Security Directory

Edgewell Personal Care operates a global corporate website showcasing its portfolio of personal care brands. The site targets consumers and stakeholders interested in the company's products, culture, and sustainability efforts. Technically, the site is built on Shopify with Cloudflare CDN and security services, leveraging modern web technologies and cookie consent mechanisms. However, a critical security weakness is the absence of a valid SSL certificate and disabled TLS protocols, which undermines secure communications. Privacy compliance is well addressed with OneTrust cookie consent and GDPR indicators. Overall, the site presents a professional and trustworthy business image but requires urgent remediation of SSL and TLS issues to ensure secure user interactions.

K

KIWI Norge AS

kiwi.no

0

KIWI Norge AS operates a large grocery retail chain in Norway with nearly 700 stores, targeting Norwegian consumers seeking affordable and convenient grocery shopping. The website provides rich content including store locators, customer magazines, and loyalty program information (KIWI PLUSS). Technically, the site is built on ASP.NET MVC with AngularJS and integrates multiple third-party services such as Google Analytics and Piwik Pro for analytics and marketing. The site is hosted on Microsoft Azure and uses modern web technologies but lacks a valid SSL certificate, resulting in insecure HTTP connections. Security headers like Content-Security-Policy are present but could be hardened further. Privacy and cookie policies are comprehensive and GDPR compliant, linked to the trusted trumf.no domain. Contact information is clearly provided with phone numbers and physical address, and social media presence is active. Overall, the site is professional and trustworthy but has a critical security gap due to missing HTTPS.

ready2order GmbH is a medium-sized Austrian company providing cloud-based, finance-compliant cash register and POS systems tailored for small businesses in retail, gastronomy, and service sectors. Their offerings include software subscriptions and proprietary hardware, with a strong emphasis on compliance with Austrian RKSV regulations and ease of use. The website is professionally designed, content-rich, and targets small business owners seeking modern, flexible POS solutions. Technically, the site uses modern frameworks like Gatsby and React and is hosted behind Cloudflare DNS, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Security posture is weak due to missing HTTPS and security headers, exposing users to potential risks. Privacy compliance is adequate with visible privacy and cookie policies, but no explicit security or incident response policies are found. Overall, the business appears legitimate and well-positioned in its market, but urgent improvements in SSL/TLS configuration and security practices are recommended to enhance trust and protect users.

COS is a well-established international fashion brand specializing in modern, sustainable wardrobe essentials for women and men. The website reflects a strong brand identity with comprehensive content, multi-market localization, and a focus on sustainability. The technical infrastructure is modern, leveraging Next.js and React frameworks, hosted via Akamai CDN, and integrated with Storyblok CMS. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support and disabled TLS protocols, which severely impacts the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Business credibility is high due to consistent branding, social media presence, and comprehensive legal documentation. Strategic improvements in security infrastructure are essential to protect user data and enhance trust.

R

retailsolutions AG

retailsolutions.ch

0

retailsolutions AG is a leading SAP Retail consulting firm in Europe, specializing in digital transformation, forecasting, omnichannel customer centricity, and analytics solutions. With over 350 employees and multiple international offices, the company supports retail clients worldwide in implementing SAP projects with a focus on sustainable and future-proof IT solutions. The website reflects a professional and content-rich digital presence, leveraging TYPO3 CMS and modern web technologies to deliver a good user experience and clear navigation. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts the security posture and user trust. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business credibility and content quality are high, but urgent improvements in security infrastructure are necessary to protect users and enhance trust.

S

Schäfer Shop Deutschland

schaefer-shop.de

0

Schäfer Shop Deutschland is a well-established e-commerce retailer specializing in office furniture, office supplies, and warehouse equipment, serving primarily business customers across Europe. With over 50 years of experience, the company offers a comprehensive product range exceeding 85,000 items, emphasizing quality, service, and fast delivery. The website reflects a mature digital presence with professional design, clear navigation, and multi-language support for various European markets. Technically, the site employs modern marketing and analytics tools including Usercentrics for consent management, Google Tag Manager, and Adobe Experience Cloud, ensuring compliance with privacy regulations and effective user tracking. However, a critical security concern is the absence of a valid SSL certificate and lack of HTTPS support, which significantly undermines the site's security posture and user trust. Despite this, the site maintains strong trust indicators such as ISO certifications, Trusted Shops membership, and sustainability awards. Overall, while the business and technical maturity are high, immediate remediation of SSL/TLS issues is essential to secure the platform and protect customer data.

