Security Directory

T

Tiffany & Co.

tiffany.com

0

Tiffany & Co. is a globally recognized luxury jewelry brand with a strong market position under the LVMH parent company. The website serves as a comprehensive e-commerce platform offering a wide range of fine jewelry, gifts, and accessories, supported by robust customer service including concierge and appointment booking. Technically, the site leverages Adobe Experience Manager CMS, Akamai CDN, and modern JavaScript frameworks, delivering a fast and mobile-optimized user experience. However, the security posture is critically weakened by the absence of a valid SSL certificate and lack of HTTPS/TLS support, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but urgently needs to remediate its SSL/TLS configuration to ensure secure communications.

H

HOM Furniture

homfurniture.com

0

HOM Furniture is a large regional furniture retailer primarily serving the upper Midwestern United States, including Minnesota and surrounding states. The company offers a broad range of furniture, home décor, and design services both online and in physical stores. Their digital presence includes advanced features such as augmented reality visualization and room planning tools, indicating a moderate level of digital maturity. However, the website lacks a valid SSL certificate, which is a critical security shortfall that undermines user trust and data protection. While privacy policies are present, cookie consent mechanisms are missing despite the use of tracking and analytics tools. The site uses modern web technologies including MeteorJS and React, but performance data is lacking, suggesting potential optimization opportunities. Overall, the business appears legitimate and well-established, but security improvements are urgently needed to protect customer data and enhance trust.

P

PVH Corp.

pvh.com

0

PVH Corp. is a leading global apparel company known for its iconic brands Calvin Klein and Tommy Hilfiger. The company operates in over 40 countries with a large workforce and focuses on delivering fashion and lifestyle products. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive business information targeting consumers, investors, and job seekers. Technically, the site uses modern frameworks like Vue.js and is hosted on Microsoft IIS with Akamai CDN support, but lacks a valid SSL certificate, which is a critical security gap. Security headers are properly configured, but the absence of HTTPS and modern TLS protocols significantly reduces the security posture. Privacy compliance is partially addressed with a clear privacy policy and GDPR indicators, but no cookie consent mechanism is present. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS implementation to enhance security and user trust.

B

Billa BG

billa.bg

0

BILLA Bulgaria operates as a major retail supermarket chain with a strong presence in the Bulgarian market, offering a wide range of food and non-food products, including own brands and partner brands. The company emphasizes customer loyalty through its BILLA Card program and engages actively in social responsibility initiatives. Technically, the website is built on modern frameworks such as Vue.js and Nuxt.js, hosted on Google Cloud, and integrates payment services like Payone. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocols, which is a critical issue. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy compliance. Overall, the website is professional and content-rich but requires urgent security improvements to ensure safe user interactions.

Kellanova is a global leader in the food manufacturing sector, specializing in snacking, cereals, noodles, and plant-based foods with a strong portfolio of iconic brands. The company targets consumers worldwide, investors, and potential employees, operating at an enterprise scale with a mature domain presence of over 22 years. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the site leverages modern frameworks such as Bootstrap and Adobe Experience Manager, supported by Akamai CDN and integrated with marketing and privacy tools like Google Tag Manager and OneTrust. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the security posture and user trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The WHOIS data confirms strong domain registration practices and legitimacy. Overall, while the business and content aspects are strong, the lack of HTTPS is a major risk that should be remediated promptly.

Zeuxis & Parrhasius is a small retail e-commerce business specializing in handcrafted luxury wallpapers based in Vienna, Austria. The website is built on the Shopify platform, leveraging modern web technologies and optimized for mobile devices. The business targets customers seeking premium wallcoverings with worldwide shipping options. While the site demonstrates good design quality, clear navigation, and professional content, it lacks a valid SSL certificate, which significantly impacts its security posture. The presence of multiple payment options and partner affiliations adds trust signals, but the absence of a visible privacy policy and direct contact emails limits privacy compliance and user trust. Overall, the site is functional and professional but requires critical security improvements to enhance user safety and compliance.

M

Matin

matin-gallery.com

0

Matin is a small, specialized art gallery established in 2004 by Robert and Christina Odegard in Los Angeles, California. The business focuses on artisan jewelry, bronze sculptures, custom furniture, and contemporary art, targeting art collectors and design enthusiasts. The website reflects a professional design with consistent branding and a clear navigation structure, although content is somewhat limited to product categories and contact information. Technically, the site is built on the icompendium CMS platform with a React frontend and hosted on a DigitalOcean IP. However, the site lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts its security posture. Privacy and cookie policies are absent, and Google Analytics is not fully configured, indicating gaps in privacy compliance and analytics maturity. Security headers are minimal, and modern TLS protocols are unsupported, exposing the site to potential risks. Overall, the site demonstrates moderate business credibility but requires urgent improvements in security and privacy compliance to enhance trust and protect user data.

