Security Directory

S

Spar- und Leihkasse Wynigen AG

slwynigen.ch

0

Spar- und Leihkasse Wynigen AG is a small, independent regional bank based in Switzerland, established in 1929. The bank offers a range of financial services including savings, loans, mortgages, and digital banking solutions such as E-Banking and mobile apps. The website reflects a strong regional focus with personalized customer service as a key differentiator. Technically, the site is built on Joomla CMS, hosted behind Cloudflare, and integrates third-party services like Google Tag Manager and Mapbox. However, the website suffers from significant security shortcomings, notably the absence of a valid SSL certificate and lack of modern TLS protocols, which undermines user trust and data protection. DNS records are properly configured with SPF and DMARC, indicating some email security awareness. Cookie consent mechanisms are implemented in compliance with GDPR, enhancing privacy transparency. Overall, the site demonstrates good business professionalism but requires urgent security improvements to protect customer data and maintain regulatory compliance.

E

Ersparniskasse Speicher

ersparniskassespeicher.ch

0

Ersparniskasse Speicher is a small, regional banking institution based in Switzerland, founded in 1819, serving the local community of Speicher and surrounding areas. It offers traditional banking services such as savings accounts, mortgage lending, and e-banking. The website reflects a well-established local bank with a strong historical presence and community focus. Technically, the website is built on WordPress with standard web technologies including jQuery and Google Maps integration. However, the site suffers from significant security shortcomings, including the absence of a valid SSL certificate and lack of modern TLS protocols, which exposes users to potential risks. The site also lacks visible cookie consent mechanisms and formal security or incident response policies, indicating gaps in compliance and security maturity. Overall, while the business is well-positioned locally with clear contact information and good content quality, the digital security posture requires urgent improvements to protect customer data and enhance trust.

B

Bitpanda

pantos.io

0

Pantos is a blockchain interoperability project under the Bitpanda ecosystem, focused on enabling multi-blockchain token transfers including fungible tokens, NFTs, and DeFi applications. The project is research-driven with collaborations from academic institutions and emphasizes open source development and community involvement. Technically, the website leverages modern JavaScript frameworks and analytics tools but suffers from critical SSL misconfiguration that undermines secure communications. The DNS and email configurations are properly set with SPF and Cloudflare DNS, but the lack of valid SSL and security headers presents a significant risk. Privacy and cookie policies are well implemented, reflecting good compliance with GDPR standards. Overall, Pantos shows strong business and technical foundations but requires urgent security improvements to protect user trust and data integrity.

L

Link11 - Always at your side

link11.com

0

Security assessment completed with an overall score of 50/100 (unknown risk). 6 high-priority issues should be addressed promptly. Total of 21 security findings identified across all modules.

M

M-Wert GmbH

m-wert.de

0

M-Wert GmbH is an independent real estate valuation company operating nationwide in Germany, affiliated with the parent company MünchenerHyp. The company specializes in providing market and mortgage value appraisals, value analyses, and economic feasibility calculations primarily for banks and financial institutions. Their services include property inspections and they maintain multiple regional offices to ensure local presence. The website reflects a professional and consistent brand image with certifications from recognized industry bodies such as HypZert and RICS, enhancing their market credibility. Technically, the website is built on WordPress with common libraries like jQuery and GSAP, optimized for mobile but suffers from slow load times and lacks modern SSL/TLS security configurations. Security posture is weak due to absence of valid SSL certificates and missing security headers, exposing the site to potential risks. Overall, the company maintains a moderate trust level with room for improvement in digital security and privacy compliance.

S

SoftBank Latin America Fund

latinamericafund.com

0

SoftBank Latin America Fund is a large investment fund established in 2019 by the SoftBank Group to partner with and support technology companies and entrepreneurs in Latin America. The fund focuses on providing capital and hands-on support including talent acquisition, product development, marketing, and governance to foster growth in the region. The website presents a professional and consistent brand image with clear business descriptions and physical office addresses in Miami, Mexico City, and São Paulo. Technically, the site is built on modern React and Gatsby frameworks, leveraging Google Tag Manager and Cookiebot for analytics and cookie consent management. However, the security posture is weak due to an invalid SSL certificate and lack of modern TLS protocols, which undermines trust and exposes visitors to risks. Security headers are partially implemented but critical improvements are needed to meet best practices. Overall, the site demonstrates good digital maturity but requires urgent remediation of SSL and security configurations to ensure safe user interactions and compliance with privacy regulations.

S

SoftBank Vision Fund

visionfund.com

0

SoftBank Vision Fund is a leading global technology investment fund focused on supporting founders with capital and ecosystem advantages to build market-leading companies. The website presents a strong brand identity and comprehensive business information, targeting founders, investors, and technology companies. Technically, the site is built on modern frameworks such as Next.js and React, hosted on Microsoft Azure infrastructure, and integrates video content and cookie consent mechanisms. However, the site suffers from a critical security issue with an invalid or missing SSL certificate, despite having HSTS enabled and no major SSL vulnerabilities detected. Privacy and cookie policies are comprehensive and GDPR compliant, with minimal user tracking by default. Overall, the website demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL issues to ensure secure user connections.

F

Feira na Rosenbaum

feiranarosenbaum.com.br

0

Feira na Rosenbaum is a Brazilian cultural and design event platform that showcases independent Brazilian artists and designers through fairs and an online presence. The website serves as a portal to promote the event, artists, and related news, targeting audiences interested in Brazilian design and culture. The business operates in a niche market with a small size and focuses on promoting Brazilian identity through design. Technically, the website is built on an outdated WordPress CMS version 4.8.25, hosted on solisys.net.br, and uses common web technologies such as Google Analytics and Font Awesome. Performance is slow with a high load time, but mobile optimization and SEO are reasonably good. Security posture is weak, with no valid SSL certificate, no modern TLS protocols, and no security headers or DNS security features implemented. There is a lack of privacy, cookie, and terms of service policies, which impacts compliance and trust. Overall, the site is functional for its business purpose but requires significant security and compliance improvements.

