Security Directory

C

City Plumbing Supplies Holdings Limited

cityplumbing.co.uk

0

City Plumbing Supplies Holdings Limited operates as the UK's largest builders' merchants, offering an extensive range of plumbing, heating, bathroom, and related trade products through both e-commerce and physical branches. The company targets trade professionals and builders across the UK, leveraging a strong market position supported by a comprehensive product catalog and multiple customer engagement channels. Technically, the website employs modern technologies including React, Google Tag Manager, and various marketing and analytics tools, ensuring a good user experience with mobile optimization and accessibility features. Security posture is robust with HTTPS enforcement, cookie consent mechanisms, and no visible vulnerabilities, though some security headers could be enhanced. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, supported by clear business information and active social media presence.

I

Isle of Man Creamery

isleofmancreamery.com

0

Isle of Man Creamery is a well-established cooperative of family-owned dairy farms providing fresh, grass-fed dairy products including milk, cheese, cream, butter, and buttermilk to the Isle of Man community. The company emphasizes local sourcing and sustainability, with a strong market position as the leading dairy producer on the island. Their business model includes direct consumer sales supported by online ordering and doorstep delivery services. The website reflects a professional and consistent brand image with clear navigation and comprehensive legal and contact information. Technically, the website employs modern web technologies such as Bootstrap 5, jQuery, Swiper.js, and GSAP for a responsive and engaging user experience. Hosting appears to leverage AWS S3 for media assets, and Google Analytics is used for visitor tracking. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, security headers are not explicitly detected, and Google reCAPTCHA is included but not fully configured. No critical vulnerabilities or suspicious elements were found. Privacy compliance is strong with clear privacy and cookie policies, though no explicit consent mechanism for cookies is present. Contact details are transparent and trustworthy. Overall, the website scores well on content quality, technical implementation, security posture, privacy compliance, and business credibility. There are no blocking mechanisms or WAF detected, and the domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements could focus on enhancing security headers, fully enabling CAPTCHA, and adding incident response information to further strengthen trust and compliance.

S

STARK Building Materials UK Limited Trading as Jewson

jewson.co.uk

0

Jewson, operated by STARK Building Materials UK Limited, is a leading UK builders merchants chain offering a wide range of building materials, timber, tools, and equipment hire services. With over 400 branches nationwide, Jewson serves trade professionals and self-builders, providing comprehensive product categories and project support tools such as estimators and account management. The website reflects a mature digital presence with a professional design, clear navigation, and extensive product information. Technically, the site leverages SAP Hybris CMS, Adobe Launch for tag management, and integrates modern analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement, CSRF protection, and cookie consent mechanisms, although explicit security policies and vulnerability disclosures are not found. Overall, Jewson's website demonstrates a high level of business credibility, technical maturity, and compliance with privacy regulations, supporting its market position as a trusted supplier in the UK construction sector.

Y

YESSS Electrical

yesss.co.uk

0

YESSS Electrical is a prominent UK-wide electrical wholesaler and retailer, offering a vast range of over 10,000 electrical products sourced from leading UK brands. With a strong market presence supported by over 95 physical stores nationwide and an online platform, they cater to both trade professionals and public customers. Their services include technical assistance, free design services, next day delivery, and click & collect options, positioning them as a comprehensive supplier in the electrical industry. The company emphasizes competitive pricing and extensive product availability, reinforcing their position as a fast-growing leader in the UK electrical wholesale market. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Google Tag Manager, Facebook Pixel, Google reCAPTCHA, and Visual Website Optimizer, ensuring a responsive and interactive user experience. The site is well-optimized for mobile devices and incorporates standard SEO and accessibility practices, though some accessibility features could be enhanced. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, uses reCAPTCHA for form protection, and implements a cookie consent mechanism compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security headers and a dedicated security policy or incident response page suggests areas for improvement in security posture. Overall, YESSS Electrical demonstrates a strong business and technical foundation with good compliance and security practices. Strategic enhancements in security headers, incident response transparency, and accessibility would further strengthen their risk management and user trust.

U

Umina Beach Book Nook

uminabeachbooknook.com.au

0

Umina Beach Book Nook is a small, community-focused independent bookstore located in Umina Beach, New South Wales, Australia. The business operates both a physical store and an online WooCommerce-based e-commerce platform, offering a wide range of books including new releases, classics, kids' books, and gifts. The company also hosts book clubs and events, fostering a strong local community presence. Owned by Stay Tooned Pty Ltd, the bookstore emphasizes a warm, welcoming atmosphere and personalized customer service. The website is professionally designed using WordPress with the Divi theme and integrates marketing tools such as ActiveCampaign and Google Analytics for customer engagement and tracking.

A

Andersen Premedia

andersen.media

0

Andersen Premedia is a medium-sized Italian company specializing in retail communication services including graphic layouts, packaging design, in-store design, and photography. The company has a strong market position as a historic brand with 40 years of experience in the organized distribution sector, supported by a professional and content-rich website. Technically, the website is built on WordPress with modern technologies such as Bootstrap, GSAP, and Swiper, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced, HSTS header present, and no detected vulnerabilities, although some improvements like enabling DNSSEC and additional security headers are recommended. Privacy compliance is well addressed with clear privacy and cookie policies and explicit consent mechanisms. The domain registration is privacy protected but consistent with the business profile and location. Overall, Andersen Premedia presents a trustworthy and professional digital presence aligned with its business objectives.

