Security Directory

V

Vaillant

vaillant-group.com

0

Vaillant Group is a globally recognized leader in the energy sector, specializing in climate-friendly heating, cooling, and hot water solutions including heat pumps and gas condensing boilers. The company operates in over 60 countries with a workforce of approximately 16,000 employees, emphasizing sustainability and digital services. The website reflects a mature and professional business with consistent branding and comprehensive content tailored to customers, partners, and potential employees. Technically, the site leverages modern JavaScript libraries, lazy loading, and CDN hosting via Amazon S3 and CloudFront, with a CMS likely based on e-Spirit. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, severely impacting the security posture. Privacy and cookie policies are present and GDPR compliant, and the site integrates Google Tag Manager for analytics and Consentmanager.net for consent management. Overall, the site is well-structured and user-friendly but requires urgent security improvements.

V

Vaillant Group Austria GmbH

vaillant.at

0

Vaillant Group Austria GmbH operates a comprehensive website focused on heating solutions including heat pumps, gas heating, photovoltaic systems, and smart home technologies targeted at private customers in Austria. The company is a well-established player with over 150 years of history and a dense service network, positioning itself as a market leader in the energy sector. The website provides detailed product information, customer testimonials, and service offerings, reflecting a mature business model with strong customer engagement. Technically, the site uses modern JavaScript libraries and marketing tools such as Optimizely and Google Tag Manager, with good mobile optimization and SEO practices. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Security headers are well implemented, but the lack of TLS protocols and OCSP stapling reduces the overall security posture. Privacy compliance is strong with GDPR-aligned policies and consent mechanisms in place. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to meet modern security standards.

B

Braintrust

braintrustlv.com

0

Braintrust is a minority-owned integrated marketing and creative agency with a 17-year track record, offering services including branding strategy, creative development, digital marketing, web development, social media, and public relations. The company targets businesses seeking comprehensive marketing solutions and operates offices in multiple US cities. The website reflects a professional and consistent brand image with rich multimedia content and clear navigation. Technically, the site is built on WordPress, hosted on WP Engine with Cloudflare CDN, and uses modern JavaScript libraries and SEO plugins. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user trust and data protection. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates good business credibility but requires urgent security improvements.

Tridonic is a mature company operating in the energy sector, specializing in lighting technology and solutions. The domain has been registered since 1998, indicating a well-established business presence. However, the website content is currently inaccessible due to a Cloudflare security challenge page, which blocks direct content analysis. The visible technical infrastructure includes Cloudflare DNS and WAF protection, but the SSL/TLS configuration is critically lacking with no valid certificate and no HTTPS support. This severely impacts the security posture and user trust. No privacy, cookie, or terms of service policies are visible, and no contact information is accessible on the landing page. The WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the website requires significant improvements in SSL configuration and content accessibility to enhance security, compliance, and user experience.

W

Wismo Automotive A/S

peugeot.dk

0

Peugeot.dk is the official Danish website for Peugeot vehicles, operated by Wismo Automotive A/S, a medium-sized company under the Stellantis group. The site offers comprehensive information on passenger and commercial vehicles, including electric and hybrid models, leasing options, after-sales services, and digital tools such as a vehicle configurator and test drive booking. The website targets Danish consumers and businesses interested in Peugeot's automotive offerings. Technically, the site is built on Adobe Experience Manager with modern web technologies and integrates Google Analytics and Adobe marketing tools for data collection and user tracking. However, the site currently lacks a valid SSL certificate, which significantly impacts its security posture. While security headers like HSTS and X-Content-Type-Options are present, their configurations are suboptimal. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional, well-branded, and trustworthy but requires urgent attention to SSL certificate renewal and enhanced security configurations to improve user trust and data protection.

F

FRANZ OBERNDORFER GmbH & Co KG

oberndorfer.at

0

FRANZ OBERNDORFER GmbH & Co KG is Austria's largest precast concrete manufacturer with over 100 years of experience in planning, development, and production of concrete elements. The company holds a leading market position in Austria, offering a comprehensive product portfolio and full-service solutions including logistics and assembly. Their website reflects a mature digital presence built on Drupal 9, with good content quality and clear navigation targeting B2B customers in construction and real estate sectors. However, the absence of a valid SSL/TLS certificate and HTTPS support is a critical security gap that undermines user trust and data protection. While cookie compliance and privacy policies are well implemented, the lack of explicit security policies and incident response information indicates room for improvement in security governance. Overall, the business is credible and professional, but urgent action is needed to secure the website infrastructure.

