Security Directory

W

Wescue Global

wescue.com

0

Wescue Global operates a specialized e-commerce platform focused on supplying rescue and extraction equipment to EMS, Police, Military, and related organizations. Founded in 2013, the company maintains sales offices in Nice, France and Gothenburg, Sweden, positioning itself as a niche supplier in the emergency services market. The website is professionally designed using the Shopify platform, featuring a modern tech stack with integrated payment options such as Klarna, PayPal, and Apple Pay. The site includes comprehensive privacy and cookie policies with active consent mechanisms, reflecting good privacy compliance. Security posture is solid with HTTPS enforced and secure forms, though explicit security headers and incident response policies are absent. Overall, the website demonstrates a mature digital presence with good SEO, mobile optimization, and user experience, supporting a high level of trustworthiness and business credibility.

Youwe Sverige is a Nordic digital full-service agency specializing in e-commerce solutions, particularly leveraging Magento and Adobe Commerce platforms. The company emerged from the merger of Oddny and Youwe in 2021, enhancing its market presence and service portfolio in Sweden and the broader Nordic region. Their offerings include cloud hosting optimized for Magento 2, development services, digital marketing, and data-driven analytics and strategy. The website reflects a modern technical infrastructure built on Next.js with integrations for marketing and analytics tools such as Google Tag Manager, HubSpot, and Facebook Pixel, all managed with user consent mechanisms. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates good professionalism, technical maturity, and compliance with privacy regulations, positioning Youwe Sverige as a credible and trusted partner in the e-commerce digital agency space.

A

Afound

afound.com

0

Afound is a well-established Swedish e-commerce fashion outlet offering branded apparel and accessories at discounted prices, positioning itself as a leading fashion outlet in Sweden. The website demonstrates a mature digital infrastructure using modern technologies such as React, Magento, and Algolia for search, complemented by marketing and analytics tools like Google Tag Manager, Freshchat, and Wisepops. Security posture is strong with HTTPS enforced and multiple secure payment options displayed, although explicit security policies and incident response contacts are not found. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and user-friendly, targeting fashion-conscious consumers in Sweden.

B

Babyshop Group

babyshop.com

0

Babyshop Group operates a well-established e-commerce platform specializing in children's and baby clothing and accessories, primarily serving the Nordic and European markets. Founded in 2006 and headquartered in Stockholm, Sweden, the company offers a wide range of products including apparel, strollers, toys, and baby essentials. The website demonstrates a strong market position with a comprehensive product catalog and a focus on quality customer service and exclusive brands. Technically, the website employs modern web technologies such as React, Algolia for search, and integrates with multiple third-party services including Klarna for payments, Trustpilot for reviews, and Google Analytics for tracking. The platform is mobile-optimized, SEO-friendly, and provides a smooth user experience with clear navigation and structured data for enhanced search engine visibility. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data in its HTML content. However, it lacks explicit security policy documentation and incident response contact details, which are recommended for enhanced transparency and compliance. No critical vulnerabilities or WAF blocking were detected, indicating a mature security posture. Overall, Babyshop.com presents a professional, trustworthy, and user-friendly online retail experience with strong compliance to privacy and cookie regulations. Strategic improvements in security policy transparency and additional security headers could further strengthen its security posture.

R

Refunder Scandinavia AB

refunder.se

0

Refunder Scandinavia AB operates a leading cashback platform in Sweden, offering users cashback rewards from over 1,200 online stores. The company positions itself as Sweden's largest cashback service with a strong user base exceeding 875,000 members. Key services include cashback on online purchases, a mobile app for tracking cashback, and promotional campaigns. The platform integrates secure login and payment methods such as BankID and Swish, enhancing user trust and security. Technically, the website employs modern frameworks like Laravel Livewire and Alpine.js, with Matomo analytics and Facebook SDK for marketing and tracking. The site is well-optimized for mobile and accessibility, with comprehensive privacy and cookie policies that comply with GDPR requirements. Security posture is strong with HTTPS, CSRF protection, and secure authentication, though additional security headers could be implemented. Overall, the website demonstrates a mature digital infrastructure and a trustworthy business model with clear contact information and positive user feedback.

M

Merchworld

merchworld.se

0

Merchworld is a Sweden-based e-commerce business specializing in designing, producing, and fulfilling merchandise for artists, bands, companies, and start-ups. They emphasize sustainable production and provide third-party logistics and warehousing services. The website is built on Shopify, leveraging modern e-commerce technologies and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and Segment Analytics. Social media presence on Instagram and Facebook supports their brand visibility. The site is well-designed with good navigation and mobile optimization, though cookie consent mechanisms are lacking. Security posture is solid with HTTPS and form protection via hCaptcha, but could benefit from enhanced security headers and explicit incident response policies.