I

Innsbrucker Zentrumsverein

zentrumsverein.at

0

The Innsbrucker Zentrumsverein is a non-profit organization dedicated to promoting the historic city center of Innsbruck, Austria. It focuses on enhancing the shopping experience, organizing events and markets, and supporting local businesses and cultural initiatives. The website reflects a well-structured and professionally designed platform targeting both locals and tourists interested in the Innsbruck city center. Technically, the site runs on Microsoft IIS with modern JavaScript libraries and integrates third-party services such as Google Analytics and Usercentrics for cookie consent management. The SSL configuration is adequate but could be improved by enabling full HSTS and OCSP stapling. Security headers are present, and no critical vulnerabilities were detected. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR-aligned consent mechanisms. Overall, the site demonstrates a good balance of business credibility, technical implementation, and security posture.

O

Oktalite Lichttechnik GmbH

oktalite.com

0

Oktalite Lichttechnik GmbH is a German-based company specializing in the development and implementation of customized LED lighting concepts and systems for modern retail environments such as stores, shops, and showrooms. The company operates as a medium-sized B2B supplier and service provider within the retail lighting sector and is a member of the TRILUX group, which enhances its market position and brand credibility. The website content is rich, professionally designed, and well-structured, targeting retail businesses and lighting professionals. Technically, the website is built on TYPO3 CMS and hosted on an Apache server, with integrations such as Google Tag Manager and OneTrust for analytics and cookie consent management. However, a critical security shortfall is the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. The site includes comprehensive contact information, legal pages, and social media presence, supporting business credibility and privacy compliance. Overall, while the business and content quality are strong, the lack of HTTPS is a major vulnerability that needs urgent remediation.

A

Alpine Brands GmbH & Co KG

goal.at

0

GOAL is an established Austrian beverage brand specializing in fruit-based refreshing drinks with reduced sugar content and added vitamins. The company targets consumers seeking healthier alternatives to traditional soft drinks, positioning itself as a trusted brand with a history dating back to 1929. The website effectively communicates product details, brand history, and contact information, supporting a positive market presence in retail and C&C sectors. Technically, the website is built on WordPress using the GeneratePress theme and Kadence Blocks, leveraging modern JavaScript libraries such as jQuery and Flickity for interactive elements. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with room for improvement in loading speed and technical optimizations. From a security perspective, the site uses HTTPS with modern TLS protocols but lacks advanced security headers and features like HSTS and OCSP stapling. Cookie consent mechanisms are implemented in compliance with GDPR, and privacy policies are clearly presented. However, there is no visible incident response or vulnerability disclosure information, which could be enhanced to improve trust. Overall, the website presents a professional and trustworthy digital presence with minor technical and security improvements recommended to strengthen its posture and user trust.

A

Alpine Brands GmbH & Co Kg

blaschke-original.at

0

Blaschke Original is a traditional Austrian confectionery brand specializing in the production and sale of the iconic Kokoskuppel sweet. With a heritage spanning over 100 years, the company maintains a strong market position in the retail confectionery sector, emphasizing quality and tradition. The website reflects a professional digital presence built on WordPress with Elementor, optimized for SEO and user experience. Security posture is adequate with HTTPS enabled and cookie consent implemented, though improvements such as HSTS and additional security headers are recommended. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact information and social media engagement.

H

Honigmayr Honigmanufaktur

honigmayr.at

0

Honigmayr is a medium-sized Austrian honey manufacturer and retailer specializing in high-quality honey products sourced from the best regions worldwide. The company emphasizes product traceability through its Beetracker system and offers a diverse product range including classic, organic, and specialty honey editions. The website is built on WordPress with a modern tech stack and demonstrates strong digital maturity with multilingual support, SEO optimization, and mobile responsiveness. Security posture is adequate with HTTPS and no critical vulnerabilities detected, though improvements in security headers and OCSP stapling are recommended. Privacy compliance is robust with a comprehensive privacy policy and cookie consent mechanism. Overall, the business presents a trustworthy and professional online presence with clear contact information and active social media engagement.

A

ALPINE BRANDS GmbH & Co KG

auer-waffeln.at

0

Auer is a well-established Austrian brand specializing in gourmet waffle products since 1920, operated by ALPINE BRANDS GmbH & Co KG. The company offers a range of premium waffle specialties and confectionery products targeting consumers who appreciate high-quality gourmet foods. The website reflects a mature digital presence with a WordPress CMS enhanced by Elementor and optimized with WP Rocket. It includes comprehensive metadata, structured data, and social media integration, supporting good SEO and user engagement. Security posture is solid with HTTPS enabled and cookie consent mechanisms in place, though improvements such as HSTS and additional security headers are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, providing clear contact information and business legitimacy.

