Security Directory

S

Stadtgemeinde Amstetten

amstetten.at

0

The website amstetten.at serves as the official online portal for the Stadtgemeinde Amstetten, a municipal government entity in Austria. It provides residents and visitors with comprehensive information about city administration, services, events, and public resources. The site targets local citizens and stakeholders, offering key services such as event announcements, service directories, job postings, and public transportation information. The business model is that of a government entity focused on public service delivery and community engagement. Technically, the website is built on the WordPress CMS platform, utilizing common plugins such as Yoast SEO for search optimization, WP Statistics for analytics, and Complianz for GDPR-compliant cookie management. The site employs Apache as the web server and includes JavaScript libraries like jQuery and RoyalSlider for interactive features. While the site is mobile-optimized and accessible, performance data is incomplete, and the site currently lacks a valid SSL certificate, resulting in no HTTPS support. From a security perspective, the absence of a valid SSL certificate is a critical vulnerability, exposing users to potential data interception risks. The site does not implement modern TLS protocols, HSTS, or OCSP stapling, which are essential for secure communications. However, no known vulnerabilities such as Heartbleed or POODLE were detected. Privacy compliance is strong, with a clear cookie consent mechanism and a comprehensive privacy policy aligned with GDPR requirements. Overall, the website is a well-structured and professionally maintained municipal portal with good content quality and user experience. The primary risk lies in the lack of HTTPS, which should be addressed urgently to protect user data and enhance trust. Strategic recommendations include implementing a valid SSL certificate, enabling modern security protocols, and enhancing security headers to improve the site's security posture and compliance.

I

Insight Technology Solutions, LLC

insighttsi.com

0

Insight Technology Solutions, LLC is a well-established Federal contractor headquartered in the National Capital Region, with over 20 years of experience delivering management consulting, business operations, and engineering solutions to Federal agencies. The company holds multiple government contract vehicles and certifications such as ISO 9001:2015, ISO/IEC 20000-1:2018, and CMMI Maturity Level 3, demonstrating a commitment to quality and compliance. Their target audience primarily includes U.S. government agencies, particularly in sectors like maritime, IT, and cybersecurity services. Technically, the website is built on the Wix platform utilizing modern JavaScript frameworks like React and includes various Wix apps for enhanced functionality. While the site is moderately optimized for performance and basic mobile responsiveness, there is room for improvement in accessibility and SEO practices. The hosting is managed by Wix, with standard security headers present, but the SSL certificate is currently invalid, which poses a significant security risk. From a security perspective, the site implements some best practices such as HSTS and secure cookie attributes but lacks a valid SSL certificate and comprehensive security headers. No vulnerabilities or exposed sensitive data were detected, but the absence of a cookie consent mechanism and privacy compliance indicators suggests partial adherence to privacy regulations. Overall, the website presents a professional and trustworthy image with clear business information and contact details. However, critical security improvements, especially regarding SSL certification and privacy compliance, are necessary to enhance trust and protect user data effectively.

The website feldkirch.at serves as the official municipal portal for the city of Feldkirch, Austria, providing comprehensive information about city services, news, events, and administrative functions. It targets residents, visitors, and local businesses, offering a broad range of public services including housing, registry office, social services, education, culture, and urban development. The site also promotes local subsidiaries and partner organizations, enhancing community engagement and service delivery. Technically, the website is built on the TYPO3 CMS platform and served via an Apache web server. It employs JavaScript for interactive elements and uses Matomo for analytics, respecting user cookie consent. The site is well-structured, mobile-optimized, and accessible, with clear navigation and professional design. However, performance metrics are unavailable, limiting full technical assessment. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability impacting user trust and data security. Security headers are partially implemented but modern TLS protocols and HSTS are missing. No explicit security policies or incident response contacts are provided. Privacy compliance is strong, with a clear cookie consent mechanism and GDPR-aligned privacy policy. Overall, the site is a professionally managed government portal with excellent content quality and business credibility but requires urgent improvements in SSL/TLS security to protect users and enhance trust. Strategic recommendations include immediate SSL certificate installation, enabling HTTPS, and enhancing security headers and protocols.

S

Sport England

sportengland.org

0

Sport England is a UK government-related non-profit organization dedicated to promoting sport and physical activity across England. The website serves as a comprehensive resource hub offering funding opportunities, research data, guidance, and campaigns to support various stakeholders including volunteers, grassroots organizers, schools, and national governing bodies. The organization is primarily funded by the National Lottery, which is prominently acknowledged on the site. The website is professionally designed with clear navigation and strong branding consistency, targeting a broad audience involved in sport and physical activity.

N

NEOS

neos.eu

0

NEOS is a well-established Austrian political party with a strong digital presence and comprehensive content about its programs, members, and activities. The website is professionally designed, mobile-optimized, and provides clear navigation and rich information for its target audience. Technically, the site uses modern frontend technologies such as Alpine.js and Tailwind CSS, and integrates marketing and analytics tools like Google Tag Manager and Microsoft Clarity. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which poses a significant risk to user data and trust. Privacy compliance is generally good, with a clear privacy policy and GDPR consent mechanisms in the newsletter form, but lacks a visible cookie consent banner. Overall, the site is credible and trustworthy but requires urgent security improvements to protect visitors and maintain compliance.

D

Digital Wallonia

digitalwallonia.be

0

Digital Wallonia is the official digital strategy platform for the Wallonia region in Belgium, managed by the Walloon Government. It serves as a comprehensive resource for digital transformation initiatives, programs, and ecosystem mapping in the region. The platform targets businesses, public authorities, and digital stakeholders, providing detailed publications, event agendas, and strategic information. Technically, the site is built on a modern React Static framework, hosted on Amazon infrastructure, and uses Cloudflare DNS services. Despite a valid SSL certificate and no detected vulnerabilities, the site lacks advanced security headers and HSTS, which are recommended for enhanced security. Performance is notably slow, with a page load time exceeding 26 seconds, indicating room for optimization. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, the site demonstrates high business credibility and trustworthiness as a government entity but could improve technical and security aspects to enhance user experience and protection.