U

University of Leeds

leeds.ac.uk

0

The University of Leeds is a large, well-established higher education institution in the United Kingdom, recognized as part of the prestigious Russell Group and ranked among the world's top 100 universities. The website serves a broad audience including prospective and current students, staff, researchers, and alumni, offering comprehensive information on undergraduate, masters, and research degree programs, as well as scholarships and events. The content is professionally presented with consistent branding and clear navigation, reflecting a high level of digital maturity. Technically, the website is built on the Jadu CMS platform, utilizing modern web technologies such as Typekit fonts and Modernizr for enhanced user experience and accessibility. Hosting appears to be on cloud infrastructure, likely AWS, with content delivered via a dedicated CDN. The site demonstrates good mobile optimization and accessibility features, alongside solid SEO practices. From a security perspective, the site implements several important HTTP security headers and uses secure cookie flags. However, a critical vulnerability is the absence of a valid SSL/TLS certificate and the lack of HTTPS protocol support, which severely impacts the security posture. No explicit security or incident response policies are publicly available, and advanced TLS features like OCSP stapling and session resumption are not implemented. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, while the University of Leeds website excels in content quality, user experience, and privacy compliance, it faces significant security risks due to missing SSL/TLS configuration. Addressing these security gaps is essential to protect user data and maintain trust. Strategic improvements in security infrastructure and transparency around incident response would enhance the site's resilience and credibility.

A

African Diaspora Youth Forum in Europe (ADYFE)

adyfe.eu

0

The African Diaspora Youth Forum in Europe (ADYFE) is a well-established non-profit platform founded in 2014, serving nearly 110 youth organizations across 31 to 41 European countries. It focuses on empowering African diaspora youth through entrepreneurship, employability, and civic engagement initiatives. The website is built on WordPress with a modern tech stack including Bootstrap and popular plugins for galleries and forms. However, the site suffers from a critical security issue: the lack of a valid SSL certificate, resulting in no proper HTTPS support. Security headers are partially implemented but ineffective without SSL. Privacy compliance is weak, with no visible privacy or cookie policies, and no incident response or vulnerability disclosure mechanisms. Contact information is available via email and contact forms, and social media presence is active on major platforms. Overall, the site presents good content and business credibility but requires urgent security and compliance improvements.

S

St. Gilgen International School

stgis.at

0

St. Gilgen International School is a private international educational institution located in Austria, offering the International Baccalaureate curriculum with a focus on personalized education and a nurturing environment. The school targets families seeking high-quality international education in a scenic Alpine setting. Technically, the website is built on WordPress with Elementor and various plugins, hosted on WP Engine and protected by Cloudflare. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap. Privacy and cookie policies are well implemented, and the site includes multiple contact methods and trust indicators such as accreditations and certifications. Overall, the website is professionally designed and content-rich but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

DHL-express.at is the Austrian localized website for DHL, the global leader in logistics and international shipping. The website offers comprehensive information about DHL's services including express document and package shipping, volume shipping for business customers, freight services, and supply chain logistics. The site targets both individual and business customers in Austria, providing tailored solutions and access to various DHL portals and services. Technically, the site is built on Adobe Experience Manager with integrations of Adobe Launch and other modern web technologies, indicating a mature digital infrastructure. However, a critical security gap exists as the site does not serve content over HTTPS, exposing users to potential risks. Security headers are well implemented, but the lack of SSL/TLS severely impacts the security posture. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the site is professionally designed, content-rich, and trustworthy but urgently requires HTTPS implementation to meet modern security standards.

Theater in der Josefstadt Betriebsges.m.b.H. operates a well-established cultural institution in Austria, providing theatrical performances, ticketing services, subscriptions, and related cultural events. The website serves as a comprehensive portal for current programming, ticket sales, and audience engagement, targeting theatergoers and cultural enthusiasts primarily in Austria. The business enjoys a mature domain with consistent registration details aligning with its public identity. Technically, the website is built on TYPO3 CMS with modern frontend components such as Owl Carousel and YouTube video integration. However, performance metrics are lacking, and the site shows signs of slow loading. Mobile optimization and SEO are adequately addressed, but accessibility is basic. Security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS enforcement, exposing users to potential risks. While some security headers are present, critical TLS protocols and best practices are missing. Privacy compliance is partially met with a privacy policy and terms of service, but no cookie consent mechanism is implemented. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and trust. Strategic enhancements in SSL/TLS deployment, cookie consent, and performance optimization will significantly improve the site's security and user experience.

N

Nemak

nemak.com

0

Nemak is a large manufacturing company specializing in aluminum automotive components, with a strong focus on sustainability and decarbonization initiatives. The company targets automotive manufacturers, investors, suppliers, and job seekers, positioning itself as a global leader in its sector. The website reflects a professional corporate presence with good content quality and consistent branding. Technically, the site uses modern JavaScript libraries and frameworks hosted on Microsoft Azure, but lacks a valid SSL certificate, which is a critical security shortfall. The security posture is weak due to missing HTTPS, lack of security headers, and no published security policies. Privacy compliance is basic, with cookie consent implemented but no detailed GDPR compliance indicators. Contact information and social media presence are well established, supporting business credibility. Overall, the site is functional but requires urgent security improvements to protect user data and enhance trust.

