Security Directory

L

Lomography

lomography.com

0

Lomography is a well-established analogue photography community and e-commerce platform founded in 1994, offering a wide range of analogue cameras, films, lenses, and educational content. The website demonstrates excellent content quality, user experience, and community engagement, targeting photography enthusiasts globally. Technically, the site uses a modern stack with nginx and Phusion Passenger, and employs Google Tag Manager for analytics and marketing. However, a critical security gap exists as the site lacks a valid SSL/TLS certificate and does not serve content over HTTPS, exposing users to potential interception risks. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, the business credibility is high, but the security posture requires urgent improvement to protect users and maintain trust.

W

Würth Österreich

wuerth.at

0

Würth Österreich operates a comprehensive B2B e-commerce platform targeting trade professionals and businesses in Austria. The website offers a wide range of industrial and professional products alongside specialized services such as consulting, digital tools, and engineering support. The company is positioned as a market leader with a strong brand presence and multiple customer engagement channels including social media and mobile apps. Technically, the site uses modern web technologies and a professional CMS, providing a good user experience and mobile optimization. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses risks to data confidentiality and user trust. Privacy compliance is generally good with accessible policies, but lacks a visible cookie consent mechanism. Overall, the site is professional and credible but requires urgent security improvements to protect users and maintain trust.

Tommy Hilfiger is a globally recognized fashion brand offering a wide range of apparel and accessories for men, women, and children through its official online shop. The website targets fashion-conscious consumers and provides a comprehensive e-commerce platform with seasonal collections, sales, and a membership program. The technical infrastructure leverages modern web technologies including Next.js, React, and Contentstack CMS, supported by a robust CDN via Akamai and integrated with multiple third-party services for analytics, marketing, and payment processing. Despite strong security header implementations, the absence of a valid SSL certificate and lack of HTTPS significantly undermines the security posture of the site. Privacy and cookie policies are well documented and indicate GDPR compliance. Overall, the website demonstrates a high level of professionalism and business credibility but requires urgent attention to its SSL configuration to ensure secure user interactions.

P

Palmers Textil AG

palmers.at

0

Palmers Textil AG operates a well-branded e-commerce website focused on retailing lingerie, nightwear, and fashion apparel primarily targeting German-speaking European customers. The site leverages modern web technologies including Vue Storefront 2 and Magento backend, supported by AWS CloudFront CDN and various marketing and analytics tools such as Google Analytics and Facebook Pixel. Despite a professional presentation and comprehensive privacy and cookie policies, the website suffers from a critical security deficiency: the absence of a valid SSL/TLS certificate and HTTPS support, exposing users to potential data interception risks. Security headers are implemented but cannot compensate for the lack of encryption. The domain registration data aligns well with the business claims, indicating legitimacy and consistency. Overall, the website demonstrates good digital maturity but requires urgent security improvements to protect user data and enhance trust.

J

Josef Manner & Comp AG

manner.com

0

Josef Manner & Comp AG operates the website manner.com, a well-established Austrian confectionery brand specializing in Viennese wafer specialties since 1890. The website showcases a comprehensive product range, including wafers, baking products, gingerbread, and merchandise, targeting consumers interested in traditional confectionery. The brand maintains a consistent and professional online presence with rich content, social media integration, and e-commerce capabilities. Technically, the site uses modern technologies such as Vue.js, Algolia search, and Cookiebot for consent management, hosted likely on DigitalOcean. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, which is a critical issue that undermines user trust and data protection. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent mechanisms. Overall, the website is professional and credible but requires urgent security improvements to meet modern standards.

I

iService d.o.o.

iservice.hr

0

iService d.o.o. operates the website iservice.hr, providing fast and professional repair services for smartphones, tablets, Mac computers, and Apple devices, alongside retail sales of related accessories. The company targets both individual consumers and businesses, offering services such as quick repairs, free diagnostics, and warranty-backed parts. The business is well-positioned in the Croatian market with a strong reputation supported by certifications like Apple IRP and a 15-year operational history. Technically, the website uses a standard Apache server with modern marketing integrations including Google Analytics and Facebook Pixel, but lacks a valid SSL certificate, which is a significant security concern. The site is mobile-optimized with good SEO and user experience, though performance metrics indicate slow loading times. Security posture is weak due to missing HTTPS, lack of modern TLS protocols, and absence of key security headers. Privacy compliance is addressed with visible policies and cookie consent mechanisms, but no explicit security or incident response policies are found. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

D

Diesel

diesel.com

0

Diesel operates a global e-commerce platform specializing in fashion apparel and accessories, providing localized shopping experiences through country-specific domains. The website analyzed is a country selector landing page that directs users to various regional sites. The technical infrastructure leverages Salesforce Commerce Cloud (Demandware) and is hosted behind Cloudflare, with usage of Adobe Fonts and Tealium for analytics and marketing. However, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security deficiency. Security headers are partially implemented, but the absence of HTTPS significantly undermines the security posture. Privacy and cookie policies are not present on this landing page, and no contact information is provided, limiting transparency and compliance with privacy regulations. Overall, the site demonstrates a basic level of technical and content maturity but requires urgent improvements in security and privacy compliance to meet modern standards.