Tarian Group, LLC is a large US-based security services provider specializing in guarding services, integrated security technology, risk advisory, and preparedness training. The company targets critical infrastructure, government, healthcare, commercial, and residential sectors, positioning itself as North America’s fastest growing security provider with a client-centric and innovative approach. The website is built on WordPress with the Divi theme and several plugins, showing a modern but somewhat basic technical infrastructure. However, the absence of HTTPS and SSL certificates is a significant security shortfall. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and multiple licensed office locations. The security posture is weak due to lack of HTTPS and missing security headers, but no active vulnerabilities were detected. Overall, the site is professional and trustworthy but requires urgent security improvements.

U

United Nations Commission On International Trade Law

uncitral.org

0

The United Nations Commission On International Trade Law (UNCITRAL) operates as a key intergovernmental organization under the United Nations, focused on developing and harmonizing international trade law frameworks. The website serves as an authoritative resource for legal texts, working documents, technical assistance, and research related to international trade law, targeting governments, legal professionals, and trade stakeholders globally. The organization is well-established with a mature domain and consistent branding aligned with UN standards. Technically, the website is built on Drupal 7 with common web technologies such as jQuery and Bootstrap. While the site demonstrates good content quality, navigation, and mobile optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS enforcement, which severely impacts its security posture. Performance metrics are unavailable, but the technical stack suggests potential modernization needs. Security-wise, the site implements some security headers but fails to provide a valid SSL/TLS configuration, exposing users to risks and undermining trust. Privacy compliance is minimal, with no visible cookie consent mechanisms and only a basic privacy policy linked externally. Contact information is not explicitly provided on the homepage, limiting direct communication channels. Overall, the site is credible and authoritative but requires urgent security improvements to protect users and maintain trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, enhancing privacy and cookie consent mechanisms, and modernizing the technical infrastructure to improve performance and security.

S

SVD Büromanagement GmbH

svdgmbh.at

0

SVD Büromanagement GmbH is a medium-sized Austrian company specializing in providing comprehensive management and support services across multiple sectors including construction, procurement, IT, facility management, printing, information security, payroll, and legal services. The company primarily serves government and social insurance institutions, positioning itself as a key regional player with a strong focus on public sector needs. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its target audience of government agencies, suppliers, and job seekers. Technically, the site employs modern JavaScript libraries such as jQuery 3.6.0 and Jakarta Faces framework, hosted on Apache servers with a CMS likely based on Gentics. However, performance is slow and SSL/TLS security is critically lacking due to an invalid or missing certificate and disabled TLS protocols. Security headers are present but insufficient to compensate for the lack of HTTPS, resulting in a low security posture score. Privacy compliance is strong with comprehensive privacy and cookie policies and an active consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and build trust.

Ö

Österreichische Staatsdruckerei

staatsdruckerei.at

0

The Österreichische Staatsdruckerei (Austrian State Printing House) is a well-established government-related entity specializing in secure identity document production and digital identity solutions. With over 200 years of experience, it holds a strong market position internationally, offering tailored ID products and digital government services. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding consistency. Technically, the site is built on WordPress with modern SEO and analytics tools, but suffers from a critical SSL/TLS misconfiguration that undermines its security posture. Privacy compliance is robust, featuring detailed policies and a consent mechanism. Overall, the business credibility is high, supported by multiple certifications and active social media engagement.

A

Austria Wirtschaftsservice Gesellschaft mbH

awsg.at

0

Austria Wirtschaftsservice Gesellschaft mbH (aws) is the official Austrian federal promotional bank dedicated to fostering innovation and economic growth within Austria. The website serves as a comprehensive portal for Austrian entrepreneurs and companies seeking funding, subsidies, and advisory services. It offers a broad range of programs targeting startups, SMEs, and established companies, with a strong emphasis on energy, sustainability, and internationalization. The site is well-branded, professionally designed, and provides clear navigation and rich content in German, targeting primarily Austrian businesses and innovators. Technically, the website is built on TYPO3 CMS and uses Apache as the web server. It integrates Matomo analytics for privacy-compliant user tracking and employs modern web technologies including CSP and various security headers. However, the SSL/TLS configuration is currently invalid or missing, which is a critical security concern. Performance metrics are not available, but the site appears mobile-optimized and accessible. From a security perspective, while several security headers are implemented, the lack of a valid SSL certificate and disabled TLS protocols significantly reduce the security posture. No explicit security or incident response policies are found on the site. Privacy compliance is strong, with a clear cookie consent mechanism and a comprehensive privacy policy in place, aligned with GDPR requirements. Overall, the site is a credible and professional government service platform with excellent content and user experience but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and improve trustworthiness.

C

Constable Alan Rosen

pct1constable.net

0

The website pct1constable.net represents the Harris County Constable's Office Precinct 1, a government law enforcement entity serving residents and visitors of Harris County, Texas. The site provides detailed information about the office's mission, divisions, community programs, and contact information, positioning itself as a trusted local public safety resource. The business model is that of a government service provider focused on law enforcement and community engagement. Technically, the site is built on WordPress with common plugins such as WPBakery Page Builder, Slider Revolution, and Contact Form 7, and integrates Google Analytics for visitor tracking. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are partially implemented, but modern TLS protocols and HSTS are missing, exposing the site to potential risks. Privacy compliance is weak, with no visible privacy or cookie policies and no consent mechanisms, despite the use of tracking technologies. Overall, the site is functional and informative but requires urgent improvements in security and privacy to meet modern standards.