G

Gesundheit Österreich GmbH

goeg.at

0

Gesundheit Österreich GmbH (GÖG) is a national Austrian government-owned research and planning institute specializing in healthcare and health promotion. The website serves as an authoritative platform providing health data, policy advice, publications, and event information targeted at healthcare professionals, policymakers, and the public. The organization holds a strong market position as a key player in Austria's healthcare sector. Technically, the website is built on Drupal 10 with modern frontend technologies and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the website suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in no proper HTTPS support, which significantly impacts the security posture. Other security headers are partially implemented, but improvements are needed to meet best practices. Privacy compliance is good with a comprehensive privacy policy, though no cookie consent mechanism is present despite analytics usage. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

K

Kindifarm

kindifarm.com

0

Kindifarm is a small, established Australian business specializing in mobile animal farm and petting zoo services primarily serving the Sydney region and nearby areas. The company offers educational and interactive animal displays for events such as birthday parties, school visits, aged care, and special requests. The website is built on WordPress with a modern tech stack including Elementor and Yoast SEO, hosted on WP Engine with Cloudflare CDN. However, the site lacks HTTPS, which is a critical security vulnerability. Privacy compliance is poor as no privacy or cookie policies are present. Contact information is clearly provided, and the business shows trust indicators such as licensing and insurance. Overall, the website is functional and professionally presented but requires urgent security and privacy improvements.

S

SpenglerFox

spenglerfox.com

0

SpenglerFox is a globally recognized executive search and talent solutions provider, ranked in the top 40 worldwide. The company operates through a large network of over 380 consultants across 76 offices in 47 countries, offering services including executive search, leadership advisory, interim management, recruitment process outsourcing, and board solutions. Their business model focuses on delivering agile talent solutions to corporate clients seeking leadership and executive talent globally. The website content is professionally crafted, with detailed service descriptions and team profiles, reflecting a mature and established business. Technically, the website is built on WordPress, leveraging common plugins such as Yoast SEO and includes integrations with analytics and tracking tools like Microsoft Clarity, Google Tag Manager, and LinkedIn Insight. The site uses Apache hosting with DNS managed via AWS Route53. However, the website lacks HTTPS encryption, which is a critical security shortfall. Performance is moderate to slow, with good mobile optimization and basic accessibility features. From a security perspective, the absence of a valid SSL certificate and HTTPS is a major vulnerability, exposing users to potential data interception risks. The site also lacks important security headers and cookie consent mechanisms, which are important for GDPR compliance and user privacy. No incident response or security policy pages are found, and no certifications are displayed. The domain registration is consistent and transparent, with a mature domain age of 22 years and strong domain protection, supporting the legitimacy of the business. Overall, while the business and content quality are high, the security posture is weak due to missing HTTPS and security headers. Strategic improvements in SSL deployment, security headers, and privacy compliance are recommended to enhance trust and protect user data.

W

WOLFGANG DENZEL AUTO AG

denzel.at

0

Wolfgang Denzel Auto AG operates a comprehensive automotive retail website offering new and used vehicles, financing, insurance, and service packages primarily targeting car buyers in Austria. The company maintains a strong market position with multiple automotive brands and electric mobility solutions. Technically, the website is built on Drupal 10, leveraging modern web technologies and third-party marketing and analytics tools, but lacks a valid SSL certificate, which significantly impacts security posture. Security headers are well configured, but the absence of HTTPS and modern TLS protocols is a critical vulnerability. Privacy and cookie policies are present and GDPR compliant, enhancing user trust. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and maintain credibility.

F

Film Independent

filmindependent.org

0

Film Independent is a well-established non-profit arts organization dedicated to championing independent filmmakers. The website serves as a comprehensive platform offering information on events, awards, educational programs, and resources tailored to filmmakers and the arts community. The organization has a mature online presence with a domain age of 20 years, reflecting its longstanding role in the independent film sector. The site targets independent filmmakers and film enthusiasts, providing memberships, donations, and community engagement opportunities.

The website at inpera.net currently serves as a minimal placeholder with no substantive content beyond a client-side redirect to a /lander path. The domain is very young, registered in February 2025 via DropCatch.com, a registrar known for domain drop-catching, which suggests the domain may not yet be actively used for a legitimate business. The absence of SSL/TLS certificates and HTTPS support severely limits the site's security posture and user trust. No metadata, structured data, or business information is present to provide insight into the company's operations or market position. Technically, the site lacks modern web standards and performance optimizations, and no security best practices are implemented. Overall, the site appears to be in an early or inactive state with significant risks and no visible compliance or trust indicators.

