Security Directory

U

UNIVERSAL Eisen und Stahl GmbH

universal-stahl.com

0

UNIVERSAL Eisen und Stahl GmbH is a German medium-sized full-service steel trading company specializing in heavy plates and advanced processing services. It operates as part of the Salzgitter AG group, leveraging a large inventory and extensive logistics capabilities to serve industrial clients across Europe. The company emphasizes sustainability and quality, certified under ISO 9001, and promotes innovative green steel production initiatives such as SALCOS®. Technically, the website is built on TYPO3 CMS and uses Matomo for analytics, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and HTTPS support. Security headers are partially implemented, but modern TLS protocols and HSTS are missing, exposing the site to risks. Privacy compliance is well addressed with cookie consent and GDPR-aligned policies. Overall, the business is credible and professionally presented, but the lack of HTTPS significantly undermines security posture.

G

Grünenthal

grunenthal.com

0

Grünenthal is a globally recognized pharmaceutical company specializing in pain management and related diseases. The company operates with a strong focus on innovation, patient support, and corporate responsibility, positioning itself as a leader in its sector. The website reflects a mature digital presence with comprehensive content targeting healthcare professionals, patients, partners, and investors. Technically, the site uses modern tools such as Matomo analytics and consent management but suffers from a critical lack of valid SSL/TLS configuration, which undermines its security posture. Despite this, privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent security improvements to protect user data and maintain credibility.

nicsell.com is a domain backorder and auction platform operated by DomainProfi GmbH, targeting the German-speaking market with services for acquiring domains in deletion phases. The business model focuses on low starting bids and a no-risk payment approach, supported by ICANN accreditation and partnerships with multiple domain registries. Technically, the website uses a standard stack including nginx, Bootstrap, and jQuery, but lacks a valid SSL certificate, which is a significant security concern. The site is mobile optimized and SEO friendly but has slow performance metrics. Security posture is weak due to missing HTTPS and modern TLS protocols, although some security headers and cookie flags are set. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Contact information is limited to forms, with no direct emails or phone numbers publicly listed. Overall, the site is legitimate and professionally presented but requires urgent security improvements.

S

Sport England

sportengland.org

0

Sport England is a UK government-related non-profit organization dedicated to promoting sport and physical activity across England. The website serves as a comprehensive resource hub offering funding opportunities, research data, guidance, and campaigns to support various stakeholders including volunteers, grassroots organizers, schools, and national governing bodies. The organization is primarily funded by the National Lottery, which is prominently acknowledged on the site. The website is professionally designed with clear navigation and strong branding consistency, targeting a broad audience involved in sport and physical activity.

B

BEWOTEC GmbH

bewotec.de

0

BEWOTEC GmbH is a German-based technology company specializing in software solutions for travel agencies and tour operators. Their product suite includes myJACK, a comprehensive travel agency software, DaVinci for tour operators, and dynamic packaging tools like flexStore and OTDS Player. The company has a strong market presence in the German-speaking travel industry, with a history dating back to 1988. Technically, the website is built on WordPress with modern plugins and tools, offering good content quality and user experience. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR. Overall, the site is professional and trustworthy but requires urgent security improvements to enable HTTPS and enhance protection.

The website tvginsights.com is currently offline and displays only a minimal placeholder page indicating it has been disabled for technical reasons. There is no accessible content, metadata, or business information available on the site. The domain is registered and uses Sherweb for DNS and mail services, but no SSL certificate is installed, and HTTPS is not supported. This results in a poor security posture and low trustworthiness. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available. Overall, the site lacks any meaningful digital presence or business information, severely limiting its utility and credibility. From a technical perspective, the site runs on an Apache server but lacks modern security configurations such as TLS protocols, HSTS, and OCSP stapling. Performance metrics are unavailable due to the offline status. No analytics or tracking technologies are detected, and no external business or social media links are present except for a single external image resource. Security evaluation reveals critical issues including the absence of HTTPS and SSL certificates, no security headers, and no vulnerability mitigations. The domain registration appears consistent but the lack of active content and security measures significantly reduces the domain's legitimacy score. The overall risk is high due to the offline status and missing security controls. Strategic recommendations include immediate restoration of website content, implementation of a valid SSL certificate, enabling HTTPS, and adoption of security best practices. Additionally, publishing privacy and cookie policies, contact information, and business details would improve trust and compliance. Until these improvements are made, the site remains non-functional and insecure.