D

designweekend.com.br

designweekend.com.br

0

Security assessment completed with an overall score of 50/100 (unknown risk). 9 high-priority issues should be addressed promptly. Total of 21 security findings identified across all modules.

A

AEARV - Associação dos Engenheiros e Arquitetos Região Vinhedos

aearv.com.br

0

AEARV is a small regional professional association based in Brazil, serving engineers and architects in the Região dos Vinhedos area. The website provides information about membership, benefits, events, and congresses, targeting local professionals and supporters. The digital infrastructure is built on WordPress with common plugins and hosted by Locaweb. However, the site lacks a valid SSL certificate and modern security configurations, exposing it to risks related to data confidentiality and integrity. No privacy or cookie policies are present, which may impact compliance with data protection regulations. The contact information is clearly presented, including phone, email, and physical address, along with social media links to Facebook, Instagram, and WhatsApp.

A

ALADI – Asociación Latinoamericana de Diseño

disenioaladi.org

0

ALADI – Asociación Latinoamericana de Diseño is a non-profit organization dedicated to promoting design culture and activities across Latin America. The website serves as a platform for sharing news, events, congresses, and assemblies related to design, targeting design professionals and cultural institutions in the region. The business model focuses on community engagement, event organization, and media dissemination to strengthen the Latin American design ecosystem. Technically, the website is built on WordPress with common plugins for social media integration, galleries, and analytics. However, the site suffers from an invalid SSL certificate and lacks advanced security configurations, which poses risks to user data and trust. Performance is slow, and there is no visible cookie or privacy consent mechanism, indicating compliance gaps. Overall, the site is functional and content-rich but requires significant improvements in security and privacy to meet modern standards.

U

Uniftec

ftec.com.br

0

Uniftec is a prominent educational institution in Brazil offering a wide range of courses including undergraduate, postgraduate, technical, and extension programs primarily through online and in-person modalities. It operates multiple physical units and polos across Brazil, serving a large student base. The website is built using modern web technologies such as React, Next.js, and Material-UI, hosted on AWS and integrated with VTEX e-commerce platform. Despite a good content quality and user experience, the website suffers from critical security issues including lack of a valid SSL certificate and absence of modern TLS protocols, which exposes users to risks. Privacy policies and terms of service are present but basic, and there is no cookie consent mechanism detected. The site uses Google Tag Manager for analytics and tracking, with moderate user tracking levels. Overall, the business is well positioned in the education sector in Brazil but needs urgent improvements in security posture to protect user data and enhance trust.

L

Lagutogel

raizproject.com

0

Lagutogel operates as an online platform focused on providing live and updated Hong Kong lottery results, including Pengeluaran HK 4D and Data HK Pools. The website targets Indonesian lottery players and enthusiasts, offering official lottery data and affiliate links to gambling platforms. The business model revolves around data provision and affiliate marketing within the gambling sector. Technically, the site is built using the AMP framework to optimize mobile performance, hosted via Cloudflare, but suffers from slow load times and lacks a valid SSL certificate, which undermines security and user trust. Security posture is weak, with no HTTPS, no security headers, and missing DNS and email security configurations. Overall, the site demonstrates moderate content quality and branding consistency but lacks critical privacy and security policies, exposing it to compliance and trust risks.

4

4ED

4ed.cc

0

4ED is a Brazilian design school offering a broad range of online and in-person courses across multiple design disciplines including graphic, UX/UI, marketing, architecture, and product design. Established in 2011 and based in Porto Alegre, it serves students, professionals, and corporate clients with a comprehensive educational portfolio. The website demonstrates a mature digital presence with extensive use of WordPress, WooCommerce, and Elementor, complemented by advanced marketing and analytics tools such as Google Analytics, Facebook Pixel, and Bing UET. However, the absence of a valid SSL certificate on the main domain represents a significant security risk that could undermine user trust and data protection efforts. While privacy and cookie policies are well implemented and GDPR compliant, there is no explicit security or incident response policy publicly available. Overall, 4ED maintains a strong market position in design education in Brazil but should prioritize improving its security posture to safeguard its digital assets and user data.

C

Centro Brasil Design

cbd.org.br

0

Centro Brasil Design is a Brazilian design hub focused on fostering design culture through inspiration, information, and connection of its members. It operates as a medium-sized organization with a strong presence in the design community, offering services such as design awards, project management, and international representation, notably for the iF Design Award. The website is built on WordPress and integrates various plugins for SEO, social media feeds, and cookie consent, but suffers from a lack of HTTPS security due to an invalid or missing SSL certificate. This exposes the site to potential security risks and undermines user trust. While privacy and cookie policies are well implemented and GDPR compliant, the absence of terms of service and security policies indicates gaps in compliance and transparency. Social media integration is robust, enhancing the organization's outreach and engagement.

U

Unisinos

unisinos.br

0

Unisinos is a private Jesuit university in Brazil offering a wide range of educational programs including undergraduate, graduate, MBA, specialization, extension, and distance learning courses. It holds a strong market position as one of the top private universities in Brazil with over 55 years of history and numerous international partnerships. The institution is maintained by Associação Antônio Vieira (ASAV), a non-profit entity certified as a social assistance beneficent entity. The website reflects a comprehensive academic offering with clear navigation and strong branding consistency. Technically, the site is built on Joomla CMS with Helix3 framework and hosted likely on Microsoft Azure, but suffers from poor SSL/TLS configuration and slow performance.

