Security Directory

G

GDV Group

gdv.com.mx

0

GDV Group is a well-established market and consumer intelligence consultancy based in Mexico with over 50 years of experience. The company offers research and consulting services aimed at helping clients make informed business decisions. Their digital presence is built on WordPress with the Divi theme, leveraging common plugins and tracking tools such as Google Tag Manager and Facebook Pixel. While the website content is professionally presented and navigation is clear, the absence of a valid SSL certificate is a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are present but basic, with no visible terms of service or incident response policies. Overall, the business appears credible and consistent with its domain registration data, but security improvements are urgently needed.

L

Leviton Manufacturing Co., Inc.

brand-rex.com

0

Leviton Manufacturing Co., Inc. operates a comprehensive and professionally designed website offering a wide range of electrical and lighting control products targeting residential, commercial, and industrial markets. The company positions itself as a leader in home electrical safety with over 115 years of history, providing products such as lighting controls, wiring devices, networking solutions, electric vehicle charging, and submetering. The website demonstrates a mature digital presence with extensive product catalogs, market segmentation, and partner integrations. Technically, the site is built on Adobe Experience Manager with modern marketing and analytics tools integrated, ensuring good user experience and SEO. However, a critical security gap exists due to the absence of a valid SSL certificate and disabled TLS protocols, significantly impacting the security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance practices. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

M

M.Tech Products Pte Ltd

mtechpro.com

0

M.Tech Products Pte Ltd is a leading distributor and solutions provider specializing in cyber security and network performance solutions across the Asia-Pacific region. The company maintains a strong market position with presence in 14 countries, 24 offices, and a reseller network exceeding 2,000 partners. Their business model focuses on partnering with market-leading vendors to deliver integrated security and network performance management solutions, complemented by professional services and training offerings. The website reflects a professional and consistent brand image with good content quality and clear navigation tailored for their target audience of enterprises and resellers. Technically, the website is built on WordPress using common libraries such as jQuery and Owl Carousel, with Gravity Forms for data collection. While the site is mobile optimized and SEO friendly, performance appears slow based on provided data. Critically, the site lacks a valid SSL certificate and proper HTTPS configuration despite having security headers like HSTS, which severely impacts its security posture. Analytics usage is moderate with Google Analytics implemented, but no cookie consent mechanism or explicit cookie policy was found. From a security perspective, the site demonstrates basic best practices through HTTP security headers but suffers from the absence of HTTPS and modern TLS protocols, exposing users to potential risks. No incident response or vulnerability disclosure information is available, and no security certifications are displayed. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, the website is functional and professional but requires urgent security improvements, especially regarding SSL/TLS implementation, to protect user data and enhance trust. Privacy compliance is partially met with a comprehensive privacy policy but lacks cookie consent mechanisms. Strategic recommendations include securing the website with valid certificates, enabling modern security protocols, and enhancing privacy and incident response disclosures.

T

TachoEASY GmbH

tachoeasy.com

0

TachoEASY GmbH is a medium-sized Austrian company specializing in telematics and tachograph data archiving software solutions for the transportation and logistics sector. With nearly two decades of market presence, it offers products such as tacholog² and BlueLOGICO® targeting fleet operators and transport companies. The website is built on Joomla CMS with modern UIkit framework and integrates various third-party services including Calendly and friendly-challenge captcha for user interaction. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, representing a critical security vulnerability. Security headers are partially implemented but key protections like HSTS and DNSSEC are missing. The company provides comprehensive privacy and cookie policies with a consent mechanism, reflecting good GDPR compliance. Contact information is clearly presented with multiple channels including phone, email, and contact forms. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

F

finderly GmbH & Co KG (Medieninhaber)

shpock.com

0

Shpock is a well-established online marketplace specializing in local second-hand classifieds across the United Kingdom, operated by finderly GmbH & Co KG based in Austria. The platform offers a wide range of categories including electronics, fashion, baby products, home & garden, and motors, supported by a strong mobile app presence with over 50 million downloads. The business model focuses on zero fees for sellers, monetizing through promoted listings and memberships, positioning Shpock as a leading player in the UK second-hand market. Technically, the website leverages modern web technologies such as React and Next.js, hosted behind Cloudflare, and integrates with payment and marketing services like Adyen, SendGrid, and Zendesk. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS support, which poses risks to user data confidentiality and trust. Privacy and legal compliance are well addressed with comprehensive policies and GDPR adherence. Overall, Shpock presents a professional and trustworthy e-commerce platform with room for critical security improvements to enhance user trust and compliance.