R

RP Global

rp-global.com

0

RP Global is a well-established large-scale developer, operator, and investor in the renewable energy sector with over 40 years of experience. The company focuses on solar PV, wind, hydro, hydrogen, and energy storage projects primarily in Europe and Latin America, with a significant project pipeline exceeding 14 GW(p). Their business model centers on project development, investment, and strategic partnerships, positioning them as a key player in the renewable energy market. Technically, the website is built on ASP.NET and hosted on Microsoft IIS with Umbraco CMS, incorporating modern web technologies such as Google Tag Manager and Google Fonts. However, performance is slow and accessibility is basic. Security posture is weak due to the absence of a valid SSL certificate, lack of HTTPS, missing security headers, and no incident response or security policy disclosures. Privacy compliance is minimal with policies present but no consent mechanisms. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

P

PPG Industries, Inc.

ppg.com

0

PPG Industries, Inc. is a global leader in the manufacturing and distribution of paints, coatings, and specialty materials with a rich history spanning nearly 140 years. The company serves diverse markets including construction, automotive, industrial, and transportation, offering a broad portfolio of products and brands such as Comex, Sigma, Johnstone's, Dulux, and others. Their website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site leverages modern frameworks like Angular and Express, hosted on Microsoft Azure, with integrations for search and consent management. However, a critical security issue is the absence of a valid SSL certificate and lack of modern TLS protocols, which significantly impacts the site's security posture. Privacy policies and cookie consent mechanisms are well implemented, indicating good compliance with GDPR and related regulations. Overall, the site demonstrates high business credibility and professionalism but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

K

Knowles Electronics, LLC

knowles.com

0

Knowles Electronics, LLC is a well-established market leader specializing in high-performance electronic components including advanced micro-acoustic microphones, balanced armature speakers, capacitors, and RF filtering products. The company primarily serves demanding sectors such as Industrial, MedTech, Aerospace/Defense, Electrification, and Consumer Electronics. Their business model focuses on manufacturing and supplying specialized components to these industries, maintaining a strong market position supported by a professional and content-rich website. The company recently divested its Consumer MEMS Microphones Division to Syntiant Corporation, indicating strategic business realignment. Technically, the website is built on a mature ASP.NET framework with Sitefinity CMS, hosted on AWS infrastructure. It integrates modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Hotjar, demonstrating digital maturity and a focus on user experience and data-driven insights. The site is mobile-optimized with good SEO practices and clear navigation, although accessibility features are basic. From a security perspective, the website exhibits critical weaknesses due to the absence of a valid SSL certificate and lack of HTTPS support, severely impacting the security posture. While some security headers are present and cookie consent mechanisms are implemented, the lack of TLS protocols and strong cipher suites exposes the site to significant risks. No explicit security or incident response policies are published, and no vulnerability disclosure or security.txt files are found. Overall, the website is professional and credible from a business standpoint but requires urgent security improvements to protect user data and maintain trust. Strategic recommendations include immediate SSL/TLS deployment, enhanced security header configuration, and publication of security policies to align with industry best practices.

T

Today Experts

today-experts.com

0

Today Experts is a small Austrian IT recruitment company specializing in connecting IT specialists with client projects. Their website is professionally designed using WordPress and Elementor, targeting IT professionals and clients seeking staffing solutions. The company showcases partnerships with notable firms such as A1, ÖBB, IBM, UNIQA, and nagarro, indicating a credible market position within the technology and transportation sectors. Technically, the site uses modern web technologies but suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts user trust and security posture. Privacy compliance is basic, with a cookie consent mechanism implemented but lacking comprehensive GDPR indicators. Overall, the site is functional and content-rich but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

N

NEOS

neos.eu

0

NEOS is a well-established Austrian political party with a strong digital presence and comprehensive content about its programs, members, and activities. The website is professionally designed, mobile-optimized, and provides clear navigation and rich information for its target audience. Technically, the site uses modern frontend technologies such as Alpine.js and Tailwind CSS, and integrates marketing and analytics tools like Google Tag Manager and Microsoft Clarity. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which poses a significant risk to user data and trust. Privacy compliance is generally good, with a clear privacy policy and GDPR consent mechanisms in the newsletter form, but lacks a visible cookie consent banner. Overall, the site is credible and trustworthy but requires urgent security improvements to protect visitors and maintain compliance.

R

Regent AG

regent.ch

0

Regent AG is a Swiss-based lighting manufacturer with a heritage spanning over 100 years, specializing in high-quality, human-centric lighting solutions and bespoke designs. Their website reflects a mature business with a strong brand presence, targeting professional customers such as electrical installers and corporate clients. The company offers a broad portfolio including connected lighting and upcycling services, supported by digital tools like product finders and configurators. Technically, the website is built on TYPO3 CMS and employs modern web technologies and marketing tools, but suffers from a critical security weakness due to the absence of a valid SSL certificate and disabled TLS protocols, which undermines secure HTTPS access. Privacy compliance is well addressed with clear policies and consent mechanisms. Contact information and social media presence are comprehensive, enhancing business credibility.