Ö

ÖSB Consulting GmbH

oesb.at

0

ÖSB Consulting GmbH is a prominent consulting firm specializing in labor market policy and related services in Austria. As part of the ÖSB Group, it holds a strong market position with a broad portfolio including diversity, entrepreneurship, health management, and sustainability consulting. The company serves a diverse audience including businesses, unemployed individuals, and youth, with a focus on innovative and impactful labor market solutions. Technically, the website is built on WordPress with Elementor and uses LiteSpeed hosting and caching technologies, ensuring a modern and responsive user experience. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines trust and data protection. The site employs privacy-conscious analytics and cookie management, aligning well with GDPR requirements. Overall, the business demonstrates professionalism and credibility, but urgent improvements in security infrastructure are necessary.

A

Austria Institut für Europa- und Sicherheitspolitik (AIES)

aies.at

0

The Austria Institut für Europa- und Sicherheitspolitik (AIES) is a well-established independent research institute based in Vienna, Austria, focused on European integration, security, defense, and foreign policy. Founded in 1996, it serves public stakeholders by providing expert analysis, organizing events, and publishing research. The website reflects a professional and content-rich platform targeting policymakers, academics, and the public interested in European and security policy. Technically, the site uses modern frontend technologies such as jQuery, Swiper.js, and Usercentrics for consent management, but suffers from a critical lack of valid SSL/TLS configuration, impacting its security posture. The site is mobile-optimized, accessible, and SEO-friendly, with strong social media integration and clear contact information. Security-wise, the absence of HTTPS and security headers is a significant vulnerability, though no active WAF or blocking mechanisms are detected. WHOIS data confirms domain legitimacy and consistency with the organization's profile. Strategic improvements in SSL deployment and security headers are recommended to enhance trust and compliance.

B

Bischöflich Münstersches Offizialat

bmo-vechta.de

0

The Bischöflich Münstersches Offizialat website serves as an official regional church institution platform providing a wide range of services including church law, pastoral care, education, and prevention of sexualized violence. It targets the Catholic community and church stakeholders in the Oldenburger Land region of Germany. The site is built on TYPO3 CMS and integrates various extensions for search and event management, reflecting a moderate level of digital maturity. However, the absence of HTTPS is a critical security flaw that undermines user trust and data protection. The website lacks a cookie consent mechanism and explicit security or incident response policies, which are important for GDPR compliance and overall security posture. Despite these issues, the site presents professional content with clear navigation and consistent branding, supported by links to reputable church partners.

D

Die Grünen

gruene.at

0

Die Grünen Austria is a well-established political party focused on environmental protection, social justice, and green policies. The website serves as a comprehensive platform for information dissemination, event promotion, and member engagement, targeting Austrian citizens interested in green politics. The site is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, it is built on WordPress with modern frameworks and uses Cloudflare for hosting and CDN services. However, the absence of a valid SSL certificate and HTTPS significantly weakens its security posture. Privacy compliance is well addressed through GDPR-compliant consent management and detailed privacy policies. Overall, the site is trustworthy and credible but requires urgent security improvements.

C

Campaigning Bureau

campaigning-bureau.com

0

Campaigning Bureau is a well-established political campaigning agency based in Austria with offices in Vienna and Berlin. They specialize in movement campaigning, political communication, stakeholder mobilization, and ESG communication, serving political actors, companies, NGOs, and organizations. The company holds a strong market position in Europe, supported by international awards and recognition as a top employer. Technically, the website employs modern tracking and consent management tools such as Google Tag Manager and Truendo CMP, but suffers from slow load times and lacks a valid SSL certificate, which impacts security and user trust. The security posture is basic with no HTTPS and missing security headers, representing a critical vulnerability. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies. Contact information is transparent and complete, enhancing business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and improve trust.

B

BVAEB Versicherungsanstalt öffentlich Bediensteter, Eisenbahnen und Bergbau

bvaeb.at

0

BVAEB is an Austrian government social insurance institution serving public servants, railway workers, and mining employees. It provides comprehensive information and services related to health insurance, accident insurance, pension, and family benefits. The website is well-structured and targets insured persons, employers, and partners within its sector. Technically, the site uses Apache, Jakarta Faces, and modern JavaScript libraries, but suffers from a critical lack of valid SSL/TLS certificates, severely impacting its security posture. Privacy and cookie policies are implemented with consent mechanisms, and contact information is clearly provided. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and comply with modern standards.

W

Wirtschaftsagentur Wien

wirtschaftsagentur.at

0

Wirtschaftsagentur Wien is a well-established government agency founded in 1982, dedicated to supporting economic development in Vienna. The agency offers a comprehensive range of services including free consulting, funding opportunities, event organization, and networking for startups, established businesses, and international companies. Their market position as the official economic development fund of the City of Vienna is strong, supported by consistent branding and a professional online presence. The website is content-rich, multilingual, and targets a broad audience of entrepreneurs and businesses in Vienna. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and includes interactive features such as animated content and a service compass tool.

M

Muséum national d'Histoire naturelle

mnhn.fr

0

The Muséum national d'Histoire naturelle is a prominent French national institution dedicated to natural history research, education, and public exhibitions. It operates multiple sites across Paris and regions, serving a broad audience including families, scientists, educators, and professionals. The website reflects a well-structured, content-rich platform with excellent design and navigation, supporting its mission to disseminate knowledge and engage the public. Technically, the site is built on Drupal 10 with modern web technologies and uses caching and analytics tools such as Varnish, Matomo, and ContentSquare. Mobile optimization and SEO are well addressed, though performance is moderate. However, the critical security weakness is the absence of a valid SSL certificate and disabled TLS protocols, severely impacting secure communications and user trust. Security headers and policies are implemented, but the lack of HTTPS and modern TLS support is a major vulnerability. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact and legal information. Social media presence is official and consistent, enhancing credibility. Overall, the site is professionally managed with strong business credibility but requires urgent remediation of SSL/TLS issues to improve security posture and user trust. Strategic recommendations include installing valid certificates, enabling modern TLS, and enhancing security policies.

