Security Directory

E

Esidrošs

esidross.lv

0

Esidrošs is a Latvian cybersecurity awareness and educational website focused on providing useful information to individuals and workplaces about internet security for personal devices such as computers and phones. The site is positioned as a trusted resource linked closely with official Latvian cybersecurity entities such as CERT.

V

Valsts kanceleja

trauksmescelejs.lv

0

Trauksmescelejs. lv is an official Latvian government-supported platform focused on whistleblowing, providing citizens with information, guidelines, and mechanisms to report misconduct in public and private sectors.

V

VAS Latvijas Valsts radio un televīzijas centrs

eparaksts.lv

0

eParaksts. lv is the official Latvian government platform providing electronic signature and digital identity services to individuals and legal entities.

B

Bauskas novads

bauskasnovads.lv

0

Bauskas novads is the official municipal government website for the Bauskas region in Latvia, providing comprehensive information about local government structure, public services, news, events, and community resources. The site targets residents, local businesses, investors, and tourists, offering a broad range of services and information relevant to these audiences.

B

Bauskas novads

bauska.lv

0

Bauskas novads is the official municipal government website for the Bauskas district in Latvia, providing comprehensive information about local government structure, public services, news, events, and community engagement. The site targets residents, businesses, investors, and visitors, serving as a central information hub for the municipality.

I

Interlaced Group

interlacedgroup.com

0

Security assessment incomplete. Successfully analyzed: securityHeaders, gdpr, nis2. Failed to analyze: emailSecurity, sslTls, dnsHealth, networkSecurity, webConfiguration. 23 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

A

Amazee AI

amazee.ai

0

amazee.ai is a technology-focused company providing open source private AI infrastructure solutions aimed at enterprises with an emphasis on compliance, privacy, and data sovereignty. The website positions itself as a provider of privacy-conscious AI infrastructure but lacks detailed business information and contact details on the homepage. Technically, the site is built using React and hosted on Netlify, with Google Tag Manager implemented for analytics. However, performance data is missing, and mobile and accessibility optimizations appear basic. Security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocol support, despite the presence of HSTS headers. DNS records show some misconfigurations, including malformed CAA records and an empty MX record. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is accessible but requires significant improvements in security, privacy, and business transparency to enhance trust and compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

I

IAI VERANSTALTUNGS GMBH

osterfruehling.at

0

IAI VERANSTALTUNGS GMBH operates the Osterfrühling Innsbruck website, promoting a regional Easter market and associated cultural events in Innsbruck, Austria. The company targets tourists and local visitors interested in seasonal festivities, offering event organization and family-friendly programming. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the site uses Microsoft IIS hosting with modern TLS protocols, integrates Google Analytics and Usercentrics for consent management, and embeds multimedia content from YouTube and Vimeo. Security posture is strong with HTTPS enforced, HSTS enabled, and key security headers present, though OCSP stapling and CSP headers could improve security further. Privacy compliance is addressed with visible privacy and cookie policies and a consent mechanism. Contact information is comprehensive and consistent with WHOIS data, enhancing business credibility. Overall, the site is trustworthy and well-maintained, though SEO is limited by a noindex,nofollow robots directive.

网

网银在线(北京)支付科技有限公司

wangyin.com

0

The website wangyin.com represents 京东钱包, an online payment platform operated by 网银在线(北京)支付科技有限公司, a wholly owned subsidiary of 京东集团. The platform offers secure and convenient electronic payment services including mobile payments, online transfers, and fund management products. It targets 京东商城 users and the broader electronic payment market in China, positioning itself as a trusted financial service provider with extensive banking partnerships. Technically, the site uses legacy technologies such as jQuery 1.7.2 and standard HTML/CSS, with no modern frameworks detected. Performance data is incomplete, and mobile optimization is basic. Security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS enforcement, despite the presence of some security headers like HSTS. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Business credibility is strong given the clear affiliation with 京东集团 and visible trust indicators. Overall, the site is functional but requires significant improvements in security and privacy to meet modern standards.

F

Festival Krapoldi

krapoldi.at

0

The KRAPOLDI Festival website represents a well-established cultural event based in Innsbruck, Austria, focusing on international ensembles in clownery, new circus, and street theater. The festival offers a mix of free and ticketed performances, aiming to be accessible and engaging for a diverse audience including families and local residents. The site demonstrates a strong market position within the regional cultural landscape, supported by numerous sponsors and partners. Technically, the website is built on WordPress with a modern tech stack including Apache, jQuery, and various plugins for SEO, performance, and multimedia content. The site is mobile-optimized, fast-loading, and SEO-friendly, with multilingual support for German, English, and Italian. Security posture is adequate with HTTPS and valid SPF records, but could be improved by enabling HSTS, OCSP stapling, and adding DMARC. Privacy compliance is well addressed with a comprehensive privacy and cookie policy and a consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, trustworthy, and well-maintained, though some security enhancements are recommended.