U

Universidade de Caxias do Sul

ucs.br

0

Universidade de Caxias do Sul (UCS) is a large Brazilian higher education institution offering a wide range of academic programs including undergraduate, graduate (MBA, specialization, masters, doctorate), extension courses, and research activities. The university serves students, researchers, and the academic community primarily in Brazil, with a strong regional presence and comprehensive institutional offerings. The website reflects a well-branded and content-rich portal designed to support academic and institutional communication. Technically, the website employs a traditional tech stack including jQuery, Bootstrap, Google Tag Manager, Google Analytics, and Facebook Pixel for analytics and marketing. Accessibility is enhanced by the Hand Talk plugin for sign language translation. However, the site suffers from slow performance and lacks modern CMS or hosting provider disclosures. The SSL configuration is poor, with no valid certificate and no modern TLS protocols enabled, exposing users to security risks. From a security perspective, the site lacks critical security headers, DNSSEC, HSTS, and OCSP stapling. While no active vulnerabilities like Heartbleed or POODLE are detected, the absence of a valid SSL certificate and security best practices significantly lowers the security posture. Privacy and cookie policies are not found, and no consent mechanisms are evident, indicating compliance gaps. Overall, UCS's website is a professionally designed academic portal with good content and branding but requires urgent improvements in security infrastructure and privacy compliance to protect users and enhance trust.

S

Serviço Florestal Brasileiro

florestal.gov.br

0

Serviço Florestal Brasileiro is a Brazilian federal government agency dedicated to forest management, environmental regularization, and sustainable forest development. The website serves as an official portal providing information, services, and transparency related to forestry policies and programs. It targets citizens, government entities, and environmental stakeholders, positioning itself as a key government entity in Brazil's environmental governance. Technically, the site is built on the Plone CMS and integrates with the gov.br platform, using various modern web technologies and accessibility tools. However, the site suffers from critical security shortcomings, including the absence of a valid SSL certificate and missing DNS records, which pose risks to secure communications and domain resolution. The site implements cookie consent mechanisms and privacy policies, but overall security posture is weak. Social media presence is strong, enhancing outreach and transparency. Performance is slow, indicating potential optimization needs.

A

ABD – Associação Brasileira de Designers de Interiores

abd.org.br

0

ABD – Associação Brasileira de Designers de Interiores is a well-established Brazilian professional association serving over 15,000 members for more than 44 years. The organization focuses on supporting interior designers through professional development, consulting services, exclusive benefits, educational courses, and events. Their digital presence is built on WordPress with Elementor, providing a modern and user-friendly website experience. However, the site suffers from slow performance and lacks critical security configurations such as a valid SSL certificate and security headers. Analytics and marketing tools like Google Tag Manager and Facebook Pixel are actively used, indicating a moderate level of digital maturity. Despite a strong brand presence and social media engagement, the absence of privacy and cookie policies, as well as security policies, represents compliance and trust gaps.

Security assessment completed with an overall score of 50/100 (unknown risk). Total of 6 security findings identified across all modules.

M

Movelsul Brasil

movelsul.com

0

Movelsul Brasil operates the largest furniture fair in Latin America, targeting retailers, importers, architects, and designers in the furniture manufacturing and retail sectors. Established in 1977 and organized by Sindmóveis Bento Gonçalves, it holds a strong market position as a key event for business networking and industry innovation. The website supports multilingual access and provides comprehensive event information, exhibitor services, and visitor resources. Technically, the site is built on WordPress with a variety of plugins for SEO, analytics, and user engagement, hosted by KingHost. While the SSL certificate is valid, some security enhancements are recommended, including enabling HSTS and DMARC records. The site employs extensive tracking and advertising tools, including Google and Facebook pixels, with GDPR cookie consent mechanisms in place but lacks a dedicated privacy policy page. Overall, the digital presence is professional and trustworthy but could improve in performance and security posture.

R

Renna

renna.com.br

0

Renna is a Brazilian manufacturing company specializing in furniture components with over 20 years of market presence. The company offers a wide range of products including telescopic rails, pistons, power towers, LEDs, handles, and furniture feet, targeting furniture manufacturers and retailers. Their website reflects a medium-sized business with consistent branding and a good content quality level. Technically, the site uses common web technologies such as jQuery, Bootstrap, and Owl Carousel, hosted on Microsoft Azure DNS infrastructure. However, the website suffers from slow performance and lacks a valid SSL certificate, which impacts security and user trust. The presence of multiple marketing and analytics tools indicates moderate digital maturity but also raises privacy considerations. Security posture is weak due to invalid SSL, lack of modern TLS protocols, and misconfigured SPF records. No explicit privacy, cookie, or terms of service policies were found, though LGPD consent checkboxes are present in forms, showing some compliance awareness. Overall, Renna's digital presence supports its business operations but requires significant security and compliance improvements to enhance trust and protect user data.

A

Akeo

akeo.com.br

0

Akeo is a Brazilian manufacturing company specializing in furniture accessories and edge banding tapes, with over 40 years of market experience. The company offers a diverse product portfolio including aluminum and plastic handles, profiles, feet for counters, appliques, and organizers, alongside customized solutions emphasizing innovation and sustainability. Their target market includes furniture manufacturers and designers seeking quality and differentiated products. Technically, the website employs modern front-end technologies such as Bootstrap, jQuery, and animation libraries, with hosting infrastructure linked to Google Cloud DNS services. However, the site lacks a valid SSL certificate and modern TLS support, exposing it to security risks. The presence of SPF and DMARC records indicates some email security awareness, but DNSSEC and other security headers are missing. Privacy and cookie policies are present with consent mechanisms, but terms of service and incident response information are absent. Overall, the digital maturity is moderate with room for security and compliance improvements.