C

connex.cc IT-Consulting GmbH

connex.cc

0

connex.cc IT-Consulting GmbH is a well-established Austrian IT consulting firm specializing in the public sector, with over two decades of experience. The company operates as a subsidiary of xrxes.cc Holding GmbH and offers a range of services including IT consulting, business analysis, test management, project management, and project assistance. The website is professionally designed, content-rich, and targets public sector organizations in Austria. Technically, the site is built on WordPress using Elementor and Astra theme, with modern plugins enhancing user experience. However, a critical security weakness is the lack of a valid SSL certificate and proper HTTPS configuration, which significantly impacts the security posture. Privacy compliance is well addressed with a comprehensive privacy and cookie policy and a consent mechanism. Contact information is clearly provided, enhancing business credibility.

B

Business Upper Austria - OÖ Wirtschaftsagentur GmbH

biz-up.at

0

Business Upper Austria - OÖ Wirtschaftsagentur GmbH is a government agency serving as the location and investment promotion agency for the state of Upper Austria. The organization provides tailored solutions for companies' investment and innovation projects, supporting national and international businesses with services such as investor services, human capital management, innovation promotion, cooperation facilitation, and industrial transformation. The website reflects a professional and comprehensive digital presence with clear navigation and relevant content targeted at businesses and investors interested in the region. Technically, the website is built on the TYPO3 CMS platform, utilizing modern frontend libraries such as Swiper.js and Font Awesome 6 Pro. The site includes a cookie consent mechanism compliant with GDPR and uses Matomo analytics for user tracking with explicit consent. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts the security posture and user trust. Security-wise, while SPF and DMARC records are properly configured to protect email integrity, the lack of TLS encryption and modern security headers exposes the site to risks. No incident response or security policy information is publicly available, which could be a concern for security-conscious visitors. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, reinforcing trust in the entity behind the website. Overall, the site is content-rich and professionally presented but requires urgent security improvements to enable HTTPS and modern TLS protocols to protect user data and enhance trust. Strategic recommendations include obtaining and maintaining a valid SSL certificate, enabling HSTS, and improving security headers. These steps will significantly improve the security posture and compliance standing of the website.

The United Nations Office for Outer Space Affairs (UNOOSA) operates as a key UN entity facilitating international cooperation in peaceful space activities, space law, and capacity building. It serves a global audience including member states, space agencies, academia, and industry. The website reflects a mature and consistent brand aligned with UN standards, offering comprehensive information on space policy, events, and programs. Technically, the site uses a legacy tech stack with Apache, jQuery, and Bootstrap, but suffers from slow performance and basic mobile optimization. Security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, exposing users to risks. Privacy compliance is minimal, lacking cookie consent mechanisms and GDPR indicators. Contact information and social media presence are well established, enhancing business credibility. Overall, the site is authoritative but requires urgent security and privacy improvements.

S

Statistik Austria

statistik.at

0

Statistik Austria is the official national statistical agency of Austria, providing independent and comprehensive statistical data to support fact-based decision making. The organization serves a broad audience including government entities, researchers, businesses, and the general public. Their services include data provision, publications, surveys, and various analytical tools. The website is professionally designed, content-rich, and well-structured, reflecting a mature digital presence. Technically, the site is built on TYPO3 CMS with privacy-conscious analytics via Matomo, and includes modern web technologies such as FontAwesome and jQuery. However, a critical security weakness is the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which severely impacts the site's security posture. Despite this, the site implements multiple security headers and cookie consent mechanisms, demonstrating good privacy compliance. Overall, the site is trustworthy and authoritative but urgently requires SSL implementation to protect user data and communications.

P

PV - Pensionsversicherung Österreich

pensionsversicherung.at

0

The website pensionsversicherung.at represents the official online presence of the Austrian Pensionsversicherung (PV), the largest pension insurance carrier in Austria, serving approximately 5.6 million insured persons. It provides comprehensive information and services related to pensions, care allowances, rehabilitation, and health prevention. The site is well-structured, professionally designed, and targets insured workers, pensioners, and caregivers in Austria. The business model is that of a government social insurance provider, with a strong market position as a key public institution in Austria's social security system. Technically, the website uses a mature technology stack including Apache server, jQuery 3.6, Jakarta Faces framework, and Piwik PRO for analytics. The content is rich and well-optimized for SEO and accessibility, with good mobile responsiveness. However, performance data is missing, and the site is currently served without a valid SSL certificate, resulting in no HTTPS availability, which is a critical security flaw. From a security perspective, the site implements several security headers including a detailed Content Security Policy and uses secure cookie flags. Despite this, the lack of a valid SSL certificate and absence of modern TLS protocols severely degrade the security posture. No DMARC record is found, and session resumption and OCSP stapling are not enabled. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is trustworthy and authoritative in its domain but must urgently address SSL/TLS issues to ensure secure communications and maintain user trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and enhancing email security with DMARC. The site demonstrates a high level of professionalism and business credibility but is currently limited by its security shortcomings.

W

Wiener Arbeitnehmer*innen Förderungsfonds

waff.at

0

The Wiener Arbeitnehmer*innen Förderungsfonds (waff) is a government-affiliated organization dedicated to supporting the workforce in Vienna through information, consultation, and financial assistance for professional development and training. The website serves as a comprehensive portal offering access to job and course searches, funding programs, and online applications, targeting both individuals and companies in Vienna. The organization holds a significant regional position as a key instrument in active labor market policies and adult education. Technically, the site is built on WordPress with Elementor, uses Matomo for analytics, and Borlabs Cookie for privacy management, reflecting a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professionally designed, content-rich, and trustworthy but requires urgent security improvements to protect user data and enhance trust.