Q

QimiQ Handels GmbH

qimiq.com

0

QimiQ Handels GmbH operates a well-established retail website focused on food products and cooking ingredients, targeting both consumers and professional chefs. The company offers a range of products such as QimiQ Classic, Sahne-Basis, Whip, Vegan, and Tiramisu, complemented by recipe content, professional workshops, and a newsletter. The website is multilingual and professionally designed, reflecting a consistent brand presence and active engagement through social media and marketing tools. Technically, the site is built on WordPress with modern plugins and frameworks, leveraging Cloudflare for CDN and caching. However, a critical security gap exists due to the absence of HTTPS/SSL, exposing users to potential risks. Privacy compliance is strong, with comprehensive policies and consent mechanisms in place. Overall, the site demonstrates good business credibility and user experience but requires urgent security improvements.

ARIAN is a medium-sized company specializing in premium full-service point-of-sale (POS) management and visual marketing solutions for retail and brands. The company offers comprehensive services including concept development, implementation, and innovation in marketing communication, targeting retailers and brand owners globally. The website is professionally designed using WordPress with strong SEO practices and structured data, supported by Cloudflare CDN for performance and security. However, the site lacks a valid SSL certificate, which is a critical security vulnerability, and does not provide visible contact information or cookie consent mechanisms on the homepage. These issues reduce the overall security posture and privacy compliance of the website. The domain registration data is consistent with the business claims, indicating legitimacy and trustworthiness.

S

Strolz GmbH

strolz.at

0

Strolz GmbH is a well-established Austrian retail and rental company specializing in alpine sports equipment and fashion, with a history dating back to 1921. The company operates a multi-floor flagship store in Lech am Arlberg and offers a wide range of services including ski and snowboard rental, fitting, and bike rental. Their market position is that of a premium, exclusive provider catering to winter sports enthusiasts and fashion-conscious customers. Technically, the website employs modern JavaScript frameworks such as Vue.js, integrates with Google Analytics and Tag Manager, and uses a Magnolia CMS. However, a critical security gap exists due to the absence of a valid SSL certificate, exposing users to potential risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good GDPR compliance. Overall, the business demonstrates strong credibility and professionalism but must address its SSL/TLS configuration urgently to improve security posture and user trust.

REI is a well-established outdoor retail cooperative founded in 1938, offering a wide range of outdoor gear, clothing, and services including rentals, classes, and expert advice. The company operates both online and through physical stores, targeting outdoor enthusiasts and leveraging a membership co-op business model that fosters customer loyalty and community engagement. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site employs modern JavaScript frameworks like Vue.js, integrates advanced analytics and marketing tools such as Datadog RUM, Tealium, and Adobe Target, and is hosted on a robust CDN infrastructure via Akamai. However, the current SSL certificate is invalid or missing, which is a critical security concern that impacts the overall security posture. Security headers and content security policies are well implemented, but improvements in SSL configuration and session management are recommended. Privacy and cookie policies are present and indicate good compliance with GDPR and other regulations. Overall, REI's website demonstrates high professionalism and trustworthiness but requires urgent attention to SSL issues to ensure secure user interactions.

I

IC Group A/S

icgroup.net

0

IC Group A/S is a retail company specializing in fashion brands such as Tiger of Sweden and By Malene Birger. The company was publicly traded until 2019 when it was fully acquired by Friheden Invest A/S and subsequently delisted. The website serves primarily as a repository for historical financial statements, corporate responsibility reports, and data ethics documentation. The target audience includes investors, stakeholders, and customers interested in the company's brands and corporate governance. Technically, the website is built using the One.com Web Editor CMS and hosted on One.com infrastructure, with Apache and Varnish servers. However, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a significant security concern. No privacy or cookie policies are present, indicating potential compliance gaps with GDPR and other privacy regulations. Contact information is clearly provided, including emails, phone numbers, and physical addresses for IC Group and its brands. Overall, the website is functional but requires urgent security and privacy improvements to meet modern standards.

K

Kröswang GmbH

kroeswang.at

0

Kröswang GmbH operates as a leading Austrian wholesale supplier specializing in fresh and frozen food products for the gastronomy and retail sectors. The company maintains a strong market presence with multiple locations and a comprehensive online shop targeting business customers primarily in Austria and Germany. Their business model focuses on B2B supply with emphasis on freshness and quality, supported by a broad product range and reliable 24-hour delivery service. Technically, the website is built on TYPO3 CMS with modern marketing and analytics integrations, including Google Tag Manager and Hotjar, providing a solid digital infrastructure. However, the absence of a valid SSL/TLS certificate and lack of HTTPS severely undermines the security posture, exposing users and business operations to significant risks. While privacy and cookie policies are well implemented and GDPR compliant, the lack of published security policies and incident response mechanisms indicates room for improvement in governance. Overall, the site is professional and content-rich but requires urgent security upgrades to protect business and customer data effectively.