A

ALPINE BRANDS GmbH & Co KG

gasteiner.at

0

Gasteiner Mineralwasser, operated by ALPINE BRANDS GmbH & Co KG, is a well-established Austrian beverage brand specializing in pure alpine mineral water and natural fruit juice beverages. The company leverages its unique alpine origin and lifestyle branding, including event sponsorship such as the Infinity Music Tour, to engage its target audience. The website reflects a professional and consistent brand image with clear product offerings and active social media engagement. Technically, the website is built on a modern Drupal 11 CMS with PHP 8.3 backend, served via nginx and hosted on a PleskLin environment. It employs modern web technologies including Lottie animations and Swiper.js for interactive content. The site is mobile-optimized and performs well with fast load times and good SEO practices. From a security perspective, the site uses HTTPS with TLS 1.2 and 1.3 protocols and includes important security headers like X-Content-Type-Options and X-Frame-Options. However, it lacks HSTS and OCSP stapling, which are recommended for enhanced security. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a clear cookie consent mechanism and a comprehensive privacy policy aligned with GDPR. Overall, the website demonstrates a solid security posture and business credibility with transparent WHOIS data matching the business identity. Strategic improvements in security headers and incident response disclosures could further enhance trust and compliance.

B

Betty Barclay

bettybarclay-group.com

0

Betty Barclay Group is a well-established fashion retail company specializing in exclusive women's clothing and managing multiple fashion brands. The website serves as a corporate portal presenting the group's brands, corporate information, and links to online shops and B2B services. The target audience primarily includes women interested in fashion and retail partners. The company maintains a strong market position in the retail sector in Germany with a large operational size. Technically, the website is built on a modern stack including PHP 8.2, Apache, and Shopware CMS, enhanced with various marketing and analytics tools such as Google Tag Manager, Econda, and 8select. The site demonstrates good performance, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site uses HTTPS with secure cookie attributes and no detected vulnerable cipher suites. However, it lacks HSTS and OCSP stapling, which are recommended for enhanced security. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website presents a professional, trustworthy, and secure digital presence with minor areas for improvement in security headers and accessibility. The domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

I

Inn-Taler GmbH

inn-taler.tirol

0

Inn-Taler GmbH operates a local gift voucher system for Innsbruck, Austria, offering both physical and digital vouchers redeemable at a network of local retail and hospitality partners. The website is professionally designed with clear navigation and content targeting local consumers and businesses. The technical infrastructure is based on WordPress with modern plugins and PHP 8.1.7, though SSL/TLS configuration could be improved for stronger security. The site implements GDPR-compliant privacy and cookie policies with user consent mechanisms and uses Google Analytics with IP anonymization. Security posture is adequate but could benefit from enhanced headers and modern TLS protocols. No direct contact emails or phone numbers are publicly listed, which may affect immediate customer support access. Overall, the site is trustworthy and well-positioned in its local market niche.

H

HOFER KG

rettenswert.at

0

Rettenswert.at is a website representing a sustainable private label brand by HOFER KG, focused on rescuing agricultural food surpluses and converting them into consumer products. The brand operates in Austria and targets environmentally conscious consumers interested in reducing food waste. The website is built on WordPress with WooCommerce and Elementor, featuring a professional design and good content quality. However, the site lacks a valid SSL certificate, which critically impacts its security posture. Security headers are partially implemented, and a cookie consent mechanism is present, indicating some privacy compliance efforts. Contact information is primarily via a contact form, with no direct emails or phone numbers visible. The domain registration aligns well with the business claims, showing legitimacy and consistency. Overall, the site is functional and professional but requires urgent security improvements.

M

M3 PARK SERVICE Szolgáltató és Üzemeltető Korlátolt Felelősségű Társaság

m3outlet.hu

0

M3 Outlet is a retail outlet shopping center located in Polgár, Hungary, offering over 100 fashion brands with discounts ranging from 30% to 70%. The website targets regional shoppers interested in branded fashion products and provides multilingual support including Hungarian, English, Romanian, and Slovak. Key services include retail shopping, promotions, customer amenities such as free wifi, and tourism-related offerings like tax-free shopping. The business operates under M3 PARK SERVICE Kft., positioning itself as a significant regional outlet center with a medium-sized footprint. Technically, the website is built on Concrete CMS 9.3.2 and utilizes modern frontend technologies such as jQuery, Bootstrap 5, and Owl Carousel. Google Tag Manager is used for analytics and marketing tracking. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. Performance data is missing, but inferred to be slow. Mobile optimization and SEO are good, but accessibility is basic. Security posture is weak due to the absence of HTTPS, lack of HSTS, and missing advanced security headers. No explicit privacy or cookie consent mechanisms are implemented, and no security or incident response policies are visible. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professionally designed but requires urgent security improvements, especially SSL/TLS configuration, to protect user data and improve trust. Implementing privacy compliance features and enhancing security headers would further strengthen the security posture.

M

Malmö Designer Village

malmodesignervillage.com

0

Malmö Designer Village is a premium retail outlet project positioned as the largest outlet in Scandinavia and the first premium outlet village serving the Greater Copenhagen region. The business model focuses on offering discounted fashion and lifestyle brands to residents and tourists in the Malmö and Copenhagen area. The website is built on the Squarespace platform, featuring professional design and clear navigation but lacks a valid SSL certificate, resulting in no HTTPS support. This is a critical security shortfall. The site includes a contact form for inquiries but does not provide explicit email addresses or phone numbers. Privacy compliance is minimal, with a basic privacy policy page but no cookie consent mechanism. Social media presence is limited to LinkedIn. Overall, the site demonstrates moderate digital maturity but requires significant security improvements to protect user data and build trust.

