a legitimate niche job board.

A

AFT (Association pour le développement de la formation professionnelle dans le transport)

ambassadeurs-emploi-tl.com

61

The website ambassadeurs-emploi-tl.com represents a French initiative by the AFT organization to promote responsible engagement and employer branding in the transport and logistics sectors. It targets companies and professionals in these industries, offering a structured ambassador program with personalized support, recruitment facilitation, and networking opportunities. The site is well-branded, consistent, and provides relevant content including testimonials and partner information. Technically, it is built on Drupal 10 with modern tracking tools like Google Analytics and Tag Manager, hosted via Gandi SAS. The site is mobile-optimized and accessible with good SEO practices. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is basic with no explicit privacy policy or opt-in cookie consent. Contact information is limited to a single email address. Overall, the site is professional and trustworthy with room for improvement in privacy and security transparency.

N

Nauti-wave

nauti-wave.fr

46

Nauti-wave is a French e-commerce retailer specializing in nautical sports equipment including swimwear, diving gear, and accessories. The website offers a broad selection of products from multiple well-known brands, targeting French and European customers interested in water sports. The business is relatively new, founded in 2022, and positions itself as a niche player with competitive pricing and fast delivery options. Technically, the website is built on modern frameworks such as SvelteKit, uses Cloudflare for DNS and CDN, and integrates standard analytics and marketing tools like Google Analytics and Trustpilot for customer reviews. The site is mobile-optimized, fast, and accessible, with good SEO practices. Security posture is strong with HTTPS enforced, appropriate security headers, and domain registration protections. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, there is no dedicated security policy or incident response page, which could be improved. Overall, the website is professional, trustworthy, and well-suited for its retail business model.

H

Handball-Store : Site numéro 1 du handball en ligne

handball-store.fr

37

Handball-Store.fr is a specialized e-commerce platform focused on retailing handball-related equipment, including shoes, clothing, balls, and protective gear. Established in 2009, it holds a strong market position in France as a leading online handball store. The website offers a comprehensive catalog with detailed navigation and supports multiple languages, indicating a mature digital presence. Technically, the site leverages a Magento-based CMS (OpenMage), uses Cloudflare for DNS and CDN, and integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, TikTok Pixel, and Criteo. The site is served over HTTPS with good security headers, reflecting a solid security posture. However, it lacks explicit privacy and terms of service pages and does not provide direct contact information, which are areas for improvement in compliance and user trust. Overall, the website is professional, functional, and secure, but could enhance privacy transparency and user support channels.

D

Direct-Volley : chaussures, ballons, vêtements et équipements de volleyball

direct-volley.fr

57

Direct-Volley.fr is a specialized e-commerce retailer focused on volleyball equipment, apparel, and accessories, serving primarily the French market with multiple localized European domains indicating a broader regional presence. The website offers a comprehensive catalog including shoes, balls, protective gear, club equipment, and lifestyle products related to volleyball. The business appears well-established with a domain age of nearly 9 years and uses reputable hosting and CDN services via Cloudflare. The technical infrastructure is based on Magento (OpenMage), supported by modern analytics and marketing tools such as Google Analytics, Facebook Pixel, TikTok Pixel, and Criteo, reflecting a mature digital marketing strategy. Security posture is solid with HTTPS enforced, security headers present, and domain registration practices consistent with a legitimate retail business. However, the site lacks explicit privacy policy and terms of service pages, which are critical for GDPR compliance and user trust. Contact information and incident response details are also missing, limiting transparency. Overall, the site is professional, secure, and functional but would benefit from enhanced privacy and compliance documentation.

B

Boulevard du Golf

boulevard-du-golf.fr

55

Boulevard du Golf is a specialized French e-commerce retailer focused on golf equipment and accessories, offering a wide range of products from leading brands such as Taylormade, Callaway, and Srixon. Established in 2012, the company has positioned itself as a trusted provider for golf enthusiasts, providing secure payment options, customer support, and a user-friendly online shopping experience. The website is well-structured, mobile-optimized, and integrates modern web technologies including SvelteKit and Cloudflare CDN for performance and security. From a security perspective, the site enforces HTTPS, employs security headers, and integrates a consent management platform to comply with GDPR regulations. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a dedicated security policy or incident response contact suggests room for improvement in transparency and readiness. The domain registration details are consistent with the business claims, enhancing trustworthiness. Overall, Boulevard du Golf demonstrates a mature digital presence with strong privacy compliance and a secure e-commerce environment. Strategic enhancements in security policy disclosure and incident response mechanisms would further strengthen its security posture and customer trust.