P

Polizeichor Dortmund

polizeichor-dortmund.de

0

Polizeichor Dortmund is a small, local non-profit choir organization based in Germany, founded in 1909. The choir serves as a bridge between the police and the community, inviting all interested individuals to participate regardless of prior choral experience. Their website provides information about rehearsal times, locations, and upcoming events, targeting local citizens and choir enthusiasts. Technically, the website is built on WordPress with a standard Apache/PHP hosting environment and uses common plugins such as Yoast SEO for optimization. However, the site lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes visitors to potential risks and undermines trust. Security headers are minimal, and no advanced security policies or incident response information is provided. Privacy compliance is basic, with a privacy policy page present but no cookie consent mechanism or GDPR-specific notices. Overall, the website is functional and informative but requires significant improvements in security and privacy to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

W

Werner Kolb / KOLB DIGITAL AUDIO

werner-kolb.de

0

Werner Kolb operates a personal brand website focused on music production, performance, and authorship, particularly addressing musicians with tinnitus. The site presents a niche media business with a strong personal touch, targeting a broad audience interested in music and health. The technical infrastructure is based on WordPress with popular plugins like Elementor and Slider Revolution, hosted likely by 1&1 IONOS. While the site is well-structured and content-rich, it lacks a valid SSL certificate, which is a critical security gap. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy awareness. Social media integration and contact information enhance business credibility. Overall, the site is functional but requires urgent security improvements to protect user data and improve trust.

M

Mons Royale

monsroyale.com

0

Mons Royale is a specialized e-commerce retailer offering high-performance merino wool apparel targeting outdoor and active lifestyle consumers. The company emphasizes sustainability and natural performance materials, positioning itself as a niche brand with a global presence through regional subdomains. Technically, the website is built on the Shopify platform with a modern tech stack including jQuery, GSAP, and various marketing and analytics integrations. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which undermines user trust and data security. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism despite extensive tracking. Business credibility is supported by consistent branding, social media presence, and B Corp certification. Overall, the site is professional and content-rich but requires urgent security improvements to meet industry standards.

U

Unisto

unisto.co.uk

0

Unisto is a mature manufacturing company specializing in security seals and brand profiling solutions, operating globally with Swiss quality standards. The website reflects a professional business presence targeting companies requiring security and brand protection products. Technically, the site is built on TYPO3 CMS with modern frontend libraries such as jQuery, Swiper, and Bootstrap, hosted by Fasthosts Internet Ltd. However, the absence of HTTPS/SSL is a critical security flaw that undermines user trust and data protection. Privacy and cookie policies are implemented with a consent mechanism, but direct contact details are limited to forms without explicit emails or phone numbers. Overall, the website is functional and professional but requires urgent security improvements.

T

T-Mobile Austria GmbH

upc.at

0

The website for upc.at, branded as Magenta Austria, represents a major telecommunications provider offering a wide range of services including mobile tariffs, internet packages, TV offerings, and bundled solutions for both consumers and business customers. The site is professionally designed with rich content, clear navigation, and consistent branding that aligns with the corporate identity of T-Mobile Austria GmbH. Structured data and social media presence further reinforce the company's legitimacy and market position in Austria. Technically, the site is built on Adobe Experience Manager CMS and utilizes modern marketing and analytics tools such as Google Tag Manager and Usercentrics for consent management. However, the website currently suffers from a critical security issue: the SSL/TLS certificate is invalid or missing, and no secure HTTPS protocols are enabled. This significantly impacts the security posture and user trust, despite the presence of security headers and content security policies. Privacy compliance is well addressed with clear privacy and cookie policies and an active consent mechanism. Contact information is available primarily via phone numbers and contact forms, though no direct company email addresses are exposed. The WHOIS data confirms the domain's legitimacy and consistency with the business identity. Overall, while the website excels in content quality, user experience, and privacy compliance, the lack of valid HTTPS and proper SSL configuration is a critical vulnerability that must be addressed immediately to ensure secure communications and maintain customer trust.

D

Daikin

daikin-ce.com

0

Daikin Central Europe operates as a regional branch of Daikin Industries, Ltd., specializing in air conditioning, heating, ventilation, heat pump, and refrigeration solutions. The website targets businesses and consumers in Central Europe, offering a broad portfolio of HVAC products and services. The company maintains a strong market position with multiple country-specific domains, reflecting a well-established regional presence. Technically, the website is built on Adobe Experience Manager CMS and leverages modern frontend technologies including Adobe Helix RUM for performance monitoring and Google Tag Manager for analytics. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap. Security headers are partially implemented but insufficient without proper encryption. Privacy compliance is weak, with no visible privacy or cookie policies, and no contact information is provided on the landing page, limiting user trust and regulatory compliance. Overall, the site is professional and well-branded but requires urgent security and privacy improvements.

I

Italoffice Büromöbel

italoffice.at

0

Italoffice is a small Austrian retail business specializing in high-quality office furniture, including ergonomic chairs, height-adjustable desks, conference furniture, and acoustic solutions. The company targets businesses and individuals in Vienna and Lower Austria, offering personalized consultation, delivery, and assembly services. The website is professionally designed using WordPress, WooCommerce, and Elementor, providing a comprehensive product catalog and clear contact options. However, the absence of a valid SSL certificate and HTTPS significantly impacts the security posture, exposing users to potential risks. Privacy and cookie policies are present and GDPR compliant, indicating good privacy awareness. Overall, the business appears legitimate and well-positioned in its niche, but security improvements are critical to protect customer data and enhance trust.