C

CHANEL

chanel.com

0

CHANEL is a globally recognized luxury brand specializing in fashion, accessories, beauty products, and fine jewelry. The website serves a worldwide audience with extensive localization and multilingual support, reflecting its enterprise-scale operations and market leadership in the retail luxury sector. The site content is professionally presented with good SEO practices and consistent branding. Technically, the website leverages modern JavaScript, Google Tag Manager for analytics, and OneTrust for cookie consent management, hosted on Akamai's CDN infrastructure. However, the critical absence of a valid SSL certificate and disabled TLS protocols severely undermine the security posture, exposing users to risks and potentially impacting trust. While security headers are implemented, the lack of HTTPS is a major vulnerability. Privacy compliance is partially addressed through cookie consent mechanisms, but no explicit privacy policy or terms of service were detected in the provided content. Overall, the website demonstrates strong business credibility and digital maturity but requires urgent remediation of its SSL/TLS configuration to meet security best practices and regulatory compliance.

G

Gelateria Romana - La Romana Srl

romanagroup.com

0

Gelateria Romana - La Romana Srl is a well-established Italian gelateria business founded in 1947, specializing in traditional gelato and pastry products with a franchising business model. The company targets entrepreneurs interested in franchising opportunities and consumers seeking quality artisanal gelato. The website reflects a consistent brand with good content quality and clear business information. Technically, the site uses a proprietary CMS (TITANKA!) with older JavaScript libraries and Bootstrap 3.2.0, indicating moderate digital maturity. However, the lack of HTTPS and modern TLS protocols is a critical security gap. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site is functional but requires urgent security improvements to protect user data and enhance trust.

A

Atlantic Grupa d.d.

atlanticgrupa.com

0

Atlantic Grupa d.d. is a prominent regional leader in the fast-moving consumer goods sector, specializing in the production and distribution of popular food and beverage brands across Southeast Europe. The company maintains a strong market position with a comprehensive distribution network and a focus on sustainability and corporate responsibility. Their website reflects a professional digital presence with detailed investor relations and sustainability content, targeting regional consumers, investors, and partners. Technically, the site leverages modern JavaScript frameworks such as Nuxt.js and Vue.js and is hosted behind Cloudflare, ensuring good performance and mobile optimization. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS configuration, exposing users to potential risks. Privacy and cookie policies are well implemented, indicating GDPR compliance. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and maintain trust.

T

Tenne Export-Import Handelsgesellschaft m.b.H.

tenne.at

0

Tenne Export-Import Handelsgesellschaft m.b.H. is a well-established Austrian retail company specializing in bathroom products and complete bathroom systems. With over 40 years of industry experience, the company operates multiple showrooms across Austria and offers an online shop, targeting both end consumers and business clients. Their product range includes bathroom furniture, fittings, tiles, showers, and accessories, supported by services such as online bathroom planning and mobile consultation. The company holds reputable certifications and awards, reinforcing its strong market position as a leading bathroom retailer in Austria. Technically, the website is built on WordPress with a variety of plugins including Yoast SEO, Borlabs Cookie for consent management, and Contact Form 7 for user interactions. The site uses Apache hosting likely provided by Telekom Austria. While the site is rich in content, well-structured, and optimized for SEO and mobile devices, it suffers from a critical security shortfall: the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Security-wise, the site lacks modern TLS protocols, HSTS headers, and email security measures such as DMARC and DNSSEC. However, it employs reCAPTCHA on forms and avoids known SSL vulnerabilities. Privacy compliance is strong with comprehensive policies and cookie consent mechanisms in place. Contact information is abundant and clearly presented, enhancing business credibility. Overall, the website is professional, content-rich, and trustworthy from a business perspective but requires urgent improvements in SSL/TLS configuration and security headers to protect user data and improve trustworthiness. Addressing these issues will elevate the site's security score and user confidence.

W

WeRetail GmbH

weretail.com

0

WeRetail GmbH is a small German-based company specializing in integrated travel retail and cross-border e-commerce solutions targeting Chinese tourists and customers. Their services include enabling businesses to accept mobile payments via Alipay and WeChat Pay, providing POS solutions with table reservation and menu pre-ordering, and offering cross-border logistics and VAT refund services. The company leverages popular Chinese social media platforms such as WeChat and Xiaohongshu for marketing and customer engagement. Technically, the website is built on WordPress using the Enfold theme and Avia framework, hosted likely on AWS infrastructure. While the site is well-structured and content-rich, it suffers from a critical lack of HTTPS, which severely impacts its security posture. Cookie consent mechanisms are implemented, but Google Analytics is installed without active configuration. Contact information is clearly provided, enhancing business credibility.

The website freywille.com is currently inaccessible due to a Cloudflare security challenge page that blocks content unless JavaScript and cookies are enabled. This prevents direct analysis of the website's content, metadata, and business information. The domain itself is mature, registered since 2005, with strong domain protection and consistent WHOIS data indicating a legitimate business presence. However, the lack of a valid SSL certificate and absence of HTTPS severely impacts the security posture. Security headers are present but insufficient without proper TLS encryption. No privacy, cookie, or terms of service policies are detectable in the accessible content, and no contact information or forms are visible. Overall, the website's technical infrastructure relies on Cloudflare for DNS and security, but the current configuration results in blocked content and poor user experience.