G

GoDaddy Operating Company, LLC

avantus.se

0

The website avantus.se is a domain aftermarket sales landing page hosted and operated by GoDaddy Operating Company, LLC, a leading global domain registrar and aftermarket platform. The site offers the premium domain avantus.se for sale with a fixed buy now price and provides secure payment options including Visa, MasterCard, PayPal, and AliPay. The platform emphasizes safe and secure transactions, fast domain transfers, and hassle-free payments, targeting businesses and individuals seeking premium domain names to establish or expand their online presence. The site integrates modern web technologies such as React and Next.js, hosted on Amazon AWS, ensuring good performance, mobile optimization, and accessibility. Privacy and cookie policies are comprehensive and GDPR compliant, though explicit security policy and incident response information are not published. Overall, the website demonstrates a strong security posture with HTTPS enforcement, security headers, and no visible vulnerabilities. The domain registration is consistent with the business model and operated by a reputable entity, indicating high legitimacy and trustworthiness.

P

PearlConvert

convert.no

0

PearlConvert is a Norwegian digital commerce expert company specializing in developing and operating digital commerce solutions using leading platforms such as Omnium, Commercetools, Adobe Commerce, and SAP Commerce. The company positions itself as a medium-sized enterprise with over 100 specialists including UX designers, PIM experts, developers, SEO specialists, solution architects, and marketers. Their market position is strong within Norway, serving reputable clients and leveraging partnerships with global technology leaders. The website is professionally designed, mobile-optimized, and rich in relevant content targeting B2B e-commerce businesses and digital commerce stakeholders. Technically, the site uses modern frameworks and integrates marketing and analytics tools such as HubSpot, Google Analytics, Cookiebot, and social media pixels, ensuring good digital maturity and compliance with GDPR through cookie consent and privacy policies. Security posture is good with HTTPS enforced and standard security practices, though some security headers and public security policies could be improved. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

R

Rapunzel of Sweden AB

rapunzelofsweden.com

0

Rapunzel of Sweden AB operates a professional e-commerce platform specializing in high-quality hair extensions and related hair care products. The website targets consumers seeking premium hair solutions, offering a wide range of products including tape extensions, clip-ins, keratin extensions, and hair care kits. The company maintains a strong market position with international reach, supported by multiple language and country options. The technical infrastructure leverages modern technologies such as React, Next.js, and Storyblok CMS, ensuring a fast, mobile-optimized, and accessible user experience. Security measures include HTTPS enforcement, reCAPTCHA integration, and comprehensive cookie consent mechanisms, reflecting a mature security posture. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable platform for customers.

G

GoDaddy Operating Company, LLC

quesada.se

0

The website quesada.se is a premium domain sales landing page hosted and operated by GoDaddy Operating Company, LLC, a leading global domain registrar and aftermarket platform. The site offers the domain quesada.se for sale with a clear call to action, secure payment options, and customer support via phone. The platform leverages modern web technologies including React and Next.js, ensuring a fast and mobile-optimized user experience. Security is robust with HTTPS enforced, security headers present, and use of reCAPTCHA to protect forms. Privacy and cookie policies are comprehensive and linked to GoDaddy's main legal pages, indicating good compliance with GDPR and related regulations. Overall, the site demonstrates a professional and trustworthy presence in the domain aftermarket industry.

D

DELTACO

deltaco.se

0

DELTACO is a well-established Nordic IT brand specializing in the distribution and retail of IT accessories, including cables, batteries, smart home devices, and gaming equipment. With a history dating back to 1991, the company has positioned itself as a leading player in the Nordic e-commerce market, offering competitive prices and a broad product range. The website reflects a mature digital presence with comprehensive product categorization and a strong focus on user experience. Technically, the website is built on the Magento platform with integration of modern JavaScript frameworks such as Alpine.js and libraries like Swiper and Glider for enhanced UI components. The use of Cloudflare as a CDN and security provider adds a layer of protection and performance optimization. The site is mobile-optimized and includes accessibility features, ensuring a broad reach and compliance with modern web standards. From a security perspective, the site employs HTTPS with strong SSL configuration, uses reCAPTCHA on login forms to prevent automated abuse, and implements a detailed cookie consent mechanism compliant with GDPR. While explicit security headers are not fully visible in the HTML, the overall posture is strong with no evident vulnerabilities or exposed sensitive data. Overall, DELTACO's website demonstrates a high level of professionalism, security awareness, and compliance, making it a trustworthy platform for customers and partners alike. Strategic recommendations include enhancing visible security headers, maintaining up-to-date software, and improving incident response contact visibility to further strengthen trust and resilience.

HugeDomains.com operates as a reputable domain marketplace specializing in premium domain sales, exemplified by the VartiCA.com listing. The company targets individuals and businesses seeking valuable web addresses, offering flexible purchase options including payment plans and a 30-day money back guarantee. The website demonstrates a solid market position with a history dating back to 2005 and a consistent brand presence. Technically, the site employs modern web technologies such as jQuery, Google Analytics, and Google reCAPTCHA Enterprise, ensuring a secure and user-friendly experience. Cookie consent management is robust, supporting GDPR compliance with detailed categories and user controls. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and compliant with privacy regulations, making it a reliable platform for domain purchases.

HugeDomains operates a professional domain marketplace platform specializing in premium domain sales, exemplified by the HomeStrategic.com domain landing page. The company has a strong market presence since 2005, offering flexible payment plans and secure purchasing options. The website demonstrates a mature technical infrastructure leveraging modern technologies such as Google Analytics, reCAPTCHA Enterprise, and Cloudflare services. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy and terms policies. Security posture is strong with HTTPS, secure forms, and bot protection, though explicit security policies and incident response details are absent. Overall, the site is trustworthy and professionally maintained, targeting individuals and businesses seeking premium domains.