C

CardivAI GmbH

cydeckt.com

0

CardivAI GmbH operates in the healthcare technology sector, specializing in generative AI-driven diagnostics for cardiovascular diseases. Their offerings include AI integrations, AWS cloud-based solutions architecture, and DevOps services tailored for mobile-first healthcare applications. The company positions itself as a niche provider leveraging advanced AI models such as Anthropic's Claude 4 and AWS infrastructure to deliver innovative healthcare diagnostics solutions. The website content and branding reflect a professional and consistent image targeting healthcare professionals and technology adopters in the medical diagnostics field. Technically, the website is hosted on AWS infrastructure using Amazon S3 and CloudFront, with modern frontend technologies including Bootstrap, Swiper, and JavaScript libraries for UI enhancements. Google Tag Manager and CookieYes scripts indicate moderate analytics and cookie consent management. However, the site lacks HTTPS support, which is a significant technical and security shortfall. Mobile optimization and SEO appear adequate, but performance metrics are unavailable. From a security perspective, the absence of a valid SSL/TLS certificate and HTTPS severely impacts the security posture, exposing users to potential data interception risks. No advanced security headers or protocols are implemented, and no incident response or vulnerability disclosure policies are evident. The use of AWS server-side encryption for content storage is a positive aspect, but overall security maturity is low. Privacy compliance is basic with cookie consent but lacks explicit GDPR compliance indicators. Overall, the website presents a credible business with professional content and clear contact information but requires urgent improvements in security, particularly enabling HTTPS and enhancing security headers. Strategic recommendations include implementing SSL/TLS, adopting security best practices, and formalizing privacy and incident response policies to improve trust and compliance.

R

RAITEC GmbH

grz.at

0

RAITEC GmbH is a prominent IT service provider specializing in delivering high-tech infrastructure and operational services to the financial sector in Austria. The company supports a large-scale environment with over 50 million daily online transactions, 35,000 client workstations, and extensive data storage capabilities. Their market position is strong as one of Austria's leading IT system houses focused on finance. Technically, the website is built on Adobe Experience Manager with modern JavaScript frameworks and tracking tools, providing a professional and accessible user experience. However, the critical lack of a valid SSL certificate and HTTPS support significantly undermines the security posture. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the business credibility and content quality are high, but urgent security improvements are needed to protect user data and trust.

W

Welser Profile GmbH

welser.com

0

Welser Profile GmbH is a well-established family-owned manufacturing company specializing in steel and stainless steel profiles, serving various industrial sectors including mobility, energy, and construction. The website presents a professional and content-rich platform with multilingual support and detailed service offerings. Technically, the site uses Apache server technology, HubSpot CMS, and integrates Google Maps and various marketing and analytics tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness, exposing users to potential risks. Security headers are partially implemented but need enhancement. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates good business credibility but requires urgent security improvements.

F

FLOTAINMENT

flotainment.com

0

FLOTAINMENT is a medium-sized Austrian media company established in 1998, specializing in audio production, PR management, design, studio services, and label operations. The company targets clients in the creative and entertainment sectors, offering a diversified portfolio through multiple subdomains representing its key services. The website is built on WordPress with Elementor and integrates Jetpack for analytics and security features. However, the site lacks HTTPS, which is a critical security shortfall. While cookie consent and privacy policies are well implemented and GDPR compliant, the absence of SSL/TLS encryption exposes visitors to potential risks. Contact information is clearly provided, enhancing business credibility. Overall, the digital infrastructure is functional but requires urgent security upgrades to meet modern standards.

Wieland Austria Ges.m.b.H. is a well-established manufacturing company specializing in copper tubes and semi-finished and finished copper alloy products. Founded in 1904 and part of the global Wieland Group since 1999, it holds a strong market position in Europe with modern production sites in Amstetten and Enzesfeld, Austria. The company targets industrial and energy sectors, providing engineered products and services with a focus on quality and sustainability. The website reflects a professional digital presence with comprehensive content, certifications, and contact options. Technically, the site uses modern CMS and caching technologies but lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with a consent management platform and clear policies. However, the absence of incident response and vulnerability disclosure information indicates room for improvement in security transparency. Overall, the website is credible and professional but requires urgent SSL/TLS remediation to ensure secure communications and trust.