McArthurGlen operates as a leading European designer outlet shopping group with 23 locations across 8 countries, targeting fashion-conscious shoppers seeking significant discounts on luxury brands. The website reflects a professional retail business model focused on providing outlet shopping experiences, sustainability initiatives, and tax refund services for non-EU residents. Technically, the website uses modern JavaScript, Google Tag Manager, and Microsoft Application Insights for analytics, and is hosted behind Cloudflare. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. The site implements cookie consent mechanisms and privacy policies consistent with GDPR compliance but lacks visible contact information and security policies. Overall, the website is functional and well-branded but requires urgent improvements in security infrastructure.

R

Rupp Austria GmbH

rupp.at

0

Rupp Austria GmbH is a well-established cheese product manufacturer and retailer based in Austria with over 100 years of history. The company offers a variety of cheese products and engages consumers through recipes and branded content. The website is professionally designed, content-rich, and optimized for SEO with structured data and social media integration. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that undermines user trust and data protection. The site implements GDPR-compliant cookie consent mechanisms and provides comprehensive privacy and terms of service documentation. Overall, the business demonstrates strong market positioning in the retail cheese sector with a medium-sized operational scale.

B

Blue Tomato

blue-tomato.com

0

Blue Tomato is a well-established European e-commerce and retail company specializing in boardsport and lifestyle products including snowboarding, skateboarding, surfing, freeski, and streetwear. With over 30 years of experience and more than 70 physical shops across Europe, the company offers a comprehensive product range from over 500 brands, supported by community engagement and specialized services such as snowboard schools and rental shops. The website is professionally designed, highly localized, and optimized for performance and user experience across devices. Technically, the website employs modern web technologies including React and Preact frameworks, utilizes Cloudflare for hosting and security, and integrates advanced analytics and consent management tools. The site demonstrates good SEO and accessibility practices, ensuring broad reach and compliance with relevant regulations. From a security perspective, the site uses a valid SSL certificate but lacks modern TLS protocol support and some security headers like HSTS and OCSP stapling. No critical vulnerabilities were detected, but improvements are recommended to enhance security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, Blue Tomato presents a low-risk profile with strong business credibility, good technical infrastructure, and adequate security measures. Strategic recommendations include enhancing SSL/TLS configurations, enabling additional security headers, and implementing domain protection locks to further secure the domain registration.

The website coach.com is currently inaccessible due to a Web Application Firewall (WAF) or security mechanism blocking access, as evidenced by the Access Denied page and minimal HTML content. This prevents any direct analysis of the website's content, metadata, or business information. The domain itself is mature, registered since 1996, and protected with strong domain status settings, indicating a legitimate and established entity likely operating in the retail sector. The technical infrastructure includes Akamai CDN services and hosted email solutions, but the SSL/TLS configuration is severely lacking with no valid certificate or secure protocols enabled, posing significant security risks. Overall, the site’s security posture is weak due to missing HTTPS and modern security headers, and the performance is poor with very slow load times. Given the blocking, the analysis is limited and the overall risk assessment is elevated due to lack of accessible content and security deficiencies.

A

Amway Global

amwayglobal.com

0

AmwayGlobal.com serves as the official digital presence of Amway Corporation, a globally recognized leader in direct selling and wellness products. The website effectively communicates the company's extensive product portfolio, business opportunities, and corporate social responsibility initiatives, targeting health-conscious consumers and entrepreneurs worldwide. The site demonstrates a mature digital infrastructure leveraging WordPress CMS, modern JavaScript libraries, and performance optimization tools, ensuring a good user experience across devices. However, the absence of a valid SSL certificate and disabled TLS protocols represent significant security gaps that undermine the site's secure communication capabilities. While security headers and privacy policies are well implemented, the lack of HTTPS is a critical issue that should be addressed promptly. Overall, the website reflects a reputable enterprise with strong branding and compliance posture but requires urgent improvements in its SSL/TLS configuration to enhance trust and security.

S

SCHMIDT Groupe

cuisines-schmidt.com

0

SCHMIDT Groupe operates a comprehensive and professionally designed website focused on custom interior design solutions including kitchens, furniture, and bathrooms. The company is a leading French manufacturer with a strong market position and a large-scale retail business model. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, extensive use of analytics and marketing tools, and a clear focus on user experience and mobile optimization. However, a critical security gap exists due to the absence of a valid SSL certificate and proper HTTPS configuration, which significantly impacts the security posture and trustworthiness of the site. Privacy and cookie policies are well implemented, indicating good compliance with GDPR requirements. Overall, the site is content-rich and trustworthy but requires urgent remediation of its SSL/TLS configuration to meet modern security standards.

Prime Signs Ltd is a small New Zealand-based company specializing in commercial signage and sign writing services primarily serving the Auckland region. With over 18 years of industry experience, the company offers a wide range of signage solutions including building signage, safety signs, illuminated signage, vehicle graphics, and promotional displays. The website reflects a professional and consistent brand presence with clear service offerings and contact information. Technically, the site is built on WordPress with common plugins for SEO, galleries, and social sharing, indicating a moderate level of digital maturity. However, the absence of HTTPS and critical security headers represents a significant security risk. Privacy compliance is lacking as no privacy or cookie policies are present. Overall, the business appears legitimate and established, but the website's security posture requires urgent improvement to protect user data and build trust.