I

ICMPD

icmpd.org

0

ICMPD is an established international organization focused on migration policy development, capacity building, and research, serving 21 member states with a global project footprint. The website reflects a mature, professional entity with comprehensive content and strong branding consistency. Technically, the site uses modern CMS technology (eZ Platform) and integrates analytics tools like Google Analytics and Matomo, but suffers from poor SSL implementation and lacks critical security headers, impacting its security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and enhance trust.

The Australian Government Department of Foreign Affairs and Trade (DFAT) operates as the primary government agency responsible for managing Australia's international relations, trade, and diplomatic efforts. The website serves as an authoritative source of information for Australian citizens, international partners, businesses, and travelers, providing comprehensive content on foreign affairs, trade agreements, development programs, consular services, and travel advice. The site is well-branded, professionally designed, and consistent with government standards, reflecting its enterprise-level stature within the government sector. Technically, the website is built on Drupal 10 and hosted on GovCMS, a platform tailored for Australian government entities. It integrates modern tools such as Google Tag Manager and ReadSpeaker for analytics and accessibility. The site demonstrates good mobile optimization, accessibility, and SEO practices. However, performance metrics are unavailable, and some technical debt is evident in the lack of a valid SSL certificate and disabled TLS protocols, which critically impact security posture. From a security perspective, the absence of a valid SSL certificate and TLS support is a significant vulnerability, exposing users to potential data interception and undermining trust. While security headers like X-Content-Type-Options and X-Frame-Options are correctly implemented, the lack of HTTPS and session security mechanisms lowers the overall security score. Privacy compliance is partial, with a comprehensive privacy policy present but no cookie consent mechanism despite the use of tracking scripts. Contact information is clearly provided, enhancing business credibility. Overall, the website is a high-quality government portal with excellent content and user experience but suffers from critical security shortcomings that must be addressed urgently to protect users and maintain trust. Strategic improvements in SSL/TLS deployment, privacy compliance, and security best practices are recommended to elevate the site's security posture and compliance standards.

T

The United Nations in Vienna

unvienna.org

0

The United Nations in Vienna website serves as the official digital presence of the UN's Vienna-based offices and agencies. It provides comprehensive information about the UN family in Vienna, their initiatives, sustainable development goals, and visitor information. The site targets a broad audience including diplomats, researchers, media, and the general public interested in UN activities. The business model is informational and public service-oriented, reflecting the UN's governmental and non-profit nature. The website is well-branded, consistent, and authoritative in its domain space. Technically, the site uses a combination of AngularJS and React frameworks, served via Apache, with integration of Google Tag Manager for analytics. The site is mobile optimized and has good navigation and content quality. However, performance metrics are unavailable, and accessibility is basic. SEO is moderately implemented with proper meta tags and Open Graph data. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. While some security headers are present, the absence of TLS protocols, cipher suites, DMARC, DNSSEC, and CAA records indicates a weak security posture. No incident response or vulnerability disclosure information is publicly available. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Overall, the website is trustworthy and credible given its UN affiliation and mature domain. However, the lack of HTTPS and modern security practices significantly lowers its security score and poses risks to users. Strategic improvements in SSL deployment, email security, and privacy compliance are recommended to enhance trust and security.

4

42virtual Business Services GmbH

42virtual.com

0

42virtual Business Services GmbH is a small German IT consulting and project management firm specializing in pragmatic and tailored solutions for public sector, banking, insurance, and service industries. Their website presents a professional image with clear business focus and German language content targeting relevant sectors. Technically, the site is built on Webflow CMS and uses jQuery, but suffers from slow load times and lacks modern security configurations. Critically, the absence of a valid SSL certificate and HTTPS support exposes the site to security risks and undermines user trust. Privacy compliance is minimal, with no cookie consent or GDPR indicators detected. Overall, the business appears legitimate and consistent with WHOIS data, but the security posture requires urgent improvement to protect visitors and comply with regulations.

D

Das Österreichische Patentamt

patentamt.at

0

Das Österreichische Patentamt is the central government authority in Austria responsible for intellectual property rights including patents, trademarks, and designs. The website serves as an information and service hub offering online filing, advisory services, and educational programs such as the IP Academy. The organization holds ISO 9001 and ISO 27001 certifications, reinforcing its commitment to quality and information security. The site targets a broad audience including inventors, businesses, startups, legal professionals, and students. Technically, the website is built on TYPO3 CMS with modern frontend libraries and frameworks, providing a professional and accessible user experience. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Security headers are well implemented but cannot compensate for the lack of encryption. Privacy compliance is strong with comprehensive cookie consent mechanisms and GDPR-aligned policies. Overall, the site is authoritative and trustworthy but requires urgent improvements in SSL/TLS deployment to enhance security posture.

Ö

Österreichische Agentur für Gesundheit und Ernährungssicherheit GmbH

ages.at

0

The website ages.at represents the Österreichische Agentur für Gesundheit und Ernährungssicherheit GmbH, a large Austrian government agency focused on protecting the health of humans, animals, plants, and the environment. It offers comprehensive services in food safety, public health, veterinary health, risk assessment, and research. The site is professionally designed with excellent content quality and clear navigation targeting public health professionals, researchers, and the general public in Austria. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, but suffers from slow load times and lacks a valid SSL certificate, resulting in no HTTPS support. This is a critical security weakness that undermines user trust and data protection. Privacy policies and cookie consent mechanisms are well implemented, reflecting good GDPR compliance. Security posture is weak due to missing HTTPS, lack of security headers, and no DMARC record for email protection. No explicit security or incident response policies are found. The domain registration data aligns well with the agency's identity, confirming legitimacy. Overall, the site is authoritative and trustworthy in content and business credibility but requires urgent improvements in security infrastructure to protect users and comply with modern web standards.