A

abss interactive GmbH

abss.at

0

abss interactive GmbH is a well-established Austrian digital agency specializing in custom web development, digital transformation consulting, and tailored software solutions. With nearly 25 years of experience, the company serves a diverse client base ranging from small businesses to large international corporations. Their key services include digitalization, website and e-commerce development, search portals, custom tools, and consulting expertise, with a strong emphasis on accessibility and blockchain technology integration. Technically, the website employs a modern technology stack including Apache server, jQuery, Bootstrap grid, and various JavaScript libraries for enhanced user experience. However, the hosting environment lacks a valid SSL/TLS certificate and does not support modern TLS protocols, which is a significant security concern. The site is mobile-optimized and demonstrates good SEO and accessibility practices, but performance metrics are unavailable. From a security perspective, while several security headers are implemented, the absence of HTTPS and proper SSL configuration severely undermines the site's security posture. No incident response or vulnerability disclosure policies are evident. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Business credibility is strong, supported by certifications, client references, and transparent contact information. Overall, the site is professionally designed and content-rich, but critical security improvements are necessary to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing cookie consent, and establishing formal security policies.

7iD Technologies GmbH is an Austrian company specializing in IoT software and solutions focused on optimizing intralogistics and industrial production processes. Their offerings include track & trace technology, asset management, and predictive maintenance solutions leveraging various IoT technologies such as RFID, BLE, NB-IoT, and UWB. The company positions itself as a leading provider in the manufacturing sector, targeting businesses seeking digital transformation and efficiency improvements. Technically, the website is built on WordPress with common plugins and hosted behind Cloudflare, but lacks a valid SSL certificate, which is a significant security concern. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. The security posture is weak due to missing HTTPS and modern TLS protocols, exposing users to potential risks. Overall, the website is professional and trustworthy but requires urgent security improvements to protect data and enhance user trust.

M

mohemian services GmbH

mohemian.com

0

mohemian services GmbH is a small Austrian technology consultancy specializing in translating business needs into technology solutions. Their offerings include business strategy, entrepreneurial thinking, experience design, corporate governance, and technical architecture and development. The company targets tech startups, corporate ventures, and clients seeking innovative digital product development. Their market position is that of a niche, visionary technology partner with a focus on professional execution and agile processes. Technically, the website is built on GravCMS, hosted on Hetzner infrastructure, and uses nginx as the web server. The site includes modern SVG graphics and several Grav plugins for markdown notices, forms, and login functionality. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Performance metrics are missing, but the site appears to have good mobile optimization and basic accessibility features. From a security perspective, the site implements several security headers such as HSTS, X-Frame-Options, and X-XSS-Protection, but the absence of HTTPS and TLS protocols severely undermines security posture. No incident response or security policy information is provided, and no vulnerability disclosure or security.txt file is found. Email security could be improved by adding a DMARC record. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy in terms of business presentation but requires urgent improvements in security infrastructure, especially enabling HTTPS with a valid certificate. Adding cookie consent and incident response information would enhance compliance and trust. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include securing the website with HTTPS, implementing cookie consent, publishing security policies, and improving email security.

H

HTL Zeltweg

htl-zeltweg.at

0

HTL Zeltweg is a medium-sized Austrian educational institution specializing in technical and vocational education, particularly in mechanical engineering and construction technology. The website reflects an active institution with a focus on practical training, robotics, and international cooperation. The technical infrastructure is based on WordPress with a modern plugin ecosystem, but suffers from critical security shortcomings such as the absence of HTTPS and a valid SSL certificate. The lack of cookie consent and privacy compliance mechanisms further reduces trustworthiness. While the site provides clear contact information and social media presence, the security posture is weak, exposing the institution to risks related to data interception and user trust. Strategic improvements in SSL deployment, security headers, and privacy compliance are essential to enhance the institution's digital maturity and protect its stakeholders.

ALSO Holding AG operates in the technology sector, primarily focusing on IT distribution and related services. The domain also.nl currently serves as a minimal placeholder that immediately redirects users to the main corporate site also.com, indicating that the primary web presence is maintained elsewhere. The business targets B2B customers and partners within the technology industry, positioning itself as an established player with a large organizational size and international reach. Technically, the site is hosted on Apache servers with managed IP DNS services but lacks modern web infrastructure features such as SSL/TLS encryption, security headers, and performance optimizations. The absence of HTTPS and security best practices represents a significant security risk and lowers trustworthiness. No privacy or cookie policies are present, and no contact information is provided on this domain, which further reduces compliance and user trust. Overall, the domain appears legitimate and consistent with the corporate identity but requires urgent improvements in security and content to meet modern standards.

The website at abercrombie.com is currently inaccessible, serving only a minimal 'Bad Request' HTML page with no substantive content. This indicates the presence of a Web Application Firewall (WAF) or other security mechanism blocking access, preventing a full analysis of the site's content, policies, or business information. DNS records show the domain is professionally managed with Akamai CDN and hosted email services, suggesting a legitimate commercial entity behind the domain. However, the lack of a valid SSL/TLS certificate and disabled HTTPS protocols represent critical security weaknesses. No privacy, cookie, or security policies are detectable, and no contact information or business details are available from the site content. Overall, the site’s digital presence is severely limited by accessibility issues and poor security configuration.