Josef Thurner Holz GmbH operates as a medium-sized wood trading company based in Austria, specializing in both international and retail wood commerce, including wood mediation services. The company is positioned as the largest wood market in the Carinthia and East Tyrol regions, offering a broad range of wood products such as construction timber, laminated wood, biofuels, and wood protection products. Their business model combines wholesale, retail, and online sales channels, targeting both business clients and consumers interested in wood products. Technically, the website employs legacy technologies like jQuery and custom PHP-based CMS, hosted likely by A1.net, but suffers from slow performance and basic mobile optimization. Critically, the site lacks a valid SSL certificate and HTTPS support, which severely impacts its security posture. While privacy compliance is addressed with a cookie consent banner and a privacy policy, the absence of a security policy or incident response information indicates gaps in security maturity. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

P

Paul Lange Austria

thalinger-lange.com

0

Paul Lange Austria operates as a specialized wholesaler and supplier for the Austrian bicycle and fishing retail markets, providing a wide range of accessories and components from well-known brands such as Shimano. The company supports its dealer network with training, catalogs, and online portals, positioning itself as a key regional player with a professional digital presence. The website is built on WordPress with Elementor and incorporates modern SEO and UI tools, reflecting a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture, exposing users to risks and potentially impacting trust. While cookie consent mechanisms and privacy policies are in place, the lack of advanced security headers and modern TLS protocols indicates room for improvement in security practices. Overall, the business appears legitimate and well-established, but urgent remediation of SSL/TLS issues is recommended to enhance security and compliance.

A

Akris CH

akris.ch

0

Akris CH operates a professional luxury fashion e-commerce website targeting women in Switzerland and Liechtenstein. The site offers high-end designer clothing and handbags, positioning itself as a premium brand with a consistent and elegant online presence. The business leverages Shopify as its platform, integrating advanced search (Algolia), marketing tools (Cookiebot, Mailchimp), and customer engagement features (Wishlist King, Globo Form Builder). The website content is rich, well-structured, and professionally designed, providing a seamless user experience with clear navigation and mobile optimization. Technically, the site is built on a modern e-commerce stack with Shopify hosting behind Cloudflare CDN. It uses multiple third-party scripts for analytics, marketing, and customer interaction. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS encryption and no enabled TLS protocols. This severely impacts the security posture and user trust, despite the presence of strong security headers and content security policies. Privacy compliance is well addressed with explicit privacy and cookie policies, GDPR consent mechanisms, and transparent data collection practices. Contact information is available primarily via contact forms and multiple regional email addresses, supporting customer service and boutique inquiries. Overall, while the business and technical maturity are strong, the lack of proper SSL/TLS configuration is a major risk that must be remediated urgently to protect customer data and maintain brand reputation.

Wolford operates an international e-commerce retail website specializing in fashion products, targeting multiple countries with localized language versions. The site is built on Salesforce Commerce Cloud (Demandware) and uses modern web technologies including Google Fonts, Google reCAPTCHA, and Usercentrics for cookie consent management. Cloudflare is used as a hosting and CDN provider. However, the website lacks a valid SSL/TLS certificate, resulting in no proper HTTPS support, which is a critical security concern. The site implements some security headers but misses important configurations such as HSTS and OCSP stapling. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Contact information and security policies are not found in the analyzed content, reducing transparency and trust. Overall, the website demonstrates a basic level of technical and business maturity but requires significant improvements in security and privacy compliance to meet modern standards.

G

Glory Global Solutions (International) Limited

glory-global.com

0

Glory Global Solutions (International) Limited is a global enterprise specializing in cash automation and management solutions across multiple industries including retail, financial institutions, hospitality, gaming, and CIT cash centers. The company positions itself as a market leader with a comprehensive portfolio of products and services designed to enhance customer experience and operational efficiency. The website is professionally designed, content-rich, and targets B2B customers seeking advanced cash handling technologies. Technically, the site leverages modern frameworks such as Next.js and Sitecore CMS, hosted on Vercel, ensuring a good digital maturity level. However, the security posture is weakened by the absence of a valid SSL certificate and incomplete HTTPS implementation, which poses risks to user trust and data security. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates high business credibility but requires urgent security improvements to align with best practices.

D

DIE KÄSEMACHER GmbH

kaesemacher.at

0

Die Käsemacher GmbH is a small Austrian specialty food manufacturer focused on producing high-quality cheese and antipasti products using traditional methods and sustainable milk production. The company operates a well-structured website with a comprehensive product catalog and an online shop subdomain, targeting both end consumers and B2B partners. Technically, the website is built on the concrete5 CMS platform and uses modern JavaScript libraries to enhance user experience and mobile responsiveness. However, the absence of HTTPS is a critical security flaw that significantly impacts the site's security posture. While cookie consent mechanisms and privacy policy references exist, formal security policies and incident response contacts are not found. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to protect user data and build trust.