R

Rydges Wholesale Foods

rydgeswholesale.com.au

0

Rydges Wholesale Foods is a Queensland-based wholesale food supplier specializing in fresh, high-quality bulk food supplies for a variety of food service businesses including restaurants, cafés, supermarkets, and catering companies. The company positions itself as a reliable partner offering competitive pricing, extensive product ranges, and tailored delivery solutions. Their website reflects a professional and consistent brand presence with clear contact information and customer testimonials, supported by certifications such as HACCP and Safe Food Queensland. Technically, the site is built on WordPress with WooCommerce, leveraging LiteSpeed server technology and caching for performance. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. The site uses Google Analytics and Tag Manager for tracking but lacks a cookie consent mechanism, which may impact privacy compliance. Overall, the business appears legitimate and well-established locally, but urgent security improvements are needed to protect customer data and enhance trust.

B

Bergner Group

bergnerhome.com

0

Bergner Group is a well-established homeware solutions provider founded in 1999, offering a broad range of kitchenware and home products under multiple brands. The company targets consumers and retail partners globally, emphasizing innovation, quality, and comprehensive business support services. The website reflects a professional and consistent brand image with strong content relevance and user experience. Technically, the site uses modern JavaScript libraries and tracking tools but lacks a valid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are present and GDPR compliant, but direct contact details like emails or phone numbers are not explicitly provided. The WHOIS data aligns well with the business claims, supporting domain legitimacy. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

W

Wenatex Das Schlafsystem GmbH

wenatex.com

0

Wenatex Das Schlafsystem GmbH is a medium-sized Austrian company specializing in ergonomic sleep systems, including mattresses, slatted frames, pillows, and bedding accessories. With over 30 years of experience, the company emphasizes quality, innovation, and personalized customer consultation, positioning itself as a trusted brand in the sleep product retail and manufacturing sector. The website reflects a mature digital presence with modern technologies such as Nuxt.js and AWS hosting, providing a rich user experience with multimedia content and clear navigation. However, the absence of a valid SSL certificate significantly undermines the security posture, exposing users to potential risks. While privacy and cookie policies are present and GDPR compliant, the lack of explicit security policies and incident response information suggests room for improvement in security governance. Overall, the website is professional and trustworthy but requires urgent security enhancements to protect user data and maintain credibility.

B

BrandSourcery GmbH

adpl-solutions.at

0

BrandSourcery GmbH is a Vienna-based production agency specializing in below-the-line marketing materials and services. Their offerings include visual merchandising, promotional items, marketing logistics, print management, and digital solutions, targeting businesses seeking comprehensive marketing support. The website is built on WordPress with a range of plugins supporting multilingual content, marketing, and GDPR compliance. However, the absence of a valid SSL certificate and HTTPS implementation represents a significant security risk. While privacy and cookie policies are comprehensive and GDPR compliant, the lack of HTTPS undermines user trust and data security. The site is accessible without WAF or security challenges, but performance data suggests potential slowness. Contact information is complete and professional, supporting business credibility.

S

Sanitär-Heinze GmbH & Co. KG

sanitaer-heinze.com

0

Sanitär-Heinze GmbH & Co. KG operates as a specialized wholesale and service provider in the sanitary, heating, ventilation, and renewable energy sectors primarily serving professional customers in Germany. The company offers a broad portfolio including bathroom products, heating systems, ventilation solutions, and 3D bathroom planning services. Their market position is that of an established regional player with a consistent brand presence and multiple product lines. Technically, the website is built on the Pimcore CMS platform, leveraging modern JavaScript libraries and Google analytics tools, with a professional design and good navigation. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that significantly impacts the security posture. Cookie consent is implemented properly, and privacy policies are comprehensive and GDPR compliant. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

E

EGLO FINLAND OY

eglo.com

0

EGLO FINLAND OY operates as a major player in the global lighting manufacturing and retail sector, offering a wide range of lighting and home decor products through a multilingual e-commerce platform. The company is well-established with a domain age of 27 years and a strong market presence supported by a global network of sales entities. The website is professionally designed, user-friendly, and targets consumers and retailers seeking lighting solutions. Technically, the site leverages Magento Commerce with modern JavaScript frameworks and integrates multiple marketing and analytics tools, reflecting a mature digital infrastructure. However, the absence of a valid SSL certificate and disabled TLS protocols represent significant security weaknesses that undermine the site's security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business is credible and trustworthy, but urgent security improvements are recommended to protect user data and enhance trust.