O

Oracle

sun.com

0

Oracle's website for hardware solutions presents a comprehensive and professional digital presence showcasing its enterprise-grade hardware products optimized for Oracle Database and cloud integration. The site targets IT professionals and enterprises seeking scalable, high-performance infrastructure solutions. The content is rich, well-structured, and supported by multimedia and customer success stories, reflecting Oracle's strong market position in technology and cloud services. Technically, the site leverages Oracle's own content management system, Akamai CDN, and modern JavaScript frameworks, ensuring good performance and accessibility. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, which significantly impacts the security posture and trustworthiness from a technical perspective. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR compliance. Overall, the site demonstrates high business credibility but requires urgent remediation of its SSL configuration to meet modern security standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

G

Glanzer cosmetic engineering GmbH & Co KG

donau-kanol.com

0

Glanzer cosmetic engineering GmbH & Co KG is a well-established Austrian manufacturing company specializing in cosmetics, household cleaners, and biocides. With over 90 years of experience and 100% production in Austria, the company positions itself as a full-service partner for B2B clients seeking high-quality product development and manufacturing services. The website reflects this positioning with clear business descriptions, contact information, and a professional design. Technically, the site uses a modern technology stack centered around Craft CMS and popular JavaScript libraries, but suffers from poor performance metrics and lacks HTTPS security. Security posture is weak due to the absence of a valid SSL certificate and missing security headers, exposing the site to potential risks. Privacy compliance is also lacking, with no privacy or cookie policies present. Overall, the site is functional and professional but requires urgent improvements in security and compliance to reduce risk and enhance trust.

FG Xpress is a healthcare-focused company offering a patented, doctor-formulated medical device product called PowerStrips™ for pain relief. The company operates a direct sales business model targeting a global audience with a simple product and pricing structure. The website presents product information, testimonials, and business opportunity details, positioning itself as a category creator in the pain relief market. Technically, the site is built on WordPress with multilingual support and uses Cloudflare CDN and LiteSpeed server technology. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. No privacy or cookie policies are present, indicating compliance gaps. Contact information and social media links are available, supporting business credibility. Overall, the site demonstrates moderate professionalism but requires urgent security and compliance improvements.

V

Volkswagen Slovakia

volkswagen.sk

0

Volkswagen Slovakia operates as a major automotive manufacturer and brand presence in Slovakia, providing information about Volkswagen vehicles, services, and employment opportunities. The website targets consumers, job seekers, and visitors interested in Volkswagen Slovakia. Technically, the site uses Apache server and jQuery, with a professional design and good mobile optimization, but lacks performance metrics and modern SSL/TLS configuration. Security posture is weak due to absence of a valid SSL certificate and HTTPS, despite some security headers being present. Privacy compliance is poor with no detected privacy or cookie policies. Overall, the site is functional and professional but requires significant improvements in security and privacy to meet modern standards.

Chalmers tekniska högskola is a prestigious Swedish technical university founded in 1829, specializing in education and research in technology, natural sciences, transportation, and energy sectors. The institution offers a wide range of undergraduate and graduate programs, conducts cutting-edge research, and actively collaborates with industry and society. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency, targeting students, researchers, and partners. Technically, the site leverages modern frameworks such as Next.js and React, with a CMS likely based on Umbraco. However, performance data is limited, and some improvements could be made in hosting and optimization. Security posture is weakened by the lack of a valid SSL certificate and absence of DNSSEC and CAA records, which are critical for protecting user data and ensuring trust. Privacy compliance is well addressed with detailed policies and cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security enhancements to meet best practices.

The website overthefuckingtop.com serves as a login gateway redirecting users to Instagram's official login page, which is owned and operated by Meta Platforms, Inc. It primarily facilitates user authentication for Instagram services. The site exhibits professional branding consistent with Instagram and Meta, targeting Instagram users who need to log in to access their accounts. The business model revolves around social media platform user authentication, supporting Instagram's global social networking services. Technically, the site employs modern web technologies including React, JavaScript, and GraphQL, hosted on Meta's infrastructure. Performance is moderate with good mobile optimization and basic accessibility features. Security headers are well implemented, including strict content security policies and frame denial, but the absence of a valid SSL certificate is a critical vulnerability that undermines the security posture. Privacy and cookie policies are not found on this domain, which is typical for a login redirect page but limits privacy compliance. Overall, the domain is legitimate and consistent with Instagram's operations, but the lack of SSL must be addressed to ensure secure user interactions.