The americamovil.com website is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, presenting a security challenge page instead of business content. America Movil is a large telecommunications enterprise, but the website does not expose any business or contact information, privacy policies, or terms of service on the accessible page. The technical infrastructure relies on Cloudflare for security and hosting, but the SSL/TLS configuration is critically lacking with no valid certificate or HTTPS support detected. This severely impacts the security posture and trustworthiness of the site. The absence of privacy and cookie policies further indicates poor compliance with data protection regulations. Overall, the site’s digital maturity is low due to blocked content and missing essential security and compliance features.

I

International Society of Automation

isa.org

0

The International Society of Automation (ISA) is a well-established non-profit professional association focused on industrial automation. It serves a global audience of engineers, technicians, and management professionals by providing standards, certifications, training, and events. The organization holds a strong market position as a trusted source for automation standards and technical resources. The website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site uses Microsoft IIS with ASP.NET MVC and Kentico CMS, integrating modern JavaScript libraries and Google Tag Manager for analytics. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which are critical for secure communications. Privacy policies and terms of service are well documented, though cookie consent mechanisms appear lacking. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

T

TRIAX

triax.com

0

TRIAX is a UK-based manufacturer and distributor specializing in multimedia equipment for the trade sector, focusing on signal reception, TV distribution, and IP network solutions primarily for the hospitality and telecommunications industries. The company has a strong market presence with over 75 years of history and a wide distributor network. Their website is built on WordPress with WooCommerce, leveraging modern themes and plugins such as Divi and Yoast SEO to provide a professional and user-friendly experience. Despite the comprehensive content and good privacy compliance, the absence of a valid SSL/TLS certificate is a critical security gap that exposes users to potential risks. The site includes active cookie consent mechanisms and detailed privacy policies, reflecting a commitment to GDPR compliance. Overall, the business demonstrates solid digital maturity but requires urgent security improvements to protect user data and enhance trust.

W

Webasto Group

webasto.com

0

Webasto Group is a mature, enterprise-level global automotive supplier specializing in innovative roof systems, battery solutions, heating, and cooling products. The company is positioned among the top 100 automotive suppliers worldwide, serving automotive manufacturers and end customers with a broad portfolio of products and services. The website is professionally designed, leveraging modern technologies such as Adobe Experience Manager and React, providing a rich user experience with clear navigation and relevant content. However, a critical security issue is the lack of a valid SSL certificate, resulting in no HTTPS enforcement, which significantly impacts the security posture. Privacy and cookie policies are present, indicating awareness of compliance requirements, but the absence of a cookie consent mechanism and security policy pages suggests room for improvement in privacy compliance and transparency. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

A

AMES - Aerospace and Mechanical Engineering Services

ames.aero

0

AMES - Aerospace and Mechanical Engineering Services is a mature Austrian company specializing in aerospace engineering, certification, production, maintenance, CAMO, consulting, and training services. With a domain age of 17 years and multiple aerospace certifications, AMES positions itself as a reliable service provider in the aerospace transportation sector. The website reflects a professional business model targeting aerospace industry professionals and companies requiring specialized engineering and certification services. The company maintains a consistent brand presence with clear contact information and social media engagement. Technically, the website employs a variety of established JavaScript libraries and frameworks such as jQuery, Bootstrap, and Owl Carousel, indicating a moderate level of digital maturity. However, the site lacks HTTPS encryption and modern security configurations, which significantly impacts its security posture. Performance is rated slow due to missing SSL and potential optimization gaps, though mobile responsiveness and navigation clarity are good. Security evaluation reveals critical vulnerabilities including the absence of SSL/TLS, no HSTS, no DNSSEC, and missing security headers. These gaps expose the site to potential interception and downgrade attacks. The domain's imminent expiry in 11 days adds operational risk. Privacy compliance is minimal, with basic privacy and terms documents available but no cookie consent or incident response contacts. Overall, AMES demonstrates solid business credibility and content quality but requires urgent security improvements to protect its digital assets and customer trust. Strategic recommendations include immediate SSL implementation, enhanced domain protection, and adoption of security best practices to elevate the security score and compliance posture.

R

ReinZeit Handels GmbH

reinzeit.com

0

ReinZeit Handels GmbH is an Austrian retail company specializing in eco-friendly cleaning and wellness products, including microfiber cloths, cleaners, laundry detergents, and wellness aroma products. The company emphasizes social responsibility, environmental protection, and Austrian quality standards, targeting consumers interested in sustainable and socially responsible products. Their business model includes direct sales through consultants and an online shop, supported by active social media channels and marketing efforts. Technically, the website is built on WordPress with WooCommerce, using popular plugins such as Yoast SEO and Borlabs Cookie for SEO and privacy compliance. The site is hosted on an Austrian IP and uses Apache server technology. However, performance metrics are not available, and the site is moderately optimized for mobile devices. From a security perspective, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical vulnerability. Although some security headers like HSTS and X-Frame-Options are present, the absence of TLS protocols and strong cipher suites significantly weakens the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professionally designed and trustworthy from a business perspective but requires urgent improvements in SSL/TLS security to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and enhancing security best practices.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