VOG AG is a well-established Austrian retail company founded in 1916, specializing in the distribution of food and non-food products across Central Europe and Asia. The company operates multiple subsidiaries and maintains a significant market presence with trusted brands and production facilities. The website reflects a professional business with clear corporate information and a focus on trade customers. Technically, the website runs on an Apache server with basic JavaScript and CSS, but lacks modern CMS or advanced frameworks. Performance data is missing, and mobile optimization is basic. Security posture is weak due to the absence of HTTPS and modern security headers, exposing the site to risks. Privacy compliance is strong with comprehensive policies and cookie consent mechanisms implemented. Overall, the site is functional and credible but requires urgent security improvements.

V

Vienna Beef

viennabeef.com

0

Vienna Beef operates a well-established e-commerce website specializing in Chicago style hot dogs and related food products. The company has a strong market position with a rich history dating back to 1893 and offers a variety of products including hot dogs, sausages, deli meats, condiments, soups, and branded merchandise. The website targets both consumers and foodservice businesses, providing online shopping, educational programs like Hot Dog University, and store locator services. Technically, the site is built on the BigCommerce platform with modern web technologies and integrates multiple marketing and analytics tools such as Google Analytics 4, Hotjar, and Klaviyo. However, the site suffers from a critical security weakness due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of direct contact emails or phone numbers on the site is a minor concern. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

Trek Bikes is a well-established global bicycle manufacturer with a strong presence in Finland, offering a wide range of bicycles and cycling accessories. The website targets Finnish consumers with localized content and a comprehensive product catalog. Technically, the site uses modern frontend technologies such as Vue.js and Tailwind CSS, and is hosted behind Cloudflare CDN with integrated marketing and analytics tools like Google Tag Manager and Cookiebot for cookie consent management. However, a critical security weakness is the lack of a valid SSL/TLS certificate and HTTPS support, exposing users to potential risks. The site includes comprehensive privacy and cookie policies, indicating good privacy compliance, but lacks visible security policies or incident response information. Overall, the business credibility is high, supported by a mature domain and consistent branding, but the security posture requires urgent improvement to protect user data and trust.

L

Ludwig Reiter Schuhmanufaktur GmbH

ludwig-reiter.com

0

Ludwig Reiter Schuhmanufaktur GmbH is a traditional shoe manufacturing company based in Vienna, Austria, founded in 1885. The company operates a well-structured e-commerce website offering a wide range of shoes, accessories, and shoe care products targeting consumers interested in high-quality footwear. The website reflects a consistent brand image and provides comprehensive business and contact information, including social media presence and newsletter subscription options. Technically, the website is built on Magento 2, leveraging modern JavaScript frameworks and marketing tools such as Google Tag Manager and Facebook Pixel. The site is mobile-optimized and features good SEO practices. However, the absence of HTTPS and SSL/TLS certificates is a critical security flaw, exposing users to potential risks. From a security perspective, while several security headers are implemented, the lack of HTTPS severely undermines the site's security posture. Privacy compliance is strong, with clear cookie consent mechanisms and GDPR-aligned privacy policies. Contact information is transparent, but no explicit security or incident response policies are found. Overall, the website is professional and trustworthy from a business and content perspective but requires urgent security improvements, especially enabling HTTPS, to protect user data and enhance trustworthiness.

Europapier Austria GmbH is a traditional wholesale and distribution company specializing in graphic papers, packaging, design papers, office papers, hygiene products, and advertising technology. The company operates primarily in Austria and serves business customers with a broad product portfolio and multiple locations. The website is professionally designed, content-rich, and provides comprehensive contact options including email, phone, and contact forms. Technically, the site uses modern technologies such as Pimcore CMS, Apache server, and Google Tag Manager for analytics. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, which is a critical issue. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy compliance. Overall, the site is trustworthy and professional but requires urgent security improvements.

Aldi Recruitment UK operates a mature and professionally designed recruitment website focused on providing career opportunities within Aldi UK. The site targets job seekers interested in various roles across stores, warehouse, head office, and early career programs. The business is well positioned in the retail sector with a strong brand presence and recognized employer awards. Technically, the site uses modern marketing and recruitment technologies including Adobe DTM, Google reCAPTCHA, and the Eploy recruitment platform. However, the absence of a valid SSL certificate is a critical security flaw that undermines user trust and data protection. Security headers and content policies are well implemented, but the lack of HTTPS and related security features significantly lowers the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, the site is functional and professional but requires urgent security improvements to protect users and enhance trust.

R

Rituals Cosmetics

rituals.com

0

Rituals Cosmetics operates a large-scale international e-commerce platform specializing in cosmetics and lifestyle products. The website offers a localized shopping experience with multiple country and language options, leveraging Salesforce Commerce Cloud technology. The technical infrastructure includes modern JavaScript libraries, tag management, and analytics tools, but suffers from a lack of a valid SSL certificate and security headers, which significantly impacts the security posture. Privacy compliance is addressed with cookie consent mechanisms and a comprehensive privacy policy, though explicit contact and security policy information is limited. Overall, the website is professional and trustworthy from a business perspective but requires urgent improvements in security configuration to protect user data and maintain trust.