A

Attention Required! | Cloudflare

innsbruck.info

0

The website innsbruck.info is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to any business-related content. The visible page is a standard Cloudflare block page indicating that the visitor has been blocked due to security rules triggered by their request. Consequently, no business information, contact details, or policies are available for analysis. The technical infrastructure relies on Cloudflare for security and Microsoft Outlook for mail services, but the SSL configuration is invalid or missing, which is a critical security concern. Overall, the site lacks accessible content and security best practices, resulting in a low trust and security posture score.

S

Stadt Innsbruck

innsbrucktermine.at

0

Innsbrucktermine.at is the official event portal for the city of Innsbruck, Austria, managed by Innsbruck Marketing GmbH. The platform offers comprehensive listings of cultural, family, sports, and diverse events, targeting residents and visitors interested in the vibrant local scene. The business model focuses on providing free event submissions with editorial oversight, ensuring quality and relevance. The site is well-positioned as a trusted government-related resource with strong branding and clear contact information. Technically, the website employs modern technologies including nginx, TLS 1.3, Bulma CSS framework, and JavaScript libraries such as Splide.js and Litepicker. It is hosted on servers associated with kasserver.com and uses Matomo for analytics, reflecting a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search engine visibility. From a security perspective, the site demonstrates good practices with HTTPS enforced, HSTS enabled with preload, and multiple security headers including CSP, X-Frame-Options, and X-XSS-Protection. No vulnerabilities or exposed sensitive data were detected. However, OCSP stapling is not enabled, and the content security policy could be tightened by removing 'unsafe-inline' and 'unsafe-eval'. The absence of a visible cookie consent mechanism is a compliance gap given EU regulations. Overall, the website presents a low risk profile with strong business credibility and technical robustness. Strategic recommendations include implementing a visible cookie consent banner to enhance privacy compliance, enabling OCSP stapling for improved SSL performance, and refining the CSP for better security. These steps will further strengthen trust and regulatory adherence.

E

Education Group GmbH

schule.at

0

Schule.at is a leading Austrian digital education platform operated by Education Group GmbH, offering curated educational content, teaching materials, tools, news, and multimedia resources targeted primarily at educators and schools in Austria. The platform is well-branded, professionally designed, and provides comprehensive educational services with a strong focus on quality and relevance. Technically, the site is built on TYPO3 CMS with modern frontend technologies and integrates Matomo analytics for user tracking with privacy considerations. However, the site currently lacks a valid SSL certificate and proper TLS protocol support, which significantly impacts its security posture. Security headers are well implemented, but the absence of HTTPS and modern TLS protocols is a critical vulnerability. Privacy policies and cookie consent mechanisms are present and GDPR compliant, and contact information is clearly provided, enhancing business credibility. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS configuration to ensure secure user interactions.

M

Marketing Pony (for demonstration only)

marketingpony.com

0

Marketing Pony's website is a minimal demonstration site with no substantive business content or contact information. The site uses an outdated AngularJS framework and multiple JavaScript libraries but lacks modern security features such as HTTPS and security headers. The absence of privacy, cookie, and terms of service policies indicates poor compliance posture. The domain infrastructure is hosted on AWS with Google MX records, suggesting legitimate hosting but no advanced DNS security features like DNSSEC or CAA. Overall, the site presents a low trust profile with significant gaps in security and privacy compliance.

M

Marketagent.com online reSEARCH GmbH

marketagent.com

0

Marketagent.com online reSEARCH GmbH operates a well-established online market research panel with a strong presence in the German-speaking market. The company offers digital market and opinion research services, leveraging a large panel of over 3 million members and conducting more than 1000 surveys annually. Their business model focuses on connecting survey participants with companies seeking market insights, providing incentives and a user-friendly platform. Technically, the website uses mature ASP.NET MVC technology with modern frontend libraries like jQuery and Bootstrap, ensuring a responsive and professional user experience. However, a critical security gap exists as the site lacks HTTPS, exposing users to potential data interception risks. Privacy and cookie policies are comprehensive and GDPR compliant, with clear consent mechanisms and a dedicated data protection officer contact. The company demonstrates strong business credibility through certifications, awards, and transparent contact information. Overall, while the business and privacy posture are strong, immediate remediation of the missing SSL/TLS is essential to secure user data and improve trust.