The OPEC Fund for International Development (OFID) is a mature, established international development finance institution founded in 1976 and headquartered in Austria. It serves member and partner countries by providing public sector lending, private sector and trade finance, grants, and special initiatives aimed at sustainable development. The website reflects a professional and comprehensive digital presence, targeting governments, investors, and development stakeholders globally. The content is rich, well-structured, and accessible, supporting the organization's mission to drive development and empower communities. Technically, the website employs modern technologies including a CMS platform (Ibexa), CDN (Fastly), and analytics (Google Analytics). The site is mobile-optimized with good accessibility and SEO practices. However, the absence of a valid SSL certificate and lack of modern TLS protocol support significantly impact the security posture, exposing the site to potential risks. Security-wise, the site implements several security headers such as Content Security Policy, X-Frame-Options, and Referrer Policy, but critical gaps exist in SSL/TLS configuration. No incident response or vulnerability disclosure information is found, indicating areas for improvement in security transparency and readiness. Overall, the website is credible and trustworthy, supported by consistent WHOIS data and a long domain history. Strategic recommendations include immediate SSL/TLS remediation, enabling HSTS, and enhancing incident response capabilities to strengthen security and compliance posture.

The website cddiputados.gob.mx serves as a minimal redirect page to https://congresoedomex.gob.mx, indicating it is an official government domain related to the legislative body of the State of Mexico. The site lacks substantive content, policies, or contact information, reflecting a very basic web presence. Technically, the site is served by Apache over HTTP without SSL/TLS encryption, which is a significant security shortfall for any modern website, including government domains. The absence of security headers, DNSSEC, and other best practices further weakens its security posture. From a business perspective, the domain is consistent with government registration norms and appears legitimate, but the digital maturity is low. Overall, the site presents a low-risk profile due to its minimal functionality but requires urgent improvements in security and compliance to meet modern standards.

C

Comprehensive Nuclear-Test-Ban Treaty Organization

ctbto.org

0

The Comprehensive Nuclear-Test-Ban Treaty Organization (CTBTO) operates as an international governmental entity dedicated to monitoring and enforcing the ban on nuclear tests globally. The organization provides key services including verification regimes, international monitoring systems, data analysis, and on-site inspections, targeting member states, researchers, civil society, and media. The website reflects a professional and authoritative presence consistent with its mission and audience. Technically, the site is built on Drupal 10 with modern frameworks and is hosted behind Cloudflare, leveraging Google Analytics and other monitoring tools. The site is mobile-optimized and well-structured, though performance metrics are unavailable. Security headers are implemented, but a critical issue is the absence of a valid SSL certificate and disabled TLS protocols, which significantly impacts the security posture. Security-wise, while the organization employs good header policies and content security policies, the lack of HTTPS and proper TLS support is a major vulnerability. No incident response or security policy pages were found, and cookie consent mechanisms are missing despite tracking usage. DNS records show malformed CAA entries and no DNSSEC, which could be improved. Overall, the site is trustworthy and professional but requires urgent remediation of SSL/TLS issues and enhancement of privacy compliance mechanisms to improve security and user trust.

S

Stadt Wien – Wiener Wohnen Kundenservice GmbH

wrwks.at

0

Stadt Wien – Wiener Wohnen Kundenservice GmbH is a municipal service provider based in Vienna, Austria, focused on delivering social and sustainable solutions within the city's organizational network. The company has evolved from a small marketing and call service agency into a medium-sized enterprise offering comprehensive construction and communication services. Their ISO 9001:2015 certification underscores their commitment to quality and customer satisfaction. Technically, the website is built on WordPress with modern JavaScript frameworks and plugins, providing good accessibility and SEO optimization. However, the lack of a valid SSL certificate and proper HTTPS configuration significantly undermines the site's security posture. Security headers are partially implemented, but critical TLS protocols and certificate transparency are missing. Privacy compliance is well addressed with a comprehensive privacy and cookie policy, including consent mechanisms. Overall, the business credibility is strong with clear contact information and trust indicators. Strategic improvements in SSL/TLS deployment and security policy transparency are recommended to enhance trust and security.

The United Nations Industrial Development Organization (UNIDO) is a well-established intergovernmental organization focused on promoting industrial development for sustainable economic growth and poverty reduction. The organization operates globally with a strong presence in Austria, where it is headquartered. UNIDO's key services include technical cooperation, policy advice, capacity building, and implementation of industrial development programs. The website represents a critical digital asset for UNIDO's communication and outreach efforts. Technically, the website is hosted behind Cloudflare, which provides security and performance services. However, the current website content is inaccessible due to a Cloudflare security challenge page requiring JavaScript and cookies, preventing full content analysis. The SSL/TLS configuration is critically flawed with no valid certificate detected, disabling HTTPS and exposing the site to security risks. Performance metrics are unavailable due to blocked content, and no modern web frameworks or CMS are identifiable from the limited HTML. From a security perspective, while several security headers are implemented, the lack of HTTPS and invalid SSL certificate significantly degrade the security posture. There is no evidence of privacy policies, cookie consent mechanisms, or incident response contacts on the accessible page. WHOIS data is consistent and trustworthy, showing a mature domain registered to UNIDO with no privacy protection, reinforcing the legitimacy of the domain. Overall, the website currently suffers from critical accessibility and security issues that limit its effectiveness and trustworthiness. Strategic improvements in SSL/TLS deployment, content accessibility, and privacy compliance are essential to enhance the organization's digital presence and security posture.

Ö

Österreichische Lotterien GmbH

lotterien.at

0

Österreichische Lotterien GmbH operates as the official national lottery provider in Austria, offering a wide range of lottery games, including Lotto 6 aus 45, EuroMillionen, and various scratch cards. The website serves as a comprehensive platform for game participation, result checking, and customer engagement, targeting Austrian lottery players and stakeholders. The company holds a strong market position as a government-associated entity with multiple subsidiaries in the gaming sector. Technically, the website is built on TYPO3 CMS and integrates modern analytics and consent management tools, demonstrating a mature digital infrastructure. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to potential risks. Despite this, the site implements several security headers and maintains a responsible disclosure page, reflecting a commitment to security awareness. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to meet modern security standards.