V

Veepee

vente-privee.com

0

Veepee is a prominent French e-commerce platform specializing in private sales of branded products across multiple categories including fashion, travel, home, and wellness. The platform operates daily sales events with significant discounts, targeting consumers seeking quality brands at reduced prices. Veepee holds a strong market position in Europe with a large user base and a comprehensive service offering including customer support and secure payment options. Technically, the website is built on modern frameworks such as Next.js and integrates advanced analytics and consent management tools, ensuring a high level of digital maturity. Security measures are robust, with HTTPS enforced, security headers present, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear policies and user consent mechanisms. Overall, Veepee demonstrates a professional, trustworthy, and user-friendly online presence.

B

Butter Supply Inc.

framercommerce.com

0

Framer Commerce is a specialized SaaS platform that enables users to design and launch custom Shopify e-commerce stores using the Framer design tool. Positioned as an award-winning plugin, it targets Shopify store owners and no-code builders seeking advanced e-commerce capabilities integrated with a visual design environment. The platform offers features such as live product filtering, multi-currency support, subscription management, and analytics integration, positioning itself as a modern e-commerce stack solution. Technically, the website leverages Framer's framework, Shopify's Storefront API via GraphQL, and integrates analytics tools like Google Analytics and Hotjar, demonstrating a mature and modern digital infrastructure. Security practices include HTTPS enforcement, use of access tokens with limited scope, and secure form handling, although explicit security policies and incident response information are not publicly available. Overall, the site is professional, well-designed, and trustworthy, with minor gaps in privacy compliance such as the absence of a cookie consent mechanism. Strategic recommendations include enhancing privacy compliance, publishing security policies, and providing clearer contact channels to further strengthen trust and compliance.

京

京东全球购

jd.hk

0

JD.hk operates as a major e-commerce platform specializing in cross-border and overseas shopping, targeting Chinese-speaking consumers interested in authentic global products. The platform offers a wide range of categories including mother and baby products, beauty, electronics, and luxury goods, supported by partnerships with well-known brands and stores such as Walmart and Rakuten. The website demonstrates a consistent brand presence aligned with JD.com's ecosystem, leveraging advanced front-end technologies and multiple JD.com subdomains for content delivery and user interaction. Technically, the site uses a modern JavaScript stack including jQuery, Sea.js, and JD's proprietary JMFE framework, but suffers from critical security shortcomings such as the absence of a valid SSL certificate and lack of modern TLS protocol support. Performance metrics are incomplete, and mobile optimization is basic with a redirect to a mobile subdomain. SEO and content quality are good, with clear navigation and rich product listings. From a security perspective, the lack of HTTPS and TLS support is a significant risk, exposing users to potential data interception. Security headers are minimal, and no incident response or vulnerability disclosure policies are evident. Privacy compliance is weak, with no cookie policy or consent mechanism detected, raising concerns about GDPR and other regulatory adherence. Overall, while JD.hk is a professionally designed and content-rich e-commerce platform with strong business credibility, its security posture and privacy compliance require urgent improvement to protect user data and maintain trust. Strategic recommendations include immediate SSL certificate deployment, enhanced security configurations, and implementation of comprehensive privacy policies.

O

Otto GmbH & Co. KGaA

otto.market

0

OTTO Market operates as a prominent German online marketplace platform enabling sellers to register and sell products on otto.de. The platform emphasizes quality, transparency, and partnership with sellers, offering a comprehensive suite of services including onboarding, marketing, product management, shipping, payment processing, and reporting. The website is professionally designed with excellent content quality and clear navigation, targeting German merchants seeking a reputable e-commerce channel. Technically, the site is built on Neos CMS and Flow Framework, integrating modern marketing and analytics tools such as Google Tag Manager and LinkedIn Insight Tag. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to risks and reducing trust. Security headers are partially implemented, but critical TLS configurations are missing. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the business credibility is high, supported by clear company information and partner testimonials, but the technical security gaps require urgent remediation.

S

Skinfit

skinfit.eu

0

Skinfit is a specialized e-commerce retailer focusing on functional sportswear for endurance and outdoor sports. The company offers a wide range of products including clothing and equipment, targeting active consumers who integrate sports into their daily lives. The website is professionally designed with consistent branding and excellent content quality, supporting multiple languages and regional stores, primarily serving the Austrian market. The technical infrastructure is based on Magento Commerce, utilizing modern web technologies such as RequireJS, jQuery, and various Magento extensions, ensuring a good user experience and mobile optimization. Security measures include HTTPS enforcement and a comprehensive cookie consent mechanism aligned with GDPR requirements. No critical vulnerabilities or blocking mechanisms were detected, indicating a mature security posture. Overall, Skinfit presents a trustworthy and professional online presence with strong privacy compliance and user engagement features.

X

xt:Commerce GmbH

xt-commerce.com

0

xt:Commerce GmbH is an established Austrian company specializing in eCommerce shop software solutions, boasting over 150,000 installations and a significant annual order volume. Their platform is modular, mobile-optimized, and integrates popular payment methods, targeting businesses seeking comprehensive online shop solutions. The website demonstrates a mature technical infrastructure built on WordPress with modern frameworks like Bootstrap and includes advanced consent management via Cookiebot and analytics through Matomo and Google Analytics. Security posture is solid with HTTPS and cookie consent, though improvements in security headers and explicit security policies are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting a positive business reputation.