E

ERROR: The request could not be satisfied

duratexmadeira.com.br

0

The website duratexmadeira.com.br currently serves an error page indicating a 403 Forbidden status, likely due to traffic or configuration issues on the CloudFront CDN. No business content, metadata, or structured data is accessible, preventing extraction of company details or services. The DNS setup uses Amazon AWS infrastructure with multiple A records and MX records pointing to duratex.com.br mail servers, suggesting affiliation with the Duratex group in Brazil. The SSL configuration supports modern TLS protocols but lacks advanced security features such as HSTS, OCSP stapling, DNSSEC, and certificate transparency compliance. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available on the page. Overall, the website's digital presence is minimal and inaccessible, indicating either a misconfiguration or restricted access.

4

403 Forbidden

interprint.com

0

The website interprint.com currently displays a 403 Forbidden error page with no accessible content, metadata, or business information. This limits the ability to analyze the company's business model, services, or market position. The DNS configuration shows valid MX records and SPF/DKIM/DMARC policies indicating some email security hygiene. The SSL configuration supports TLS 1.2 with a strong cipher but lacks modern features such as TLS 1.3, HSTS, OCSP stapling, and DNSSEC, which are recommended for enhanced security. No privacy, cookie, or terms of service policies are found, and no contact or social media information is available on the site. Overall, the website is not currently providing any meaningful content or user engagement capabilities.

O

Ondaweb

ondaweb.com.br

0

Ondaweb is a small digital agency based in Brazil specializing in website creation, SEO, social media management, and e-commerce solutions, particularly Magento stores. With over 14 years of experience, the company positions itself as a creative and functional web development partner for businesses seeking digital presence enhancement. The website is built on WordPress using a custom theme and optimized with LiteSpeed Cache, indicating a moderate level of technical maturity. The presence of Google Tag Manager and advertising pixels shows active marketing and analytics integration. Security posture is basic with a valid SSL certificate but lacks advanced security headers and DNSSEC. No explicit privacy or cookie policies were found, which may pose compliance risks. Contact is facilitated primarily through web forms with no direct email or phone contacts displayed. Overall, the website demonstrates good design and user experience but could improve in security and compliance transparency.

O

Orchestra Brasil

orchestrabrasilmoodle.com.br

0

Orchestra Brasil operates an online educational platform focused on promoting exports, targeting industry professionals and designers in Brazil. The platform is built on the Moodle LMS system and offers segmented courses tailored to its audience. Despite a clear business focus and consistent branding, the website lacks critical security infrastructure such as a valid SSL certificate and modern TLS protocols, which exposes users to potential risks. The site also does not provide visible privacy or cookie policies, limiting compliance with data protection regulations. Technically, the platform uses established web technologies but suffers from slow load times and basic mobile optimization. Overall, the business shows potential in its niche educational market but requires significant improvements in security and compliance to build trust and ensure user safety.

C

CNI - Confederação Nacional da Indústria

sistemaindustria.com.br

0

The website sistemaindustria.com.br serves as the official portal for the CNI - Confederação Nacional da Indústria, the primary representative body for the Brazilian industrial sector. It provides comprehensive information, news, publications, and services related to industry advocacy, education, innovation, and statistics. The portal targets industry stakeholders, policymakers, and the general public interested in Brazil's manufacturing and industrial landscape. The business model is non-profit and focused on promoting industrial growth and competitiveness in Brazil. The site maintains a strong market position as the leading industry confederation in the country, supported by a large organizational size and extensive content offerings.

B

BuiltByGo LTD

builtbygo.com

0

BuiltByGo LTD is a small technology company based in England specializing in digital transformation services. Their core offerings include managed infrastructure and bespoke development services aimed at empowering businesses to thrive in a rapidly evolving digital landscape. The company positions itself as a trusted partner for businesses seeking tailored technology solutions. Technically, the website is built on WordPress using Oxygen Builder and leverages modern web technologies such as jQuery and LiteSpeed Cache. Hosting and DNS services are provided via Cloudflare, enhancing performance and security. The website demonstrates good design quality, mobile optimization, and SEO practices, though some accessibility features are basic. From a security perspective, the site has a valid SSL certificate but lacks important security headers, HSTS, and DMARC policies, which are critical for enhancing security posture and email protection. No explicit privacy, cookie, or terms of service policies were found, indicating potential compliance gaps. Overall, the security score is moderate with recommendations to improve HTTPS security, email authentication, and publish formal security and privacy policies.

C

Cyncly

cyncly.com

0

Cyncly is a large, England-based software company specializing in end-to-end design software solutions for the spaces-for-living industries such as kitchen, bathroom, furniture, flooring, windows & doors, and manufacturing. The company offers a comprehensive integrated platform that connects designers, retailers, and manufacturers to a vast product content repository, enabling streamlined design, sales, manufacturing, and installation processes. With a strong market presence supporting 70,000 customers globally, Cyncly positions itself as a leader in transforming industry workflows and accelerating business operations. Technically, the website leverages modern web technologies including Alpine.js, Tailwind CSS, and integrates multiple marketing and analytics tools such as Google Tag Manager, Microsoft Application Insights, Marketo, Optimizely, and Cookiebot. The site is hosted behind Cloudflare, providing DNS and CDN services. However, a critical security gap is the absence of a valid SSL certificate and lack of HTTPS support, which undermines secure communications and user trust. From a security perspective, the domain has well-configured SPF and DMARC records to protect email integrity, but lacks advanced DNS security features like DNSSEC and CAA. The website employs a robust cookie consent mechanism compliant with GDPR, but no explicit security or incident response policies are publicly available. The extensive use of third-party tracking and marketing tools indicates a high level of user data collection and tracking. Overall, while Cyncly demonstrates strong business and technical maturity with excellent content quality and user experience, the lack of HTTPS and valid SSL certificate represents a significant security risk. Strategic improvements in web security infrastructure and transparency around security policies are recommended to enhance trust and compliance.

