Security Directory

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website wilsonsons.com.br is currently inaccessible due to a 403 Forbidden error, indicating restricted access or blocking at the server or security layer. This prevents extraction of any meaningful content, metadata, or business information from the site itself. The domain is registered and uses professional DNS and email infrastructure, including Amazon AWS name servers and Google MX servers, suggesting a legitimate and established business presence in Brazil, likely in the transportation sector. The SSL certificate is valid and supports modern TLS protocols, but lacks advanced security features such as HSTS and OCSP stapling. No privacy, cookie, or terms of service policies are detectable on the root page, and no contact information or social media links are present in the accessible content. Overall, the site’s security posture is basic but could be improved with additional headers and DNS security measures. Due to the blocked content, the overall risk assessment is limited and the AI scoring is low, reflecting the inability to fully evaluate the site’s content and compliance.

D

Ditech

ditech.com.br

0

Ditech is a Brazilian technology company founded in 2001 specializing in custom software development, IT outsourcing, and consulting services. The company targets businesses seeking tailored technology solutions and has an established market presence supported by a portfolio of client cases and active social media engagement. The website is built on WordPress with several plugins including Yoast SEO and HubSpot integration, indicating a moderate level of digital maturity. However, the site lacks HTTPS, which is a critical security shortfall, and uses outdated libraries that may expose it to vulnerabilities. No privacy or cookie policies are published, reflecting gaps in compliance. Overall, while the business appears legitimate and professional, the security posture requires urgent improvement to protect user data and enhance trust.

C

Comunica PR Assessoria de Imprensa

comunicapr.com

0

Comunica PR Assessoria de Imprensa is a small Brazilian public relations and digital marketing agency specializing in press advisory, social media management, influencer marketing, and media kit production. The company targets businesses in Brazil seeking personalized communication solutions to enhance their brand presence. The website is built on the Wix platform, utilizing modern technologies such as React 18 and Wix's proprietary components, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and serving the site over HTTP only is a significant security concern. While basic security headers like HSTS and X-Content-Type-Options are present, the lack of HTTPS reduces the overall security posture. The site includes Google Ads and Analytics for marketing and tracking, with a cookie consent mechanism in place, but lacks an explicit privacy policy and terms of service, which are important for compliance. Contact information is clearly provided, including company emails, phone numbers, and a physical address, supporting business credibility. Overall, the site is professionally designed with good content relevance and navigation but requires urgent security improvements to protect user data and enhance trust.

The website arionsolutions.com.br is currently inactive and displays an error page indicating that the site does not exist or the content has been removed. The page promotes Locaweb's site creation service as an alternative. There is no substantive business information, contact details, or privacy and security policies available on the site. Technically, the site is served via HTTP without SSL/TLS encryption, which is a critical security deficiency. Basic security headers are present but insufficient to ensure a strong security posture. DNS and mail records indicate hosting and mail services are provided by Locaweb, a known Brazilian hosting provider. Overall, the site lacks content, security, and compliance features, resulting in a low trust and credibility score.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website for einstein.br, representing Hospital Israelita Albert Einstein, is currently inaccessible due to a Web Application Firewall (WAF) or security mechanism blocking access. The page returns an 'Access Denied' message with minimal HTML content, preventing extraction of meaningful metadata, business information, or contact details. The DNS configuration indicates the use of Akamai CDN services and multiple mail servers, consistent with a large healthcare organization in Brazil. However, the SSL/TLS configuration is severely lacking, with no valid certificate or modern TLS protocols enabled, exposing the site to security risks. Overall, the website's digital presence is hindered by these security and accessibility issues, limiting user trust and engagement.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 13 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

ReSound Brazil, operated under the global GN Hearing A/S brand, specializes in manufacturing and retailing advanced hearing aids and wireless accessories. The website targets Brazilian consumers and hearing professionals, offering product information, support, and professional services. The company is well-established with a history dating back to 1943 and maintains a strong market position in the healthcare sector. Technically, the website employs modern web technologies including Google Tag Manager and Cookiebot for analytics and consent management, hosted likely on Microsoft Azure infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy and cookie policies are comprehensive and GDPR compliant, enhancing user trust. Overall, the site is professional and user-friendly but requires urgent security improvements to protect user data and maintain credibility.