Designer Outlet Luxembourg operates a retail outlet shopping center featuring over 60 major brands offering discounts year-round. The website presents a professional and consistent brand image targeting shoppers in Luxembourg and nearby regions. The technical infrastructure is based on TYPO3 CMS hosted on Apache servers with integration of modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Cookiebot for GDPR compliance. Security posture is adequate with a valid SSL certificate but lacks modern TLS protocol support and some advanced security headers. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information and social media presence enhance business credibility. Overall, the website is functional, secure, and compliant with relevant regulations, supporting the business's retail operations effectively.

H

HUMANIC

humanic.net

0

HUMANIC is a well-established shoe retailer and manufacturer with over 150 years of history, operating both physical stores and online shops across multiple Central and Eastern European countries. The company offers a broad range of footwear and accessories targeting consumers seeking quality and variety. Their market position is strong, especially in Austria, with a recognized brand and customer loyalty programs. Technically, the website is built on SAP Commerce (Hybris) platform, leveraging modern marketing and analytics tools such as Google Analytics, Dynamic Yield, and Usercentrics for consent management. The site is hosted behind Cloudflare, ensuring basic security and performance benefits. Security posture is adequate with HTTPS enforced and several security headers present, although TLS protocols are outdated and some security enhancements like HSTS preload and OCSP stapling are missing. Privacy compliance is addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and functional, with room for technical and security improvements.

A

Alpinebrands

alpinebrands.at

0

Alpinebrands.at is a website representing Alpinebrands, a company focused on marketing and distributing traditional Austrian food and drink brands such as Gasteiner, AUER, Honigmayr, Blaschke, and GOAL. The company emphasizes quality, tradition, and innovation, targeting both national and international consumers interested in authentic Austrian products. The website is built on WordPress using modern plugins and themes, with good SEO and mobile optimization. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy and cookie policies are well implemented, demonstrating GDPR compliance and user consent mechanisms. Contact information is limited to email addresses for domestic and international inquiries, with no phone numbers or physical addresses found. Overall, the site presents a professional image but requires urgent security improvements to protect user data and enhance trust.

B

Betty Barclay

bettybarclay.com

0

Betty Barclay operates as a well-established women's fashion brand focused on retail and e-commerce, targeting modern women seeking stylish and quality clothing for various occasions. The website presents a professional and user-friendly shopping experience with clear navigation, comprehensive content, and trust signals such as certifications and social media presence. Technically, the site uses a modern tech stack including Shopware, PHP 8.2, and advanced commerce services, with good mobile optimization and accessibility. However, the absence of HTTPS/SSL and missing DNS records represent critical security and infrastructure weaknesses that significantly impact the site's trustworthiness and security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

A

Adaro Optics Ltd.

adaro.net

0

Adaro Optics Ltd. operates a specialized platform focused on optical subscription technology, targeting both optical retailers and end customers. Their flagship platform, Adaro Direct, enables retailers to offer subscription and payment solutions for eyewear, eyecare, and audiology products, aiming to increase customer loyalty and revenue. The company is positioned as a niche provider within the retail optical sector, trusted by major industry players such as Specsavers and Vision Express. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website leverages modern frameworks including Blazor and Bootstrap 5, with integration of Google services for analytics and bot protection. Hosting assets on Microsoft Azure Blob Storage indicates a reliable infrastructure. While the site is mobile-optimized and performs moderately well, there is room for improvement in accessibility and SEO optimization. The absence of a CMS suggests a custom or framework-based solution. From a security perspective, the site uses HTTPS and Google reCAPTCHA, but lacks visible security headers and a published security policy or incident response contacts. The presence of ISO 27001 certification is a strong trust indicator, though explicit privacy policy documentation is missing, which is a compliance gap. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a trustworthy and credible business with a solid technical foundation. Strategic improvements in privacy compliance, security headers, and accessibility would enhance the security posture and regulatory adherence, supporting long-term business growth and customer trust.

A

Home

annemorel.at

0

The website annemorel.at represents a small retail business specializing in fashion footwear, bags, and accessories. It features a variety of shoe brands and targets German-speaking consumers, likely in Austria. The business model is primarily e-commerce and retail sales, with a boutique style presentation. The website uses Joomla CMS with common web technologies such as jQuery, Bootstrap, and MooTools. The site is mobile optimized and moderately performant but has only basic content quality and branding consistency. Security posture is moderate with HTTPS enabled and CSRF tokens present, but lacks security headers, privacy policies, and incident response information. No contact emails or phone numbers are provided, only social media links. Overall, the site is functional but lacks comprehensive privacy, security, and compliance features.

H

HEIDI Chocolat SA

heidi-chocolate.com

0

HEIDI Chocolat SA is a premium chocolate manufacturer and retailer based in Romania, established in 2002. The company offers a wide range of chocolate products including pralines, tablets, personalized chocolates, and seasonal items, targeting chocolate consumers worldwide. The website reflects a medium-sized retail business with a focus on craftsmanship, natural ingredients, and positive brand messaging. Technically, the website uses a modern JavaScript stack with libraries such as jQuery, Owl Carousel, and integrates marketing and analytics tools like Facebook Pixel, Google Analytics, and Klaviyo. The site is mobile-optimized and provides a good user experience with clear navigation and product presentation. Security-wise, the site uses HTTPS and implements cookie consent mechanisms compliant with GDPR, but lacks explicit security policies or incident response contacts. Overall, the domain registration and business information are consistent and legitimate, supporting a trustworthy online presence.