The website reisenet.com is a premium domain sales landing page operated by BuyDomains.com, a large and established domain marketplace under Newfold Digital. The site offers domain purchase and brokerage services, targeting businesses and individuals seeking premium domain names. The technical infrastructure is based on AngularJS with modern integrations including Google Analytics, Google Tag Manager, reCAPTCHA, and accessibility tools like AudioEye. The site demonstrates strong compliance with GDPR and cookie regulations, featuring OneTrust consent mechanisms and detailed privacy policies. Security posture is robust with HTTPS, CSP headers, and secure form handling, though some improvements in CSP strictness and vulnerability disclosure could be made. Overall, the site is professional, accessible, and trustworthy, with a good balance of marketing and user experience features.

Dresscode is an Italian online fashion boutique operating on the Shopify platform, with a focus on customer satisfaction and leadership in the Italian online retail market for over seven years. The website offers a range of fashion products, emphasizing quality Italian manufacturing, customer support, and easy returns. Technically, the site leverages modern e-commerce technologies including Shopify's Dawn theme, PayPal integration, and marketing tools such as Facebook Pixel and EasySell. The security posture is strong with HTTPS enforced and secure payment gateways, though explicit security policies and cookie consent mechanisms are lacking. Overall, the site presents a professional and trustworthy e-commerce experience targeting Italian consumers.

H

HIRSCH

hirschag.com

0

HIRSCH is an established e-commerce business specializing in premium watch straps and accessories for men and women. The company offers a wide range of products including luxury, sports, fashion, and custom-made watch straps, targeting watch enthusiasts and owners globally. The website is built on the Magento platform, leveraging modern web technologies such as RequireJS, jQuery, and KnockoutJS, and integrates security features like Google reCAPTCHA and cookie consent mechanisms to enhance user trust and compliance. The site demonstrates good design quality, mobile optimization, and SEO practices, supporting a positive user experience. Security posture is solid with HTTPS enforcement and form protections, though explicit security policies and incident response contacts are absent, representing an area for improvement. Overall, the website is professional, trustworthy, and compliant with GDPR, reflecting a mature digital presence suitable for its market segment.

W

Web2Asia

web2asia.com

0

Web2Asia is a Shanghai-based digital marketing and e-commerce agency specializing in China market entry and operations for foreign brands. They are a certified 5-Star / Gold-Star rated Tmall Partner (TP) endorsed by Alibaba, providing comprehensive services including digital strategy, e-commerce setup, performance marketing, and logistics. The company serves major international clients and operates on a Jimdo CMS platform hosted on AWS. Technically, the website uses legacy jQuery and lacks modern performance optimizations, with no valid SSL certificate currently implemented, exposing it to security risks. Privacy compliance is partial, with a cookie control mechanism present but disabled by default. Overall, the business is credible and well-positioned in the China e-commerce ecosystem but needs urgent security improvements.

Backhausen GmbH was a company that ceased operations on June 30, 2023. The website serves primarily as a closure notice and contact point for former customers and stakeholders. It is managed under the parent company AMEEA Beteiligungs GmbH. The site is minimalistic, bilingual (German and English), and lacks active e-commerce or interactive features. Technically, the website is built on Magento with jQuery libraries and served by an Apache server. However, it lacks a valid SSL certificate, resulting in HTTP-only access, which significantly impacts security posture. No privacy or cookie policies are present, and no security headers beyond basic HTTP headers are implemented. Contact information is limited to two company email addresses related to brand and archive inquiries. Overall, the site is informational with basic technical implementation and poor security and privacy compliance.

S

SHT WEBSHOP

sht.at

0

The website sht.at operates as an e-commerce webshop branded as SHT, targeting German-speaking customers. It offers online product sales but lacks detailed business information, contact details, or policies on the homepage. The technical infrastructure is based on modern web technologies such as Next.js and React, with Craft CMS APIs referenced, indicating a decoupled CMS backend. However, performance metrics are missing or incomplete, and mobile optimization and accessibility are basic. Security posture is poor due to the absence of a valid SSL certificate, no HTTPS support, and missing security headers, exposing the site to significant risks. Privacy compliance is lacking, with no privacy or cookie policies detected, and no GDPR indicators present. The domain's DNS configuration is suspiciously empty, raising concerns about legitimacy and operational maturity. Overall, the site scores low on trustworthiness and security, requiring urgent improvements in SSL deployment, policy transparency, and DNS configuration.

G

Generasitogel

qpsneuro.com

0

The website presents itself as an online slot gaming platform targeting Indonesian users with QRIS payment options and low minimum deposits. It is built on the Squarespace platform and hosted behind Cloudflare. However, the site lacks a valid SSL certificate, exposing users to security risks. There are no privacy or cookie policies, and contact information is minimal, limited to a single email address found in a script, which appears to be a user account email rather than official contact. The site content is promotional but basic, with limited trust indicators and no social media presence. Performance data is missing, and the site shows poor privacy compliance and security posture. Overall, the site appears functional but lacks critical security and compliance features, reducing its trustworthiness and professionalism.