Ingraphics Soluções & Imagens is a small digital marketing agency based in the ABC region of São Paulo, Brazil. The company offers a range of services including digital marketing, web design, graphic design, illustration, and campaign management. Their website demonstrates a professional approach with clear service offerings and client testimonials, targeting businesses seeking to improve their digital presence and marketing effectiveness. Technically, the website is built on WordPress using Elementor and integrates marketing tools such as ActiveCampaign and Yoast SEO, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Privacy policies and cookie consent mechanisms are present but basic, with no explicit GDPR compliance or incident response information. Overall, the site is functional and informative but requires urgent security improvements to meet modern standards.

G

Grupo Soma

somagrupo.com.br

0

Grupo Soma is a large Brazilian retail group operating a platform of multiple fashion brands including Animale, Farm, and Hering among others. The website serves as a corporate and investor relations portal, providing information about the company, its brands, sustainability efforts, and compliance policies. The target audience includes consumers and investors interested in the fashion retail sector in Brazil. Technically, the website is built on WordPress and uses modern JavaScript libraries and Google Analytics for tracking. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a significant security concern. Security headers are partially implemented but critical TLS protocols and HSTS are missing, reducing the overall security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism via OneTrust. Business credibility is supported by clear brand listings and compliance pages but lacks explicit contact emails or phone numbers on the homepage. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Vaticano Imóveis is a well-established real estate agency based in Curitiba, Brazil, with over 30 years of market presence. The company specializes in property sales, rentals, and digital rental services, targeting families and individuals seeking real estate opportunities in Curitiba and surrounding areas. Their business model leverages digital marketing and advanced management strategies to maintain a competitive edge in the local market. The website reflects a professional and consistent brand image with comprehensive service offerings and clear contact channels. Technically, the site is built on the Kenlo CMS platform, utilizing modern web technologies such as Marko.js, Google Tag Manager, and Matomo analytics. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user trust and data protection. Privacy and cookie policies are well implemented, demonstrating good compliance with data protection regulations. Overall, the site is functional and user-friendly but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

C

Cia. Hering

ciahering.com.br

0

Cia. Hering is a well-established Brazilian retail clothing franchise network with a strong market position as the largest clothing franchise in Brazil. The company operates an omnichannel business model, combining physical stores and e-commerce to provide convenience to its customers. The website reflects a professional corporate presence with multilingual support and investor relations information, indicating a mature business. Technically, the site is built on WordPress and uses common web technologies and services such as Cloudflare CDN and OneTrust for cookie consent. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security issue. Security headers are present but cannot compensate for the missing SSL. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust.

Lulufantasias.com.br operates as a virtual companionship service targeting Portuguese-speaking users, primarily in Brazil. The service offers intimate conversational experiences via WhatsApp, leveraging subscription plans with message limits and conversation memory. The business is operated by Stripeless Zebra LLC and DA Industries OU, indicating a small but focused operation. Technically, the website is built on WordPress with common plugins and hosted behind Cloudflare DNS services. However, the lack of a valid SSL certificate and absence of HTTPS significantly undermines the security posture. Privacy policies and terms of service are present but basic, with no cookie consent mechanisms detected. Overall, the site presents a professional and consistent brand experience but requires urgent security improvements to protect user data and build trust.

The website leismunicipais.com.br is currently inaccessible due to a Cloudflare security challenge page requiring human verification before access. This prevents retrieval of any meaningful business or content data. The domain is registered and hosted via Cloudflare with DNS and email services configured, but no SSL certificate is present, resulting in no HTTPS support. The site lacks any visible privacy, cookie, or terms of service policies, and no contact information or business details are available. Performance is slow, and the site appears to be in a blocked or pre-access state rather than serving actual content.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website medcel.com.br is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, presenting a security challenge page instead of actual content. This prevents any meaningful extraction of business, privacy, or security policies and limits the ability to assess the website's digital maturity or business model. The DNS configuration shows use of Cloudflare for DNS and protection, and Microsoft Outlook for email services, with proper SPF and DMARC records indicating good email security practices. However, the SSL/TLS configuration is critically lacking, with no valid certificate and no TLS protocols enabled, resulting in a poor security posture. Performance metrics indicate very slow load times and minimal resource delivery, likely due to the block page. Overall, the website's security posture is weak due to missing HTTPS and the presence of a blocking WAF, and the content quality and business credibility cannot be assessed due to lack of access.