20-20 Technologies Inc. operates the 2020spaces.com website, providing end-to-end software solutions tailored for designers, manufacturers, and retailers. The company offers a broad portfolio including interior design software, manufacturing solutions, and retail space planning tools, positioning itself as a comprehensive technology provider in the design and manufacturing sectors. Their market presence is supported by a well-structured website with multilingual support, extensive product information, and active engagement channels including social media and events. Technically, the site is built on WordPress with a mature tech stack including Gravity Forms, Yoast SEO, and marketing integrations such as Marketo and Bizible. Performance is moderate with room for optimization, and mobile usability is good. Security posture is basic with TLS 1.2/1.3 support and no critical vulnerabilities detected, but lacks advanced security headers and mechanisms like HSTS and OCSP stapling. Privacy and cookie policies are present with consent mechanisms, but no explicit security or incident response policies are found. Overall, the site reflects a professional and trustworthy digital presence aligned with its business objectives.

Mozaik operates a specialized webstore offering subscription-based software products and online training services primarily targeting businesses and professionals in the technology sector. The company maintains a focused market position with a clear business model centered on software subscriptions and training. Their digital presence is built on a WordPress platform with WooCommerce, integrating multiple marketing and analytics tools to support customer engagement and sales. The website demonstrates good content quality and consistent branding, with clear trust signals such as SSL encryption and cookie consent mechanisms. Technically, the infrastructure leverages modern web technologies including TLS 1.3, Google Tag Manager, Facebook Pixel, and Authorize.Net for payment processing. However, performance is suboptimal with slow page load times and a large page size, indicating potential areas for optimization. Security configurations are basic; while TLS protocols are up to date and no major vulnerabilities like Heartbleed are present, the absence of HSTS, DNSSEC, and OCSP stapling reduces the overall security posture. From a security perspective, the site lacks explicit security policies and incident response information, which could be a concern for compliance and trust. Cookie management is robust with Cookiebot providing detailed cookie declarations and consent management, supporting GDPR compliance. The extensive use of third-party marketing and analytics services indicates a high level of user tracking, which is managed transparently through consent mechanisms. Overall, Mozaik's website reflects a mature e-commerce operation with strong marketing integration but could benefit from enhanced security practices and performance improvements. Strategic recommendations include implementing advanced security headers, optimizing site speed, and publishing clear security and incident response policies to bolster trust and compliance.

C

Compusoft Group

compusoftgroup.com

0

Compusoft Group is a leading provider of specialized software solutions for the kitchen, bathroom, furniture, window, and door industries. Their portfolio includes design, presentation, business management, and production software, targeting professionals who require efficient and accurate tools to streamline their workflows. The company operates globally with a strong presence in over 100 countries and serves a large customer base, positioning itself as a key player in the configurable product software market. As a subsidiary of Cyncly, Compusoft benefits from a broader corporate ecosystem enhancing its market reach and technological capabilities. Technically, the website is built on WordPress with a comprehensive set of modern web technologies and analytics tools, including Google Analytics, Cookiebot for consent management, and various marketing and tracking integrations. The site demonstrates good performance and mobile optimization, although the page load time is relatively slow, likely due to extensive resources and scripts. Security-wise, the site employs a valid SSL certificate with HSTS enabled, SPF and DMARC records are properly configured, indicating a strong email security posture. However, the absence of DNSSEC and CAA records suggests room for improvement in DNS security. No explicit security or incident response policies are publicly available, which could be a gap in transparency. Overall, the website reflects a mature digital presence with robust privacy and cookie management practices, extensive tracking for marketing and analytics, and a professional, consistent brand image. The risk profile is moderate, with recommendations to enhance DNS security and publish clear security policies to improve trust and compliance.

P

Promob Softwares Solutions

promob.com

0

Promob Softwares Solutions is a leading software developer specializing in the furniture sector, recognized as the largest in the world for this industry. Their comprehensive suite of software solutions covers design, production, sales, and education, targeting a broad audience including carpentry shops, factories, furniture stores, designers, architects, and educational institutions. The company emphasizes innovation and integration across the furniture production and sales lifecycle. Technically, the website is built on a modern WordPress platform using Elementor, supported by a robust tech stack including jQuery, JetElements, and various marketing and analytics tools. The hosting infrastructure leverages Azure DNS services, and the site employs modern SSL protocols (TLS 1.3 and 1.2) with OCSP stapling, ensuring secure communications. Performance is moderate with good mobile optimization and accessibility. From a security perspective, the site implements SPF and DMARC (though with a 'none' policy), uses Cookiebot for GDPR-compliant cookie consent, and shows no major SSL vulnerabilities. However, improvements such as enabling HSTS, DNSSEC, and a stricter DMARC policy could enhance security. No explicit security or incident response policies were found. Overall, Promob demonstrates a mature digital presence with strong business positioning and technical infrastructure. The extensive use of third-party analytics and marketing tools indicates a sophisticated approach to user engagement and data-driven marketing, balanced with compliance mechanisms. Strategic recommendations include enhancing security headers, improving compliance policies, and establishing clear incident response protocols.