Huber Holding AG is a well-established Austrian company specializing in the production and distribution of high-quality underwear and lingerie brands such as HANRO, HUBER, and SKINY. Founded in 1908, the company has a long-standing presence in the retail and manufacturing sectors, targeting adult consumers with premium bodywear products. The website content is minimal and primarily serves as a frameset container pointing to another page, with metadata describing the business but lacking substantive content or interactive features. Technically, the website is built using outdated technology, specifically Microsoft FrontPage 5.0 and framesets, which are no longer considered modern or mobile-friendly. There is no evidence of modern CMS, analytics, or tracking tools, and the site lacks mobile optimization and accessibility features. Performance is likely slow due to legacy design choices, and SEO optimization is basic, relying mostly on meta tags. From a security perspective, the site does not demonstrate modern security best practices. There is no indication of HTTPS enforcement or SSL certificates in the provided data, no security headers, and no privacy or cookie policies to comply with GDPR. No contact information or incident response channels are visible, which limits transparency and user trust. These factors contribute to a low security posture and compliance level. Overall, the website presents a moderate business credibility due to the company's established history and consistent WHOIS data, but the digital presence is weak and outdated. The lack of security and privacy measures, combined with poor technical implementation, poses risks to user trust and regulatory compliance. Strategic improvements in security, privacy, and modernization of the website are recommended to enhance the company's digital maturity and customer confidence.

G

Gebr. Heinemann SE & Co. KG

gebr-heinemann.com

0

Gebr. Heinemann SE & Co. KG is a globally recognized enterprise specializing in travel retail, operating both as a retailer and distributor across multiple channels including airports, border crossings, cruise ships, and diplomatic zones. The company collaborates with luxury brands and offers a diverse product portfolio ranging from cosmetics to fashion and accessories. Their market position is strong, supported by regional centers in Singapore and Miami, and a headquarters in Hamburg, Germany. Technically, the website leverages modern frameworks such as Next.js and React, with integrated cookie consent management via Usercentrics and analytics through Google Tag Manager. The site is well-optimized for mobile and SEO, providing a good user experience. Security posture is solid with HTTPS enforced and consent mechanisms in place, though some security headers and explicit incident response contacts are missing. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

woom GmbH is an Austrian company specializing in the design and sale of ergonomic, lightweight children's bikes tailored to various age groups and sizes. Founded in 2013 by two fathers who sought better bike options for their children, the company has grown to serve over 37 countries with a strong international presence. Their product range includes bikes, helmets, accessories, and a Riders Club membership, supported by a 10-year warranty and a 30-day money-back guarantee. The website reflects a mature e-commerce platform with a modern tech stack including Nuxt.js, TailwindCSS, and Shopify integration, ensuring a fast, responsive, and accessible user experience. Security best practices are observed with HTTPS, security headers, and no visible vulnerabilities, although explicit security and incident response policies are not found. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations.

A

Argent Australia

argentaust.com.au

0

Argent Australia is a well-established supplier of premium bathroom, kitchen, laundry, commercial, and smart living products in Australia, operating since 1958. The company partners with leading European brands and serves a diverse clientele including retail, project, and builder markets. Their website reflects a professional and consistent brand image with clear navigation and comprehensive product offerings. Technically, the site is built on Drupal CMS with modern JavaScript libraries and tracking tools, providing a moderate performance and good mobile optimization. Security posture is solid with HTTPS and standard security practices, though explicit security policies and vulnerability disclosures are absent. Privacy compliance is basic with cookie consent mechanisms and a privacy policy present but lacking GDPR-specific details. Overall, the website demonstrates high business credibility and trustworthiness.

L

LaPrairie

laprairiegroup.ch

0

LaPrairie is a premium luxury skincare brand operating under the Beiersdorf group, focusing on high-end beauty products and sustainability. The website reflects a strong brand presence with excellent content quality, clear navigation, and a professional design optimized for mobile devices. The technical infrastructure leverages Drupal CMS, modern JavaScript libraries for animations, and integrates Google Analytics and OneTrust for analytics and privacy compliance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit security policies are absent. Overall, the site demonstrates a high level of professionalism and trustworthiness suitable for its luxury market position.

O

Orderman GmbH

orderman.com

0

Orderman GmbH is a well-established company specializing in professional hardware and services tailored for the hospitality and retail sectors. With over 30 years of experience and a strong market position as a leader in mobile cash registers, Orderman offers a broad portfolio including handheld devices, POS systems, printers, panel PCs, kiosks, and call systems. The company operates primarily in Austria and Italy, with additional presence in Dubai, and is a subsidiary of NCR, enhancing its credibility and market reach. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the website is built on WordPress using modern frameworks such as Elementor and JetEngine, supported by Borlabs Cookie for GDPR-compliant cookie management. It integrates Google Tag Manager and Google Analytics with consent mode enabled, demonstrating a good level of digital maturity and privacy awareness. The site is mobile-optimized and performs moderately well, with good SEO practices and accessibility features. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. It employs cookie consent mechanisms and avoids exposing sensitive data. However, it lacks a dedicated security policy or incident response page, and no vulnerability disclosure or security.txt file is present. These gaps represent opportunities for improving transparency and security posture. Overall, Orderman GmbH's website is professional, trustworthy, and compliant with privacy regulations, supporting its business credibility. Strategic enhancements in security policy communication and incident response readiness would further strengthen its risk management and customer trust.