yesforever.ch is a Swiss-based small business operated by Optimize AG, offering a niche SaaS platform for creating personalized wedding websites. The platform provides tailored features such as gift registries, photo galleries, guest registration forms, and password-protected pages, targeting couples planning weddings and their guests. The business model is subscription-based with free trials and flexible pricing plans. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, Owl Carousel, and integrates analytics tools like Google Analytics and Hotjar, indicating a moderate level of digital maturity. The site is mobile-optimized and presents a professional user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and password protection for certain pages but lacks explicit security headers and published security policies, which are areas for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanisms. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

I

invitu

invitu.ch

43

invitu.ch is a Swiss-based online platform specializing in stylish and quick event invitations for private, corporate, and public events. The website offers a user-friendly interface with various event categories and customizable invitation templates, targeting individuals and companies in Switzerland. The business operates as a small-sized entity focusing on digital event invitation services with a clear market niche. Technically, the site employs modern web technologies including Bootstrap, jQuery, FontAwesome, and integrates analytics and user behavior tracking tools such as Google Analytics, Google Tag Manager, and Hotjar. The website is mobile-optimized and presents a professional design with good navigation and content relevance. Security-wise, the site uses HTTPS with appropriate security headers, but lacks some advanced security policies and incident response information. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR explicit statements. Overall, the site is legitimate and trustworthy with room for improvement in privacy and security documentation.

E

EXPO EVENT – Swiss LiveCom Association

expo-event.ch

61

EXPO EVENT – Swiss LiveCom Association is a national industry association representing the Live Communication sector in Switzerland. The organization provides membership services, industry events, education, and sustainability consulting to its members. The website reflects a professional and well-established entity with a clear market position as a leading voice for LiveCom in Switzerland. The technical infrastructure is modern, leveraging Nuxt.js and Vue.js frameworks, with integration of common analytics and marketing tools such as Google Analytics and LinkedIn Insight Tag. Security posture is strong with HTTPS and security headers implemented, although cookie consent mechanisms and explicit terms of service are missing. Overall, the site is well-designed, mobile-optimized, and provides comprehensive contact and event information, supporting a high level of trust and credibility.

G

Grafik Design Katja Saenze

grafik-art.ch

47

Grafik Design Katja Saenze is a small, professional graphic design agency based in Aargau, Switzerland, specializing in comprehensive visual branding services including logo creation, corporate identity, and web design. The website demonstrates a strong market position locally with over 20 years of experience and a portfolio of more than 1000 projects. Technically, the site is built on WordPress with Elementor and integrates modern web technologies and SEO tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be enhanced. Overall, the site is trustworthy, professional, and compliant with GDPR, providing clear contact information and social media presence.

S

Sportjugend Nordrhein-Westfalen

sportjugend.nrw

47

Sportjugend Nordrhein-Westfalen is a regional youth sports organization affiliated with the Landessportbund Nordrhein-Westfalen, focusing on youth engagement, sports education, volunteer services, and community programs in the German state of North Rhine-Westphalia. The website serves as a comprehensive portal for information on various youth sports initiatives, qualification programs, and events, targeting young people, sports clubs, and volunteers. Technically, the site is built on the TYPO3 CMS platform, integrating modern web technologies such as Google Tag Manager, Google Analytics, and accessibility tools like ReadSpeaker. The website is well-structured, mobile-optimized, and includes a cookie consent mechanism aligned with GDPR requirements. Security-wise, the site enforces HTTPS and uses cookie consent but lacks explicit security headers and a published security policy or incident response contacts. The WHOIS data is privacy protected, which is typical and justified for a non-profit organization. Overall, the website demonstrates a mature digital presence with good content quality and compliance, supporting its role as a trusted regional youth sports entity.

L

Landessportbund Nordrhein-Westfalen e.V.

lsb-nrw.de

46

The Landessportbund Nordrhein-Westfalen e.V. is a large, non-profit regional sports umbrella organization serving the state of North Rhine-Westphalia, Germany. It provides a broad range of sports programs, information, and funding opportunities for sports clubs and individuals. The website is professionally designed, well-structured, and targets sports organizations and enthusiasts within NRW. The technical infrastructure is based on TYPO3 CMS with integration of modern analytics and marketing tools such as Google Tag Manager, Google Analytics, and Facebook Pixel. Accessibility features and cookie consent mechanisms are implemented, reflecting a mature digital presence. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though security headers could be improved. WHOIS data is privacy protected, which is typical for such organizations, and does not raise legitimacy concerns given the website's professional nature and content. Overall, the site demonstrates a strong commitment to privacy compliance and user experience.