T

Tiki Surf

twoseasons.co.uk

0

Tiki Surf operates an e-commerce platform specializing in skate, surf, and snow sports products, including clothing, accessories, and equipment. The website is built on the Shopify platform, leveraging multiple third-party marketing and analytics tools such as Google Analytics, Klaviyo, and Trustpilot to enhance customer engagement and trust. The business targets enthusiasts in the UK market, offering a broad product range with a professional and consistent brand presentation. Technically, the site uses modern web technologies and is hosted via Cloudflare and Google Cloud Platform, ensuring scalability and reliability. However, the absence of a valid SSL certificate is a significant security concern that undermines user trust and data protection. Privacy and cookie policies are well implemented, reflecting GDPR compliance. Overall, the site demonstrates a solid e-commerce presence but requires urgent remediation of its SSL configuration to improve security posture.

J

J. Hornig

jhornig.com

0

J. Hornig operates a mature and professional e-commerce website specializing in coffee and tea products, including specialty blends, accessories, and barista courses. The company targets both individual consumers and business clients such as gastronomy and office sectors. The website is built on the Shopify platform, leveraging multiple third-party apps for enhanced customer experience, marketing, and reviews. Technically, the site is well-implemented with modern technologies, fast performance, and strong security headers including HSTS and CSP. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms in place. However, direct contact information like emails or phone numbers is not explicitly listed, relying on contact forms instead. The domain is well-registered with a reputable registrar and shows no signs of suspicious activity. Overall, the site demonstrates a strong security posture and good business credibility, making it a trustworthy platform for customers.

A

A-Commerce

a-commerce.at

0

A-Commerce is a German-language online magazine specializing in e-commerce news, business insights, and marketing strategies primarily targeting e-commerce professionals and entrepreneurs in Austria and German-speaking regions. The website offers regularly updated content including articles, interviews, and tool reviews, positioning itself as a niche media outlet in the e-commerce sector. Technically, the site is built on WordPress with a modern tech stack including PHP 8, nginx, and various JavaScript libraries for UI enhancements. However, the site lacks HTTPS, which is a critical security deficiency. The cookie consent mechanism is implemented and GDPR compliant, but no explicit contact or security policies are published. Overall, the site demonstrates good content quality and user experience but requires urgent security improvements.

The Cheeky Crow Massage Co. operates an e-commerce storefront focused on massage-related services or products, hosted on the Big Cartel platform. The website is currently in maintenance mode, providing minimal content and no direct contact or policy information. Technically, the site uses Cloudflare for CDN and security headers are present; however, the lack of a valid SSL certificate means HTTPS is not properly enabled, severely impacting security and trust. Privacy and cookie policies are absent, and no contact details are provided, limiting user trust and compliance. Overall, the site is a small business with basic digital presence but requires significant improvements in security and compliance to meet modern standards.

I

IOSBET

shelfsailor.com

0

The website shelfsailor.com operates as an online slot gaming platform branded as IOSBET, targeting the Indonesian market. It offers online slot games with a system designed to increase winning chances daily. The site positions itself as a new entrant in the online gaming sector with a focus on Indonesian users, leveraging affiliate partnerships with established e-commerce platforms like Lazada. The business model revolves around online gaming services with promotional and affiliate marketing components. Technically, the site employs modern JavaScript frameworks including React and uses extensive tracking and analytics tools from Alibaba's ecosystem, indicating a moderate level of digital maturity. However, the site suffers from slow performance due to large page size and numerous resources, and it lacks mobile optimization and accessibility features. Security-wise, the absence of HTTPS and security headers significantly weakens its posture, exposing users to potential risks. No privacy or cookie policies are present, and contact information is missing, which raises compliance and trust concerns. Overall, the site is accessible without WAF or security challenges but requires urgent improvements in security, privacy compliance, and performance to enhance user trust and operational integrity.

F

finderly GmbH & Co KG (Medieninhaber)

shpock.com

0

Shpock is a well-established online marketplace specializing in local second-hand classifieds across the United Kingdom, operated by finderly GmbH & Co KG based in Austria. The platform offers a wide range of categories including electronics, fashion, baby products, home & garden, and motors, supported by a strong mobile app presence with over 50 million downloads. The business model focuses on zero fees for sellers, monetizing through promoted listings and memberships, positioning Shpock as a leading player in the UK second-hand market. Technically, the website leverages modern web technologies such as React and Next.js, hosted behind Cloudflare, and integrates with payment and marketing services like Adyen, SendGrid, and Zendesk. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS support, which poses risks to user data confidentiality and trust. Privacy and legal compliance are well addressed with comprehensive policies and GDPR adherence. Overall, Shpock presents a professional and trustworthy e-commerce platform with room for critical security improvements to enhance user trust and compliance.