Cegeka is a well-established European IT services company with over 30 years of experience, offering a broad portfolio of IT solutions including cloud transformation, cybersecurity, software development, and managed services. The website is professionally designed, content-rich, and targets enterprise clients across multiple industries such as finance, manufacturing, telecommunications, and energy. Technically, the site is built on HubSpot CMS using modern web technologies like Lit and Splide.js, but suffers from critical security issues due to an invalid or missing SSL certificate and lack of TLS protocol support. Security headers are present but insufficient to compensate for the lack of HTTPS. Privacy policies and cookie statements are present and GDPR compliant, but no explicit security or incident response policies are found. Overall, the site demonstrates strong business credibility and marketing maturity but requires urgent security improvements to protect user data and trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website renatesanz.com serves as an online portfolio for the artist Renate Sanz, showcasing various artworks including paintings and sculptures. The site targets art enthusiasts and potential gallery visitors, providing exhibition information and artist biography. The business model is focused on personal branding and promotion of artistic work within a niche market. The website is primarily in German with options for English and Spanish, indicating a European and international audience. Technically, the site is built on Drupal 7, an outdated CMS version, and uses jQuery and Google Analytics for tracking. The hosting provider is kasserver.com. Performance is slow with basic mobile optimization and accessibility features. Security posture is weak due to lack of HTTPS, visible deprecated PHP warnings, and minimal security headers. No privacy or cookie policies are present, indicating poor GDPR compliance. Contact information is not explicitly provided on the site. Overall, the site shows basic professionalism but requires significant improvements in security, privacy compliance, and technical modernization.

P

PULSE ELECTRONICS

egston.com

0

Pulse Electronics, part of the YAGEO Group, is a medium-sized manufacturer and supplier of electronic components including power supplies, inductive components, and cable systems. The company targets B2B customers primarily in the energy and electronics sectors with a global presence and multiple locations. The website is professionally designed using WordPress and the Divi theme, with good content quality and clear navigation in German and English. Technical infrastructure includes modern CMS plugins and Google Tag Manager for analytics, but performance data is lacking. Security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, exposing the site to risks. Privacy compliance is strong with comprehensive GDPR-aligned privacy and cookie policies and consent mechanisms. Contact information is available via phone and contact form, but no direct emails are publicly listed. Overall, the site is trustworthy but requires urgent security improvements.

R

ruwido austria gmbh

ruwido.com

0

Ruwido Austria GmbH is a well-established Austrian manufacturer specializing in the design, development, and production of remote controls and smart home devices. Founded in 1969, the company emphasizes sustainability, innovation, and high design quality, holding a strong market position supported by numerous prestigious awards. Their operations are vertically integrated under one roof in Austria, powered by 100% renewable energy, reflecting a commitment to environmental responsibility. The website is professionally designed, content-rich, and targets businesses and consumers interested in premium, sustainable remote control solutions. Technically, the website runs on TYPO3 CMS with a PHP backend served by Apache. While the site is mobile-optimized and SEO-friendly, it suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in HTTP-only access despite HSTS header presence. Analytics are implemented via Google Analytics and YouTube embeds, with a compliant cookie consent mechanism in place. Contact information is clearly presented, enhancing business credibility. Security posture is basic with no major vulnerabilities detected but significant improvement needed in SSL/TLS configuration to protect user data and enhance trust. No explicit security or incident response policies are published, which could be improved to strengthen security culture and compliance. Overall, the site is trustworthy and professional but requires urgent SSL implementation and enhanced security policies to align with best practices and regulatory expectations.

S

seele

seele.com

0

Seele is a globally recognized technology leader specializing in façade construction and building envelopes, serving architects, developers, and construction companies with innovative glass façade solutions. The company operates with over 1,000 employees worldwide and maintains a strong market position in the manufacturing and real estate sectors. The website reflects a professional and consistent brand image with comprehensive business information and a clear focus on façade technologies and projects. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the absence of HTTPS and modern security protocols represents a significant security risk. Privacy compliance is partially met with a comprehensive privacy policy but lacks cookie consent mechanisms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

The website cms-rrh.com is currently inaccessible to users due to a Cloudflare anti-bot challenge page, which blocks access to any meaningful content or business information. The domain is mature, registered since 2004, and shows consistent DNS and WHOIS data, indicating a legitimate registration. However, the lack of a valid SSL certificate and absence of HTTPS severely impact the security posture and user trust. No privacy, cookie, or terms of service policies are present, and no contact information or business details are accessible. The technical infrastructure relies on Cloudflare for hosting and security, but the current configuration prevents content delivery, resulting in poor user experience and minimal SEO or accessibility features.