I

Intercom Solutions S.r.l.

intercomsolutions.it

0

Intercom Solutions S.r.l. is an established Italian software house and web agency based in Udine, founded in 2003. The company specializes in custom software development, IT systems management, cloud services including AWS, cybersecurity, and data recovery. It holds the AWS Partner Select certification, indicating a strong partnership with Amazon Web Services and a reputable market position in the regional technology sector. The website targets businesses seeking tailored IT solutions and cloud infrastructure services. Technically, the website uses a traditional Apache server on Ubuntu with a custom CMS, jQuery, Bootstrap, and integrates Google Analytics and Google Maps APIs. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a significant security shortfall. Security headers and modern TLS protocols are absent, reducing the overall security posture. Privacy and cookie policies are present and GDPR compliant, with a cookie consent mechanism implemented. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and content-rich but requires urgent improvements in security configuration to protect user data and enhance trust.

EBS Manager is a regional energy consulting platform serving multiple Austrian federal states through localized portals. The business is positioned as a niche energy advisory service, targeting residents seeking energy advice and related information. The platform is operated by gizmocraft, design and technology GmbH, a small-sized company founded in 2006. The website content is basic but functional, providing links to privacy policies, legal notices, and customer registration portals for each region. Technically, the site is hosted on DigitalOcean using nginx, but lacks modern security features such as HTTPS and HSTS, which significantly impacts user trust and security posture. Security headers are partially implemented, but the absence of SSL/TLS encryption is a critical vulnerability. Privacy compliance is minimal, with privacy policies present but no cookie consent mechanisms or GDPR compliance indicators. Overall, the site demonstrates moderate business credibility but requires urgent security improvements to protect user data and enhance trust.

E

EDB

biganimal.com

0

EDB operates a mature and professional website offering the EDB Postgres AI Cloud Service, a high-availability, Oracle-compatible Postgres database platform targeting enterprise customers. The company is well-established with a 23-year domain age and strong domain protection, reflecting a stable market presence. The website is built on a modern Drupal 10 CMS, hosted on Amazon AWS infrastructure with CloudFront CDN, and integrates advanced technologies such as Kubernetes for hybrid cloud management. Security posture is strong with HTTPS enforced, HSTS enabled, and multiple security headers implemented, though some improvements like enabling OCSP stapling and tightening CSP enforcement are recommended. Privacy and compliance are well addressed with clear privacy and cookie policies, GDPR compliance indicators, and consent mechanisms. The site provides comprehensive business information, contact channels, and trust signals including customer success stories and a dedicated Trust Center. Overall, the website demonstrates high professionalism, technical maturity, and business credibility.

V

Veeva Systems Inc.

vod309.com

0

Veeva Systems Inc. is a well-established enterprise software company specializing in cloud-based solutions for the global life sciences industry. The company offers a broad portfolio of products and services including clinical, regulatory, safety, quality, medical, commercial, data, and AI solutions. Their market position is strong, supported by a large customer base and comprehensive service offerings tailored to pharmaceutical, biotech, and related sectors. The website reflects a mature digital presence with professional design, clear navigation, and extensive content that supports their business objectives. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses several third-party analytics and marketing tools such as New Relic, Matomo, and Marketo. The site is hosted on AWS infrastructure, ensuring scalability and reliability. Performance is moderate with good mobile optimization and accessibility features, although some improvements could be made in loading speed and technical SEO. From a security perspective, the site lacks a valid SSL/TLS certificate and does not support modern TLS protocols, which is a critical vulnerability that undermines user trust and data protection. While some security headers and email authentication mechanisms like SPF and DMARC are in place, the absence of HTTPS and weak SSL configuration significantly lowers the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website demonstrates high business credibility and professionalism but requires urgent security enhancements to protect user data and maintain trust. Addressing SSL/TLS issues and strengthening security configurations should be prioritized to improve the overall risk profile and user confidence.

The website orthomol.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, presenting a security challenge page instead of the actual site content. This prevents extraction of meaningful business, privacy, or contact information. The domain is registered and DNS records indicate standard email routing via Microsoft Outlook, suggesting legitimate business use. The SSL certificate is valid but lacks support for modern TLS protocols, and security headers are minimal. Due to the WAF block, the website's content quality, privacy compliance, and business credibility cannot be assessed accurately. The overall security posture shows basic protections but requires improvements in TLS support and security headers. The site lacks visible privacy or cookie policies and contact information in the accessible content.