N

NovaTaste Austria GmbH

wiberg.eu

0

WIBERG, operated by NovaTaste Austria GmbH, is a well-established international spice and culinary product supplier targeting professional chefs, gastronomy, and catering sectors. The company offers a comprehensive range of high-quality products, supported by a professional and content-rich website that includes detailed product information, recipes, and sustainability commitments. Technically, the website is built on modern frameworks such as Next.js and React, hosted likely on Microsoft Azure, and demonstrates good design and user experience. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. While several security headers are implemented, the lack of HTTPS undermines these protections. Privacy compliance is good with a comprehensive privacy policy, but no explicit cookie consent mechanism was detected. Overall, the website is credible and professional but requires urgent security improvements to protect user data and enhance trust.

Jacobs Douwe Egberts is an established enterprise-level company operating in the retail sector, specializing in coffee and related consumer goods. The website presents a professional corporate image with clear branding and content focused on product portfolio, sustainability, careers, and corporate responsibility. The target audience includes consumers, job seekers, and stakeholders interested in corporate responsibility. The business model centers on product sales and brand reputation in the global coffee market. Technically, the website uses a modern CMS platform (Episerver) and integrates analytics and tag management tools such as Microsoft Application Insights and Google Tag Manager. However, the site suffers from slow load times and lacks a valid SSL certificate, which impacts user trust and security. Mobile optimization and SEO are adequately addressed, but accessibility is basic. From a security perspective, the absence of HTTPS and security headers is a critical vulnerability. The DNS configuration lacks DNSSEC and CAA records, and no advanced security policies or incident response contacts are published. Cookie consent is implemented via OneTrust, indicating some privacy compliance efforts. Overall, the website is functional and professional but requires urgent improvements in security infrastructure, particularly enabling HTTPS and adding security headers. Performance optimization is also recommended to enhance user experience and trust.

Schullin Wien is a well-established luxury jewelry and watch retailer based in Vienna, Austria, with a rich family tradition dating back to 1802 and formal business founding in 1974. The company specializes in fine jewelry design and manufacturing, luxury watch sales including Rolex, and certified pre-owned Rolex watches. Their market position is strong within the luxury retail sector, targeting affluent customers seeking unique and high-quality pieces. The website reflects a mature digital presence with multilingual support, rich content, and integration of modern web technologies such as WordPress, WooCommerce, Alpine.js, and Swiper.js. Marketing and analytics tools like Google Analytics, Facebook Pixel, and Adobe Analytics are actively used with GDPR-compliant cookie consent mechanisms in place. However, the security posture is significantly weakened by the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical vulnerability that undermines user trust and data protection. The site employs standard security headers but lacks advanced protections such as HSTS and OCSP stapling. Overall, the business credibility and content quality are high, but urgent remediation of SSL/TLS issues is necessary to ensure secure user interactions and compliance with best practices.

H

HOLZWURM Werkzeuge

holzwurm-werkzeuge.de

0

HOLZWURM Werkzeuge is a small Austrian e-commerce business specializing in selling creative tools for hobbyists and crafters, primarily via online marketplaces such as Amazon and Etsy, as well as their own WooCommerce-based shop. Founded in 2017, the company emphasizes quality and customer satisfaction, targeting a broad audience of creative individuals. The website is built on WordPress with WooCommerce and uses modern web technologies and marketing tools including Cookiebot for consent management and Facebook Pixel for tracking. However, the site lacks a valid SSL certificate, exposing visitors to security risks and undermining trust. Privacy policies and terms of service are present and GDPR compliance is partially addressed through cookie consent mechanisms. Contact information is complete and transparent, supporting business credibility.

M

MPG GmbH

michael-pachleitner-group.com

0

MPG GmbH is an established Austrian eyewear company specializing in manufacturing and retail of optical frames and lenses, serving both B2B and B2C markets. The company operates multiple subsidiaries and maintains a professional online presence with multilingual support and structured data. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating marketing tools such as Google Tag Manager and Facebook Pixel. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the business demonstrates credibility and maturity, but security posture requires urgent improvement to align with best practices.