D

Dinamize Informática Ltda

dinamize.com

0

Dinamize Informática Ltda is a Brazilian technology company specializing in digital marketing automation and customer relationship management (CRM) solutions. Their platform offers comprehensive services including email marketing, WhatsApp marketing, landing pages, CRM, and e-commerce integrations, targeting businesses seeking to enhance lead generation and sales conversion. With over 12,000 clients and a strong partner network, Dinamize holds a significant position in the marketing technology sector in Brazil. Technically, the website is built on WordPress using Elementor and JetMenu plugins, hosted on Amazon AWS infrastructure. The site employs modern web technologies and SEO tools like Yoast SEO and performance optimizations via WP Rocket. However, the SSL configuration is currently invalid, lacking modern TLS protocols and security headers, which poses a risk to secure communications. From a security perspective, the company has implemented proper email security measures such as SPF and a strict DMARC policy. Cookie consent mechanisms are in place, reflecting compliance with privacy regulations including GDPR. Nonetheless, the absence of a valid SSL certificate and lack of explicit security or incident response policies indicate areas for improvement in their security posture. Overall, Dinamize demonstrates a mature digital presence with strong business and technical foundations but should prioritize enhancing their SSL/TLS security and formalizing security policies to strengthen trust and compliance.

The website phonetrack.com currently serves an error page indicating that the site did not send any data. There is no visible business information, metadata, or structured data to describe the company or its services. The embedded scripts are primarily related to the Chrome offline dinosaur game, suggesting no active business content is served. The technical infrastructure shows multiple IP addresses but lacks proper DNS records such as MX or NS, and critically, the site does not have a valid SSL certificate or HTTPS enabled, exposing it to security risks. Performance is poor with a very slow load time and no content delivered. No privacy, cookie, or terms of service policies are present, and no contact or social media information is available. Overall, the site is non-functional from a business and security perspective.

Y

YOKOY.COM

yokoy.com

0

YOKOY.COM is a minimalistic business landing page primarily designed to facilitate contact inquiries. The site offers a contact form with fields for name, email, phone, and message, protected by Google reCAPTCHA v2 to mitigate spam. The business description is limited to a brief invitation for business inquiries, with no additional information on services, market positioning, or company background. Technically, the site employs common web technologies including Bootstrap, jQuery, Font Awesome, and Google Fonts, hosted on Efty infrastructure. Performance is suboptimal with a load time exceeding 6 seconds, and SEO and accessibility optimizations are basic. Security posture is moderate; TLS 1.3 and 1.2 are supported with OCSP stapling enabled, but critical security enhancements such as HSTS, DNSSEC, CAA, and DMARC are missing. The SSL certificate is nearing expiration and lacks certificate transparency compliance. No privacy, cookie, or terms of service policies are present, indicating potential compliance gaps. Overall, the site serves a narrow purpose with limited business and security maturity.

R

Reachdesk

reachdesk.com

0

Reachdesk is a leading global B2B gifting and swag platform that enables businesses to send personalized gifts and branded merchandise worldwide. Positioned as a market leader, Reachdesk offers a comprehensive suite of services including personalized gifting, swag sourcing, employee engagement, creative services, global warehousing, and event fulfillment. The platform integrates with major CRM and marketing tools to drive ROI and enhance customer and employee relationships. Technically, the website is built on HubSpot CMS and hosted on AWS, leveraging a modern tech stack with extensive marketing and analytics integrations. However, the security posture reveals critical issues such as an invalid SSL certificate and disabled TLS protocols, which pose risks to secure communications. While security best practices like SPF and DMARC are properly configured, the absence of a valid SSL certificate and modern TLS support lowers the overall security score. The website demonstrates excellent design, user experience, and content quality, supported by strong trust indicators including customer testimonials and industry badges. Strategic improvements in SSL and TLS configurations are recommended to enhance security and trust.

T

TriCommerce

tricommerce.com.br

0

TriCommerce is a Brazilian e-commerce platform offering modular and rapid online store solutions tailored for small to medium-sized businesses and retailers. The company provides a range of plans and themes, including B2B and enterprise options, with a focus on ease of use, integration with marketplaces and ERPs, and humanized customer support. Their market position is that of an accessible and comprehensive e-commerce solution provider in Brazil. Technically, the website employs a variety of modern web technologies including jQuery, OwlCarousel, Google Maps API, and integrates marketing and CRM tools such as Sendinblue, RD Station, and Kommo CRM. However, the site suffers from a lack of a valid SSL certificate and does not implement modern TLS protocols, which significantly impacts its security posture. While DNS records for SPF and DMARC are configured, other security best practices like HSTS, DNSSEC, and security headers are missing. The website's performance is slow with a high load time and large page size, though mobile optimization and user experience are good. Overall, the site demonstrates moderate trustworthiness with positive customer reviews and social proof but requires urgent security improvements.

C

Centric Software, Inc.

centricsoftware.com

0

Centric Software, Inc. is an enterprise-level B2B software provider specializing in Product Lifecycle Management (PLM), Planning, Pricing, Market Intelligence, and Visual Boards solutions tailored for brands, retailers, and manufacturers. The company positions itself as a key innovation partner with a strong market presence, serving over 18,800 brands globally with a high customer retention rate and a 100% go-live success rate. Their offerings are AI-driven and designed to optimize product development, pricing, and inventory management while supporting sustainability and compliance goals. Technically, the website is built on WordPress and leverages modern JavaScript libraries such as jQuery and Swiper.js for enhanced user experience. It integrates multiple third-party services including Google Analytics, Facebook SDK, Cookiebot for consent management, and various marketing and tracking platforms. However, the website currently lacks a valid SSL certificate and does not support modern TLS protocols, which is a significant security concern. From a security perspective, the site implements SPF and a strict DMARC policy with reporting, indicating good email security practices. Nonetheless, the absence of HTTPS and related security features like HSTS and OCSP stapling exposes the site to potential risks. The extensive use of tracking and marketing tools suggests a high level of user data collection, managed through a comprehensive cookie consent mechanism. Overall, while Centric Software demonstrates strong business maturity and digital marketing sophistication, it must urgently address its SSL/TLS deficiencies to ensure secure communications and maintain trust. Enhancing its security posture will mitigate risks and align with best practices for enterprise-grade software providers.