C

Ciuvo

ciuvo.com

0

Ciuvo is an e-commerce focused company that provides lead generation and shopping assistance services to online merchants and shoppers. Their offerings include deal finding, price comparison, lead generation, publisher monetization, and e-commerce analytics. The company targets online merchants and shoppers, aiming to improve the shopping experience by providing meta information and market insights. The website is built on WordPress using the Divi theme and hosted likely on Amazon AWS infrastructure. While the site has a professional design and good content relevance, it lacks a valid SSL certificate, which severely impacts its security posture. The presence of a privacy policy page indicates some attention to compliance, but the absence of a cookie policy and consent mechanism is a gap. Contact information is limited to a contact form with no direct emails or phone numbers visible. The site uses the burst-pro plugin for analytics with cookieless tracking enabled, reflecting moderate digital maturity. Overall, the website is functional and professional but requires urgent improvements in security and privacy compliance to enhance trust and protect user data.

M

MH|Direkt

mhdirekt.com

0

MH|Direkt is a mature and established e-commerce fulfillment service provider based in Austria with over 28 years of experience. The company operates multiple fulfillment centers across Austria, Germany, and the UK, offering comprehensive services including warehousing, packaging, cross-border shipping, personalization, and API integration. Their business model focuses on supporting online shops to efficiently manage logistics and shipping across Europe, including direct market entry into Switzerland. The website reflects a professional and well-branded digital presence with extensive content and customer testimonials, positioning MH|Direkt as a reliable partner in the e-commerce logistics sector. Technically, the website is built on WordPress using popular plugins and frameworks such as Elementor, Gravity Forms, and WP Rocket. It integrates multiple marketing and analytics tools including Google Analytics, Google Ads, Facebook Pixel, and LinkedIn Insight Tag, indicating a mature digital marketing strategy. The site is mobile-optimized and SEO-friendly, though performance is moderate and accessibility features are basic. From a security perspective, the website lacks a valid SSL certificate, which is a critical issue impacting user trust and data security. Other security best practices such as HSTS, DNSSEC, and domain protection locks are not implemented, reducing the overall security posture. No explicit security or incident response policies are published on the site. Privacy and cookie policies are present and appear GDPR compliant, with consent mechanisms in place. Overall, MH|Direkt presents a credible and professional business with strong market positioning in e-commerce fulfillment. However, the lack of HTTPS and some security best practices pose risks that should be addressed promptly to enhance trust and compliance. Strategic recommendations include immediate SSL certificate installation, enabling HSTS and DNSSEC, and publishing security policies to improve transparency and security culture.

K

KISSA Tea

kissatea.com

0

KISSA Tea operates a premium e-commerce platform specializing in organic matcha tea and related accessories, targeting health-conscious and lifestyle consumers primarily in Europe. The website is built on Shopify and leverages multiple marketing and analytics tools to enhance customer engagement and sales. While the site demonstrates excellent content quality, branding consistency, and user experience, a critical security gap exists due to the absence of a valid SSL certificate, undermining HTTPS security. The presence of comprehensive privacy and cookie policies with consent mechanisms reflects good compliance posture. Overall, the business appears legitimate and well-positioned in its niche, but immediate remediation of SSL/TLS issues is essential to protect customer data and maintain trust.

S

SonnenMoor

sonnenmoor.at

0

SonnenMoor is an established Austrian family-owned business specializing in natural health products and remedies, operating since 1972. The company leverages a Shopify-based e-commerce platform to serve both retail consumers and business partners, with a strong focus on natural, herbal, and moor-based products. The website is professionally designed, content-rich, and provides comprehensive contact and support information, including personal consultation services. Technically, the site uses modern e-commerce technologies and integrates multiple marketing and analytics tools with GDPR-compliant consent mechanisms. However, a critical security issue is the lack of a valid SSL certificate and disabled TLS protocols, which significantly impacts the security posture and user trust. The domain registration data aligns well with the business claims, indicating legitimacy and consistency. Strategic improvements in SSL/TLS configuration are essential to enhance security and trust.

V

Verjus-Shop

verjus-shop.com

0

Verjus-Shop is a specialized e-commerce business based in Austria, founded in 2012, offering natural, additive-free, gluten-free, low histamine, and alcohol-free products including Verjus and non-alcoholic beverages. The website is professionally designed with clear navigation and rich content targeting health-conscious consumers and B2B clients such as retailers and restaurateurs. Technically, the site runs on WordPress with WooCommerce and uses modern marketing and analytics tools, but suffers from a lack of HTTPS due to an invalid or missing SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are comprehensive and GDPR compliant, enhancing user trust. Overall, the business appears legitimate and well-positioned in its niche, but the lack of HTTPS is a critical security concern that should be addressed immediately.

E

EasyAds

easyads.eu

0

EasyAds is a Dutch online marketing bureau specializing in e-commerce growth through automation, marketing optimization, and integration with marketplaces and advertising channels. The company has a solid market position supported by recognized partnerships with Channable, Google, Microsoft, and Cookiebot, and has been operating since 2006. Their services include datafeed management, marketplace integrations, advertising channel management, and managed campaign services, targeting retailers and brands seeking scalable online growth. Technically, the website is built on WordPress with Elementor and several plugins, hosted on WordPress.com's Atomic infrastructure. The site is multilingual and uses modern marketing and analytics tools, including Google Analytics and LinkedIn Insight, with a cookie consent mechanism via Cookiebot. However, the SSL certificate is invalid or missing, resulting in no HTTPS support, which is a critical security issue. Security headers are partially implemented, but TLS protocols are disabled, and no DNSSEC or CAA records are configured. Contact information is available via email, phone, and contact forms, but no explicit privacy policy or terms of service pages were found. Overall, the website is professional and content-rich but requires urgent security improvements to ensure trust and compliance.