I

International Commission on Missing Persons

icmp.int

0

The International Commission on Missing Persons (ICMP) is a globally recognized non-profit organization dedicated to addressing the issue of missing persons resulting from conflicts, disasters, and other causes. The organization collaborates with governments, civil society, and international bodies to provide expertise, data systems, and forensic services. Their website reflects a mature digital presence with comprehensive content, multilingual support, and clear navigation tailored to a diverse audience including families of missing persons and governmental agencies. Technically, the site is built on WordPress with modern plugins and Cloudflare CDN protection, but it suffers from a critical lack of a valid SSL certificate and proper TLS configuration, which significantly impacts its security posture. Privacy compliance is well addressed with GDPR-aligned cookie and privacy policies. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent improvements in SSL/TLS security to protect user data and maintain credibility.

U

United Nations Office on Drugs and Crime

unodc.org

0

The United Nations Office on Drugs and Crime (UNODC) operates as a key intergovernmental agency focused on combating illicit drugs, crime, corruption, and terrorism globally. It provides extensive research, policy guidance, and technical assistance to member states and partners, positioning itself as a leading authority in its domain. The website reflects a mature, well-branded digital presence with comprehensive content and multi-language support targeting governments, NGOs, researchers, and the public. Technically, the site uses a modern tech stack including Apache, AngularJS, Bootstrap, and Google Tag Manager, hosted on UN Vienna infrastructure. While the site is moderately performant and mobile-optimized, it lacks a valid SSL certificate and modern TLS support, which critically undermines its security posture. Security headers are well implemented, but the absence of HTTPS and session security features are significant vulnerabilities. From a security perspective, the site demonstrates good header policies but fails to provide encrypted transport, OCSP stapling, or session resumption. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Business credibility is high given the official UN affiliation and consistent WHOIS data. Overall, the site is authoritative and professional but requires urgent security improvements, especially SSL deployment, to ensure trust and compliance. Strategic recommendations include obtaining valid HTTPS certificates, enabling modern TLS protocols, implementing cookie consent, and enhancing incident response visibility.

D

Deutsche Handelskammer in Österreich (DHK)

dhk.at

0

The Deutsche Handelskammer in Österreich (DHK) is a well-established organization dedicated to fostering bilateral economic relations between Germany and Austria. The website presents a professional and comprehensive overview of their services, including business partner mediation, legal and tax consulting, environmental compliance, and event networking. Their market position is strong within the German-Austrian economic cooperation sector, supported by reputable partners and government affiliations. Technically, the site uses modern CMS and caching technologies, ensuring good user experience and accessibility. However, a critical security gap exists due to the absence of HTTPS, exposing users to potential risks. Privacy policies and cookie consent mechanisms are in place, reflecting GDPR compliance. Overall, the site is credible and professionally maintained but urgently requires SSL implementation to improve security posture.

N

NBS Rekrutēšanas un atlases centrs

klustikaravirs.lv

0

The website klustikaravirs.lv serves as the official recruitment platform for the Latvian National Armed Forces, providing comprehensive information and application options for various military service types including professional service, national defense service, and specialized military education. The site targets Latvian citizens aged 18 to 60 interested in serving their country, positioning itself as a trusted government resource with strong public confidence. Technically, the site is built on Drupal 10, employs Matomo for privacy-conscious analytics, and offers a responsive, accessible user experience. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall that undermines user trust and data protection. Additionally, DNS and email security configurations could be enhanced with DNSSEC and DMARC records. Privacy and cookie policies are present with consent mechanisms, but no terms of service or security policies are published. Overall, the site is functional and professional but requires urgent security improvements to align with best practices.

Z

ZAUDĒTAIS SAPNIS PAR BRĪVĪBU

sapnisparbrivibu.lv

0

The website sapnisparbrivibu.lv serves as an informational platform related to the Latvian War Museum, focusing on the historical narrative of Latvian soldiers issued by the Swedish government to the Soviet Union. The site targets visitors interested in Latvian military history and related educational content. The business model is primarily informational, with no evident commercial transactions or services. The website is small in scale and localized to Latvia. Technically, the site is built using React and Material-UI, indicating a modern frontend framework. However, the absence of a valid SSL certificate and HTTPS support critically undermines the site's security and trustworthiness. Performance is moderate with a page load time of approximately 3.1 seconds, and mobile optimization is basic. SEO and accessibility features are minimal. From a security perspective, the site lacks fundamental protections such as HTTPS, DMARC, DNSSEC, and proper SSL configurations. While HSTS is enabled, it is ineffective without HTTPS. No security policies, incident response contacts, or vulnerability disclosures are present. These gaps expose the site to potential risks and reduce user trust. Overall, the website's risk profile is elevated due to missing security controls and privacy compliance. Strategic recommendations include immediate implementation of HTTPS, addition of privacy and cookie policies, and enhancement of security headers. Improving contact transparency and adding trust signals would also benefit business credibility and user confidence.

The website harno.ee is a government-related domain managed by the Estonian Ministry of Education and Research (Haridus- ja Teadusministeerium) through its EENet network services. It appears to serve as a portal for educational and research network infrastructure in Estonia. However, the website content is currently inaccessible due to a Cloudflare Turnstile captcha security challenge, preventing direct content analysis. The domain is registered consistently with the governmental entity and has a domain age appropriate for its establishment in 2020. Technically, the site is hosted behind Cloudflare with security measures such as HSTS enabled, but it lacks a valid SSL certificate and modern TLS protocol support, resulting in no HTTPS availability. DNS records show a well-configured SPF and DMARC policy, but DNSSEC is not enabled. Performance is slow, and no content or business contact information is visible on the challenge page. Security posture is weak due to missing HTTPS and incomplete security headers, though email security policies are in place. Privacy compliance is poor with no visible privacy or cookie policies. Business credibility is moderate based on domain registration and affiliation with a government entity but is limited by lack of accessible content and contact details. Overall, the site requires improvements in SSL/TLS configuration, enabling DNSSEC, and publishing privacy and cookie policies. The current WAF challenge limits content accessibility and analysis, impacting trust and user experience.