M

Medical Harbour

medicalharbour.com

0

Medical Harbour is a Brazilian technology company specializing in medical imaging solutions, including software for radiology, teleradiology, and medical education. Their product portfolio includes advanced DICOM viewers, cloud PACS solutions, and educational tools such as virtual cadaver and anatomical atlases. The company targets hospitals, clinics, radiologists, and medical educators, positioning itself as a niche specialist in healthcare technology. The website is professionally designed, multilingual, and integrates modern marketing and analytics tools, although it suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. Despite strong email security policies like SPF and DMARC, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, Medical Harbour demonstrates a solid business presence with room for improvement in technical and security infrastructure.

A

Afya Participações S.A

afya.com.br

0

Afya Participações S.A operates as the largest hub for medical education and digital solutions in Brazil, targeting medical students, professionals, and healthcare providers. The company offers a broad portfolio including undergraduate medical courses, postgraduate education, continuing medical education, and digital health solutions. It holds a strong market position with over 20,000 medical students and multiple subsidiaries and partners enhancing its ecosystem. Technically, the website is built on Webflow, hosted via Cloudflare, and integrates modern analytics and marketing tools, demonstrating a mature digital infrastructure with fast performance and good mobile optimization. Security posture is solid with HTTPS, strong security headers, and cookie consent mechanisms, although improvements in HSTS and vulnerability disclosure could be made. Privacy compliance is well addressed with comprehensive policies and consent management. Overall, the website reflects a professional, trustworthy, and well-managed digital presence aligned with its enterprise scale and sector focus.

M

Madri Lab

madrilab.com.br

0

Madri Lab is a Brazilian company specializing in multimedia services with a strong focus on educational technology, particularly hosting and customizing Moodle-based EAD platforms. Their market position is that of a niche service provider offering tailored solutions for educational institutions and corporate clients seeking to enhance their online learning environments. The website demonstrates a professional approach with good content quality and clear navigation, targeting Portuguese-speaking audiences in Brazil. Technically, the site is built on WordPress with Elementor and Yoast SEO, but lacks critical security features such as HTTPS, which significantly impacts its security posture. The absence of an SSL certificate and security headers exposes the site to risks and undermines user trust. Privacy compliance is basic, with privacy and terms pages present but no cookie consent mechanism detected. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance credibility.

E

Expert EAD

aulaoead.com.br

0

Expert EAD is a specialized online education platform focused on LMS Moodle training, offering a comprehensive catalog of over 30 courses ranging from beginner to advanced levels. The platform targets educators, LMS administrators, developers, and IT professionals, providing certification and practical learning outcomes. The website is built on WordPress with Elementor and integrates marketing and analytics tools such as Google Analytics and Facebook Pixel. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security concern. Cookie consent mechanisms are implemented, but privacy policies and terms of service are not found, indicating potential compliance gaps. Business information is clearly presented, including parent company details and social media presence, enhancing credibility.

A

Agritech Lavrale S.A. - Divisão Lavrale

lavrale.com.br

0

Agritech Lavrale S.A. - Divisão Lavrale is a Brazilian manufacturing company specializing in agricultural machinery and components, with a legacy of approximately 50 years. The company offers a broad range of products including agricultural implements, cabines, military trailers, and spare parts, targeting agricultural workers and farmers. Their market position is established with a consistent brand presence and active social media engagement. Technically, the website is built on a custom or unknown CMS, served by an Apache server, and uses common web technologies such as JavaScript, Google Fonts, and Google Maps API. However, the site lacks HTTPS, which severely impacts its security posture. Security headers are minimal and some are disabled, indicating a need for significant improvements in security practices. Privacy and cookie policies are absent, which raises compliance concerns. Overall, the website provides good content quality and user experience but suffers from critical security and privacy shortcomings.