G

Groupe SEB WMF Retail GmbH

wmf.com

0

WMF Onlineshop is the official e-commerce platform of Groupe SEB WMF Retail GmbH, a historic German company with over 170 years of tradition in premium kitchenware and coffee machines. The website offers a comprehensive product catalog, including cutlery, pots, pans, coffee machines, and kitchen accessories, targeting consumers seeking high-quality kitchen products. The platform integrates modern technologies such as Magento 2 with Hyvä Theme, Alpine.js, and various marketing and analytics tools, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and employs monitoring tools like New Relic. It also implements robust privacy and cookie consent mechanisms via OneTrust, ensuring GDPR compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly configured, representing an area for improvement. No critical vulnerabilities or WAF blocking were detected, indicating a secure and accessible platform. Overall, WMF Onlineshop demonstrates a high level of professionalism, technical sophistication, and compliance with privacy regulations. It effectively balances user experience, security, and business needs, positioning itself as a trustworthy and reputable online retailer in the premium kitchenware market.

M

METRO AG

metro-cc.com

0

METRO AG operates as a leading international wholesaler specializing in food service and wholesale for professional customers such as HoReCa and Traders. The company maintains a strong market position with over 30 countries of operation, 623 wholesale stores, 94 delivery depots, and an online marketplace. Their business model focuses on multichannel marketing and tailored services, supported by a portfolio of own brands and subsidiaries. Technically, the website is built on a modern stack including Sitecore CMS, Bootstrap, and integrates analytics tools like Google Analytics and Siteimprove, with good mobile optimization and accessibility. Security posture is solid with cookie consent mechanisms, CSRF protection, and no visible vulnerabilities, though security headers and incident response contacts could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR, reflecting a mature digital presence for an enterprise-level retail business.

O

Online-Shop Gegenbauer Essig

gegenbauer.at

0

Online-Shop Gegenbauer Essig is a small Austrian artisanal business specializing in vinegar and gourmet products with a rich history dating back to 1929. The company operates an e-commerce platform built on Joomla CMS with VirtueMart, offering a diverse product range including over 70 vinegar varieties, oils, fruit juices, and coffee. The website is well-structured, mobile-optimized, and uses modern web technologies such as Uikit and jQuery. Structured data is implemented for SEO benefits. Security posture is adequate with HTTPS enforced and CSRF protections in place, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is limited to a login and contact form, with no direct emails or phone numbers visible. Overall, the site is professional and trustworthy, though improvements in security transparency and privacy compliance are recommended.

M

Markant AG

markant.com

0

Markant AG is a well-established European service provider specializing in connecting suppliers and retailers within the food retail, wholesale, and specialty trade sectors. The company offers a broad range of services including payment processing, finance and security, product information management, and market analysis, aiming to optimize and automate supply chain and administrative processes. With a strong market presence, Markant serves over 15,000 suppliers and 200 retailers across multiple countries, positioning itself as a key player in the retail services industry. The website reflects a mature digital infrastructure built on TYPO3 CMS, integrating modern tracking and video technologies to enhance user engagement and marketing efforts. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers and incident response policies could be improved. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.

Piatnik is a well-established Austrian/German board game and playing card publisher with a strong market presence in the retail sector. The company offers a broad portfolio including board games, card games, puzzles, and personalized products through its online shop. Their website reflects a mature digital presence with clear navigation, brand consistency, and community engagement features such as a club and game tester programs. Technically, the site uses modern web technologies and provides a responsive experience, though some security headers and explicit policies could be improved. The security posture is moderate with HTTPS usage and cookie consent implemented, but lacks visible advanced security policies or incident response contacts. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy business.

umdasch Store Makers Management GmbH is a large, internationally operating company specializing in shopfitting and retail solutions, including consulting, project management, general contracting, and digital retail integration. The company is part of the Umdasch Group AG and serves retail businesses with comprehensive store design and implementation services. Their website reflects a professional and consistent brand presence with multilingual support and active social media engagement. Technically, the website uses Apache server technology with common JavaScript libraries for UI components but lacks a modern CMS indication. Hosting is managed via Azure DNS. Performance metrics are not provided but inferred as slow due to zero load time data. Security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which critically impacts secure communications. Privacy compliance is addressed with a comprehensive GDPR policy and cookie consent mechanism, though no explicit security policy or incident response contacts are found. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

U

Unverschwendet

unverschwendet.at

0

Unverschwendet is a small Austrian retail business specializing in transforming surplus fruits and vegetables into high-quality, sustainable food products such as jams, syrups, chutneys, and more. The company operates an e-commerce platform alongside physical market stands and partnerships with retail chains like HOFER under the 'Rettenswert' brand. Their business model focuses on sustainability and social responsibility, targeting environmentally conscious consumers and businesses seeking unique, sustainable gifts. Technically, the website is built on the Shopware platform, leveraging modern marketing and analytics tools including Google Tag Manager, Facebook Pixel, and Hotjar. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to insecure HTTP connections. Despite this, the site implements strong security headers and cookie consent mechanisms, demonstrating good privacy compliance. The domain registration is consistent and legitimate, supporting the business's credibility. Strategic improvements in security infrastructure are recommended to enhance user trust and compliance.