J

Jungbunzlauer Suisse AG

jungbunzlauer.com

0

Jungbunzlauer Suisse AG is a leading manufacturer of biodegradable ingredients of natural origin, serving diverse industries including food, beverage, pharmaceutical, cosmetics, and cleaners. The company emphasizes sustainability and quality, positioning itself as a global leader in its sector. Their website reflects a professional and content-rich digital presence, targeting businesses seeking natural and sustainable ingredient solutions. Technically, the site is built on TYPO3 CMS and hosted on infrastructure likely provided by AWS, with integrations such as Google Tag Manager for analytics. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses risks to data confidentiality and user trust. Privacy and cookie policies are well implemented, showing GDPR compliance and user consent mechanisms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect visitors and maintain credibility.

The website datentechnik.com is currently a parked domain with no active business content or services. The page primarily serves as a placeholder indicating the domain is for sale, with advertising scripts and minimal user interface elements. The technical infrastructure is basic, hosted on Hetzner Online with nginx and Caddy servers, and uses third-party ad networks such as AdsDeli and Google Adsense Domains CAF. There is no valid SSL certificate, and the site does not support HTTPS, which significantly impacts security posture. Privacy compliance is minimal, with only a basic privacy policy accessible via a popup but no cookie consent or GDPR indicators. Business credibility is low due to lack of contact information or company details.

The website harmann.ch represents a small Swiss law firm operated by Robert Harmann, offering legal services primarily in the Zürich region. The site provides basic information about the firm's practice areas including commercial law, family law, inheritance law, and related legal fields. The business model is that of a traditional law firm targeting local clients seeking legal counsel. The website content is minimal and primarily informational, with no interactive features or detailed contact information visible on the main page. Technically, the site is outdated, using HTML 4.01 Transitional and generated by Adobe GoLive 6, with no modern CMS or frameworks detected. The hosting is provided by Hostpoint, but the site lacks HTTPS, exposing visitors to security risks. Security posture is weak due to absence of SSL/TLS, missing security headers, and no privacy or cookie policies, which also impacts compliance with GDPR and other regulations. Overall, the website presents a low digital maturity level and limited user experience, which may affect trust and professional perception. Strategic improvements in security, privacy compliance, and content quality are recommended to enhance credibility and protect client data.

S

Sipwise GmbH

sipwise.com

0

Sipwise GmbH is a medium-sized telecommunications software company specializing in Class 5 VoIP softswitch solutions, unified communications, Cloud PBX, mobile VoIP clients, and WebRTC-based products. Their market position targets telecom operators, ISPs, and both B2B and residential customers, offering advanced and scalable communication platforms. The website is professionally designed with rich content and clear navigation, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and themes, hosted on Google Cloud infrastructure. However, the lack of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to risks and reducing trust. Security headers are present but their effectiveness is limited without proper SSL. Privacy and cookie policies are implemented with consent mechanisms, indicating good privacy compliance. Contact information is available primarily through a contact page and social media channels, but no direct emails or phone numbers are explicitly listed. Overall, the site demonstrates strong business credibility and content quality but requires urgent improvements in security configuration to meet modern standards.

The website sfwien.at represents a small personal or business presence for an individual named Sven Fuchs, primarily providing contact information such as phone numbers and an email address. The site content is minimal and lacks detailed business descriptions or service offerings, indicating a limited digital footprint and business scope. Technically, the website is hosted on an Apache server with DNS managed by world4you.at, but it lacks modern web technologies and uses outdated Microsoft Word generated HTML, resulting in poor performance and accessibility. Critically, the site does not implement HTTPS, exposing visitors to security risks and undermining trust. No privacy, cookie, or terms of service policies are present, indicating non-compliance with GDPR and other privacy regulations. The domain registration data is consistent and legitimate, with no privacy protection or suspicious patterns detected. Overall, the website's security posture is weak, with no security headers, no TLS support, and no incident response or vulnerability disclosure mechanisms. Strategic improvements are necessary to enhance security, privacy compliance, and technical quality.

C

CAPESPAN | We Deliver

capespan.com

0

Capespan is a large, established global distributor, marketer, and producer of fresh fruit with a strong market position supported by recognized brands such as Cape, Outspan, Outspan Gems, and Goldland. The company operates an integrated business model encompassing fruit growing, packing, marketing, and distribution, serving grower partners and retail customers worldwide. Their website reflects a professional and content-rich digital presence with active social media engagement and regular press updates. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and social media integration, hosted on Apache servers. However, the lack of a valid SSL certificate and absence of HTTPS significantly undermine the security posture, exposing users to risks. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, the site demonstrates good business credibility and digital maturity but requires urgent security improvements to protect data and maintain trust.