L

Lidl Österreich

lidl.at

0

Lidl Österreich operates a comprehensive retail website offering a wide range of products including food, household items, garden supplies, fashion, and more. The site features extensive promotional content, including weekly offers and loyalty programs such as Lidl Plus. The company holds a strong market position in Austria as a leading discount supermarket chain, supported by a consistent and professional brand presence. Technically, the website employs modern technologies like Vue.js and is hosted on a robust infrastructure with Akamai DNS services. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Despite this, the site implements several security headers and content security policies, indicating a focus on security best practices. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, the site is professional and trustworthy but must urgently address the SSL deficiency to ensure secure user interactions.

D

Dorotheum GmbH & Co KG

dorotheum.com

0

Dorotheum GmbH & Co KG operates the largest auction house in Central Europe, specializing in art, antiques, jewelry, and collectibles with over 300 years of experience. The company holds numerous auctions annually, both online and in physical salerooms, and offers additional services such as private sales and expert consultations. The website is professionally designed, content-rich, and targets collectors, buyers, and sellers in the art and luxury goods market primarily in Austria and surrounding regions. Technically, the site is built on TYPO3 CMS with modern frontend libraries and integrates analytics and marketing tools like Google Tag Manager and Facebook Pixel. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent improvements in security posture to protect user data and enhance trust.

S

Stefanel

stefanel.com

0

Stefanel is a European retail and e-commerce brand specializing in women's fashion, operating a multi-country website with localized country selectors. The business targets European consumers seeking stylish women's clothing. The website is built on the Salesforce Commerce Cloud (Demandware) platform and uses various marketing and analytics tools including Google Tag Manager, CQuotient, and LiveStory. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security flaw. Privacy compliance is partially addressed with a OneTrust cookie consent mechanism, but no privacy policy or terms of service are found on the splash page. Contact information is also absent, limiting user trust and support options.

H

HANRO

hanro.com

0

HANRO is a well-established luxury brand specializing in premium underwear, nightwear, and loungewear for both women and men, with a history dating back to 1884. The company operates a global retail and e-commerce presence, offering high-quality products certified by OEKO-TEX standards and emphasizing sustainable European production. Technically, the website is built on Magento 2 and uses modern marketing and consent management tools, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security flaw. Privacy compliance is strong with clear policies and consent mechanisms. Security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Overall, the site is professional and trustworthy but urgently needs to address its SSL and security header deficiencies to improve user trust and security.

M

Melitta

melitta.com

0

Melitta is a well-established company specializing in coffee products and related services, operating a professional website that serves both consumers and B2B partners. The site provides comprehensive information about the company, its sustainability initiatives, and customer service options, supported by a consistent brand presence and active social media engagement. The technical infrastructure leverages modern JavaScript libraries, Google Analytics, and Cloudflare CDN services, with good mobile optimization and accessibility features implemented via a third-party widget. However, the website's security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the website is functional and professional but requires urgent remediation of SSL and TLS issues to improve security and trustworthiness.

M

MERKUR trgovina d.o.o.

merkur.si

0

Merkur.si is a large Slovenian retail company specializing in home improvement, construction, gardening, personal care, and energy solutions. The company operates both physical stores and an extensive e-commerce platform, offering a wide range of products and services including financing options and expert consultations. The website is well-designed, user-friendly, and rich in content, targeting Slovenian consumers and businesses. Technically, the site is built on Magento with modern JavaScript frameworks and integrates multiple third-party marketing and analytics tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. The site implements several security headers and privacy policies with consent mechanisms, indicating good privacy compliance. Overall, the business is legitimate and well-established, but urgent improvements in SSL/TLS implementation are recommended to enhance security and trust.

elektrabregenz.com is the official website of a large Austrian household appliance brand, part of the Beko corporate group. The site offers a comprehensive product catalog including cooling, cooking, dishwashing, and laundry appliances, targeting both consumers and retailers in Austria and German-speaking regions. The business is positioned as a major player in the European white goods market with a strong parent company backing and a wide product range. Technically, the website is built on Adobe Experience Manager and delivered via Akamai CDN, with modern marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent. However, the absence of a valid SSL/TLS certificate is a critical security gap, exposing users to potential risks and undermining trust. Privacy policies and cookie consent mechanisms are present and well-implemented, supporting GDPR compliance. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements to enable HTTPS and modern TLS protocols.