T

Trusted Shops SE

trustedshops.at

0

Trusted Shops SE operates a leading European platform providing trust and buyer protection services for online shopping. The website targets consumers primarily in German-speaking European countries, offering services such as a trustmark certification, buyer protection insurance, and verified customer reviews. The business model focuses on B2B and B2C services, supporting over 30,000 certified shops and millions of users. The company is well-established with consistent branding and strong trust indicators. Technically, the website is built on WordPress with modern marketing and consent management tools, but suffers from slow performance and lacks a valid SSL certificate, which critically impacts security. Privacy policies and GDPR compliance are well implemented. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

O

Otto Austria Group GmbH

unito.at

0

Otto Austria Group GmbH is a major Austrian e-commerce retailer operating multiple online shops across Austria and Switzerland. The company is part of the larger Otto Group and offers a broad range of products including living, lifestyle, fashion, and technology. The website presents professional content with strong branding and clear navigation targeting online shoppers and potential employees. Technically, the site is built on WordPress with Elementor and uses modern web technologies but lacks a valid SSL certificate, resulting in no HTTPS support. This is a critical security gap. The site complies well with GDPR and cookie consent requirements, showing a mature privacy posture. However, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Overall, the business is credible and trustworthy, but the technical security implementation requires urgent improvement to protect user data and enhance trust.

K

ktchng

ktchng.com

0

ktchng is a small Austrian-based technology and e-commerce company offering an augmented reality mobile app that enables users to scan products and environments to receive trend information, community content, and sales offers. The platform integrates a token reward system (KTC) that users can earn and redeem in the ktchng webshop and partner stores. The website is professionally designed with good content quality and consistent branding, targeting consumers interested in AR and digital shopping experiences. Technically, the site uses PHP backend with nginx, Amazon AWS hosting, CloudFront CDN, and integrates monitoring and analytics tools such as New Relic, Google Analytics, and Facebook Pixel. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security vulnerability. Privacy and cookie policies are present and GDPR compliant, with a cookie consent mechanism implemented. Contact information is clearly provided, including emails and phone numbers. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

S

Smarter Ecommerce GmbH

smarter-ecommerce.com

0

Smarter Ecommerce GmbH is an established Austrian company founded in 2007, specializing in AI-powered PPC campaign management software and expert consulting services tailored for ecommerce businesses. The company holds reputable certifications such as Google Premier Partner and Microsoft Advertising Elite Partner, positioning itself as a trusted player in the ecommerce marketing technology sector. Their offerings focus on Performance Max optimization, Google Ads management, and comparison shopping services, targeting ecommerce clients seeking to maximize advertising ROI. Technically, the website leverages modern web technologies including Bootstrap, GSAP, and Storyblok CMS, hosted behind Cloudflare CDN. The site implements a consent management platform (Usercentrics) and integrates multiple analytics and tracking tools such as Google Analytics, Hotjar, and Microsoft Clarity, reflecting a mature digital marketing infrastructure. Mobile optimization and SEO practices are well addressed, although performance metrics are not explicitly available. From a security perspective, the site lacks a valid SSL certificate, which is a critical vulnerability impacting user trust and data protection. While some security headers are present, important enhancements such as DNSSEC, CAA records, and full HSTS implementation are missing. No explicit security or incident response policies are published, and no vulnerability disclosure mechanisms are evident. Privacy compliance is well managed through a comprehensive privacy policy and cookie consent mechanism. Overall, the website demonstrates strong business credibility and digital maturity but requires urgent remediation of SSL/TLS issues and security hardening to ensure secure user interactions and compliance with best practices.

V

Vossen

vossen.com

0

Vossen is a well-established European textile company specializing in high-quality towels, bathrobes, and bath mats, with a strong emphasis on sustainability and color variety. The website is a professionally designed e-commerce platform built on Shopify, featuring comprehensive product offerings, customer reviews, and multilingual support. The technical infrastructure leverages modern web technologies and integrates multiple third-party apps for enhanced functionality. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which are critical for secure online transactions and user trust. Privacy compliance is well addressed with visible policies and consent mechanisms. Overall, the site presents a credible and professional business presence but requires urgent security improvements to ensure safe user interactions.

The bwinparty.com domain currently serves an inaccessible website due to a DNS resolution error as indicated by the Cloudflare error page. This prevents access to any substantive content, including business descriptions, policies, or contact information. The domain is associated with online gaming and betting services, but no direct content is available to confirm details. Technically, the site is behind Cloudflare but lacks a valid SSL certificate and modern TLS support, resulting in poor security posture. Basic security headers are present but insufficient. The absence of privacy and cookie policies, contact details, and business information further reduces trust and compliance. Overall, the site is currently non-functional from a user perspective, representing a critical risk for business continuity and reputation.