BMW USA operates as the official US branch of BMW AG, providing a comprehensive digital platform for luxury vehicle sales, including new, pre-owned, electric, and hybrid models. The website offers rich content, detailed vehicle information, and multiple customer engagement tools such as build-your-own configurators, dealer locators, and financial services. The brand maintains a strong market position as a premium automotive manufacturer with a focus on innovation and customer experience. Technically, the site leverages Adobe Experience Manager, modern JavaScript modules, and integrates various analytics and marketing tools, reflecting a mature digital infrastructure. Security measures are partially implemented with secure cookies and some security headers, but the SSL certificate is invalid or missing, which is a critical issue. Privacy policies and cookie consent mechanisms are present and comprehensive, supporting GDPR compliance. Overall, the website is professional and trustworthy but requires improvements in SSL configuration and security headers to enhance its security posture.

P

Porsche Inter Auto

porschewiennord.at

0

Porsche Inter Auto is a prominent automotive dealership network in Austria, representing multiple Volkswagen Group brands including VW, Audi, Porsche, ŠKODA, SEAT, and CUPRA. The company offers a comprehensive range of services including new and used car sales, vehicle servicing, financing, and accessories. Their market position is strong within the Austrian automotive retail sector, supported by a large network of dealer locations and a high volume of customer reviews indicating strong customer satisfaction. Technically, the website is built on the Plone CMS platform using Python and Zope, with Cloudflare providing hosting and CDN services. The site integrates modern web technologies such as Google Tag Manager, OneTrust for cookie consent, Leaflet and Google Maps for location services, and Swiper for interactive content. The site is well-structured, mobile-optimized, and includes rich content and structured data for SEO. From a security perspective, the site currently lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Other security headers like HSTS are missing, and no advanced SSL/TLS features are enabled. However, the site does implement some security headers such as X-Frame-Options and uses Cloudflare for some level of protection. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professionally designed and content-rich but requires urgent security improvements to enable HTTPS and strengthen SSL/TLS configurations. Addressing these issues will significantly enhance user trust and compliance with modern security standards.

X

Global Commercial Insurance and Reinsurance | AXA XL

xlcatlin.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 19 security findings identified across all modules.

R

Rightsline • Rights, royalties, reporting and everything in between.

rsgmedia.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 25 security findings identified across all modules.

The website buron-avocat.fr represents a small legal practice operating in the Forbach and Saarbrücken regions, providing legal services primarily to French and German-speaking clients. The site itself is minimal, serving mainly as a redirect to a localized subdirectory, with very limited content on the landing page. The business appears to be established since 2009, supported by a mature domain registration. However, the digital presence is basic and lacks modern web features or comprehensive business information. From a technical perspective, the website is hosted on an Apache server via IONOS SE, but it lacks HTTPS support and a valid SSL/TLS certificate, which is a significant security concern. The site does not implement security headers or advanced web technologies, and performance data is unavailable, indicating potential slow or unoptimized loading. There is no evidence of analytics or tracking tools, and no privacy or cookie policies are present, which raises compliance concerns. Security posture is weak due to the absence of HTTPS, lack of security headers, and no incident response or vulnerability disclosure information. The domain registration is consistent and mature, but the lack of domain protection locks and security best practices lowers trustworthiness. Overall, the website presents a low security and privacy compliance profile, which could impact user trust and regulatory adherence. Strategic recommendations include immediate implementation of HTTPS with a valid certificate, addition of privacy and cookie policies to comply with GDPR, enhancement of security headers, and inclusion of clear contact information to improve business credibility and user trust.

L

Lebenshilfe Peine-Burgdorf GmbH

lhpb.de

0

Lebenshilfe Peine-Burgdorf GmbH is a regional non-profit organization dedicated to supporting people with disabilities and those requiring assistance in the Peine district and surrounding areas in Germany. The organization offers a broad range of services including counseling, childcare, residential support, employment and education programs, and leisure activities. Their business model focuses on social integration and empowerment of their target audience, which includes individuals with special needs, their families, and professional caregivers. Technically, the website is built on TYPO3 CMS and uses common web technologies such as Apache server, jQuery, and FontAwesome. While the site is well-structured, mobile-optimized, and content-rich, it lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Performance data is unavailable, but the site appears to have good navigation and accessibility features. From a security perspective, the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Although some security headers are present, key best practices like HSTS enforcement and OCSP stapling are missing. No explicit security or incident response policies are published on the site. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website demonstrates moderate business credibility and good content quality but suffers from critical security deficiencies. Strategic improvements in SSL/TLS deployment and privacy compliance are recommended to enhance trust and security.