P

POS Service Group

pos-sg.com

0

POS Service Group is a well-established service provider specializing in on-site repair and cleaning of upholstery, furniture, and related household items. With over 35 years of experience, the company holds a strong market position as a European leader in full-service on-site upholstery and furniture care, serving both private and business customers primarily in Germany and neighboring countries. Their key services include repair, cleaning, 3D laser measurement, and burglary protection, supported by a network of service technicians across multiple countries. Technically, the website uses modern front-end technologies and is mobile-optimized, but suffers from a critical lack of valid SSL/TLS certification, which severely impacts security posture. Security headers are present but cannot compensate for the absence of HTTPS. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is high, supported by certifications and professional content. Overall, the website is functional and professional but urgently needs to address SSL/TLS issues to improve security and trust.

Dyson's Finnish website presents a professional and well-structured digital storefront focused on retailing advanced home and personal care technology products. The site targets Finnish consumers with localized content, multiple product categories, and comprehensive customer support options including phone and chat. Technically, the site leverages Adobe Experience Manager CMS, Akamai CDN, and integrates marketing and analytics tools such as Adobe Launch, Google Analytics, and New Relic. However, a critical security weakness is the absence of a valid SSL certificate and enabled TLS protocols, severely impacting the site's security posture. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy practices. Business information aligns with Dyson's global brand, reinforcing trust. Overall, the site is functional and user-friendly but requires urgent security improvements to protect user data and maintain trust.

B

Burton Snowboards

burton.com

0

Burton Snowboards is a well-established leader in the snowboarding retail industry, offering a comprehensive range of products including snowboards, boots, bindings, apparel, and accessories. Founded in 1977, the company has a strong brand presence and a loyal customer base, supported by a professional e-commerce platform that targets snowboarding enthusiasts and outdoor sports consumers. The website demonstrates excellent content quality, clear navigation, and consistent branding, reflecting a mature digital presence. Technically, the site leverages modern e-commerce technologies such as Salesforce Commerce Cloud (Demandware), Cloudflare CDN, and integrates multiple marketing and analytics tools including Google Analytics, OneTrust, and Yotpo. However, the current SSL certificate is invalid or missing, which poses a critical security risk and impacts user trust. Security headers are implemented but HSTS is not fully enabled, indicating room for improvement in HTTPS enforcement. Privacy compliance is strong with clear policies and consent mechanisms in place. Overall, the website is professional and trustworthy but requires urgent attention to SSL configuration to enhance security posture.

A

ANWR Norden AB

anwr.se

0

ANWR Norden AB operates as a leading organization in the voluntary shoe retail sector in the Nordic region, founded in 1919 in Hamburg, Germany. The company connects shoe retailers with top brands and offers a portfolio of services tailored to the needs of trade and industry, including financial services through its own bank, DZB Bank. The website reflects a medium-sized enterprise with a clear business model focused on membership services and retail support. Technically, the website uses standard web technologies and a consent management platform but suffers from slow load times and lacks modern CMS or frameworks. Security posture is weak due to the absence of a valid SSL certificate and modern TLS protocols, despite the presence of HSTS headers. The lack of DMARC, DNSSEC, and other DNS security features further reduces security maturity. Privacy compliance is basic with a privacy policy present but no strong GDPR indicators. Overall, the site is functional but requires significant improvements in security and performance to meet modern standards.

B

Bose

bose.com

0

Bose.com is the official e-commerce website of Bose Corporation, a leading premium audio equipment brand. The site offers a wide range of products including headphones, earbuds, speakers, soundbars, and home theater systems, targeting consumers seeking high-quality audio solutions. The business model focuses on direct-to-consumer sales supported by comprehensive customer service and product support. The website demonstrates a strong brand presence with consistent messaging and professional design, reflecting Bose's market position as a trusted leader in the audio retail sector. Technically, the website is built on Salesforce Commerce Cloud, hosted on AWS infrastructure, and integrates multiple modern marketing and analytics technologies such as Google Tag Manager, Bazaarvoice, Qualtrics, and Forter. While the site is mobile-optimized and accessible, performance is somewhat slow, and there is room for improvement in technical implementation, particularly in SSL configuration and security headers. From a security perspective, the site currently lacks a valid SSL certificate, which is a critical issue impacting user trust and data protection. No security headers are detected, and advanced security policies or incident response information are not publicly available. Privacy and cookie policies are present and include consent mechanisms, indicating good privacy compliance. WHOIS data confirms the domain's legitimacy and consistency with the brand's identity. Overall, Bose.com is a professionally managed, content-rich e-commerce platform with strong business credibility but requires urgent improvements in SSL and security configurations to enhance its security posture and user trust.