G

GoDaddy Operating Company, LLC

alliedpanels.com

0

The website alliedpanels.com is a domain aftermarket sales landing page hosted and operated under GoDaddy's platform. It offers the domain for sale with options to buy now, lease to own, or make an offer. The site targets domain investors and businesses seeking premium domain names, leveraging GoDaddy's trusted marketplace and brokerage services. The business model is focused on domain sales and brokerage within the e-commerce sector, supported by GoDaddy's large market presence and infrastructure. Technically, the site is built using modern JavaScript frameworks such as React and Next.js, hosted on AWS infrastructure. However, the site suffers from slow load times and lacks a valid SSL certificate, resulting in no HTTPS support. While the design and user experience are good and mobile optimized, the absence of HTTPS and security headers significantly weakens the security posture. Security evaluation reveals critical issues including no valid SSL certificate, no HSTS, and missing security headers, which expose users to potential risks. Privacy compliance is supported by comprehensive GoDaddy privacy and cookie policies, with GDPR compliance indicated. Contact information is limited but present via phone and contact form. Overall, the site is legitimate and consistent with domain aftermarket sales but requires urgent security improvements. Strategically, the site should prioritize obtaining and configuring a valid SSL certificate to enable HTTPS, implement security headers, and improve performance to enhance trust and user experience. These steps will strengthen the security posture and align with best practices for e-commerce platforms.

O

Offermative

offermative.com

0

Offermative is a specialized e-commerce solution offering an AI-powered sales funnel plugin for WooCommerce stores. The company, founded in 2020 and operated by StoreApps, targets WooCommerce merchants seeking to optimize revenue through automated offers, discounts, and product recommendations. The website presents a professional and content-rich platform with clear marketing messages, testimonials, and calls to action, positioning itself as a niche player in the WooCommerce plugin market. Technically, the site is built on WordPress and WooCommerce, leveraging common web technologies and marketing tools such as Google Analytics, Facebook Pixel, and Hotjar. Performance is moderate with some room for optimization. Security posture is basic; HTTPS is enforced with a strong cipher suite, but lacks advanced TLS features like HSTS and OCSP stapling, and no security headers are present. The domain registration is consistent with the business history but shows a high expiry risk and lacks domain protection locks, which could pose risks if not addressed. Privacy policies are present and GDPR compliant, though no explicit cookie consent mechanism is implemented. Overall, the site is functional and credible but would benefit from enhanced security and privacy controls.

S

Store Apps Technologies LLP

storeapps.org

0

StoreApps Technologies LLP is a mature and reputable provider of WooCommerce plugins designed to enhance e-commerce store performance through marketing, inventory management, and checkout optimization tools. With over 14 years of domain presence and official recognition as a WooCommerce extension developer, the company serves a broad audience of WooCommerce store owners and online retailers. Their product portfolio includes popular plugins such as Smart Coupons, Smart Manager, and Smart Offers, supporting a business model based on software sales and subscriptions. Technically, the website is built on WordPress and WooCommerce platforms, leveraging common web technologies and third-party analytics and marketing tools. While the site is well-designed and content-rich, performance is somewhat slow, and accessibility is basic. Security posture is adequate with HTTPS and strong cipher suites but lacks advanced SSL features like HSTS and OCSP stapling, and security headers are missing. Privacy compliance is partially met with a comprehensive privacy policy but no visible cookie consent mechanism. Overall, the site demonstrates high business credibility and trustworthiness but could improve technical and security aspects to enhance user trust and compliance.

P

porkbun.shop

porkbun.shop

0

porkbun.shop is an e-commerce website currently in a 'Coming Soon' state, hosted on the Shopify platform. The site offers a newsletter signup form to notify visitors of upcoming promotions and product launches. The business model is typical of online retail stores leveraging Shopify's infrastructure. The website is password protected and lacks substantive content or business information at this time, indicating it is not yet operational. Technically, the site uses Shopify's Debut theme and standard JavaScript libraries, including CryptoJS and Shopify's own analytics and pixel tracking scripts. However, the site suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in no HTTPS support. This severely impacts the security posture and trustworthiness of the site. Performance is slow with a large page size and many resource requests, and SEO and accessibility optimizations are basic. Security-wise, the site has minimal protections beyond HSTS being enabled. There is no valid SSL certificate, no modern TLS protocols enabled, and no OCSP stapling or session resumption. No privacy, cookie, or terms of service policies are present, and no incident response or vulnerability disclosure information is available. The site collects email addresses via a newsletter form but lacks GDPR compliance indicators. Overall, the website is in an early stage of development with significant security and compliance gaps. The lack of HTTPS is a critical issue that must be addressed before launch. Strategic recommendations include obtaining a valid SSL certificate, implementing privacy and cookie policies, improving performance, and enhancing security headers and compliance measures.

F

Feastables

feastables.com

0

Feastables is a well-established e-commerce and retail brand specializing in snack products co-created with influencer MrBeast. The company emphasizes ethical sourcing and global availability, targeting consumers who value quality and responsible production. The website is built on the Shopify platform, integrating multiple marketing and analytics tools such as Klaviyo, Facebook Pixel, and Postscript, indicating a mature digital marketing strategy. However, the absence of a valid SSL certificate is a critical security flaw that undermines user trust and data protection. While the site includes comprehensive privacy and cookie policies with consent mechanisms, no explicit security or incident response policies are present. The domain is mature and registered consistently with the business claims, reflecting high legitimacy. Strategic improvements in SSL implementation and security headers are recommended to enhance the overall security posture.