S

SZCO Supplies, Inc.

szco.com

0

SZCO Supplies, Inc. operates a wholesale e-commerce platform specializing in knives, swords, self-defense products, and historical replicas. The company targets wholesale buyers, collectors, and enthusiasts in the United States, offering a broad catalog of niche products. The website is built on a classic ASP.NET Web Forms platform hosted on Microsoft IIS, with Ephost as the hosting provider. The technical infrastructure includes jQuery and Bootstrap for frontend interactivity and layout. However, the site lacks modern performance optimizations and accessibility features. From a security perspective, the website does not have a valid SSL certificate, resulting in no HTTPS support, which is a critical vulnerability. Security headers are minimal, and no advanced security practices like HSTS or OCSP stapling are implemented. Privacy compliance is poor, with no visible privacy or cookie policies, and user tracking is done via Google Analytics without clear consent mechanisms. Contact information is clearly presented, enhancing business credibility, but the lack of security and privacy controls poses risks. Overall, the site is functional and professionally designed but requires urgent improvements in security and privacy compliance to protect user data and build trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing comprehensive privacy policies, and enhancing security headers and protocols.

SONNENTOR Kräuterhandels GMBH operates a professional e-commerce and retail platform specializing in organic teas and spices with a strong commitment to sustainability, direct trade, and eco-friendly packaging. The company has a well-established market presence since 1988, targeting consumers interested in organic and sustainable products. The website is well-designed, mobile-optimized, and provides comprehensive content and navigation. Technically, the site uses modern technologies including Pimcore CMS, Bootstrap framework, and integrates multiple marketing and analytics tools such as Google Tag Manager, Matomo, Emarsys, and Kameleoon. However, the security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS support, which is a critical issue that must be addressed promptly to protect user data and maintain trust. Privacy compliance is strong with clear cookie consent mechanisms and GDPR-aligned privacy policies. Overall, the business credibility is high, supported by clear contact information, certifications, and consistent WHOIS data.

Swarovski Group operates a comprehensive e-commerce platform showcasing its luxury jewelry, watches, and crystal decorations. The website reflects a mature digital presence with extensive product categorization, rich multimedia content, and integrated marketing and analytics tools. The brand maintains a strong market position as a leading global luxury retailer with a history dating back to 1895. Technically, the site leverages modern JavaScript libraries, Google Tag Manager, and third-party personalization and fraud prevention services, hosted on AWS infrastructure. However, a critical security concern is the invalid SSL certificate and lack of enabled TLS protocols, which significantly impacts the site's security posture. Privacy and cookie policies are well implemented and GDPR compliant, with clear contact channels available. Overall, the site is professional and trustworthy but requires urgent remediation of SSL issues to ensure secure user interactions.

P

Peek & Cloppenburg B.V. & Co. KG

peek-cloppenburg.com

0

Peek & Cloppenburg B.V. & Co. KG is a well-established European fashion retailer with a strong presence in physical stores and online platforms. The company offers a curated selection of international and exclusive brands, targeting fashion-conscious consumers across multiple countries. Their business model focuses on multi-brand retailing with a significant footprint in Europe, supported by a comprehensive loyalty program and customer service infrastructure. Technically, the website is built on modern frameworks like Next.js and Magnolia CMS, leveraging Cloudflare for hosting and CDN services. The site is well-optimized for mobile and SEO, with good accessibility features. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which critically impacts secure communications and user trust. Privacy compliance is robust, with clear policies and consent mechanisms implemented. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

M

MPREIS

mpreis.at

0

MPREIS is a well-established Austrian supermarket chain offering a broad range of grocery and related products both in physical stores and online. The website reflects a mature digital presence with detailed product catalogs, recipe inspirations, and a focus on regional and organic products. The company maintains active social media channels and provides comprehensive privacy and cookie policies with consent management, indicating good privacy awareness. Technically, the site uses modern JavaScript frameworks such as Vue.js and integrates advanced marketing and search tools like Bloomreach and Algolia. However, the absence of a valid SSL certificate and lack of HTTPS support represent significant security shortcomings, exposing users to potential risks. Security headers are partially implemented, but critical TLS protocols and cipher suites are missing, reducing the overall security posture. The domain registration and hosting are consistent with the business claims, registered under A1 Telekom Austria AG, a reputable provider. No WAF or security challenge blocks access, allowing full content analysis. Privacy compliance is strong, but the lack of incident response and security policy pages suggests room for improvement in security governance. Overall, MPREIS demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to protect users and enhance trust. Strategic security enhancements and continuous compliance monitoring are recommended to maintain its market position and customer confidence.