D

DLRG DLRG-Jugend Bundesebene

dlrg-jugend.de

70

DLRG-Jugend Bundesebene is a German non-profit youth organization affiliated with the German Life Saving Association (DLRG). It focuses on youth engagement, education, and community activities related to water safety and youth development. The website serves as an information hub for events, campaigns, and volunteer opportunities targeted primarily at German-speaking youth and volunteers. The organization maintains a consistent brand presence and provides comprehensive contact and privacy information, reflecting a mature digital presence. Technically, the website is built on TYPO3 CMS, leveraging modern responsive design frameworks such as Bootstrap and FontAwesome. Hosting is provided via Amazon AWS infrastructure, ensuring reliable performance and scalability. The site incorporates GDPR-compliant cookie consent mechanisms and uses both Google Analytics and Plausible Analytics for visitor tracking, with user opt-in consent. From a security perspective, the site enforces HTTPS and employs cookie consent for analytics tracking, but lacks explicit security headers and publicly available security or incident response policies. No vulnerabilities or suspicious content were detected. Overall, the site demonstrates a good security posture appropriate for a non-profit organization. The overall risk is low, with recommendations focusing on enhancing security headers, publishing incident response information, and considering a vulnerability disclosure policy to further strengthen trust and compliance.

S

Sebastian-Kneipp-Schule

kneippschule.de

54

Sebastian-Kneipp-Schule is a vocational school based in Bad Wörishofen, Germany, specializing in physiotherapy and massage education. Affiliated with the Kneipp-Bund e.V., it offers a range of training programs including 36-month and 18-month physiotherapy courses, massage plus, Kneipp bath attendant courses, and continuing education. The institution targets students and professionals seeking formal education and certification in these health and wellness fields. The school has a longstanding history of over 60 years, positioning it as a reputable educational provider in its niche. Technically, the website is built on TYPO3 CMS, utilizing common web technologies such as jQuery UI and Flexslider for interactive elements. The site is mobile-optimized with good SEO practices and includes a cookie consent mechanism compliant with GDPR. Google Analytics is used for visitor tracking, indicating moderate user tracking levels. The website performance is moderate, with a generally good user experience and clear navigation. From a security perspective, the site enforces HTTPS and implements cookie consent. However, it lacks explicit security headers and does not provide a public security policy or incident response contacts. A notable security concern is the presence of a hidden spam link to a replica watches site, which poses SEO and reputational risks. No vulnerability disclosure or security.txt files were found, indicating room for improvement in transparency and security maturity. Overall, the website is functional, professional, and compliant with privacy regulations but would benefit from enhanced security practices and removal of suspicious hidden content. The domain WHOIS data is minimal but consistent with the business purpose, supporting the legitimacy of the site. Strategic recommendations include removing spam links, adding security headers, publishing security policies, and enhancing incident response readiness.

A

abavo GmbH

abavo.de

52

abavo GmbH is a German media service provider specializing in publishing process automation and typesetting services. Their flagship product, vlow®, offers an automated publishing workflow from manuscript to finished publication, targeting publishing houses and media companies. The company emphasizes precision, craftsmanship, and cost efficiency, positioning itself as a reliable partner in the media production sector. The website is professionally designed using TYPO3 CMS, with good mobile optimization and clear navigation. It integrates Google Analytics with IP anonymization and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enabled, but lacks some advanced security headers and published security policies. Contact information is clearly provided, enhancing business credibility. Overall, the website reflects a trustworthy and professional business presence.

B

BVA BikeMedia GmbH

fahrrad-buecher-karten.de

67

BVA BikeMedia GmbH operates www.fahrrad-buecher-karten.de as a specialized e-commerce platform focused on cycling maps, books, and related media products. The company holds a strong market position in Germany as a leading provider of cycling literature and maps, targeting cycling enthusiasts and travelers. The website offers a well-structured catalog of products, including digital downloads and magazines, supported by clear navigation and professional design. Technically, the site uses modern web technologies including JavaScript, CSS3, and integrates Google Analytics with privacy-conscious configurations such as IP anonymization. The hosting is managed via INWX nameservers, and the site enforces HTTPS, ensuring secure data transmission. Privacy compliance is robust with a detailed cookie consent mechanism and accessible privacy policy. However, explicit security headers are not evident in the HTML content, suggesting room for improvement in security hardening. Contact information is comprehensive, including email, phone, physical address, and contact forms, enhancing business credibility. Overall, the site demonstrates a mature digital presence with good privacy and security practices, suitable for its retail and media business model.