L

Lintec Ind. Com. de Motores e Equip. Movim. Materiais Ltda.

lintecmotores.com.br

0

Lintec Motores is a Brazilian company specializing in the manufacturing and distribution of energy generators, including diesel and gasoline models, as well as related equipment such as motobombas and motors. It operates as a subsidiary of Agrale S.A., leveraging the parent company's certification and quality standards to position itself as a provider of cost-effective and robust energy solutions primarily for the Brazilian market. The website serves as a platform for product information, distributor location, and post-sales support, targeting customers seeking reliable energy generation equipment. Technically, the website employs a traditional technology stack including nginx web server, jQuery libraries, Google Analytics, and Google reCAPTCHA for form security. However, it lacks modern security implementations such as HTTPS, valid SSL certificates, and advanced security headers, which exposes users to potential risks. The site shows basic mobile optimization and accessibility features but suffers from slow performance and outdated libraries. From a security perspective, the absence of HTTPS and TLS protocols is a critical vulnerability. While the site includes comprehensive privacy and cookie policies compliant with GDPR principles, it lacks explicit terms of service, security policies, and incident response contacts. The cookie consent mechanism is implemented via Popupsmart, providing users with control over cookie preferences. Overall, the security posture is weak and requires urgent improvements to protect user data and enhance trust. The overall risk assessment indicates a medium risk level due to missing HTTPS and outdated technologies. Strategic recommendations include immediate SSL implementation, upgrading security headers, modernizing the tech stack, and enhancing transparency with clear security and incident response policies to improve user trust and compliance.

B

BCS Eventos

bcseventos.com.br

0

BCS Eventos is a Brazilian company specializing in intelligent solutions for events such as fairs, congresses, and shows. Established in 1997, it has served over 1,000 events and offers a comprehensive event management platform called SIGEVENT, alongside technical support and equipment rental services. The company targets event organizers and managers, positioning itself as an experienced and reliable provider in the event technology sector. Technically, the website is hosted on KingHost with an Apache server and uses modern JavaScript libraries and Google Fonts, but lacks HTTPS security and advanced security headers. The site is professionally designed with good content quality and navigation, though performance data is limited. Security posture is weak due to missing SSL certificate and security headers, posing risks to user data and trust. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the website is functional and professional but requires significant security improvements to enhance trust and compliance.

A

Attention Required! | Cloudflare

argoenergia.com.br

0

The website argoenergia.com.br is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking page, preventing access to any substantive content. As a result, no direct business information, metadata, or contact details are available for analysis. The domain is associated with the energy sector in Brazil based on the domain extension and DNS records, but no further business insights can be derived from the blocked content. The technical infrastructure includes Cloudflare protection, a valid SSL certificate with basic configuration, and DNS records with SPF and DMARC policies indicating some email security measures. However, the absence of DNSSEC and CAA records suggests room for improvement in DNS security. Performance metrics indicate a slow load time, likely due to the WAF challenge page. Security posture is moderate due to HTTPS and email authentication but lacks advanced security headers and HSTS enforcement. Overall, the site’s security and compliance posture cannot be fully assessed due to the blocking mechanism.

I

Insany Design

insanydesign.com

0

Insany Design is a Brazilian design, technology, and innovation studio established in 2016, specializing in enhancing digital presence for brands through web development, e-commerce, and digital product solutions. The company positions itself as a creative and technical partner for businesses seeking to transform their digital experiences. The website reflects a professional and consistent brand image with extensive case studies and client logos, targeting businesses looking for innovative digital solutions. Technically, the site is built on modern frameworks such as Next.js and hosted on Vercel, utilizing React and other contemporary technologies. However, the site suffers from a critical security issue due to an invalid SSL certificate and lack of modern TLS protocol support, which undermines user trust and security. Privacy compliance is minimal, with no visible privacy or cookie policies, and no GDPR indicators. Overall, the site is content-rich and professionally designed but requires urgent security and privacy improvements to meet industry standards.

S

Start EAD

startmoodle.com

0

Start EAD is a Brazilian SaaS platform offering a fully customizable virtual store integrated with the Moodle LMS for online course sales and management. The platform targets content creators, educators, and entrepreneurs seeking control over their EAD projects without high platform commissions. Technically, the site is built on WordPress with Elementor and uses various plugins for SEO and marketing. However, the site lacks HTTPS, which severely impacts its security posture. Marketing tools like Facebook Pixel and Google Tag Manager are used, but privacy and cookie policies are absent, indicating compliance gaps. Overall, the business presents a professional front with good content and user experience but requires urgent security and privacy improvements.