B

Blue Tomato

blue-tomato.com

0

Blue Tomato is a well-established European e-commerce and retail company specializing in boardsport and lifestyle products including snowboarding, skateboarding, surfing, freeski, and streetwear. With over 30 years of experience and more than 70 physical shops across Europe, the company offers a comprehensive product range from over 500 brands, supported by community engagement and specialized services such as snowboard schools and rental shops. The website is professionally designed, highly localized, and optimized for performance and user experience across devices. Technically, the website employs modern web technologies including React and Preact frameworks, utilizes Cloudflare for hosting and security, and integrates advanced analytics and consent management tools. The site demonstrates good SEO and accessibility practices, ensuring broad reach and compliance with relevant regulations. From a security perspective, the site uses a valid SSL certificate but lacks modern TLS protocol support and some security headers like HSTS and OCSP stapling. No critical vulnerabilities were detected, but improvements are recommended to enhance security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, Blue Tomato presents a low-risk profile with strong business credibility, good technical infrastructure, and adequate security measures. Strategic recommendations include enhancing SSL/TLS configurations, enabling additional security headers, and implementing domain protection locks to further secure the domain registration.

T

Transped Europe GmbH

transped.at

0

Transped Europe GmbH is a medium-sized Austrian transportation and logistics company specializing in European haulage and intermodal freight transportation since 1983. The company positions itself as a specialist in European road haulage, targeting logistics customers and transport partners across Europe. The website reflects a professional business with clear navigation and relevant content focused on their core services. Technically, the site uses a custom ASP.NET backend with common frontend libraries such as jQuery and Bootstrap, but lacks modern security implementations such as HTTPS and security headers, which significantly impacts its security posture. The absence of a valid SSL certificate and missing security headers expose the site to potential risks and reduce trustworthiness. Privacy compliance is basic, with a privacy policy and cookie consent mechanism present, but no explicit data protection officer or incident response information is found. Overall, the website is functional and informative but requires urgent security improvements to protect user data and enhance trust.

D

Dr. Reddy’s Laboratories

drreddys.com

0

Dr. Reddy’s Laboratories is a leading multinational pharmaceutical company based in India, focused on providing affordable and innovative medicines globally. The website serves as a corporate presence with branding and basic business description but lacks visible contact or policy pages in the provided snapshot. The technical infrastructure includes modern JavaScript frameworks (React), third-party analytics and consent management tools, and is hosted behind Cloudflare. Security headers are implemented, but TLS protocols are not enabled, indicating a need for SSL/TLS configuration improvements. The cookie consent mechanism is active, supporting GDPR compliance to some extent, though no explicit privacy or terms of service pages were found. Overall, the website demonstrates moderate digital maturity with room for improvement in content richness, security hardening, and compliance transparency.

P

Poesis Consulting GmbH

poesis.at

0

Poesis Consulting GmbH is a small, dynamic consulting firm specializing in strategy, project management, process management, and training services. The company targets businesses requiring tailored consulting solutions, particularly in complex projects where internal resources or expertise are limited. Their market position is regional with offices in Vorarlberg and Liechtenstein, emphasizing a personalized and deep consulting approach. The website reflects a professional and consistent brand image with clear service offerings and client testimonials, supporting their credibility. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Fonts, Google Tag Manager, and Cookiebot for consent management. Hosting is via Cloudflare CDN with DNS managed by United Hoster. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant technical and security deficiency. Performance is rated slow due to missing optimization metrics, but mobile responsiveness and SEO basics are adequately addressed. From a security perspective, the absence of HTTPS and TLS protocols severely undermines the site's security posture. While some security headers and best practices like HttpOnly cookies and reCAPTCHA are implemented, critical vulnerabilities exist including no DNSSEC, no certificate transparency compliance, and no session resumption. Privacy compliance is reasonably addressed with a privacy policy, cookie consent, and GDPR indicators, but no explicit security or incident response policies are published. Overall, the website presents a moderate risk profile primarily due to missing HTTPS and related security controls. Strategic recommendations include immediate SSL/TLS deployment, enhancement of DNS security, and publication of security policies. These improvements will bolster trust, compliance, and protect both the business and its clients from potential threats.

Q

Qidenus Technologies

qidenus.com

0

Qidenus Technologies is a specialized manufacturer of high-performance V-shaped book scanners and related capture software, serving a global clientele including libraries, archives, museums, and cultural heritage organizations. The company positions itself as a market leader with a strong product portfolio and a network of trusted partners and distributors worldwide. The website reflects a professional and well-branded digital presence with comprehensive product information and customer engagement features. Technically, the site is built on WordPress with modern plugins for SEO and analytics, hosted on LiteSpeed servers with PHP 8.1. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is partially addressed with cookie policies and consent mechanisms, but GDPR compliance indicators are limited. Overall, the business credibility is strong, but the security posture requires urgent improvement to protect data and enhance trust.