Sportbunt.de is a professionally maintained non-profit website operated by Landessportbund Berlin e.V., focused on promoting integration through sports activities in Berlin, especially targeting refugees and local sports clubs. The site offers information on sports programs, training, events, and community engagement. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates mapping and analytics services, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit incident response policies are not publicly visible. Overall, the website is trustworthy, compliant with GDPR, and serves its community-oriented mission effectively.

Hamburger Tennis-Verband e.V. is a regional non-profit sports association dedicated to promoting tennis activities in Hamburg, Germany. The website serves as an information hub for players, clubs, trainers, and tennis enthusiasts, offering event calendars, tournament details, training programs, youth development initiatives, and inclusion projects. The association maintains partnerships with recognized tennis organizations and sponsors, reinforcing its position as a key regional tennis authority. Technically, the website employs a mix of established JavaScript libraries such as jQuery, Bootstrap 3.3.5, Owl Carousel, and jQuery.mmenu for responsive and interactive UI elements. Google Tag Manager and Google Analytics are used for visitor tracking and analytics. The site is mobile-optimized with a clear navigation structure, though it lacks a known CMS and some modern security headers. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism, indicating awareness of privacy regulations. However, no explicit security policies or incident response contacts are published, and security headers like CSP or HSTS are not detected. The WHOIS data shows a consistent and legitimate domain registration without privacy protection, aligning with the organization's transparency. Overall, the website is professional, trustworthy, and well-suited for its audience, with room for improvement in security best practices and formal policy disclosures.

L

L'Unique Foundation

rockartcollection.com

10

The Rock Art Collection website by L'Unique Foundation presents a niche private collection of celebrity and rock memorabilia art, targeting collectors and enthusiasts. The site supports e-commerce for art sales and promotes charitable activities through the foundation. The business operates primarily in Switzerland and maintains a professional online presence with clear contact details and social media engagement. Technically, the site is built on WordPress with WooCommerce and Elementor, leveraging modern plugins and Google Analytics for tracking. While the site is generally well-structured and mobile-optimized, it lacks some privacy compliance features such as a cookie consent mechanism and explicit security headers. The domain registration is consistent with the business age and shows no suspicious patterns. Overall, the site demonstrates a good balance of business credibility and technical implementation but could improve its security posture and privacy compliance.

L

L'Unique Foundation

lunique-foundation.org

51

L'Unique Foundation is a Swiss non-profit organization established in 2018, managing a significant private collection of celebrity and rock art. The foundation channels proceeds from its collection and related activities into humanitarian aid projects in Nepal, focusing on water supply and sanitation for vulnerable communities. The website is professionally designed using WordPress and WooCommerce, integrating modern plugins and multimedia content to engage donors and supporters. The foundation maintains a consistent brand presence and transparent contact information, enhancing trustworthiness. Technically, the site is hosted by Hostpoint AG, uses HTTPS, and implements Google Analytics with an opt-out mechanism, though it lacks DNSSEC and some advanced security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent banner. Overall, the site demonstrates a solid security posture with room for improvement in vulnerability disclosure and cookie management.

K

Kunstmuseum Basel

kunstmuseumbasel.ch

61

Kunstmuseum Basel is a prestigious and historic public art museum located in Basel, Switzerland, recognized as the oldest public art collection in the world. The museum offers a rich collection of paintings, sculptures, installations, videos, drawings, and prints spanning seven centuries. It serves a diverse audience including art enthusiasts, families, researchers, and educational groups through exhibitions, workshops, guided tours, and research initiatives. The museum operates as a non-profit cultural institution with a strong market position in the art and cultural sector. Technically, the website employs a modern JavaScript stack including Google Tag Manager, Google Analytics, Facebook Pixel, and Visual Website Optimizer for analytics and marketing purposes. The site is well-structured, mobile-optimized, and uses HTTPS with good SSL configuration. However, it lacks a visible cookie consent mechanism and explicit security policies, which are areas for improvement in privacy compliance and security transparency. From a security perspective, the website demonstrates good practices such as HTTPS enforcement and no visible sensitive data exposure. The WHOIS data confirms the legitimacy and consistency of the domain registration with the museum's identity. No WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, Kunstmuseum Basel's website is professional, trustworthy, and content-rich, but could enhance privacy compliance by implementing cookie consent and publishing security policies. Strategic improvements in these areas would strengthen user trust and regulatory adherence.