U

Ubisoft Nadeo

nadeo.com

0

Ubisoft Nadeo is a well-established video game development studio based in Paris, France, known for its innovative multiplayer games such as Trackmania and Shootmania. As a subsidiary of Ubisoft, it benefits from a strong market position and a mature digital presence. The website content is professional, well-structured, and targets gamers interested in competitive and virtual reality gaming experiences. Technically, the site uses modern frameworks like React and Express, hosted on AWS infrastructure with CDN support, but lacks a valid SSL certificate and HTTPS enforcement, which is a critical security gap. Security headers are partially implemented, and no major vulnerabilities are detected, but the absence of TLS protocols and HSTS reduces the security posture significantly. Privacy compliance is good with clear privacy and cookie policies, and GDPR considerations are addressed. Contact information is primarily via support portals and social media, with no direct emails or phone numbers publicly listed. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain trust.

E

EKE-Yhtiöt

eke.fi

0

EKE-Yhtiöt is a Finnish company specializing in real estate development and leasing, as well as advanced train information systems technology. The company holds a strong market position as a world-leading supplier in the transportation technology sector and a reputable real estate developer in Finland. Their website reflects a medium-sized enterprise with a clear business model focused on residential and commercial property development alongside technology innovation. The site supports multiple languages, indicating an international target audience. Technically, the website is built on WordPress with modern SEO tools and consent management but suffers from slow performance and lacks HTTPS security, which is a critical concern. Security posture is weak due to the absence of a valid SSL certificate, no security headers, and no advanced TLS protocols, exposing users to potential risks. Privacy compliance is well addressed with a comprehensive cookie policy and consent mechanism. Overall, the website is professional but requires urgent security improvements to protect user data and enhance trust.

Y

Yara International ASA

yara.com

0

Yara International ASA is a global leader in crop nutrition, ammonia, and industrial nitrogen solutions, with a strong focus on sustainability and decarbonization of food and energy-intensive industries. The website presents comprehensive business information, targeting farmers, industrial clients, investors, and job seekers, reflecting a mature and enterprise-level business model. Technically, the site uses modern JavaScript libraries, Google Tag Manager, Azure Application Insights, and Cloudflare CDN, indicating a robust digital infrastructure. However, a critical security weakness is the invalid SSL certificate and lack of TLS protocol support, which severely impacts the security posture. The site implements good security headers and GDPR-compliant cookie consent mechanisms, showing awareness of privacy and security best practices. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

BE Semiconductor Industries N.V. (Besi) is a leading technology company specializing in the development and manufacturing of advanced semiconductor assembly equipment and processes. Their product portfolio includes solutions for die attach, packaging, plating, and cleaning, serving diverse markets such as electronics, automotive, industrial, and renewable energy sectors. The website reflects a mature business with a strong investor relations presence and comprehensive corporate governance disclosures, indicating a well-established market position. Technically, the website is built on the TYPO3 CMS platform, utilizing jQuery and Google Tag Manager for analytics and tracking. While the site has a professional design and clear navigation, it lacks a valid SSL certificate, which significantly impacts its security posture. The absence of HTTPS and modern TLS protocols exposes the site to potential risks and undermines user trust. Additionally, no cookie consent mechanism or detailed privacy compliance features are present, which may pose compliance challenges. From a security perspective, the site implements several security headers and restricts device permissions, but the invalid SSL configuration and lack of session resumption or OCSP stapling reduce overall security effectiveness. No incident response or vulnerability disclosure policies are publicly available, limiting transparency in security management. Overall, the website demonstrates solid business credibility and content quality but requires urgent improvements in security infrastructure and privacy compliance to enhance trustworthiness and protect user data effectively.

PTM EDV-Systeme GmbH operates the website mscrm-addons.com, providing specialized add-ons and solutions for Microsoft Dynamics 365 and Power Platform users. The company offers a mature product portfolio addressing document creation, capacity management, and activity handling, targeting businesses using Microsoft technologies. The website demonstrates a professional presence with clear business information, customer testimonials, and partner programs, positioning itself as a trusted provider in the technology sector. Technically, the site is built on ASP.NET with the DNN CMS platform and integrates modern JavaScript libraries and Google services for analytics and user interaction. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support and exposing users to potential risks. Privacy compliance is addressed with cookie consent and a privacy policy, and contact channels are well established. Overall, while the business and content quality are strong, the lack of HTTPS significantly impacts the security posture and user trust.