N

Nutrimetics

nutrimetics.com.au

0

Nutrimetics is a well-established beauty brand specializing in naturally enriched, cruelty-free skincare, makeup, body, and wellness products. The company operates primarily in Australia, New Zealand, and Greece, leveraging a direct sales model supported by a network of consultants and an e-commerce platform. The website reflects a mature digital presence with comprehensive content, strong branding, and active social media engagement, targeting beauty consumers and potential consultants. Technically, the website is built on WordPress with modern frameworks like AngularJS and Bootstrap, hosted on WP Engine and served via Cloudflare CDN. While the site is well-structured and optimized for SEO and mobile responsiveness, it suffers from a critical security issue: the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Security headers are properly configured, and privacy policies are comprehensive and GDPR-compliant. However, the lack of a cookie consent mechanism and modern TLS protocols reduces overall compliance and security scores. The site integrates marketing and analytics tools such as Google Tag Manager and Klaviyo, indicating moderate user tracking. Overall, Nutrimetics presents a professional and trustworthy online presence with strong business credibility but must urgently address its SSL/TLS deficiencies to enhance security and user trust.

SALT. Optics is a premium eyewear brand specializing in high-quality sun and optical glasses, leveraging Japanese craftsmanship and luxury materials. The company operates primarily through an e-commerce platform powered by Shopify, targeting consumers who value timeless design and superior lens technology. The website is professionally designed with clear navigation, product showcases, and informative content including blog posts and company philosophy. Technically, the site uses modern web technologies and integrates multiple marketing and analytics tools, but lacks a valid SSL certificate, which critically impacts its security posture. Security headers are well implemented, but the absence of HTTPS undermines user trust and data protection. Privacy and cookie policies are present, indicating some compliance with GDPR and related regulations. Overall, the site presents a moderate risk due to missing HTTPS, but otherwise demonstrates a solid business and technical foundation.

B

BESTSELLER

bestseller.com

0

BESTSELLER is a well-established international fashion retailer with a broad global footprint, operating over 2,800 stores and multiple brands. The company targets a diverse consumer base with fashionable apparel and accessories. The website demonstrates good digital maturity with modern technologies such as Google Tag Manager, Umbraco CMS, and a comprehensive cookie consent mechanism. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. The site is well-structured, accessible, and SEO-optimized, with active social media engagement. Privacy compliance is strong with detailed cookie and privacy policies aligned with GDPR requirements. WHOIS data confirms the domain's maturity and legitimacy. Strategic improvements in security posture are essential to elevate the overall risk profile.

D

dm drogerie markt

dm-drogeriemarkt.at

0

dm drogerie markt is a leading retail company in Austria specializing in drugstore products with a strong online presence. The website serves as a platform for product search, store availability, and customer engagement, targeting Austrian consumers. The technical infrastructure leverages modern JavaScript frameworks and integrates multiple third-party services for analytics, marketing, and user consent management. However, the website currently lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are well implemented, but the absence of HTTPS severely impacts the overall security posture. Privacy compliance is minimal with no detected privacy or cookie policies in the provided content. Business credibility is strong given the consistent domain registration and professional website design.

S

SanLucar Fruit S.L.U.

sanlucar.com

0

SanLucar Fruit S.L.U. is a well-established company specializing in fresh fruits, vegetables, and related products, with a strong emphasis on quality, sustainability, and natural health benefits. The website reflects a mature digital presence with comprehensive product categories, corporate responsibility initiatives, and multilingual support targeting consumers and business partners globally. Technically, the site is built on WordPress with modern plugins and a reputable theme, offering good SEO and user experience. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to potential risks and undermining trust. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant, supporting responsible data handling. Overall, while the business and content quality are high, urgent improvements in SSL/TLS implementation are necessary to enhance security and user trust.

G

Grassfish

grassfish.com

0

Grassfish is a mature and established digital in-store platform and consulting company headquartered in Sweden, with additional presence in Austria. The company offers a comprehensive suite of digital signage and customer experience solutions tailored for retail brands and stores, positioning itself as the leading digital in-store platform in Europe trusted by over 500 brands. Their business model combines a SaaS platform with strategic, technical, and operational consulting services, targeting brands seeking to enhance their physical retail environments with digital innovation. Technically, the website is built on WordPress, leveraging modern web technologies and CDNs for content delivery, but currently suffers from critical SSL/TLS misconfigurations that undermine secure communications. The security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocols, posing significant risks to data confidentiality and user trust. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies aligned with GDPR requirements. Overall, while the business and content quality are excellent, the critical security gaps notably reduce the website's trustworthiness and require urgent remediation. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enhancing security headers and session management to safeguard user data and maintain compliance.