C

Civilstyrelsen

lovtidende.dk

0

Lovtidende.dk is the official Danish government platform for publishing laws and regulations, managed by Civilstyrelsen. It serves as a critical resource for government officials, legal professionals, and the public to access official legal documents. The website provides structured access to legal publications and links to other official government legal information portals. Technically, the site is built using modern frontend technologies such as React and employs SVG icons and CSS-in-JS styling. However, the site suffers from significant security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture. The site also lacks security headers and cookie consent mechanisms, although it claims not to use cookies. Overall, the website is content-rich and professionally presented but requires urgent security improvements to protect user data and ensure trust.

C

Civilstyrelsen

statstidende.dk

0

Statstidende.dk is an official Danish government website operated by Civilstyrelsen under the Ministry of Justice. It serves as the official publication platform for legally mandated notices, allowing users to search, read, subscribe to, and submit official announcements. The site targets Danish citizens and organizations required to publish legal notices, positioning itself as a critical government information service. Technically, the site is built using modern JavaScript frameworks such as React and Webpack, providing a responsive and user-friendly interface. However, performance is suboptimal with a slow load time and large page size, indicating potential optimization opportunities. From a security perspective, the site lacks a valid SSL certificate and HTTPS support, which is a critical vulnerability for any public-facing website, especially a government platform. Additionally, no security headers or incident response policies are evident, and cookie consent mechanisms are absent, raising compliance concerns. Overall, while the business credibility and content quality are strong due to official government backing, the technical and security posture require urgent improvements to ensure user trust and regulatory compliance.

C

Civilstyrelsen

civilstyrelsen.dk

0

Civilstyrelsen is a Danish government agency under the Ministry of Justice, responsible for ensuring the fundamental principles of the rule of law. The agency provides a wide range of public services including legal aid, permissions for property acquisition, compensation claims, and oversight of various legal and administrative functions. The website targets Danish citizens, legal professionals, and organizations requiring governmental legal services. It operates as an official government entity with a medium organizational size and a consistent brand presence. The content is well-structured and relevant, supporting the agency's mission and services effectively. Technically, the website is built on the GoBasic CMS platform with jQuery and uses embedded Vimeo videos. Hosting appears to be on cloud infrastructure with IPv4 and IPv6 addresses. However, the website suffers from slow performance with a load time exceeding 15 seconds and a relatively large page size. Mobile optimization and accessibility are good, but SEO optimization is basic. The site lacks modern security configurations, notably missing a valid SSL certificate and HTTPS support, which is a critical vulnerability. From a security perspective, the absence of HTTPS and TLS protocols, lack of security headers, and missing DNS security features expose the site to potential risks. No incident response or vulnerability disclosure mechanisms are evident. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Contact information is clearly provided, enhancing trust and credibility. Overall, while the website serves its governmental purpose with good content and user experience, the critical lack of HTTPS and modern security measures significantly lowers its security posture and trustworthiness. Addressing these issues is paramount to protect user data and maintain public trust.

D

Danish Research Institute for Economic Analysis and Modelling

dreamgruppen.dk

0

DREAMgruppen.dk represents the Danish Research Institute for Economic Analysis and Modelling, an independent institution specializing in economic modeling and analysis of the Danish economy. The organization offers a suite of economic and demographic models and provides services such as policy evaluation, custom analyses, and training. The website is professionally designed with comprehensive content targeting public and private sector stakeholders interested in economic data-driven decision making. Technically, the site is built on ASP.NET with GoBasic CMS and uses jQuery, but suffers from slow load times and lacks modern security implementations such as HTTPS. Security posture is weak due to the absence of a valid SSL certificate, no TLS protocols enabled, and missing security headers, which poses a significant risk to user data and trust. Privacy compliance is adequate with clear privacy and cookie policies, though no explicit consent mechanism is observed. Overall, the site is credible and trustworthy from a business perspective but requires urgent security improvements to protect visitors and maintain institutional reputation.

M

Medarbejder- og Kompetencestyrelsen

medst.dk

0

Medarbejder- og Kompetencestyrelsen is a Danish government agency under the Ministry of Finance focused on labor agreements, HR education, and development activities within the public sector. The agency provides tools, advisory services, and regulatory information to state employers and HR professionals. The website serves as an authoritative platform for state HR matters, offering educational programs, circulars, and practical tools. Technically, the site is built on the Umbraco CMS platform, uses modern JavaScript libraries such as Swiper.js for UI components, and integrates Cookiebot for cookie consent management. However, the site suffers from a critical security issue due to an invalid or missing SSL certificate, which undermines secure HTTPS access. Other security best practices such as HSTS, DNSSEC, and security headers are absent, indicating room for improvement in security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is professional and trustworthy but requires urgent SSL remediation to ensure secure user interactions.

S

Statens Administration

statens-adm.dk

0

Statens Administration is a Danish government entity providing centralized administrative services focusing on payroll, accounting, reimbursement, and support portals for public sector organizations. The website reflects a professional government service portal with clear navigation and relevant content for its target audience. Technically, the site uses Umbraco CMS and integrates third-party analytics and search tools, but suffers from a critical security flaw due to the absence of a valid SSL certificate, impacting HTTPS availability. Privacy compliance is well addressed with Cookiebot consent management and comprehensive cookie and privacy policies. The security posture is weak due to missing HTTPS and security headers, posing risks to user data confidentiality and integrity. Overall, the site is functional and trustworthy but requires urgent security improvements to meet modern standards.