S

Start EAD

startead.com.br

0

Start EAD is a Brazilian SaaS platform focused on providing a comprehensive and customizable online course store integrated with the Moodle LMS. It targets content creators, educators, and entrepreneurs in the distance learning market, offering automated enrollment, payment integration, and technical support. The website is built on WordPress using Elementor and Astra theme, with modern UI elements and social media integration. However, the site lacks a valid SSL certificate, serving content over HTTP, which significantly impacts its security posture. No privacy or cookie policies were found, indicating potential compliance gaps. The business presents clear subscription plans and customer testimonials, reflecting moderate trustworthiness and professionalism.

A

AGRALE S.A

agrale.com.br

0

Agrale S.A is a well-established Brazilian manufacturer specializing in tractors, trucks, buses, utility vehicles, and engines with over 50 years of market presence. The company operates primarily in the transportation sector, serving agricultural, commercial, and industrial clients through a broad dealer and service network. Their website reflects a solid business model focused on manufacturing and after-sales services, targeting national and regional markets in Brazil. The site content is relevant and professionally presented, supporting the company's market position as a national leader. Technically, the website uses an older technology stack including jQuery 1.7.1 and Apache server on Ubuntu, hosted via Embratel Cloud DNS infrastructure. While the site includes Google Maps integration and FontAwesome icons, it lacks modern CMS or frameworks and shows signs of technical debt such as outdated libraries and missing HTTPS support. Performance and mobile optimization are basic, with room for improvement in SEO and accessibility. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, severely impacting its security posture. No advanced security headers or mechanisms like HSTS or OCSP stapling are implemented. The site uses standard security headers but misses critical protections and vulnerability disclosures. Privacy and cookie policies are present with a consent mechanism, but GDPR compliance is uncertain. No incident response or security policy pages were found. Overall, the website is functional and business-credible but requires urgent security improvements, especially enabling HTTPS and updating outdated technologies. Strategic recommendations include implementing a valid SSL certificate, enhancing security headers, publishing vulnerability disclosure policies, and modernizing the technical stack to improve performance, security, and compliance.

A

Acrilys

acrilys.com.br

0

Acrilys is a Brazilian manufacturing company specializing in plastic technologies, particularly injection molding and vacuum forming with proprietary tooling. The company emphasizes sustainability and ecological awareness, investing in people and technology to deliver innovative and efficient solutions. Their market position is strengthened by certifications such as ISO 9001:2015 and IATF 16949:2016, indicating a commitment to quality and automotive industry standards. The website targets industrial clients and businesses requiring plastic manufacturing services, primarily in Brazil. Technically, the website is built on Webflow CMS, hosted and served via Cloudflare, and uses modern web fonts and libraries. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security flaw. The presence of a cookie consent mechanism and privacy policy indicates some privacy compliance, though GDPR compliance is not fully evident. Overall, the security posture is weak due to missing SSL and lack of incident response information. The website is professionally designed with good content quality and navigation but requires urgent security improvements to protect user data and enhance trust.

Aerolux is a small Brazilian business specializing in road signaling products for the Brazilian market. The website is currently a 'Coming soon' placeholder with minimal content, indicating the business is either new or preparing for a launch. The site targets businesses or entities needing road signaling solutions in Brazil. Technically, the site is built using Hostinger Website Builder and the Astro framework, hosted on Hostinger's GCP infrastructure. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Security headers are partially implemented, but key security features like TLS protocols and OCSP stapling are missing. Privacy and cookie policies are absent, and no incident response or vulnerability disclosure information is provided. Overall, the site demonstrates basic digital maturity but requires significant improvements in security and compliance to build trust and protect user data.

Y

YourWay Digital

yourway.digital

0

YourWay Digital is a Brazilian digital agency specializing in custom development of applications, websites, and digital marketing services. Established in 2019 and based in Caxias do Sul, Brazil, the company has delivered over 70 projects and holds a Platinum partnership with RD Station, highlighted by winning the Limitless RD Station 2024 award. The website showcases a comprehensive portfolio of services including app development, marketing strategy, site creation, e-commerce solutions, social media management, and branding. Technically, the site is built on modern frameworks such as Next.js and React, hosted on Vercel, and integrates with AWS and Heroku platforms. However, the site lacks a valid SSL certificate, resulting in no proper HTTPS support, which is a critical security concern. Security headers are present but the SSL/TLS configuration is incomplete, exposing the site to potential risks. Privacy compliance is minimal with no visible privacy or cookie policies, though SPF and DMARC DNS records are properly configured for email security. Overall, the website is professionally designed with excellent content quality and user experience, but security and privacy practices require urgent improvement to enhance trust and compliance.