M

Modehaus Kutsam

kutsam.at

0

Modehaus Kutsam is a well-established family-owned fashion retailer based in Austria with a history spanning over 65 years. The company operates multiple physical stores and offers a broad range of fashion products for men and women, including personal shopping services and a customer club app. Their website is built on the Shopify platform, leveraging modern e-commerce technologies and integrations such as Google Analytics and PushOwl for marketing and analytics. The site is well-designed, mobile-optimized, and provides comprehensive product and brand information, reflecting a mature digital presence. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocol support, which poses risks to user data confidentiality and trust. Privacy policies and cookie consent mechanisms are in place, indicating good compliance with GDPR requirements. Overall, the business demonstrates strong credibility and professionalism, but should prioritize fixing SSL issues to enhance security and user trust.

OBI is a leading German home improvement and garden retailer with a strong online and physical presence. The website offers a comprehensive range of products and services including project planning, rental services, and loyalty programs. Technically, the site uses modern frameworks like Vue.js and Nuxt.js, hosted on AWS CloudFront, with extensive use of third-party analytics and marketing tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user data protection. The site is well-structured, mobile-optimized, and provides clear contact and business information, supporting a high level of trustworthiness. Strategic improvements in security and privacy compliance are recommended to enhance overall risk posture.

The website hollisterco.com appears to represent a large retail brand, Hollister Co., but the actual website content is inaccessible, returning only a minimal 'Bad Request' page. This prevents detailed content and business information extraction. The DNS and email configurations are properly set, indicating legitimate domain management and good email security practices. However, the lack of a valid SSL certificate and absence of HTTPS severely impact the security posture. The site is likely protected by a Web Application Firewall or similar security mechanism that blocks access to the content, further limiting analysis. Overall, the site shows signs of a mature business with enterprise scale but suffers from critical security configuration issues and content accessibility problems.

Bahlsen GmbH & CO. KG is a well-established German company specializing in the production and sale of high-quality pastries, cookies, and wafers with a history spanning over 130 years. The website targets consumers interested in premium bakery products and maintains a strong brand presence with localized content for multiple countries. Technically, the site is built using modern frameworks such as Next.js and React, hosted on Vercel, and integrates a headless CMS (Storyblok) for content management. However, the website currently lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. While security headers like Content-Security-Policy and Strict-Transport-Security are present, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy compliance is partially met with a comprehensive privacy policy and terms of use, but no cookie consent mechanism is detected. Overall, the site demonstrates good business credibility and professional content but requires urgent security improvements.

F

FELIX Austria GmbH

felix.at

0

FELIX Austria GmbH operates a well-established website focused on food products, particularly sauces such as ketchup, mayonnaise, and pestos. The company targets consumers primarily in Austria and German-speaking regions, offering product information, recipes, and partnerships. The website is built on TYPO3 CMS and integrates Google Tag Manager for analytics. While the site presents a professional design with good content quality and navigation, it lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Security headers are properly configured, but the absence of HTTPS significantly impacts the overall security posture. Privacy compliance is partially addressed with a comprehensive privacy policy, but no cookie consent mechanism is present. Contact information is available via a contact page, though no direct emails or phone numbers are explicitly listed. The domain registration data aligns well with the website content, indicating legitimacy. Strategic recommendations include obtaining a valid SSL certificate, implementing cookie consent, and publishing security policies to enhance trust and compliance.

Jimmy Choo's official website serves as a high-end e-commerce platform offering luxury shoes, bags, accessories, and beauty products for men and women globally. The site demonstrates a strong brand presence with comprehensive content, clear navigation, and extensive marketing integrations. The technical infrastructure leverages Salesforce Commerce Cloud, Cloudflare CDN, and multiple marketing and analytics tools, indicating a mature digital ecosystem. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks and undermining trust. Privacy and cookie policies are well implemented, reflecting compliance with GDPR and other regulations. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL configuration to ensure secure user interactions.

Urban Outfitters is a large retail company specializing in lifestyle apparel and home decor targeting young adults. The website is protected by a PerimeterX Web Application Firewall (WAF) which presents a CAPTCHA challenge, blocking direct access to content and preventing detailed content and policy analysis. The technical infrastructure includes nginx server hosting and DNS managed via Google Cloud DNS. However, the SSL/TLS configuration is currently invalid or missing, resulting in no HTTPS availability and exposing the site to security risks. DNS and MX records indicate legitimate email infrastructure consistent with the retail business. Overall, the security posture is weak due to lack of HTTPS and missing security headers, and privacy compliance information is not accessible due to the WAF block. The domain registration data is consistent and legitimate, supporting the business credibility. Strategic improvements in SSL deployment and security header implementation are critical.