G

General Motors

gm.com

0

General Motors (GM) is a globally recognized automotive manufacturer with a rich heritage dating back to 1908. The company operates multiple iconic vehicle brands including Chevrolet, Buick, GMC, and Cadillac, and is focused on innovation in electric vehicles, autonomous driving, and sustainability. GM targets consumers and businesses seeking reliable, innovative vehicles and related services. The website reflects a mature digital presence with comprehensive content, strong branding, and clear navigation, supporting its enterprise scale and market leadership. Technically, the site leverages modern frameworks such as Vue.js and Adobe Experience Manager, hosted via Akamai CDN, but suffers from a critical security gap due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy policies and terms of service are well documented, indicating good compliance practices, though cookie consent mechanisms are not explicitly detected. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL/TLS configuration to meet modern security standards.

S

Siblik Elektrik GmbH & Co. KG

siblik.com

0

Siblik Elektrik GmbH & Co. KG is a medium-sized Austrian company specializing in electrical and building technology solutions, including smart home products and professional training. The company maintains a professional and content-rich website powered by TYPO3 CMS, targeting electrical contractors and end customers in Austria. Their market position is supported by multiple physical locations and a consistent brand presence. Technically, the website uses modern web technologies and integrates analytics and marketing tools, but lacks HTTPS security, which is a critical vulnerability. The security posture is weak due to the absence of SSL/TLS and related security headers, exposing users to potential risks. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

A

Advanced Internet Technologies

ait.com

0

Advanced Internet Technologies (AIT) is a mature and established technology company specializing in domain registration, web hosting, digital marketing, web design, security, and e-commerce solutions. With a domain age of 27 years and strong domain protection, AIT positions itself as a reliable service provider targeting businesses seeking comprehensive online presence solutions. The website reflects a professional design with clear navigation and a focus on customer support, including 24/7 availability and multiple contact channels. Technically, the website is built on WordPress using the Divi theme and integrates modern libraries such as jQuery and Bootstrap. It leverages Cloudflare for hosting and CDN services, and employs SEO and marketing tools like Yoast SEO Premium and WP Rocket. However, the site lacks a valid SSL certificate, which is a critical security gap, and does not implement cookie consent mechanisms, impacting privacy compliance. Security posture is moderate with several security headers configured, but the absence of HTTPS and TLS protocols significantly reduces the security score. No major vulnerabilities like Heartbleed or POODLE were detected, but improvements are needed to meet modern security standards. Business credibility is high, supported by consistent WHOIS data, customer testimonials, and active social media presence. Overall, while AIT demonstrates strong business credibility and technical maturity, urgent attention to SSL/TLS implementation and privacy compliance is recommended to enhance security and user trust.

K

Klenk & Meder GmbH

klenk.at

0

Klenk & Meder GmbH is a well-established Austrian family-owned company specializing in electrical engineering services with over 55 years of experience and a workforce of approximately 750 employees. The company offers a broad range of services including electrical installation, network technology, photovoltaic systems, maintenance, and sales of electrical materials and devices. Their market position is strong within Austria, supported by a network of subsidiaries and partners. The website is professionally designed, content-rich, and targets both private and business customers as well as apprentices. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and good SEO practices, but suffers from a critical lack of HTTPS security due to an invalid or missing SSL certificate. The security posture is weak, lacking HTTPS and advanced security headers, which poses a significant risk. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the business credibility is high with clear contact information, certifications, and trust signals. Strategic improvements in security infrastructure are recommended to enhance trust and protect user data.

H

Hyperwave GmbH

hyperwave.com

0

Hyperwave GmbH is an established Austrian technology company specializing in intranet and private cloud solutions designed to facilitate efficient and secure information management within enterprises. With over 20 years of market presence, the company offers a range of services including document management, knowledge management, collaboration tools, and consulting services. The website targets businesses seeking robust data and information processing solutions, emphasizing ease of use, security, and adaptability. Technically, the website is built on a modern stack including Apache, Bootstrap, and JavaScript with Lottie animations, hosted via World4You DNS services. While the site is mobile-optimized and well-structured with good SEO practices, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and proper HTTPS configuration, which undermines user trust and data security. Performance metrics are unavailable, suggesting potential monitoring gaps. From a security perspective, the site implements some security headers but lacks a valid SSL/TLS setup, OCSP stapling, and DNSSEC, exposing it to potential risks. No explicit security policies or incident response contacts are published, indicating gaps in security governance and transparency. Privacy compliance is partially addressed with cookie consent mechanisms and a privacy policy, but no data protection officer or vulnerability disclosure information is provided. Overall, the website presents a professional business front with solid content and branding but requires urgent improvements in security infrastructure and transparency to enhance trustworthiness and compliance. Strategic recommendations include immediate SSL certificate deployment, DNS record corrections, and publication of security and incident response policies to align with best practices and regulatory requirements.