Julius Meinl am Graben is a historic gourmet food retailer based in Austria, specializing in fine foods and delicatessen products with a legacy dating back to 1862. The website meinlamgraben.at serves primarily as a redirect to the main domain meinlamgraben.eu, indicating a consolidated online presence. The business targets consumers interested in high-quality culinary specialties and operates within the retail sector. Technically, the site is built on TYPO3 CMS and hosted on Microsoft IIS, but the current domain lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts security and user trust. Security headers are present, but the absence of HTTPS and modern TLS protocols is a critical vulnerability. Privacy and cookie policies are not found on this domain, and no contact forms or detailed business contact information are provided here, limiting direct user engagement. Overall, the site exhibits basic content quality and technical implementation but requires urgent security improvements to meet modern standards.

S

Sockbird Enterprise OG

snipcard.eu

0

snipcard.eu is a niche marketing and advertising platform focused on providing physical collectible advertising cards (snipcards) displayed in partner locations primarily in Vienna and Graz, Austria. The business targets small enterprises, startups, NGOs, and cultural institutions, offering an affordable and innovative offline marketing solution integrated with inbound marketing principles. The company operates a franchise model and an online shop to facilitate sales and expansion. Technically, the website is built on WordPress using the Enfold theme and Avia framework, with common marketing and analytics tools such as Yoast SEO, Google Analytics, Jetpack, and StatCounter. However, the site lacks HTTPS, which is a critical security shortfall. The content is well-structured, SEO-optimized, and includes comprehensive FAQs and social media integration, but no direct contact emails or phone numbers are visible on the homepage. Privacy and cookie policies are present and GDPR compliant, but no terms of service or security policies are found. The domain registration data is consistent with the business claims, indicating legitimacy. Overall, the site demonstrates moderate digital maturity but requires urgent security improvements.

F

Fischer Sports

fischersports.com

0

Fischer Sports is a well-established Austrian manufacturer and retailer specializing in premium alpine and nordic ski equipment as well as hockey sticks. The company has a strong market presence with a comprehensive product range targeting both professional athletes and recreational users. Their website demonstrates a high level of digital maturity, utilizing modern frameworks such as Nuxt.js and Shopware CMS, supported by Cloudflare for hosting and security. Despite the rich content and professional design, the absence of a valid SSL certificate and lack of HTTPS support represent significant security concerns. The site includes comprehensive privacy and cookie policies with consent mechanisms, reflecting good privacy compliance. However, direct contact information such as company emails or phone numbers is not prominently available, relying mainly on contact forms. Overall, the business appears legitimate and trustworthy, but urgent improvements in security infrastructure are recommended.

P

Projekt Kraft

projektkraft.at

0

Projekt Kraft is a European general contractor and project management company specializing in retail, hospitality, office, and e-mobility sectors. They provide comprehensive services including planning, design, construction, and facility management with a multilingual team and multiple office locations in Austria, Germany, and Italy. The website is professionally designed with rich content and clear navigation, targeting B2B clients seeking turnkey project solutions. Technically, the site runs on WordPress with modern plugins and tracking tools but suffers from a critical security issue due to the lack of a valid SSL certificate, impacting its security posture significantly. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. Overall, the business demonstrates strong credibility and market presence but should urgently address SSL and TLS configuration to improve security and trust.

C

Capri-Sun

capri-sun.com

0

Capri-Sun is a well-established global beverage brand with a multilingual website targeting consumers across many countries. The website provides localized content but lacks visible privacy, cookie, or terms of service policies on the homepage. Technically, the site uses Cloudflare for hosting and CDN services and implements Google Tag Manager for analytics and marketing. However, the site lacks a valid SSL certificate and does not enforce HTTPS, which is a significant security concern. Security headers are partially implemented but HSTS is disabled, and no advanced TLS protocols are enabled. No contact information or forms are present on the homepage, limiting direct user engagement and transparency. Overall, the website demonstrates moderate digital maturity but requires urgent improvements in security and privacy compliance to meet modern standards.

R

REWE Group in Österreich

rewe-group.at

0

REWE Group in Österreich is a major retail group operating multiple supermarket and retail brands across Austria and several European countries. The company has a long-standing history of over 70 years and manages well-known brands such as BILLA, PENNY, and BIPA. The website presents comprehensive corporate and sustainability information targeting customers and stakeholders in Austria and Europe. Technically, the site uses modern frontend technologies like Alpine.js and FontAwesome and is likely powered by the Statamic CMS. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are partially implemented, but the absence of TLS protocols and valid certificates significantly reduces the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is high due to consistent branding, detailed corporate information, and alignment with WHOIS data. Overall, the site is professional and content-rich but requires urgent security improvements to enable HTTPS and strengthen its security configuration.

L

Lujakatto Oy

lujakatto.fi

0

Lujakatto Oy is a Finnish company specializing in roofing products and installation services, offering a streamlined e-commerce platform where customers can order both products and installation with transparent pricing. The company targets Finnish homeowners and property managers, positioning itself as a niche regional provider with a focus on quality service and convenience. Technically, the website uses modern front-end technologies such as UIkit and jQuery, but lacks a valid SSL certificate, which impacts security and trust. The site is moderately performant and mobile-optimized, with clear navigation and good content relevance. Security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Privacy policies and terms of service are present but basic, with no advanced compliance or incident response information. Overall, the domain registration data aligns well with the business claims, indicating legitimacy. Strategic improvements in security and privacy compliance are recommended to enhance trust and protect user data.