S

SPAR International

spar-international.com

0

SPAR International is a well-established global voluntary food retail group founded in 1932, operating over 13,900 stores across 48 countries. The business model focuses on licensed wholesalers and retailers working in partnership to deliver diverse store formats and retail solutions. The website reflects a mature digital presence with comprehensive content, clear navigation, and a focus on partner engagement and responsible retailing. Technically, the site is built on WordPress with common plugins and libraries, but suffers from significant security shortcomings including lack of a valid SSL certificate and DNS configuration issues. Privacy compliance is well addressed through Cookiebot consent management and a comprehensive privacy policy. However, the absence of HTTPS and security headers poses risks to user data and trust. Overall, the site is professional and content-rich but requires urgent security improvements to align with best practices and user expectations.

K

Kering Eyewear S.p.A.

keringeyewear.com

0

Kering Eyewear S.p.A. is a prominent luxury eyewear company operating under the global Kering Group umbrella. Established in 2014 and headquartered in Italy, it designs, develops, and distributes eyewear for a portfolio of 14 prestigious brands, including proprietary and licensed luxury houses. The company positions itself as a market leader in the luxury eyewear segment, targeting discerning consumers and industry partners. The website reflects a high level of professionalism with rich multimedia content, clear navigation, and consistent branding across multiple languages and regions. Technically, the site leverages modern JavaScript libraries, Google Tag Manager for analytics, and OneTrust for cookie consent, hosted on Microsoft Azure infrastructure. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy and cookie policies are well implemented, indicating good GDPR compliance. Contact information is available, though no phone numbers are explicitly provided. Overall, the site demonstrates strong business credibility but requires urgent security improvements to meet modern standards.

G

Geiger.com

geiger.com

0

Geiger.com is a large, family-owned US-based distributor specializing in promotional products, corporate gifts, and imprinted apparel. The company positions itself as the largest family-owned promotional product distributor in the US, serving a broad business audience with a comprehensive product catalog and services including custom products, kitting, corporate programs, and expos. The website reflects a mature digital presence with extensive product categories, client brand logos, and active social media engagement. Technically, the website uses modern JavaScript frameworks such as Vue.js and Bootstrap 5, hosted likely on AWS infrastructure. Marketing and analytics tools include Google Tag Manager, Google Analytics, Osano CMP for consent management, Filestack for file handling, and Searchspring for search functionality. The site is mobile-optimized and accessible with good SEO practices, though performance metrics indicate slow loading. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. While some security headers are present, key TLS protocols and best practices like HSTS, OCSP stapling, and session resumption are not enabled. No incident response or vulnerability disclosure policies are found. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professionally designed and credible from a business standpoint but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include immediate SSL/TLS deployment, enabling modern security headers and protocols, implementing cookie consent, and publishing incident response information.

G

Globo Lighting

globo-lighting.com

0

Globo Lighting is a well-established European retailer specializing in a wide range of lighting products, including indoor and outdoor lamps, ceiling lights, wall lights, and decorative lighting solutions. With over 25 years of market presence and multiple physical showrooms, the company offers a comprehensive e-commerce platform with detailed product information and multiple language support. The technical infrastructure is based on modern technologies such as Shopware CMS and is hosted on Google Cloud, but lacks a valid SSL certificate, resulting in an insecure HTTP-only connection. Security headers are properly configured, but the absence of HTTPS significantly weakens the security posture. Privacy and cookie policies are present and include consent mechanisms, indicating good compliance with GDPR requirements. The domain is mature and registered consistently with the business profile, enhancing trustworthiness. Overall, the website provides an excellent user experience and professional content but requires urgent security improvements to protect user data and enhance trust.

C

Chrisanne Clover

chrisanne.com

0

Chrisanne Clover operates a professional e-commerce platform specializing in premium dancewear, including competition couture, practice wear, fabrics, and crystals. The company targets dancers and dance enthusiasts, offering bespoke couture services and a wide product range. The website is built on Magento and hosted behind Cloudflare, leveraging modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Cookiebot for privacy compliance. However, the site lacks a valid SSL certificate and does not support modern TLS protocols, which significantly weakens its security posture. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the business presents itself as a reputable and established player in the dancewear retail sector, but urgent improvements in security infrastructure are recommended to protect customer data and enhance trust.

E

Eti

etietieti.com

0

Eti is a well-established Turkish food manufacturing company with a strong market presence and a diverse product portfolio including biscuits, chocolates, and health-oriented food products. The website serves as a comprehensive corporate portal providing product information, recipes, corporate governance details, career opportunities, and social responsibility initiatives. The site targets consumers interested in quality food products and healthy nutrition, leveraging a consistent brand identity and multiple language options for international reach. Technically, the website is built on ASP.NET WebForms and uses modern JavaScript libraries for UI enhancements. However, performance metrics are lacking and the site suffers from a critical security issue: the absence of a valid SSL certificate and HTTPS support, which significantly impacts user trust and security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR requirements. Social media integration and partner links enhance the brand's digital ecosystem. Overall, Eti's website is professional and content-rich but requires urgent security improvements to meet modern standards.