E

eMAGNETIX Online Marketing GmbH

emagnetix.at

0

eMAGNETIX Online Marketing GmbH is a well-established digital marketing agency based in Austria, specializing in tailored online marketing solutions including SEO, performance advertising, content marketing, and data analytics. With over 15 years of experience and a strong client base including tourism sector businesses, the company holds premium partnerships with major platforms such as Google, Microsoft, and Meta, reinforcing its market position. The website reflects a professional and consistent brand image with comprehensive service offerings and clear contact channels. Technically, the site is built on WordPress with modern JavaScript libraries and integrates multiple marketing and analytics tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business demonstrates strong credibility and digital maturity but must urgently address its SSL/TLS configuration to ensure secure user interactions and maintain trust.

A

applics GmbH

applics.at

0

applics GmbH is a small Austrian technology company specializing in the development of web-based solutions including web applications, webshops, and corporate websites. The company targets business clients seeking to optimize and digitize their processes and online presence. Their market position is supported by a portfolio of notable clients and detailed project case studies, indicating a stable regional presence since at least 2015. Technically, the website is built on WordPress with PHP 7.4 and uses common web technologies such as jQuery and Google Maps API. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall that undermines user trust and data protection. The site lacks modern security headers and cookie consent mechanisms, which may expose it to compliance risks under GDPR. Business contact information is clearly provided, including phone, email, physical address, and a contact form, enhancing credibility. Overall, the website is professionally designed and SEO optimized but requires urgent security improvements.

G

Gigaset AG

gigaset.com

0

Gigaset AG is a well-established German company specializing in the manufacture and sale of telecommunication devices including phones, smartphones, and enterprise communication solutions. The company holds a strong market position in Europe as a leader in quality telephony products, emphasizing German manufacturing. Their website reflects a professional business model targeting both consumer and business customers with a comprehensive product portfolio and support services. Technically, the site is built on a Magento eCommerce platform with modern JavaScript libraries and integrates multiple marketing and analytics tools, demonstrating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. The site implements good privacy and cookie policies with a consent management platform, aligning with GDPR requirements. Overall, the business credibility and content quality are good, but the security posture requires urgent improvement to protect user data and maintain trust.

ProSiebenSat.1 PULS 4 GmbH is a leading private media company in Austria, specializing in TV broadcasting and digital advertising solutions. The company operates multiple TV channels and digital platforms, including the popular streaming service JOYN, and offers innovative advertising products such as TV-LOAD and Addressable TV. Their market position is strong, supported by a comprehensive portfolio and a focus on integrated advertising solutions. Technically, the website is built on modern frameworks like Nuxt.js and Vue.js, hosted on AWS with content managed via DatoCMS, providing a good user experience and mobile optimization. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, which is a critical vulnerability. Privacy compliance is well addressed with clear privacy and cookie policies, and contact information is readily available. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

ALPINE Bau GmbH is an Austrian construction company currently in insolvency proceedings since 2013. The website primarily serves as an informational portal regarding the insolvency status and provides official legal references and company contact details. The business operates in the manufacturing sector with a focus on construction services. The company is small-sized and based in Austria, with official registration and VAT numbers clearly displayed. Technically, the website is very basic, served over HTTP without SSL/TLS encryption, hosted on an Apache server with DNS hosted by world4you.at. There is no evidence of modern web technologies, CMS, or performance optimization. The site lacks mobile optimization and accessibility features, and no analytics or marketing tools are detected. From a security perspective, the absence of HTTPS is a critical vulnerability, exposing users to potential data interception. No security headers or advanced configurations are present, and no privacy or cookie policies are implemented, indicating poor compliance with GDPR and modern privacy standards. Contact information is limited to an email and physical address, with no phone or social media presence. Overall, the website presents significant risks due to lack of encryption and privacy compliance, minimal content, and outdated technical implementation. Strategic recommendations include immediate implementation of HTTPS, addition of privacy and cookie policies, enhancement of security headers, and modernization of the website to improve trust and user experience.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website for viforpharma.com is currently inaccessible, displaying only a minimal HTML page with an 'Access to the requested page has been denied' message. This indicates that the site is either behind a web application firewall or has restricted access, preventing content analysis. The domain is mature, registered since 2008, and maintained with a reputable registrar, but no business or contact information is available on the site itself. Technically, the site runs on Microsoft IIS 8.5 with ASP.NET 4.0, but lacks a valid SSL/TLS certificate and does not support any modern TLS protocols, resulting in a poor security posture. Security headers are partially present but ineffective without HTTPS. Overall, the site scores very low on content quality, security, and privacy compliance due to the lack of accessible content and missing HTTPS.