A

AKZONOBEL LTDA.

coralmatiz.com.br

0

Coral Matiz is a Brazilian loyalty and professional engagement platform operated by AKZONOBEL LTDA., targeting architects, interior designers, and landscapers. The platform offers curated content, professional tools, and a points-based rewards program to enhance user engagement and brand loyalty. The website is well-branded and content-rich, with clear navigation and a focus on professional users and students in the design sector. Technically, the site uses a modern front-end stack including Bootstrap, jQuery, and integrates Google Analytics and Tag Manager for tracking. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to risks when submitting sensitive personal data. Privacy and cookie policies are comprehensive and GDPR/LGPD compliant, with consent mechanisms implemented. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and comply with best practices.

I

Incepa

banheirosincepa.com.br

0

Incepa is a Brazilian manufacturing company specializing in bathroom and kitchen sanitary products, including ceramic sanitary ware, accessories, and complementary items. The company has recently integrated with the Roca brand, enhancing its market position. The website serves as a product catalog and brand promotion platform targeting residential customers, hotels, construction companies, and public environments. Technically, the site uses an Apache server with PHP 7.3.33 and integrates multiple marketing and analytics tools such as Google Tag Manager, Google Analytics, Facebook Pixel, and OneTrust for cookie consent. However, the site lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts its security posture. The website content is well-structured and professionally designed, but privacy and security policies are missing or not clearly presented. Overall, the site demonstrates moderate digital maturity but requires urgent improvements in security and privacy compliance.

I

Incepa

incepa.com.br

0

Incepa is a well-established Brazilian manufacturer specializing in porcelain tiles and ceramic coatings, serving a broad audience including architects, designers, and commercial clients. The company maintains a professional online presence with multilingual support, product catalogs, technical assistance, and showroom information. Technically, the website is built on WordPress with modern front-end frameworks and plugins, providing good user experience and SEO optimization. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to risks and reducing trust. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

S

Sigevent.pro

sigevent.pro

0

The website sigevent.pro currently serves a minimal placeholder or error page in Portuguese indicating that no content was found at the requested URL. The domain appears to be related to event management services, with a partner or related site bcseventos.com.br referenced in the footer. The technical infrastructure is hosted on Amazon AWS, but the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. No privacy, cookie, or terms of service policies are present, and no contact information beyond a single company email is found. The overall website quality is poor with minimal content, no SEO or accessibility optimizations, and no security best practices implemented. The site is accessible without WAF or security challenges but is not functional as a business-facing website in its current state.

M

Mídia de Impacto | Agência Digital Multimídia

midiadeimpacto.com.br

0

Mídia de Impacto is a Brazilian digital multimedia agency specializing in e-commerce structuring, traffic management, website development, radio and TV services, streaming audio, inbound marketing, and visual identity. The company positions itself as an experienced player in the media sector with a focus on digital transformation and multimedia solutions. Their website is built on WordPress with WooCommerce and uses modern JavaScript libraries and plugins to deliver content. However, the site lacks a valid SSL certificate, which impacts security and trust. The presence of reCAPTCHA on forms and SPF DNS records indicates some security awareness, but the absence of HTTPS and malformed DNS CAA records are significant vulnerabilities. Privacy and cookie policies are not found, which may affect compliance with GDPR and other regulations. Overall, the website is professionally designed and content-rich but requires urgent security improvements to enhance trust and compliance.

U

UCSfm

ucsfm.com.br

0

UCSfm is a regional radio station affiliated with the Universidade de Caxias do Sul, serving the Serra Gaúcha region in Brazil with music, news, and cultural content. The website is built on WordPress and uses common plugins such as Revolution Slider and Contact Form 7, indicating a standard digital infrastructure. The site actively publishes news articles and maintains community engagement through streaming links and social sharing tools. However, the lack of a valid SSL certificate and absence of HTTPS significantly weaken the security posture. The presence of a cookie consent banner and privacy policy shows some privacy awareness, but GDPR compliance is not evident. Overall, the site is functional and moderately professional but requires urgent security improvements to protect user data and enhance trust.