H

Hartlauer Handelsgesellschaft m.b.H.

hartlauer.at

0

Hartlauer Handelsgesellschaft m.b.H. operates a large retail and e-commerce platform focused on optics, photography, mobile phones, and hearing aids in Austria. With over 160 physical stores and a comprehensive online shop, it serves a broad consumer base with premium products and services including free eye tests and hearing aid trials. The website is professionally designed with excellent content quality and user experience, supported by a modern technology stack primarily based on Salesforce Commerce Cloud and integrated marketing and analytics tools. However, a critical security issue is present due to the lack of a valid SSL certificate and absence of HTTPS, severely impacting the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, and the company demonstrates strong business credibility with clear contact information and trust seals. Strategic security improvements are urgently needed to protect user data and maintain trust.

ZEGNA.com is the official online store for the luxury menswear brand ZEGNA, targeting discerning male customers seeking high-end designer clothing and accessories. The website offers a comprehensive product catalog with a strong focus on user experience, supported by modern web technologies such as Vue.js and Akamai CDN for performance and scalability. The site integrates multiple marketing and analytics tools to optimize customer engagement and business intelligence. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the security posture and trustworthiness of the platform. Legal and privacy policies are well documented and accessible, indicating good compliance with GDPR and related regulations. Overall, the site presents a professional and trustworthy e-commerce experience but requires urgent remediation of its SSL/TLS configuration to meet modern security standards.

R

rieg marketing

rieg-marketing.de

0

rieg marketing is a small German marketing consultancy specializing in creative marketing, communication, and promotional services primarily for the sporting goods, marine, and fashion industries. The company offers tailored marketing strategies, project management, public relations, promotions, and visual merchandising services. The website is built on WordPress and uses common plugins such as Contact Form 7 and Cookie Law Info for user interaction and compliance. While the website content is professional and well-structured, the technical infrastructure lacks a valid SSL certificate, resulting in no HTTPS support, which is a significant security concern. Cookie consent mechanisms and a privacy policy compliant with GDPR are present, indicating attention to privacy compliance. However, no incident response or security policy information is provided, and no terms of service page is found.

C

Campofrío Food Group, S.A.U

campofrio.es

0

Campofrío Food Group, S.A.U is a well-established Spanish company specializing in the production and commercialization of meat products. It holds a strong market position in Spain with a diverse portfolio of brands and products, focusing on quality, innovation, and sustainability. The website demonstrates a high level of content quality, with detailed product information, recipes, and corporate social responsibility initiatives. Technically, the site uses modern frameworks such as Next.js and Drupal CMS, ensuring good mobile optimization and user experience. However, the absence of a valid SSL certificate significantly impacts the security posture, reducing the overall security score. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, reflecting a mature approach to data protection. The company is part of the larger Sigma Alimentos group, with several subsidiary brands and dedicated service platforms. Overall, the website is professional and trustworthy but requires urgent attention to its SSL configuration to enhance security and user trust.

M

Mons Royale

monsroyale.com

0

Mons Royale is a specialized e-commerce retailer offering high-performance merino wool apparel targeting outdoor and active lifestyle consumers. The company emphasizes sustainability and natural performance materials, positioning itself as a niche brand with a global presence through regional subdomains. Technically, the website is built on the Shopify platform with a modern tech stack including jQuery, GSAP, and various marketing and analytics integrations. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which undermines user trust and data security. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism despite extensive tracking. Business credibility is supported by consistent branding, social media presence, and B Corp certification. Overall, the site is professional and content-rich but requires urgent security improvements to meet industry standards.

I

Italoffice Büromöbel

italoffice.at

0

Italoffice is a small Austrian retail business specializing in high-quality office furniture, including ergonomic chairs, height-adjustable desks, conference furniture, and acoustic solutions. The company targets businesses and individuals in Vienna and Lower Austria, offering personalized consultation, delivery, and assembly services. The website is professionally designed using WordPress, WooCommerce, and Elementor, providing a comprehensive product catalog and clear contact options. However, the absence of a valid SSL certificate and HTTPS significantly impacts the security posture, exposing users to potential risks. Privacy and cookie policies are present and GDPR compliant, indicating good privacy awareness. Overall, the business appears legitimate and well-positioned in its niche, but security improvements are critical to protect customer data and enhance trust.

R

ReinZeit Handels GmbH

reinzeit.com

0

ReinZeit Handels GmbH is an Austrian retail company specializing in eco-friendly cleaning and wellness products, including microfiber cloths, cleaners, laundry detergents, and wellness aroma products. The company emphasizes social responsibility, environmental protection, and Austrian quality standards, targeting consumers interested in sustainable and socially responsible products. Their business model includes direct sales through consultants and an online shop, supported by active social media channels and marketing efforts. Technically, the website is built on WordPress with WooCommerce, using popular plugins such as Yoast SEO and Borlabs Cookie for SEO and privacy compliance. The site is hosted on an Austrian IP and uses Apache server technology. However, performance metrics are not available, and the site is moderately optimized for mobile devices. From a security perspective, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical vulnerability. Although some security headers like HSTS and X-Frame-Options are present, the absence of TLS protocols and strong cipher suites significantly weakens the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professionally designed and trustworthy from a business perspective but requires urgent improvements in SSL/TLS security to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and enhancing security best practices.