C

commercetools GmbH

commercetools.com

0

commercetools GmbH is a leading enterprise-grade commerce platform provider specializing in versatile solutions for B2B, B2C, and omnichannel commerce. The company offers a comprehensive suite of services including commerce platform capabilities, solution hubs, payment and AI hubs, premium support, and expert services. Recognized by top analyst firms such as Gartner and IDC, commercetools holds a strong market position with a global enterprise customer base and a robust partner ecosystem. Their platform is designed to empower enterprises with flexibility, scalability, and innovation acceleration. Technically, commercetools leverages modern JavaScript frameworks, cloud hosting on Amazon AWS, and integrates advanced marketing and analytics tools such as Google Tag Manager, VWO, and OneTrust for cookie consent management. The website demonstrates good performance and mobile optimization, with a consistent and professional design that supports a seamless user experience. The technical infrastructure supports extensive tracking and analytics while maintaining compliance with privacy regulations. From a security perspective, commercetools employs a valid SSL certificate, SPF and DMARC email authentication policies, and uses OneTrust for managing cookie consent, indicating a mature approach to data privacy and security. However, there is room for improvement in enabling HSTS, DNSSEC, and additional security headers to enhance protection against common web threats. No critical vulnerabilities or subdomain takeover risks were detected. Overall, commercetools presents a strong digital presence with a secure and compliant infrastructure, well-aligned with enterprise needs. Strategic recommendations include enhancing transport security with HSTS, implementing DNSSEC, and publishing a vulnerability disclosure policy to further strengthen trust and security posture.

A

Alfahosting GmbH

alfahosting.de

0

Alfahosting GmbH is a well-established German web hosting provider founded in 1999, offering a broad range of hosting services including webhosting, domains, servers, reseller hosting, and office products such as Microsoft 365. Positioned as a market leader with multiple awards and a strong customer satisfaction rating, Alfahosting targets both beginners and professional users in Germany. Their infrastructure is hosted in Germany, emphasizing security, availability, and green IT initiatives. Technically, the website uses modern JavaScript libraries and tracking tools, with a custom CMS and a moderate performance profile. Security posture is good with strong TLS configuration and SPF/DMARC email protections, but lacks DNSSEC, HSTS, and OCSP stapling, which are recommended for improvement. The company demonstrates GDPR compliance with a comprehensive privacy policy and cookie consent mechanism. Overall, Alfahosting presents a professional, trustworthy, and customer-focused digital presence with room for security enhancements.

D

dogado.partners

dogado.partners

0

dogado.partners is a specialized cloud and hosting service provider targeting system houses, web agencies, and ITK companies primarily in Germany. As part of the dogado.group, it leverages over 20 years of experience to offer tailored cloud infrastructure, cybersecurity, backup, and collaboration services through various partner programs. The company positions itself as a reliable partner enabling businesses to build and expand their own cloud and hosting offerings with expert support and flexible solutions. Technically, the website employs modern web standards including TLS 1.3, Google Tag Manager for analytics, and a comprehensive cookie consent mechanism ensuring GDPR compliance. Security posture is solid with ISO 27001 certification and no known SSL vulnerabilities, though improvements such as enabling HSTS, DNSSEC, and DMARC could enhance protection. The site demonstrates high professionalism, excellent content quality, and strong trust signals including a high Trustpilot rating. Overall, dogado.partners presents a mature digital presence aligned with its business goals and compliance requirements.

E

easyname GmbH

easyname.at

0

easyname GmbH is an established Austrian web hosting and domain registration company offering a range of services including webhosting, website builder, VPS hosting, SSL certificates, and digital marketing solutions. The company positions itself as a reliable and customer-focused provider with ISO/IEC 27001 certified data centers, targeting individuals and businesses seeking professional online presence solutions. The website demonstrates good content quality, clear navigation, and consistent branding, supporting a positive user experience and trustworthiness. Technically, the site uses modern JavaScript frameworks such as React and jQuery, integrates Google Tag Manager and a consent management platform, and provides multi-language support. However, the absence of a valid SSL certificate and lack of TLS protocol support represent critical security weaknesses. DNS configurations are mostly well-managed with SPF and DMARC records, but CAA records are malformed and DNSSEC is not enabled. Overall, the security posture is moderate but requires urgent improvements in SSL/TLS deployment and security headers to protect user data and maintain trust.