T

Tractive

tractive.com

0

Tractive is a leading global provider of GPS and health monitoring trackers for pets, specializing in real-time location tracking and wellness insights for dogs and cats. The company operates a robust e-commerce platform offering subscription-based services that enable worldwide cellular connectivity for their devices. Their market position is strong, supported by extensive customer testimonials, high Trustpilot ratings, and a broad international presence with multi-language support. Technically, the website leverages modern web technologies including nginx, Amazon AWS infrastructure, CloudFront CDN, and advanced JavaScript frameworks. They utilize performance monitoring and A/B testing tools such as New Relic and Visual Website Optimizer, indicating a mature digital infrastructure. The site is well-optimized for mobile devices and accessibility, with good SEO practices. From a security perspective, while the site implements several important security headers and policies, it suffers from a critical issue: the SSL certificate is invalid or missing, and no TLS protocols are enabled. This severely impacts the security posture and user trust. Other security best practices like HSTS and CSP are in place, but the lack of proper HTTPS is a major vulnerability. Overall, the risk assessment highlights the need for immediate remediation of SSL/TLS issues to protect user data and maintain trust. Strategic recommendations include fixing the SSL certificate, enabling modern TLS versions, and improving session security. The business credibility is high, but security gaps could undermine customer confidence if not addressed promptly.

T

Triumph Intertrade AG

triumph.com

0

Triumph Intertrade AG operates a mature and well-established e-commerce platform specializing in lingerie and related apparel, primarily targeting the German market. The website demonstrates a high level of professionalism, rich content, and strong brand consistency, supported by a comprehensive customer loyalty program and active social media presence. The technical infrastructure leverages modern e-commerce technologies including Salesforce Commerce Cloud and Cloudflare for hosting and delivery, with integrated marketing and analytics tools such as Google Tag Manager and CQuotient. However, the absence of a valid SSL/TLS certificate on the main domain significantly undermines the site's security posture, exposing users to potential risks. Additionally, a subdomain takeover vulnerability on blog.triumph.com presents a notable security concern. Privacy and cookie policies are present and indicate GDPR compliance, with clear contact information and incident response channels available. Overall, the site is functional and credible but requires urgent security improvements to protect user data and maintain trust.

H&M is a globally recognized fashion retailer offering online shopping services with a focus on sustainable fashion at competitive prices. The website serves a broad international audience with multiple language and regional options, reflecting its enterprise scale and global market position. The technical infrastructure leverages ASP.NET technology and Akamai CDN services, with integration of Google Maps APIs for enhanced user experience. However, the website currently lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security deficiency. Security headers are well implemented but cannot compensate for the absence of encrypted communication. Privacy and cookie policies are not evident on the landing page, indicating potential compliance gaps. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements to protect user data and enhance trust.

The website agentprovocateur.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) security challenge page, which blocks direct content access. This prevents extraction of meaningful business, privacy, or contact information from the site itself. The domain is mature, registered since 1999, and shows strong domain protection with consistent WHOIS data, indicating a legitimate retail business presence. However, the lack of a valid SSL/TLS certificate and absence of HTTPS severely impacts the security posture and trustworthiness of the site. The technical infrastructure relies on Cloudflare for security and hosting, but the SSL configuration is incomplete or invalid, which is a critical security issue. No privacy policies, cookie consent mechanisms, or terms of service were found in the accessible content, limiting compliance assessment. Overall, the site’s security posture is weak due to missing HTTPS, and content quality cannot be evaluated due to blocking. Strategic improvements in SSL deployment and content accessibility are essential for better security and user trust.

F

Fresh Trading Limited

innocentdrinks.co.uk

0

Innocent Drinks, operated by Fresh Trading Limited and owned by The Coca-Cola Company, is a well-established UK-based beverage company specializing in natural and sustainable drinks such as smoothies, juices, and shots. The company positions itself strongly in the retail sector with a focus on sustainability, social responsibility, and B Corp certification, appealing to environmentally and socially conscious consumers. The website reflects this ethos with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on Adobe Experience Manager and hosted on AWS CloudFront, leveraging modern cloud infrastructure and Adobe's marketing and consent management tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, which significantly impacts the site's security posture. Privacy and legal policies are well documented and accessible, indicating good compliance practices. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

B

bulthaup

bulthaup.com

0

bulthaup is a premium kitchen brand specializing in high-quality kitchen concepts and living space solutions. The company operates a multilingual WordPress-based website that serves as a platform for product information, dealer location, and appointment scheduling. The site targets affluent consumers and businesses seeking bespoke kitchen solutions, positioning itself as a premium retail brand with a global dealer network. Technically, the website employs modern JavaScript libraries and WordPress plugins, including hCaptcha for form security and Cookiebot for cookie consent management. However, the site lacks a valid SSL certificate and modern TLS support, which significantly weakens its security posture. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