H

Hospital Geral de Caxias do Sul

hgcs.com.br

0

Hospital Geral de Caxias do Sul is a large healthcare institution in Brazil providing a comprehensive range of medical services including oncology, radiotherapy, intensive care, and specialized treatments. The hospital is a regional reference in high complexity care and is accredited by the ONA, reflecting its commitment to quality and safety. The website serves patients, healthcare professionals, and the local community, also offering educational programs such as medical residency and permanent education. Technically, the site uses a modern tech stack including Apache server, Laravel framework, and various JavaScript libraries for UI and analytics. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Security headers are minimal, and no privacy or cookie policies are found, indicating compliance gaps. The site includes multiple contact phone numbers, a physical address, and social media links, enhancing business credibility. Overall, the website is functional and content-rich but requires urgent improvements in security and privacy compliance to protect users and enhance trust.

U

Uniftec Online

unifteconline.com.br

0

Uniftec Online is a well-established Brazilian educational institution offering a broad portfolio of courses including undergraduate, postgraduate, technical, and extension programs, primarily delivered via online (EAD) and in-person modalities. The institution operates multiple campuses and learning centers across Brazil, supported by a robust digital infrastructure leveraging modern web technologies such as Next.js, React, and Material-UI, hosted on Amazon AWS. The website demonstrates a professional design with comprehensive course information and clear navigation, targeting students seeking flexible and diverse educational opportunities. Security posture is adequate with HTTPS enabled and no critical vulnerabilities detected, though improvements in SSL configuration and DNS security are recommended. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks explicit cookie consent mechanisms and GDPR compliance indicators. Overall, the website reflects a mature digital presence with room for technical and security enhancements to further strengthen trust and compliance.

P

Polyuni

polyuni.com.br

0

Polyuni is a Brazilian educational institution focused on providing innovative and immersive learning experiences aligned with national educational standards (BNCC). The institution emphasizes scientific inquiry, creativity, and a hybrid digital-physical learning environment, targeting students and parents seeking modern education solutions. The website reflects a medium-sized organization with a solid regional presence and recognition for innovation in education. Technically, the website is built on modern frameworks such as Next.js and Material-UI, hosted on AWS infrastructure, but suffers from slow load times and lacks some advanced SEO and accessibility features. Security posture is good with proper SSL/TLS configuration and SPF records, though improvements like HSTS, DMARC, and OCSP stapling are recommended. Privacy compliance is basic with a privacy policy and cookie consent banner present, but no explicit GDPR compliance indicators or terms of service. Overall, the website is professional and trustworthy but could benefit from performance and security enhancements.

C

Centro Educacional Mutirão

mutirao.com.br

0

Centro Educacional Mutirão is a well-established educational institution in Brazil with over 40 years of experience, specializing in technical courses, adult education (EJA), and preparatory courses for public exams and ENEM. The institution holds recognized certifications and operates multiple units across several cities, serving a broad audience of young and adult learners seeking professional and academic advancement. Technically, the website is built on modern frameworks like Next.js and React, hosted on AWS infrastructure, and integrates various marketing and analytics tools. Security posture is solid with strong SSL/TLS configurations and valid SPF/DMARC records, though improvements like enabling HSTS and DNSSEC are recommended. Privacy policies are comprehensive but lack explicit cookie consent mechanisms. Overall, the website is professional, content-rich, and trustworthy, though performance optimization could be enhanced.

S

Sof.IA

sofia.vc

0

Sof.IA is a Brazilian technology company offering an AI-powered personal assistant accessible via WhatsApp. The service integrates multiple AI platforms such as ChatGPT, OpenAI, Google, and Microsoft to provide features including image generation, translations, mathematical solutions, and audio-based Q&A. The business model is credit-based with free trial credits and paid packages, targeting smartphone users seeking practical AI assistance. Technically, the website is built on WordPress with Elementor and related plugins, hosted on AWS infrastructure. However, the site suffers from slow performance and lacks a valid SSL certificate, exposing users to security risks. Security posture is weak with no HTTPS, no security headers, and missing DNS security records. Privacy compliance is poor, with no privacy or cookie policies despite collecting user data via forms. Contact information is available via email and contact forms, but no formal security or incident response policies are found. Overall, the site is functional but requires significant improvements in security and privacy to enhance trust and compliance.