K

Katolle.fi

katolle.fi

0

Katolle.fi is a Finnish e-commerce website specializing in the sale of roofing sheets and related construction materials. The site targets Finnish builders, homeowners, and contractors seeking quality roofing products with competitive pricing and fast delivery. The business operates a Joomla CMS with VirtueMart e-commerce platform, integrating common web technologies such as jQuery and Bootstrap. The website is well-structured with clear product listings and navigation, supporting Finnish language users effectively. However, the absence of a valid SSL certificate and HTTPS support represents a critical security vulnerability, exposing users to potential data interception risks. The site includes cookie consent mechanisms and basic privacy information but lacks comprehensive GDPR compliance indicators and security policies. Tracking and advertising tools such as Google Analytics and Google Ads are actively used, indicating moderate user tracking. Overall, the website demonstrates a moderate level of digital maturity but requires urgent security improvements to protect user data and enhance trust.

D

Dateks

dateks.lv

0

Dateks.lv operates as a medium-sized e-commerce retailer based in Latvia, specializing in a broad range of technology and consumer electronics products. The website offers extensive product categories including computers, components, office equipment, and home appliances, targeting both consumers and businesses in the Baltic region. The company maintains partnerships with major technology brands such as Asus, Dell, Intel, Lenovo, and Nvidia, reinforcing its market position as a reputable regional retailer. From a technical perspective, the website employs modern tracking and marketing technologies including Google Tag Manager, Facebook Pixel, and Cookiebot for consent management. However, the site suffers from slow performance due to a large page size and numerous resources. Mobile optimization is good, but accessibility features are basic. The lack of a valid SSL certificate is a critical security shortfall, impacting user trust and data protection. Security posture reveals several vulnerabilities including missing DMARC, DNSSEC, and CAA records, and no domain protection locks, which collectively increase risk exposure. While HSTS is enabled, the absence of a valid SSL certificate and other security best practices lowers the overall security score. Privacy and cookie policies are present and GDPR compliant, with clear contact information provided. Overall, Dateks.lv presents a professional and content-rich e-commerce platform with moderate technical maturity and security posture. Strategic improvements in SSL/TLS implementation, email security, and DNS hardening are recommended to enhance trust and compliance.

S

Smelt by Polaria

smeltbypolaria.no

0

Smelt by Polaria is a Norwegian e-commerce retailer specializing in sustainable, locally sourced interior and lifestyle products. The company targets environmentally conscious consumers in Norway, offering a broad product range from Nordic and European suppliers. Their business model focuses on online sales with additional services like click-and-collect and flexible payment options. The website demonstrates good content quality, clear navigation, and consistent branding, supported by trust signals such as certifications and customer reviews. Technically, the site uses modern JavaScript libraries and frameworks but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which severely impacts security posture. Privacy compliance is well addressed with a comprehensive cookie consent mechanism. Overall, the site is functional and professional but requires urgent security improvements to protect user data and build trust.

T

Tempe Inditex

tempe.es

0

Tempe Inditex is a large retail company specializing in the design, marketing, and distribution of footwear and accessories for the Inditex Group's seven brands. The company emphasizes sustainable fashion aligned with Inditex’s global sustainability strategy and employs over 2,000 professionals. The website is professionally designed, multilingual, and provides comprehensive information about the business model, sustainability efforts, talent acquisition, and communication. Technically, the site uses modern JavaScript frameworks such as React and Next.js and is hosted on AWS infrastructure. However, the site lacks a valid SSL certificate and does not support modern TLS protocols, which significantly weakens its security posture. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security or incident response policies are found. Overall, the website is credible and professional but requires urgent security improvements to protect user data and enhance trust.

G

Grupo Soma

somagrupo.com.br

0

Grupo Soma is a large Brazilian retail group operating a platform of multiple fashion brands including Animale, Farm, and Hering among others. The website serves as a corporate and investor relations portal, providing information about the company, its brands, sustainability efforts, and compliance policies. The target audience includes consumers and investors interested in the fashion retail sector in Brazil. Technically, the website is built on WordPress and uses modern JavaScript libraries and Google Analytics for tracking. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a significant security concern. Security headers are partially implemented but critical TLS protocols and HSTS are missing, reducing the overall security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism via OneTrust. Business credibility is supported by clear brand listings and compliance pages but lacks explicit contact emails or phone numbers on the homepage. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

W

Wegmans Food Markets

wegmans.com

0

Wegmans Food Markets is a well-established grocery retail company with a strong online presence offering grocery delivery, pickup, pharmacy, meals, and catering services. The website is professionally designed, mobile-optimized, and provides comprehensive content and navigation for its users. Technically, the site leverages modern frameworks such as Next.js and React, hosted on Vercel, and integrates multiple third-party services for analytics, marketing, and user experience enhancements. However, a critical security gap exists as the website lacks a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility is high, supported by consistent branding and legitimate domain registration data.