I

Interfood Lebensmittelgroßhandel Ges.m.b.H.

interfood.at

0

Interfood Lebensmittelgroßhandel Ges.m.b.H. is a medium-sized Austrian wholesaler specializing in international fine foods. The company emphasizes quality, freshness, and supply reliability, supported by certifications such as IFS, MSC, ASC, and organic labels. Their website targets retailers and fine food distributors, showcasing a curated product portfolio and strong logistics capabilities. Technically, the site runs on WordPress with popular plugins and themes but lacks HTTPS, which is a critical security gap. The site includes comprehensive privacy and cookie policies, indicating GDPR compliance. However, the absence of SSL/TLS significantly impacts the security posture and trustworthiness. Overall, the website is professionally designed with good content quality and user experience but requires urgent security improvements.

V

VF Corporation

vfc.com

0

VF Corporation is a large multinational retail company specializing in outdoor, lifestyle, and workwear apparel and footwear. The website presents a comprehensive portfolio of well-known brands such as Vans, The North Face, Timberland, and others, targeting consumers, investors, and job seekers. The business model focuses on brand management and retail operations with a strong emphasis on corporate responsibility and investor relations. Technically, the website uses Apache server technology, integrates Google Analytics, and leverages CDN services like Amazon Cloudfront for content delivery. The site is well-designed, mobile-optimized, and provides rich content with clear navigation and professional branding. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical vulnerability. Privacy compliance is good with a comprehensive privacy policy and terms of use, but no cookie consent mechanism was detected. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS security to protect user data and maintain trust.

H

HiPP

hipp.de

0

HiPP is a well-established German brand specializing in organic baby food and related care products. Their website serves as both an informational resource and an e-commerce platform, targeting parents and families with young children. The site is rich in content, well-structured, and offers multiple engagement channels including a BabyClub and social media presence. Technically, the site is built on TYPO3 CMS and uses modern web technologies and consent management tools, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business appears credible and trustworthy, but the security weaknesses pose a risk to user trust and data protection.

L

Lamb Weston

lambweston.eu

0

Lamb Weston is a globally recognized leader in the frozen potato products industry, offering a wide range of products including fries, specialties, and appetizers. The company targets foodservice professionals and retail customers primarily in the EMEA region, providing innovative and high-quality potato solutions. Their website reflects a strong market position with comprehensive content, multiple language support, and a focus on sustainability. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, hosted on AWS infrastructure, and demonstrates good mobile optimization and SEO practices. However, the absence of a valid SSL certificate significantly impacts the security posture, exposing the site to potential risks. Privacy and legal policies are well documented, but the lack of a cookie consent mechanism is a compliance gap. Overall, the website is professional and trustworthy but requires urgent security improvements to ensure safe user interactions.

Albert Berner Deutschland GmbH operates a comprehensive B2B e-commerce platform specializing in professional tools, chemicals, and related products primarily serving the automotive and industrial sectors in Germany. The company is well-established with a strong market position and a broad product catalog supported by detailed categorization and user-friendly navigation. Technically, the website employs modern JavaScript libraries, consent management tools, and extensive marketing and analytics integrations, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Despite this, the site maintains good privacy compliance with clear policies and consent mechanisms. Overall, the business is credible and professional, but urgent remediation of the SSL/TLS issue is recommended to enhance security and trust.

Moncler Group is a prominent luxury fashion company headquartered in Milan, Italy, operating key brands such as Moncler and Stone Island. The website serves as a corporate portal providing investor relations, sustainability information, and brand insights. The company targets investors, luxury consumers, and stakeholders interested in corporate governance and sustainability. Technically, the site is built on WordPress with multilingual support and uses modern JavaScript libraries and tracking tools. However, the absence of a valid SSL certificate and HTTPS support significantly weakens its security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting GDPR compliance. Overall, the site is professionally designed and content-rich but requires urgent security improvements to protect user data and enhance trust.

H

Handl Tyrol GmbH

handltyrol.at

0

Handl Tyrol GmbH is a well-established Austrian family-owned company specializing in traditional Tyrolean ham, sausages, and roast specialities since 1902. The company positions itself as an ambassador of Tyrolean cuisine, offering both meat and plant-based products through retail and an online shop. The website reflects a strong brand identity with excellent content quality and clear navigation targeting consumers interested in authentic regional food products. Technically, the site employs modern JavaScript libraries and consent management tools but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS, security headers, and DNS security features. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policy. Business credibility is supported by transparent contact information and trust signals such as quality guarantees and PGI certification. Overall, the site is professional but requires urgent security improvements to protect user data and enhance trust.