Bowas-Induplan Chemie Ges.m.b.h. is a mature, internationally active plant engineering company specializing in chemical plants for the energetic materials industry. With over 200 projects completed globally and a subsidiary in India, the company demonstrates a solid market presence and expertise in environmentally responsible industrial solutions. The website is professionally designed using Contao CMS and includes modern features such as cookie consent management via Cookiebot. However, the absence of HTTPS and a valid SSL certificate significantly undermines the site's security posture, exposing visitors to potential risks. Additionally, the domain is at high expiry risk with no domain protection locks, which could threaten business continuity if not addressed promptly. Privacy compliance is basic, with a privacy policy linked but no explicit GDPR compliance statements or data protection officer contact. Overall, the site presents a credible business but requires urgent security improvements.

T

techbold technology group AG

semizen.com

0

techbold technology group AG is a well-established IT service provider based in Austria, specializing in secure IT systems and digital strategies for small and medium-sized enterprises (SMEs). With over 25 years of domain maturity and a large team of 170 IT specialists, techbold offers a comprehensive range of services including IT security, consulting, managed services, and hardware solutions. The company holds multiple certifications and partnerships with leading technology vendors, reinforcing its market position as a trusted partner for the Austrian SME sector. Technically, the website is built on WordPress with the Avada theme and integrates modern tools such as Google Tag Manager, Borlabs Cookie for consent management, and PixelYourSite for tracking. The site is well-optimized for performance and mobile responsiveness, providing a professional user experience. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. From a security perspective, while several security headers are properly configured, the lack of HTTPS and modern TLS protocols exposes the site to potential risks. The company demonstrates good privacy compliance with clear privacy and cookie policies and consent mechanisms. Business credibility is strong, supported by detailed contact information, certifications, and positive customer satisfaction indicators. Overall, techbold presents a professional and trustworthy online presence with excellent content and business information. The primary recommendation is to urgently implement a valid SSL certificate and enable HTTPS to enhance security and user trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

H

Handelskammer Schweiz-Österreich-Liechtenstein

hk-schweiz.at

0

The Handelskammer Schweiz-Österreich-Liechtenstein operates as a well-established chamber of commerce serving companies and economic actors in Switzerland, Austria, Liechtenstein, and the CEE region. Founded in 1921, it provides networking opportunities, market support services, economic data, and events to its members, positioning itself as a key business hub in the region. The website reflects a professional and consistent brand with clear business information and relevant content for its target audience. Technically, the site is built on Drupal 7 with jQuery and uses Matomo for analytics, but it suffers from slow performance and lacks modern security features. Critically, the absence of HTTPS and modern TLS protocols exposes the site to significant security risks. Security headers are partially implemented, but no incident response or security policies are published. Privacy compliance is basic, with no cookie consent mechanism detected despite GDPR applicability. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and maintain trust.

A

Applied Medical Resources Corporation

appliedmedical.com

0

Applied Medical Resources Corporation operates a professional corporate website focused on medical device manufacturing and clinical education. The company positions itself as a global leader in minimally invasive surgical technologies with a vertically integrated business model. The website targets healthcare professionals, potential employees, and customers worldwide, offering detailed product information, career opportunities, and educational resources. Technically, the site uses ASP.NET MVC on Microsoft IIS with common web libraries like jQuery and Bootstrap, hosted on Azure CDN infrastructure. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. The site lacks cookie consent mechanisms and explicit GDPR compliance indicators, which may pose privacy compliance challenges. Business credibility is supported by consistent branding, clear contact information, and legal compliance pages. Overall, the site is professionally designed and functional but requires urgent security improvements to protect user data and enhance trust.

D

DeepOcean

deepoceangroup.com

0

DeepOcean is a leading ocean services provider specializing in accelerating sustainable use of ocean resources. The company operates across multiple sectors including renewables, oil and gas, and ocean minerals, offering full lifecycle services such as survey, project management, engineering, maintenance, and recycling. With a strong emphasis on digitalization and remote operations, DeepOcean positions itself as a technology-driven leader in the energy transition space. The website reflects a professional and consistent brand image targeting industry stakeholders, investors, and potential employees. Technically, the website is built on the Webflow platform, leveraging modern web technologies including jQuery, Google Tag Manager, and Cookiebot for consent management. Hosting and CDN services are provided via Cloudflare and Webflow. While the site demonstrates good design quality, mobile optimization, and SEO practices, performance metrics are unavailable. Accessibility is basic but present. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. Although some security headers are present, the absence of TLS protocols and cipher suites severely undermines the security posture. Cookie consent mechanisms are implemented, and privacy policies are comprehensive and GDPR compliant. However, incident response and vulnerability disclosure information are missing. Overall, the website is credible and professionally maintained but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include immediate SSL deployment, enhanced security header configurations, and the addition of incident response contacts to strengthen the security culture and compliance posture.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.