H

HP Hood LLC

hphood.com

0

HP Hood LLC operates a well-established website promoting its dairy products brand, Hood®, with a history dating back to 1846. The website offers comprehensive product information, recipes, and store locator features targeting consumers in the United States. The site is professionally designed with consistent branding and good user experience, including mobile optimization and clear navigation. Technically, the site uses Microsoft IIS, Bootstrap, jQuery, and other modern frontend libraries, but lacks a valid SSL certificate and HTTPS support, which is a critical security gap. Cookie consent is implemented via OneTrust, and Google Tag Manager is used for analytics and tracking. Security posture is weak due to missing HTTPS and limited security headers, and no explicit security or incident response policies are found. Overall, the domain registration data aligns well with the business, indicating legitimacy. Strategic improvements in SSL/TLS deployment and security headers are recommended to enhance trust and compliance.

C

Cia. Hering

ciahering.com.br

0

Cia. Hering is a well-established Brazilian retail clothing franchise network with a strong market position as the largest clothing franchise in Brazil. The company operates an omnichannel business model, combining physical stores and e-commerce to provide convenience to its customers. The website reflects a professional corporate presence with multilingual support and investor relations information, indicating a mature business. Technically, the site is built on WordPress and uses common web technologies and services such as Cloudflare CDN and OneTrust for cookie consent. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security issue. Security headers are present but cannot compensate for the missing SSL. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust.

C

Consorzio Terra di San Marino

terradisanmarino.com

0

Consorzio Terra di San Marino is a small-sized cooperative consortium focused on protecting and promoting typical agro-food products from the Republic of San Marino. The website serves as a platform to showcase their products, events, and cultural heritage, targeting local consumers and enthusiasts of traditional food and rural culture. Technically, the site is built on Drupal 7 with common web libraries and Google Analytics for tracking. However, the site suffers from critical security shortcomings, notably the absence of HTTPS and a valid SSL certificate, which exposes users to risks and undermines trust. Privacy compliance is basic, with a cookie policy and consent mechanism but no explicit privacy or security policies. The domain is mature and consistent with the business claims, enhancing credibility. Overall, the site provides good content and user experience but requires urgent security improvements to protect visitors and enhance trust.

H

H.J. Opdyke Lumber Company

opdyke.com

0

H.J. Opdyke Lumber Company is a well-established regional supplier of lumber and building materials, servicing residential and multifamily properties since 1955. The company offers a broad range of products and design services including kitchens, baths, decking, doors, windows, and closets, targeting contractors, builders, and homeowners primarily in New Jersey, Pennsylvania, and New York. Their market position is solid with multiple physical locations and a medium-sized business footprint. Technically, the website is built on WordPress with modern plugins and accessibility features, but lacks a valid SSL certificate, which is a critical security shortfall. The site uses Sucuri Cloudproxy for WAF protection, Google Analytics and Tag Manager for tracking, and hCaptcha for form security. Privacy and cookie policies are present and GDPR compliant, but no terms of service or security policies are found. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

S

SCAVOLINI S.P.A.

scavolini.com

0

Scavolini S.P.A. is a well-established Italian furniture manufacturer specializing in kitchens, bathrooms, living rooms, walk-in wardrobes, and outdoor kitchens. The company positions itself as a premium brand with a focus on quality, sustainability, and bespoke furniture solutions. Their market presence is supported by international certifications and a broad dealer network. Technically, the website is built on ASP.NET technology, leveraging Cloudflare for CDN and security, and integrates modern marketing and accessibility tools. However, the website suffers from a critical security weakness due to the absence of a valid SSL certificate and lack of TLS protocol support, which severely impacts its security posture. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to ensure secure communications and user trust.

Aeffe Spa is an established Italian luxury goods group specializing in the production and distribution of high-end fashion products including ready-to-wear, footwear, leather goods, lingerie, and beachwear. The company operates internationally with proprietary brands such as Alberta Ferretti, Moschino, Pollini, and Philosophy di Lorenzo Serafini, positioning itself as a significant player in the luxury retail sector. The website reflects a professional corporate presence with comprehensive investor relations and governance information, targeting investors, partners, and luxury consumers. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple third-party services including Google Tag Manager and Google Analytics for analytics and marketing. Multilingual support is provided via WPML, enhancing accessibility for international audiences. However, the website suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of HTTPS, which impacts its security posture and user trust. Security-wise, while no critical vulnerabilities or exposed sensitive data were detected, the lack of HTTPS and modern TLS protocols, absence of HSTS, and missing DMARC records represent significant risks. The site employs basic security headers but could benefit from enhanced configurations. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism, aligning with GDPR requirements. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing a valid SSL certificate, enabling modern TLS protocols, and improving security headers and email authentication mechanisms.