D

dogado GmbH

dogado.de

0

dogado GmbH is a German cloud service provider founded in 2006, specializing in domains, web hosting, virtual servers, digital office tools, and managed cloud services. The company targets small and medium-sized enterprises, offering a comprehensive portfolio that includes WordPress hosting, Microsoft 365, SSL certificates, and spam protection. With ISO 27001 certification and NIS2 compliance, dogado positions itself as a trusted and secure partner in the German market. The website reflects a mature digital presence with excellent content quality, strong branding consistency, and high customer trust as evidenced by a 4.8 Trustpilot rating from over 2600 reviews. Technically, the website employs modern TLS protocols (1.3 and 1.2), uses Google Tag Manager for analytics, and integrates a GDPR-compliant cookie consent mechanism. The infrastructure includes partner platforms such as CloudPit and secure-mailgate for DNS and mail services. However, performance is somewhat slow with a load time exceeding 11 seconds, indicating room for optimization. The site is well optimized for mobile and accessibility, with good SEO practices. From a security perspective, dogado has implemented SPF and DMARC records, though the DMARC policy is set to 'none', which could be strengthened. The SSL configuration is good but lacks HSTS, OCSP stapling, and DNSSEC, which are recommended for enhanced security. The company demonstrates a strong security posture with ISO certification and compliance efforts but could improve technical security headers and policies. Overall, dogado maintains a solid security and compliance foundation suitable for its business model. Strategically, dogado should focus on improving website performance and enhancing security configurations such as enabling HSTS and DNSSEC. Strengthening DMARC policy and achieving certificate transparency compliance would further reduce phishing risks and improve trust. Continued emphasis on customer service and transparent privacy practices will sustain its market position and customer loyalty.

H

Hund, LLC.

hund.io

0

Hund, LLC. operates a hosted status page and monitoring service platform designed to help organizations monitor their services and communicate incidents effectively. Positioned as a trusted provider for universities, Fortune 500 companies, and smaller enterprises, Hund offers a subscription-based SaaS model with a free trial and a straightforward pricing plan. Their key services include automated status pages, multi-channel notifications, rich metrics, and customizable branding with API access. Technically, the website is hosted on AWS infrastructure, uses modern TLS protocols, and integrates JavaScript libraries including jQuery and Google Tag Manager. Performance is somewhat slow with a large page size and many resources, but mobile optimization and user experience are good. Security posture is solid with strong TLS configuration and SPF/DMARC email protections, though improvements are needed in DNSSEC, CAA records, HSTS, and certificate transparency compliance. The site lacks a cookie consent mechanism despite using tracking tools. Overall, Hund demonstrates a mature digital presence with room for security enhancements and privacy compliance improvements.

R

Retarus GmbH

retarus.com

0

Retarus GmbH is a leading enterprise cloud services provider specializing in secure and efficient digital communication solutions including email, fax, SMS, and EDI. Positioned as a top player in the secure email market and certified under ISO 27001 and HITRUST, Retarus serves a global enterprise clientele with a comprehensive portfolio of cloud-based messaging platforms. Their services emphasize compliance, reliability, and integration with major business ecosystems such as SAP and Microsoft 365. Technically, the website is built on WordPress with modern frameworks and libraries, hosted on Amazon AWS infrastructure, and employs strong security practices including TLS 1.3, OCSP stapling, and SPF/DMARC email authentication. However, there is room for improvement in DNS security and HTTP security headers. The company demonstrates a mature security posture with certifications and a GDPR-compliant cookie consent mechanism, though incident response contact details are not publicly disclosed. Overall, Retarus presents a professional, trustworthy, and technically sound digital presence aligned with enterprise-grade security and compliance standards.

D

Deutsches Stiftungszentrum

deutsches-stiftungszentrum.de

0

Deutsches Stiftungszentrum is a well-established non-profit organization specializing in foundation consulting and management services in Germany. With over 60 years of expertise and a comprehensive network, it offers a broad range of services including foundation establishment, management, asset management, legal advice, and public relations. The website reflects a professional and consistent brand presence targeting foundation founders and managers. Technically, the site is built on Drupal 10 with modern frontend technologies and uses Usercentrics for cookie consent management, ensuring GDPR compliance. Security posture is basic with valid SPF but lacks DMARC, DNSSEC, and HSTS, which are recommended for enhanced protection. Overall, the site demonstrates good digital maturity and trustworthiness but could improve in security hardening and incident response transparency.

I

Institute for Digital Out of Home Media GmbH

idooh.media

0

The Institute for Digital Out of Home Media GmbH (IDOOH) is a German-based industry association dedicated to advancing the digital out-of-home advertising sector. It serves as a central hub for knowledge exchange, standard development, and market research within the DOOH industry. The website reflects a professional and content-rich platform targeting industry professionals and stakeholders, offering insights, events, and educational resources. Technically, the site is built on WordPress with Elementor and several plugins, but suffers from slow performance and lacks a valid SSL certificate, which poses security risks. The security posture is basic with some good practices like SPF and DMARC records, but critical improvements are needed in SSL configuration and security headers. Overall, the site demonstrates moderate trustworthiness and good compliance with GDPR through cookie consent mechanisms.

O

Outsite Media GmbH

outsite-media.de

0

Outsite Media GmbH is a medium-sized German company specializing in out-of-home (OOH) media advertising, offering services such as Riesenposter, Beamboards, Media walls, and Citybanner. Founded in 2007, the company positions itself strongly in the market with a focus on sustainability and green marketing solutions, catering to advertisers and property owners seeking impactful and environmentally conscious advertising options. The website reflects a professional and consistent brand image with good content quality and active social media engagement. Technically, the website is built on WordPress using the Divi theme and several plugins including Revolution Slider, Contact Form 7, and Usercentrics for cookie consent management. SEO is well addressed with Yoast SEO and structured data implementation. However, the site currently lacks a valid SSL certificate and does not support modern TLS protocols, which is a significant security concern. Performance is moderate with a page load time of about 5.5 seconds, and mobile optimization is good. From a security perspective, the absence of HTTPS and security headers, along with missing DMARC and CAA records, exposes the site to potential risks. The presence of a valid SPF record is a positive aspect for email security. Cookie consent is properly managed via Usercentrics, indicating GDPR compliance. No explicit security policies or incident response information are found on the site. Overall, while the business and technical infrastructure are solid for its market niche, urgent improvements in SSL/TLS configuration and security best practices are recommended to enhance trust and protect user data.