W

Windhund GmbH

windhund.com

0

Windhund GmbH is a small Austrian company specializing in providing monthly live-streamed and on-demand health keynote presentations aimed at corporate workplace health management. The company has a professional web presence built on TYPO3 CMS, featuring reputable speakers and a solid client base. Technically, the website uses modern marketing and tracking tools such as Google Tag Manager and Facebook Pixel, and implements a cookie consent mechanism compliant with GDPR. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, exposing users to potential risks. The WHOIS data is consistent with the business claims, indicating legitimacy. Overall, the website is functional and professional but requires urgent security improvements.

Compass Group is a global leader in the hospitality sector, specializing in foodservice and support services for corporate and institutional clients. The company operates at an enterprise scale with a strong market position. However, the website content is currently inaccessible due to a security challenge page, which prevents a full content and user experience analysis. The technical infrastructure shows use of Akamai for hosting and JavaScript for client-side operations, but lacks a valid SSL certificate and modern TLS protocols, resulting in no HTTPS support. Security posture is weak due to missing SSL, lack of security headers, and absence of HSTS and OCSP stapling. DNS and WHOIS data confirm legitimate domain ownership consistent with the Compass Group brand and UK location. Overall, the website is protected by a WAF or security mechanism that blocks direct content access, limiting the ability to assess privacy policies, contact information, and other compliance aspects.

O

Ospelt Gruppe

ospelt.com

0

Ospelt Gruppe is a well-established international manufacturer specializing in private label food products including ready meals, fresh meals, convenience foods, and pet food. Founded in 1958 and headquartered in Liechtenstein, the company operates multiple production sites across Liechtenstein, Switzerland, and Germany. The website reflects a mature digital presence with multilingual support and professional branding, targeting both consumers and business clients in the food manufacturing sector. Technically, the site is built on WordPress with the Divi theme and incorporates modern web technologies and SEO best practices. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines HTTPS security and user trust. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent improvements in security infrastructure to protect user data and enhance trust.

OTP Bank is a leading Hungarian financial institution with a strong regional presence in Central and Eastern Europe. Founded in 1949, it offers a comprehensive range of banking services including retail and corporate banking, loans, savings, insurance, and digital banking solutions. The website reflects a mature and professional digital presence with excellent content quality, clear navigation, and strong branding consistency. The bank leverages modern web technologies such as Vue.js and integrates multiple analytics and marketing tools to enhance user experience and business intelligence. From a technical perspective, the website employs robust security headers and content security policies, but suffers from critical SSL/TLS configuration issues including an invalid SSL certificate and lack of modern TLS protocol support. These issues significantly impact the security posture score and should be addressed promptly to ensure secure communications and user trust. Privacy compliance is well handled with clear GDPR-aligned privacy and cookie policies, supported by a consent mechanism. Overall, OTP Bank's website demonstrates high business credibility and professionalism, with comprehensive contact information and trust indicators such as awards and certifications. The domain registration data aligns well with the business history and legitimacy. Strategic improvements in SSL/TLS configuration and ongoing security audits are recommended to enhance the security posture and maintain customer confidence.

H

hokify GmbH

hokify.at

0

hokify GmbH operates a mobile-first job platform primarily serving the Austrian and German-speaking job market. The company offers a user-friendly job search portal and mobile app with over 11,000 job listings, emphasizing ease of application without the need for traditional cover letters. Technically, the website is built on modern JavaScript frameworks such as Vue.js and Nuxt.js, hosted on Amazon CloudFront CDN, and optimized for mobile devices. However, the site currently lacks a valid SSL certificate, which is a critical security concern. Privacy policies are comprehensive and GDPR compliant, and the company maintains active social media engagement. Overall, hokify presents a professional and trustworthy business with room for security improvements.

W

WTW

acclaris.com

0

WTW is a global leader in risk management, employee benefits, and capital advisory services, offering data-driven and insightful solutions to enterprises. The Finnish localized website reflects a mature digital presence with comprehensive content, professional design, and clear navigation targeting corporate clients and enterprises. The technical infrastructure leverages modern web technologies including Sitecore CMS, Bootstrap framework, Coveo search, and Brightcove video players, hosted likely on Microsoft Azure. Despite a strong security header configuration, the site suffers from a critical SSL certificate issue, lacking valid HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The site extensively uses third-party analytics and marketing tools, indicating a high level of user tracking and data collection. Overall, the website is professional and trustworthy but requires urgent remediation of SSL issues to ensure secure communications and maintain user trust.