Dessous.at is an Austrian online magazine specializing in lingerie and fashion news, trends, and brand promotions. The site targets German-speaking audiences interested in lingerie and related fashion content. It operates on a WordPress CMS platform with a variety of plugins enhancing content delivery and user experience. The website demonstrates good content quality and professional design, with clear navigation and mobile optimization. However, the technical infrastructure shows weaknesses, notably the absence of a valid SSL certificate and missing DNS records, which impacts security and trust. The security posture is basic, with some security headers present but critical issues such as invalid SSL and lack of cookie consent. Privacy compliance is partial, with a privacy policy available but no cookie policy or consent mechanism. Overall, the site is functional and credible but requires significant improvements in security and privacy to enhance trust and compliance.

L

Leifheit

leifheit.com

0

Leifheit is a well-established German retail company specializing in household and kitchen products, with a strong brand presence and a history of over 65 years. The website serves as an e-commerce platform built on Shopware 6, offering a wide range of products including cleaning tools, laundry drying solutions, and kitchen utensils. The site is professionally designed with good navigation, mobile optimization, and rich multimedia content, targeting household consumers seeking quality products. Technically, the site uses modern JavaScript libraries and integrates marketing and analytics tools such as Bazaarvoice, Klaviyo, and Google Tag Manager. However, a critical security gap exists as the website currently lacks a valid SSL/TLS certificate and does not enforce HTTPS, exposing users to potential risks. Security headers are partially implemented, but the absence of HTTPS severely impacts the overall security posture. Privacy and cookie policies are present and include consent mechanisms, indicating compliance with GDPR requirements. Contact information is available via a contact page, though no explicit emails or phone numbers are embedded in the HTML content. The domain registration and DNS records are consistent with the company's German origin and business claims, supporting legitimacy. Strategic recommendations include immediate implementation of HTTPS, enhancement of security policies, and improved incident response readiness to strengthen trust and compliance.

A

Ansorg GmbH

ansorg.com

0

Ansorg GmbH is a German-based expert company specializing in retail lighting solutions, offering innovative products, lighting planning, and sustainable concepts tailored for retail environments. The company operates under the parent company Trilux and targets retail businesses and professionals seeking high-quality lighting solutions. The website is built on TYPO3 CMS, uses Matomo for analytics, and integrates cookie consent mechanisms, reflecting a modern digital infrastructure. However, the lack of a valid SSL certificate and HTTPS implementation significantly weakens the security posture. Security headers are well configured, but the absence of TLS protocols and certificate transparency compliance are critical gaps. Overall, the website is professional, content-rich, and trustworthy but requires urgent SSL/TLS remediation to ensure secure communications and improve trust.

M

Music Direct

musicdirect.com

0

Music Direct operates as a specialized e-commerce retailer focusing on high-end audio equipment and audiophile music products, including vinyl records and turntables. The company positions itself as a leading online destination for audiophiles and music enthusiasts, offering a broad catalog of equipment and music media. Their business model centers on direct online sales, supported by customer service, trade-in programs, and financing options. The website reflects a mature digital presence with comprehensive product offerings and clear navigation tailored to their target audience. Technically, the website is built on the BigCommerce platform using the Stencil framework, leveraging modern web technologies such as jQuery, Bootstrap, and OwlCarousel. The site integrates multiple marketing and analytics tools including Google Analytics 4, Klaviyo, Lucky Orange, and Yotpo, indicating a sophisticated approach to customer engagement and data-driven marketing. Hosting is provided via Cloudflare, enhancing performance and availability. From a security perspective, the site exhibits significant weaknesses. Despite Cloudflare hosting, the SSL certificate is invalid or missing, and no TLS protocols are enabled, resulting in unencrypted HTTP traffic. Security headers such as X-Frame-Options and X-Content-Type-Options are present, but critical HTTPS enforcement and HSTS configurations are lacking. These deficiencies expose the site and its users to potential interception and downgrade attacks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting compliance with GDPR and related regulations. Overall, while the business and technical infrastructure are solid and professional, the lack of proper SSL/TLS configuration is a critical security gap that undermines user trust and data protection. Addressing this issue should be a top priority to ensure secure transactions and compliance with industry standards.

Pelipal is a well-established German manufacturer and retailer specializing in high-quality bathroom furniture with a history spanning over 110 years. The company targets consumers and retail partners primarily in Germany, Austria, and Switzerland, offering a broad product range including mounted and customizable bathroom furniture, mirrors, and accessories. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site uses a traditional Apache server with jQuery and other JavaScript libraries, managed via the dialogperfect® CMS platform. However, the website lacks HTTPS support, which is a critical security shortfall. Security headers are minimal, and no advanced security policies or incident response information is provided. The cookie consent mechanism is implemented, indicating some privacy compliance efforts. WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

Pep Boys operates as a large retail and automotive service provider in the United States, specializing in automotive parts, tires, and vehicle maintenance services. The company targets vehicle owners seeking aftermarket parts and repair solutions. However, the website content is currently inaccessible due to a PerimeterX bot mitigation challenge, preventing direct analysis of the site's user-facing content and policies. The domain and DNS configurations appear legitimate and consistent with an established business entity.