REWE International AG operates a comprehensive career website for its retail group in Austria, including brands such as BILLA, PENNY, BIPA, and ADEG. The company is a major employer offering diverse job opportunities across retail stores, logistics, and corporate offices. The website is professionally designed with clear navigation and rich content targeting job seekers interested in retail careers. Technically, the site uses modern frameworks like Nuxt.js and Vue.js, hosted likely on AWS infrastructure, and managed via the Storyblok CMS. However, the site suffers from a critical security weakness due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and credible but urgently needs to address its SSL/TLS configuration to protect users and improve security.

P

Plato's Closet

platosclosetdurham.com

0

Plato's Closet operates a large franchise retail business specializing in buying and selling gently used name brand clothes, shoes, and accessories targeting teens and young adults. The company is positioned as the largest chain in its niche with over 500 locations across North America, emphasizing sustainability and affordability. The website is built on the BigCommerce platform, leveraging modern e-commerce technologies and marketing tools such as Google Analytics 4 and TikTok Pixel. While the site demonstrates good content quality, accessibility, and privacy compliance, it lacks a valid SSL certificate, severely impacting its security posture. Security headers are partially implemented, but the absence of HTTPS is a critical vulnerability. The domain is mature and registered consistently with the business claims, supporting legitimacy. Strategic improvements in SSL deployment and enhanced security practices are recommended to strengthen trust and compliance.

A

Ankerbrot Holding GmbH

linauer.at

0

Linauer.at is a transitional website for the Linauer bakery brand, which is being integrated into the Ankerbrot Holding GmbH group, a well-established bakery company in Austria. The site primarily serves as a redirect landing page to the main Ankerbrot website, indicating a brand consolidation. The business operates in the retail bakery sector targeting consumers in Austria. The website content is minimal, focusing on brand transition with a video and countdown redirect. Technical infrastructure includes JavaScript libraries such as jQuery and RequireJS, hosted on ip.co.at nameservers. However, the site lacks HTTPS, which is a critical security deficiency. No security headers or cookie consent mechanisms are implemented, and performance is slow with a large page size and long load time. The WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the site demonstrates basic digital maturity but requires significant security and privacy improvements.

D

dm Slovensko

dm-drogeriemarkt.sk

0

dm Slovensko operates a well-branded online drugstore e-commerce platform targeting Slovak consumers with a broad range of personal care and health products. The website leverages a modern JavaScript and CSS technology stack with integrations from multiple third-party services for analytics, marketing, and user consent management. The technical infrastructure is hosted on Google Cloud, indicating a scalable and reliable hosting environment. However, the website currently lacks a valid SSL/TLS certificate, resulting in no HTTPS availability, which is a critical security concern. Security headers are mostly well implemented, but the disabled X-XSS-Protection header and malformed DNS CAA records indicate areas for improvement. Privacy and cookie policies are not detected in the provided content, representing a compliance gap with GDPR and related regulations. Overall, the website is functional and professionally designed but requires urgent security and compliance enhancements to protect user data and build trust.

Electrolux is a globally recognized leader in household appliances, offering a wide range of products including cooking, cooling, laundry, vacuum cleaners, and small kitchen appliances. The website targets Finnish consumers, providing comprehensive product information, promotions, and support services. The digital infrastructure is built on modern technologies such as Next.js, ensuring a responsive and user-friendly experience. While the site employs multiple analytics and marketing tools for personalization and tracking, it maintains good privacy compliance with clear cookie and privacy policies. Security headers are implemented, but the absence of a valid SSL certificate and some advanced security features reduces the overall security posture. The domain registration aligns well with the business identity, confirming legitimacy. Strategic improvements in SSL management and enhanced security practices are recommended to strengthen trust and compliance.

D

Dunelm

dunelm.com

0

Dunelm is a prominent UK-based retailer specializing in homeware, furniture, and related products, offering a comprehensive e-commerce platform alongside physical stores. The website demonstrates a mature digital presence with extensive product categories, clear navigation, and strong branding. Technically, the site leverages modern technologies including React, Algolia for search, and integrates multiple third-party services for payments, analytics, and marketing. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, which severely impacts the site's security posture. While security headers are present, the lack of proper TLS configuration exposes the site to significant risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR. Overall, the site is professional and trustworthy from a business perspective but requires urgent remediation of its SSL/TLS configuration to ensure user data protection and trust.