G

Global Hospitality Solutions

ghsolutions.net.au

0

Global Hospitality Solutions is an established Australian company specializing in premium housekeeping, cleaning, maintenance, and outsourcing services for the hospitality sector. With over 18 years of experience and a client base of 50+ hotels, the company positions itself as a trusted partner offering tailored solutions to enhance hospitality operations. Their digital presence is built on a modern WordPress platform with Elementor, hosted on Hostinger with LiteSpeed server technology, ensuring good performance and mobile optimization. Security measures include valid SSL but lack advanced features like HSTS and OCSP stapling, indicating room for improvement. The website provides clear contact channels and client testimonials, enhancing business credibility. However, privacy compliance is basic with no cookie policy or consent mechanism detected. Overall, the site is professional and trustworthy but could benefit from enhanced security and privacy practices.

C

Continental Exchange Solutions, Inc.

riafinancial.com

0

Ria Financial Services operates a global money transfer platform, providing services to individuals and businesses for sending and receiving money internationally. The company maintains a strong market presence with localized country-specific websites and a corporate section, supported by a parent company, Euronet Worldwide, Inc. The website is built on the Liferay CMS platform, leveraging modern web technologies such as jQuery and Bootstrap, and includes multi-language support and a cookie consent mechanism to comply with privacy regulations. However, a critical security deficiency is the absence of a valid SSL certificate and TLS support, which severely impacts the security posture and user trust. While privacy and cookie policies are comprehensive and GDPR compliant, the lack of HTTPS undermines data protection efforts. The site includes social media integration and a contact form with CAPTCHA to mitigate spam. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to meet industry standards.

S

SPS Technik Ges.m.b.H

sps.at

0

SPS Technik Ges.m.b.H is a well-established Austrian company specializing in turnkey automation solutions for various industries including manufacturing, transportation, and energy. The company operates internationally with subsidiaries in China and Poland, offering comprehensive services from electro planning, robot programming, mechanical construction, to service and maintenance. Their market position is strong, supported by over 70 years of experience and installations in more than 50 countries. Technically, the website is built on a modern WordPress CMS with Elementor and Yoast SEO, featuring good mobile optimization and accessibility. Security-wise, the site uses a valid SSL certificate but lacks modern TLS protocols and some security headers, which lowers its security posture. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the website reflects a professional and credible business presence with room for security improvements.

H

HellermannTyton

hellermanntyton.at

0

HellermannTyton is a well-established manufacturer and provider of cable management and connectivity products, serving industrial sectors such as manufacturing, energy, and transportation. The website presents comprehensive product information, industry solutions, and sustainability initiatives, targeting professional and industrial customers primarily in Austria and surrounding regions. The company maintains a strong brand presence with consistent design and multiple social media channels. Technically, the website uses a modern tech stack including Apache, jQuery, Google Tag Manager, and Usercentrics for consent management, hosted behind Cloudflare DNS services. However, the SSL/TLS configuration is outdated, supporting only TLS 1.1 without TLS 1.2 or 1.3, which is a security concern. Security headers are well implemented, including a strict Content Security Policy and HSTS header, though HSTS is not fully enabled in SSL configuration. Privacy compliance is strong with clear privacy and cookie policies and active consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and compliant, but would benefit from modernizing its TLS support and enhancing SSL configurations.

The website olly.us currently presents minimal content, consisting solely of a client-side redirect script to a /lander path. There is no accessible business information, metadata, or contact details available on the root page. The domain is registered and has DNS A records but lacks DNSSEC and CAA records, and the SPF record is restrictive with no authorized mail senders. Critically, the site does not have a valid SSL certificate and does not support HTTPS, which severely impacts trust and security posture. No privacy, cookie, or terms of service policies are present, and no forms or external links are found. Overall, the site appears to be either under construction or improperly configured, providing no meaningful business or security information.