Burger King's website at bk.com presents a minimalistic digital presence primarily built using modern web technologies such as React Native Web and Expo Router, hosted on AWS infrastructure with CloudFront CDN. The site includes a cookie consent mechanism via OneTrust, indicating some level of privacy compliance effort. However, the website lacks visible content such as privacy policies, terms of service, or contact information, which limits user trust and transparency. From a security perspective, the site is undermined by the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. While security headers are properly configured, the lack of encryption and presence of a subdomain takeover vulnerability on dev.bk.com represent significant security concerns. The DNS and WHOIS data indicate legitimate domain registration consistent with the brand, but the subdomain issue requires urgent remediation. Overall, the website's technical infrastructure is modern but incomplete in critical areas such as security and content completeness. The lack of essential legal and contact information, combined with security vulnerabilities, results in a moderate to low trust level. Strategic improvements in SSL deployment, vulnerability mitigation, and content enrichment are necessary to enhance security posture and user confidence.

Marionnaud is a luxury retail brand specializing in perfumes and cosmetics, operating across multiple European countries with country-specific websites. The website analyzed serves as a landing page for country selection, providing minimal content and navigation to localized sites. The business is positioned as a large retail entity under Hutchison Whampoa Limited, targeting consumers interested in luxury beauty products. Technically, the site uses Apache server technology and Akamai CDN services, with basic front-end assets including Typekit fonts. However, the site lacks a valid SSL/TLS certificate, resulting in insecure HTTP connections, and does not implement modern security headers or compliance policies. This exposes the site to security risks and undermines user trust. Overall, the website's digital maturity is basic, with opportunities for significant improvements in security and privacy compliance. The absence of privacy and cookie policies, as well as contact information, limits transparency and user assurance. Strategic recommendations include immediate SSL deployment, security header implementation, and privacy policy publication to enhance compliance and trust.

Leder & Schuh AG operates the HUMANIC brand, a well-established shoe retailer and manufacturer with over 150 years of history. The company serves multiple Central and Eastern European markets through both online shops and physical stores, positioning itself as a market leader in Austria and surrounding countries. The website provides comprehensive business and product information, targeting consumers seeking quality footwear internationally. Technically, the site uses a modern tech stack including SAP Commerce, Google Tag Manager, and various marketing and analytics tools, hosted behind Cloudflare. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, exposing users to potential risks. Privacy compliance is addressed with cookie consent mechanisms and privacy policies, though some improvements are recommended. Overall, the website is professional and trustworthy but requires urgent security enhancements to protect user data and maintain credibility.

Z

zero

zero.de

0

zero.de is a German e-commerce website specializing in women's fashion, offering a wide range of clothing and accessories for leisure, business, and festive occasions. The brand emphasizes feminine, authentic, and sustainable fashion, targeting women who value quality and modern design. The website is professionally designed with clear navigation and good content relevance, supporting a medium-sized retail business model in Germany. Technically, the site runs on a Shopware platform with Apache and PHP backend, using various third-party marketing and analytics tools. However, the absence of a valid SSL certificate and HTTPS is a critical security flaw that undermines user trust and data protection. The site uses secure cookie flags but without HTTPS, limiting their effectiveness. No explicit security or incident response policies are found, indicating room for improvement in security governance. Overall, the website is functional and credible but requires urgent security enhancements to meet modern standards.

VALGRAP is a Spanish small business specializing in the distribution and online sales of fastening systems and related industrial tools, including brands such as STANLEY BOSTITCH and SIMES. The company targets professional and industrial customers seeking quality fastening products. The website is built on WordPress with WooCommerce, leveraging common plugins and marketing tools such as Google Analytics and Slider Revolution. While the site offers a good user experience with clear navigation and relevant content, it lacks a valid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are present with consent mechanisms, indicating basic GDPR compliance. Contact information is clearly provided, enhancing business credibility. However, the absence of advanced security headers and DNS security features suggests room for improvement in security maturity.

R

Rutar GmbH & Co KG

rutar.at

0

Rutar GmbH & Co KG operates a professional and comprehensive online presence for its retail furniture business in Austria. The website showcases a wide range of furniture categories, including kitchens, living rooms, bedrooms, and garden furniture, supported by detailed product listings and brand partnerships. The company emphasizes customer service with offerings such as free 3D kitchen planning, delivery, and assembly services. Technically, the website is built on WordPress with a modern tech stack including PHP 7.4, nginx, and popular plugins like Yoast SEO and Contact Form 7. The site is well-optimized for mobile devices and includes SEO best practices. Security measures include HTTPS with TLS 1.2 and 1.3, OCSP stapling, and secure cookie flags, though improvements like enabling HSTS and additional security headers are recommended. Privacy compliance is strong, with a clear privacy policy, cookie consent mechanisms, and GDPR adherence. Overall, the site reflects a mature digital infrastructure with a solid security posture and good business credibility.