L

Linekit

linekit.com

0

Linekit is an established Italian company specializing in the production and online sale of office furniture and furnishings. With over 25 years of experience, the company targets businesses and professionals seeking high-quality, ergonomic, and design-oriented office solutions. Their business model focuses on direct manufacturer sales, supported by consultancy, design services, and a partner reseller program. The website is professionally designed with rich content, including product portfolios, videos, and customer testimonials, enhancing user engagement and trust. Technically, the site is built on WordPress with WooCommerce and Elementor, hosted behind Cloudflare, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. Social media presence and marketing tools like Google Tag Manager and Facebook Pixel are actively used. Overall, the site demonstrates good business credibility but requires urgent security improvements to enable HTTPS and strengthen its security posture.

S

SIA SkanaGaisma.lv

skanagaisma.lv

0

SkanaGaisma.lv is a Latvian company specializing in the rental of sound and lighting equipment, stages, tents, and event furniture, providing full technical support for events across Latvia since 2012. The company targets event organizers, private individuals, and businesses, offering a comprehensive range of services from sound and lighting to live streaming and stage setups. Their market position is strong within the local event rental sector, supported by a professional website and active social media presence. Technically, the website is built on OpenCart with a modern theme and integrates popular analytics and marketing tools, though performance is somewhat slow. Security is adequate with HTTPS and strong cipher suites but lacks advanced configurations like HSTS and DMARC, which are recommended for improvement. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy, with clear contact information and positive customer testimonials.

Y

Yelp

yelp.ch

0

Yelp.ch is a localized German-language website serving the Swiss market, providing user-generated reviews and recommendations for local businesses such as restaurants, shopping, nightlife, and wellness services. The platform operates under Yelp Inc., a well-established company founded in 2004, with a strong market position as a leading local business review platform. The website offers extensive business listings, search functionality, and advertising services for business owners. Technically, the site uses modern web technologies including React and GraphQL, hosted primarily on Amazon AWS infrastructure. However, performance is hindered by slow load times and a large page size. Security posture is weakened by an invalid SSL certificate and lack of HTTPS enforcement, absence of security headers, and no HSTS policy, which are critical areas for improvement. Privacy compliance is strong, with comprehensive privacy and cookie policies and GDPR adherence. Overall, the site is professional, trustworthy, and content-rich but requires urgent security enhancements to protect users and maintain trust.

Y

Yelp

yelp.fi

0

Yelp.fi is the Finnish localized version of Yelp, a leading online platform providing user-generated reviews and business listings primarily for the Helsinki area. The website offers extensive content including business categories, user reviews, and search capabilities for local services. It targets consumers seeking trusted local business information and provides business owners with advertising and management tools. The platform is built on modern web technologies including React and is hosted on Amazon AWS infrastructure with CDN support. While the site demonstrates strong content quality, branding consistency, and good privacy compliance with GDPR, it suffers from an invalid SSL certificate and lacks support for modern TLS protocols, which impacts its security posture. Security headers and content security policies are implemented, but some CSP directives allow unsafe inline scripts, which could be improved. Overall, the site is professional and trustworthy but should address SSL and TLS issues to enhance security and user trust.

Y

Yelp

yelp.com.au

0

Yelp is a well-established enterprise-level online platform specializing in local business reviews and recommendations, targeting consumers seeking trusted information about restaurants, services, and entertainment. The website leverages modern React technology and is hosted on a robust AWS CloudFront infrastructure, ensuring scalability and global reach. While the site demonstrates good content quality, clear navigation, and mobile optimization, the SSL certificate is currently invalid or missing, which poses a significant security risk. Security headers are properly configured, but enhancements such as OCSP stapling and session resumption are recommended. Privacy and cookie policies are present, though GDPR compliance is limited, reflecting the Australian market focus. Overall, Yelp maintains a strong business credibility and technical foundation but should prioritize resolving SSL issues and enhancing privacy compliance to improve trust and security posture.

F

Fietsvoordeelshop.nl

fietsvoordeelshop.nl

0

Fietsvoordeelshop.nl is a mature and well-established Dutch bicycle retailer offering a wide range of bicycles including electric, city, cargo, and sports bikes, supported by 33 physical stores across the Netherlands. The business model combines e-commerce with brick-and-mortar retail, targeting consumers seeking quality bicycles and accessories. The website demonstrates excellent content quality, professional design, and clear navigation, supported by strong trust signals such as customer testimonials and Trustpilot integration. Technically, the site uses a modern tech stack including Laravel, nginx, Google Tag Manager, and various JavaScript libraries. Hosting is provided by Amazon AWS, and the site is mobile-optimized with good SEO practices. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS support, severely impacting the security posture. Security headers are properly configured, and security best practices like CSRF tokens and reCAPTCHA are implemented, but the lack of HTTPS and TLS protocols is a major vulnerability. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Contact information is available, though no explicit security or incident response policies are published. Overall, the website is trustworthy and professional but requires urgent remediation of SSL/TLS issues to protect user data and improve security compliance.