U

Uniftec

uniftec.com.br

0

Uniftec is a well-established educational institution in Brazil offering a wide range of courses including undergraduate, postgraduate, technical, and extension programs. It operates both online and through multiple physical campuses across various states in Brazil, targeting students seeking professional and academic development. The website reflects a mature digital presence with a modern tech stack including Next.js and Material-UI, hosted on AWS infrastructure. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the security posture of the site. While SPF is configured for email security, the lack of DMARC and other security headers exposes potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy, but cookie consent mechanisms and GDPR compliance indicators are missing. Overall, the site provides rich content and good user experience but requires urgent security improvements to protect user data and enhance trust.

D

Design For a Better World

dfbwaward.com

0

Design For a Better World is a Brazilian award platform that celebrates design initiatives promoting positive social and environmental impact. The website showcases award categories, jury members, past winners, and partner organizations. It is built on WordPress with Elementor and uses Yoast SEO for optimization. The technical infrastructure is moderate but suffers from slow load times and lacks a valid SSL certificate, which impacts security and user trust. The security posture is weak due to missing HTTPS, lack of security headers, and absence of email authentication records like DMARC. Privacy compliance is minimal, with no visible privacy or cookie policies. Contact information and social media presence are clearly provided, supporting business credibility. Overall, the site is content-rich and professionally designed but requires urgent security and privacy improvements.

P

Página inacessível

apprbs.com.br

0

The website apprbs.com.br currently serves a minimal 'Página inacessível' (Page inaccessible) message with no accessible business content or user interaction features. The DNS configuration shows hosting on Google Cloud infrastructure and email services via Google Workspace with SPF records including Elastic Email. However, the site lacks a valid SSL certificate and does not support HTTPS, representing a critical security vulnerability. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available, indicating the site is either down, under maintenance, or improperly configured. From a technical perspective, the site uses basic HTML5 and CSS with JSON-LD structured data indicating the domain name but no further business details. Performance is moderate but limited by minimal content. SEO is poor due to a malformed robots meta tag set to noindex and lack of metadata. Accessibility and mobile optimization are basic at best. Security posture is weak with no HTTPS, no security headers, no HSTS, and a DMARC policy set to none, exposing the domain to email spoofing risks. No WAF or security challenge was detected, but the site is effectively inaccessible to users. Overall, the site scores very low on content quality, technical implementation, security, privacy compliance, and business credibility. Strategic recommendations include immediate installation of a valid SSL certificate, enabling HTTPS, improving security headers and policies, publishing privacy and cookie policies, and restoring accessible business content to improve trust and compliance.

4

4ED

4ed.com.br

0

4ED is a Brazilian design school offering a wide range of online and in-person courses across various design disciplines including graphic, interior, fashion, product, and more. Established in 2011 and based in Porto Alegre, it serves students, professionals, and corporate clients with a comprehensive educational model. The website reflects a mature digital presence with extensive content, clear navigation, and strong branding. Technically, the site is built on WordPress with Elementor and WooCommerce, leveraging multiple plugins and integrations for e-commerce and marketing. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which are critical for protecting user data and ensuring trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but should prioritize upgrading its SSL/TLS configuration to enhance security and user confidence.

R

Roca Brasil Cerámica - Porcelanatos e Revestimentos Cerâmicos

rocaceramica.com.br

0

Roca Brasil Cerámica is a large Brazilian manufacturer and retailer specializing in porcelain and ceramic tiles, targeting architects, designers, engineers, and commercial clients. The company emphasizes sustainability and offers a comprehensive product catalog with technical support and showroom experiences. The website is built on WordPress with modern front-end frameworks and integrates multiple marketing and analytics tools. However, the site lacks a valid SSL certificate, which severely impacts its security posture. While privacy and cookie policies are well implemented with consent mechanisms, no explicit security or incident response policies are found. The overall digital maturity is moderate, with good content quality and user experience but technical and security improvements are needed.

C

Coral

coral.com.br

0

Coral is a prominent Brazilian paint brand operating under the parent company AkzoNobel. The website serves as a comprehensive platform offering paint products, color inspiration tools, and professional services such as painter finders and online shopping. Technically, the site is built on Adobe Experience Manager and integrates modern marketing and analytics tools like Google Tag Manager and OneTrust for cookie consent. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture. While privacy and cookie policies are well implemented and GDPR compliant, the lack of security headers and email domain protections like DMARC present vulnerabilities. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.