S

Symrise I Food & Beverage I Scent & Care I Fragrance - Symrise

symrise.com

0

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

G

GIG Fassaden GmbH

gig.at

0

GIG Fassaden GmbH is a medium-sized Austrian company specializing in premium metal and glass facade solutions for international architecture projects. Their business model focuses on B2B services including design, engineering, prototyping, manufacturing, installation, maintenance, and renovation of building envelopes. The company maintains a strong market position with a consistent brand presence and comprehensive service offerings. Technically, the website is built on WordPress with modern libraries and plugins, optimized for SEO and mobile responsiveness. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing the site to risks and undermining user trust. Privacy policies and cookie consent mechanisms are well implemented, reflecting GDPR compliance. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

B

baningo GmbH

baningo.com

0

baningo GmbH is a technology company specializing in digital networking solutions, primarily through their digital business card platform and NFC business cards. Founded in 2015 and based in Austria, the company serves a broad professional audience seeking modern, sustainable ways to share contact information. Their market position is supported by over 10,000 customers and partnerships with notable companies. Technically, the website leverages Cloudflare for hosting and security, uses Matomo and Google Tag Manager for analytics, and integrates Facebook Pixel for marketing. However, the absence of a valid SSL certificate and HTTPS severely undermines the security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Overall, the website is professionally designed and trustworthy but requires urgent security improvements.

S

Sto SE & Co. KGaA

sto.com

0

Sto SE & Co. KGaA is a global enterprise specializing in facade systems, insulation, acoustic surfaces, and floor coatings with over 50 years of industry experience. The company targets architects, builders, and developers seeking sustainable and aesthetic building solutions. Their website reflects a mature digital presence with comprehensive content, localized contacts, and professional branding. Technically, the site uses a custom Sto framework with modern JavaScript and CSS but lacks a valid SSL certificate, resulting in insecure HTTP connections and a weak security posture. Privacy and cookie policies are well implemented with consent mechanisms, and marketing tools like Salesforce Marketing Cloud and Usercentrics CMP are integrated. Security headers are configured but undermined by missing HTTPS. Overall, the site is professional and trustworthy but requires urgent SSL/TLS implementation to improve security and user trust.

N

NovaTaste

frutaromsavory.com

0

NovaTaste is a globally recognized leader in taste innovation, specializing in providing customized and sustainable food ingredient solutions to food manufacturers, butchers, and foodservice players. With a strong global presence spanning 19 sites and over 2,200 employees, the company offers a broad portfolio including herbs, spices, seasonings, marinades, and functional ingredients. Their business model focuses on tailored solutions and turnkey R&D projects, positioning them as a key player in the manufacturing sector of the food industry. Technically, the website leverages modern frameworks such as Next.js and React, hosted on Amazon CloudFront, delivering a professional and responsive user experience with good SEO and accessibility standards. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocol support, which poses risks to user trust and data security. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and trustworthiness.

M

Messe Wels GmbH

messe-wels.at

0

Messe Wels GmbH operates a prominent exhibition center in Wels, Austria, providing event hosting, exhibition space rental, and related services. The website targets exhibitors and visitors interested in trade fairs and events, positioning itself as a leading venue in Austria. The digital infrastructure relies on legacy technologies such as Microsoft IIS 8.5 and older versions of jQuery and Bootstrap, with Google Tag Manager implemented for analytics and marketing. However, the website lacks a valid SSL certificate and does not support modern TLS protocols, significantly impacting its security posture. While contact information and privacy policies are present, the absence of advanced security headers and incident response information indicates room for improvement. Overall, the site is functional and professional but requires urgent security upgrades to protect user data and enhance trust.

A

Apitech

apitech.fr

0

Apitech is a French technology company specializing in open source productivity solutions and custom software development. With over 30 years of experience, it positions itself as a trusted partner for organizations seeking sovereign and secure digital tools. The company leverages open source expertise and partnerships with major technology providers like Microsoft and Dell to deliver tailored solutions. The website reflects a professional and consistent brand image targeting business clients in France. Technically, the site is built on WordPress with the Divi theme and uses modern plugins and analytics tools. However, a critical security issue is the lack of a valid SSL certificate, resulting in no HTTPS, which significantly impacts the security posture. While some security headers are present, the absence of HTTPS and modern TLS protocols is a major vulnerability. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and trust.

G

Grant Thornton

grantthornton.com

0

Grant Thornton is a leading professional services firm specializing in audit, assurance, tax, and advisory services. With a large community of nearly 10,000 professionals, the company serves a diverse range of industries including energy, financial services, healthcare, manufacturing, and technology. The website reflects a mature digital presence built on Adobe Experience Manager, featuring comprehensive content, clear navigation, and strong branding consistency. However, the current SSL/TLS configuration is critically deficient, with no valid certificate and no enabled TLS protocols, which poses a significant security risk. The site implements standard security headers and privacy policies, including GDPR-compliant privacy and cookie policies with consent mechanisms. Social media integration and external partnerships are well established, enhancing business credibility. Overall, the site is content-rich and professionally designed but requires urgent remediation of its SSL/TLS security posture to ensure user trust and compliance.