A

ACP-Gruppe

acp.de

0

ACP-Gruppe is a well-established IT solutions provider operating primarily in Germany and Austria, specializing in hybrid cloud, modern workplace, network security, and digital solutions. The company positions itself as a market leader with a strong partner ecosystem including major technology vendors. The website is professionally designed, content-rich, and targets business customers seeking digital transformation services. Technically, the site is built on HubSpot CMS with modern JavaScript libraries and integrates marketing and analytics tools such as Google Tag Manager and HubSpot Analytics. However, the security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which poses significant risks for secure communications. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security or incident response policies are found. WHOIS data aligns with the business claims, showing consistent registration without privacy protection but lacking domain locks. Overall, the website is credible and professional but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

S

SIGNA

signa.at

0

SIGNA is a well-established international holding company founded in 2000, operating primarily in the real estate and retail sectors. The website presents a bilingual (German and English) overview of the business, highlighting its core subsidiaries and business areas. The company targets investors and industry stakeholders with a professional and consistent brand presence. Technically, the website is built on WordPress with modern plugins and tools such as Google Analytics and Complianz for GDPR compliance. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS protection, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a privacy policy. No direct contact information or security policies are publicly available, which could limit user trust and incident response readiness. Overall, the site is functional and professional but requires urgent security improvements.

The website flight-watch.net is currently inaccessible due to a DNS resolution error served by Cloudflare, indicating that the domain is not properly resolving or configured. The site displays a Cloudflare error page with no business content, contact information, or policies, which severely limits the ability to assess the business or technical maturity. The domain is very young, registered in late 2024, and lacks a valid SSL certificate, resulting in a poor security posture. The technical infrastructure relies on Cloudflare services but is misconfigured, causing accessibility issues. Overall, the site is not operational and presents significant risks from a security and trust perspective.

The website routeco.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, presenting a security challenge page instead of business content. This prevents direct analysis of the website's content, policies, or contact information. The domain is mature, registered since 1997, and protected with strong domain status flags, indicating a legitimate business presence. However, the lack of a valid SSL/TLS certificate and the presence of a WAF block significantly limit the ability to assess the website's security posture and user experience. Technically, the site is hosted behind Cloudflare, which provides DNS and security services, but the absence of HTTPS and modern TLS protocols is a critical security gap. The security headers are partially implemented but insufficient without proper SSL. Performance and SEO cannot be evaluated due to the blocked content. No privacy, cookie, or terms of service policies are visible, nor is any contact information or business metadata. From a security perspective, the site suffers from critical issues including no SSL, no HSTS, and no OCSP stapling. The Cloudflare WAF block suggests active protection against potential threats but also impacts legitimate user access. The domain WHOIS data is consistent and trustworthy, with no suspicious patterns detected. Overall, the website's current state poses a high risk for user trust and accessibility. Strategic recommendations include immediate SSL certificate deployment, reviewing WAF rules to avoid blocking legitimate users, publishing clear privacy and cookie policies, and providing accessible contact information to improve business credibility and compliance.

I

In The Headroom

intheheadroom.com

0

In The Headroom is a small Austrian design studio specializing in brand culture advisory and design solutions. The company targets businesses seeking to establish or refine their brand culture through creative design production and implementation. Their website is professionally designed using WordPress with SEO optimization and a cookie consent mechanism to comply with GDPR. However, the site lacks HTTPS support, which is a critical security gap. The technical infrastructure includes common web technologies and plugins but shows moderate performance. Security posture is weak due to missing SSL certificates and security headers, exposing visitors to potential risks. Contact information is clearly provided, enhancing business credibility. Strategic improvements in security and SSL implementation are recommended to elevate trust and compliance.

Vebego Deutschland is a well-established facility services provider in Germany, offering a broad range of services including building cleaning, industrial cleaning, green care, facility management, and security services. The company positions itself as a reliable and innovative partner focused on enhancing client environments for better performance and quality of life. The website content is professional and well-structured, targeting business clients in need of comprehensive facility services. Technically, the website uses modern marketing and optimization tools such as Google Tag Manager and Visual Website Optimizer, but lacks a valid SSL certificate, which is a critical security shortfall. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy compliance is partially addressed with a privacy policy present, but no cookie consent mechanism is detected, which may pose GDPR compliance risks. Business credibility is supported by multiple certifications and industry memberships, enhancing trust. Overall, the site is functional and professional but requires urgent security improvements to protect user data and comply with best practices.

C

CompuGroup Medical

cgm.com

0

CompuGroup Medical is a global healthcare technology company specializing in digital healthcare solutions and services. The website serves as a corporate portal providing information about the company, its vision, press releases, and localized country pages. The company targets healthcare providers and industry professionals with a B2B business model. The website is built on modern technologies including Neos CMS and Flow Framework, hosted behind Cloudflare, and uses Matomo for analytics. However, the site suffers from an invalid SSL certificate, which undermines its HTTPS security and overall trustworthiness. Security headers are well implemented but the lack of valid TLS protocols and HSTS reduces the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Social media presence is strong, supporting brand trust. Overall, the website is professional and content-rich but requires urgent SSL/TLS remediation to improve security and user trust.