V

Victory Capital Management Inc.

pioneerinvestments.com

0

Pioneer Investments, a franchise of Victory Capital Management Inc., operates a comprehensive investment services website targeting investors and financial professionals. The site offers a broad range of asset management products including mutual funds, separately managed accounts, and closed-end funds, supported by investment insights and research. The business is well-established with a history dating back to 1928 and maintains a strong market position within the finance sector in the United States. Technically, the website leverages Adobe Experience Manager CMS, integrates multiple modern libraries and marketing tools, and is hosted via Amazon CloudFront CDN, indicating a mature digital infrastructure. However, the site suffers from a critical security flaw due to an invalid or missing SSL certificate, which undermines the security posture despite the presence of robust security headers. Privacy compliance is moderate with a clear privacy policy but lacking explicit cookie consent mechanisms. Overall, the website is professional and trustworthy but requires urgent remediation of SSL issues to ensure secure user interactions and compliance.

C

CAE Expert Group GmbH

caeexpert.group

0

CAE Expert Group GmbH is a specialized provider of ECAD engineering services and software solutions, operating primarily in Austria and Germany. The company offers a broad range of services including system automation, consulting, software development, training, and project support, positioning itself as a trusted expert with TÜV SÜD certification. The website is professionally designed, content-rich, and targets businesses and professionals seeking ECAD system expertise. Technically, the website is built on WordPress with Elementor and employs modern SEO and cookie consent tools, but suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and overall trustworthiness from a cybersecurity perspective. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Contact information is comprehensive and transparent, supporting business credibility. Strategic improvements in SSL/TLS implementation and security headers are essential to elevate the security maturity and user trust.

'

's Heeren Loo

sheerenloo.nl

0

's Heeren Loo is a large, established healthcare organization in the Netherlands specializing in providing tailored care and support for people with intellectual and other disabilities. Their services span diagnostics, treatment, home support, education, work and day activities, and residential care. The organization targets clients with disabilities, their families, and care professionals, emphasizing a mission to help clients live as well as possible with appropriate care levels. Technically, the website employs modern JavaScript frameworks like Vue.js and Vuex, integrates Matomo analytics for user tracking, and uses Google Tag Manager for marketing. Accessibility and SEO are well addressed, with good mobile optimization and structured data markup. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical vulnerability. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, the website is professional, content-rich, and trustworthy but requires urgent improvements in SSL/TLS security to protect user data and maintain trust.

D

DACHSER

dachser.com

0

DACHSER is a well-established global logistics provider with a strong market position and comprehensive service offerings across multiple transport and warehouse networks. The website reflects a mature digital presence with multilingual support, rich content, and clear corporate governance and compliance information. Technically, the site uses modern tracking and consent management technologies but suffers from critical SSL certificate issues that undermine its security posture. Security headers and policies are well implemented, but the lack of valid HTTPS and modern TLS protocols is a significant risk. Overall, the site is professional and trustworthy but requires urgent remediation of SSL and TLS configurations to ensure secure user interactions and maintain compliance. Strategic recommendations include fixing SSL certificates, enabling modern TLS, and enhancing security mechanisms such as OCSP stapling and session resumption.

S

SOL4 IT-Consulting GmbH

sol4.at

0

SOL4 IT-Consulting GmbH is a specialized IT consulting firm based in Austria, focusing on CRM software solutions and digitalization services for small and medium-sized enterprises. The company offers CRM software consulting, project implementation, industry-specific solutions, and support services, positioning itself as a market leader in CRM solutions within its region. The website reflects a professional and consistent brand image with comprehensive content tailored to its target audience. Technically, the site is built on Joomla CMS with modern UIkit framework and common JavaScript libraries, providing a good user experience and mobile optimization. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the site's security posture and trustworthiness. The site implements GDPR-compliant privacy and cookie policies with active consent mechanisms and transparent contact information. Overall, while the business and content quality are strong, the lack of HTTPS is a major risk that should be addressed promptly.

P

PRAXIS

praxispr.ca

0

PRAXIS is a Canadian marketing communications agency specializing in integrated services including PR, digital marketing, live events, social media management, and collaborations. The company positions itself as a leading Canadian-owned agency with a strong client portfolio including major brands such as Pepsi, Cineplex, and Purina. The website is professionally designed with rich content and clear navigation targeting Canadian businesses seeking marketing communications expertise. Technically, the site is built on WordPress with modern plugins and SEO tools, but suffers from a lack of HTTPS security due to an invalid or missing SSL certificate. Security headers are minimal but present, and no cookie consent or GDPR compliance mechanisms are evident. The agency maintains active social media presence and uses Google Analytics and LinkedIn Insight for tracking. Overall, the website reflects a credible and professional business but requires urgent security improvements to protect user data and enhance trust.