Ö

Österreichischer Skiverband

skiaustria.at

0

The website skiaustria.at represents the Österreichischer Skiverband, the Austrian Ski Federation, serving as the official digital platform for skiing and winter sports in Austria. It provides comprehensive information about various winter sports disciplines, events, teams, news, and services including membership and an online shop. The site targets winter sports enthusiasts, athletes, and affiliated organizations within Austria, positioning itself as a central hub for national skiing activities and information. Technically, the website is built on the Pimcore CMS platform, utilizing modern frameworks such as Bootstrap and Swiper.js for responsive design and interactive elements. It integrates Google Tag Manager for analytics and Cookiebot for cookie consent management, alongside an accessibility widget from AccessiWay, indicating a mature digital infrastructure with attention to user experience and compliance. From a security perspective, the site enforces HTTPS with a strong HSTS policy, supports modern TLS protocols, and implements OCSP stapling. While DNSSEC and CAA records are absent, the overall SSL configuration is robust with no detected vulnerabilities. Security headers are present but could be enhanced. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR adherence is evident. Overall, the website demonstrates a high level of professionalism, security, and compliance suitable for a national sports federation. It effectively balances rich content delivery with user privacy and security, supporting its role as a trusted information source in the winter sports domain.

A

Auxality

fondlista.se

0

Auxality is a specialized SaaS provider focused on automating operational workflows and financial data management for asset managers. Their platform aims to simplify complex regulatory and reporting challenges in the financial industry. The company targets asset managers and financial institutions, offering automated reporting, platform transformation, data visualization, and advisory services. Technically, the website is built on a modern stack using Next.js and React, hosted on AWS infrastructure. However, the absence of a valid SSL certificate and HTTPS severely undermines the security posture, exposing users to risks. Privacy and cookie policies are well documented, and contact mechanisms are available via email and form, but no phone or physical address is provided. Overall, the site is professional and content-rich but requires urgent security improvements.

I

Innsbrucker Zentrumsverein

zentrumsverein.at

0

The Innsbrucker Zentrumsverein is a non-profit organization dedicated to promoting the historic city center of Innsbruck, Austria. It focuses on enhancing the shopping experience, organizing events and markets, and supporting local businesses and cultural initiatives. The website reflects a well-structured and professionally designed platform targeting both locals and tourists interested in the Innsbruck city center. Technically, the site runs on Microsoft IIS with modern JavaScript libraries and integrates third-party services such as Google Analytics and Usercentrics for cookie consent management. The SSL configuration is adequate but could be improved by enabling full HSTS and OCSP stapling. Security headers are present, and no critical vulnerabilities were detected. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR-aligned consent mechanisms. Overall, the site demonstrates a good balance of business credibility, technical implementation, and security posture.

I

Innsbruck Marketing GmbH

innsbruckmarketing.at

0

Innsbruck Marketing GmbH is a regional marketing organization dedicated to promoting the city of Innsbruck and its surrounding region. The company focuses on event promotion, regional networking, and marketing services to enhance the visibility and attractiveness of Innsbruck as a destination. The website reflects a strong government affiliation, consistent branding, and a clear focus on local events and community engagement. Technically, the site uses modern web technologies including TLS 1.2/1.3, a custom CMS framework, and integrates analytics and social media tools effectively. Security posture is good with HTTPS, multiple security headers, and a content security policy, though some improvements like full HSTS and OCSP stapling could be made. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the site is professional, trustworthy, and well-optimized for performance and accessibility.

M

Mirantis

k8slens.dev

0

Lens, operated by Mirantis, is a leading Kubernetes IDE designed for developers and DevOps engineers to manage and troubleshoot Kubernetes clusters efficiently. With over 1 million users globally, Lens holds a strong market position as the most popular Kubernetes IDE, offering a comprehensive and intuitive context-aware UI. The website reflects a professional and enterprise-grade product with strong trust indicators such as ISO 27001 and SOC2 Type 1 certifications and testimonials from reputable organizations. Technically, the site is built on modern frameworks like Next.js and React, hosted on AWS infrastructure with CDN support, ensuring good performance and mobile optimization. However, a critical security concern is the invalid or missing SSL certificate, which undermines the security posture despite the presence of HSTS and other security headers. Privacy compliance is generally good with a comprehensive privacy policy and GDPR indicators, though no explicit cookie consent mechanism was detected. Contact information is primarily via a contact form, with no direct emails or phone numbers publicly listed. Overall, Lens demonstrates strong business credibility and technical maturity but must address SSL issues to enhance trust and security.

M

Mirantis

k0rdent.io

0

k0rdent.io is a professionally designed website representing an open-source Kubernetes-native distributed container management platform developed and originated by Mirantis. The platform targets platform engineering teams and enterprises managing multi-cloud, hybrid, and edge environments, focusing on modern workloads such as AI and ML. The website provides comprehensive content, including detailed descriptions, use cases, videos, and community engagement channels, reflecting a mature and well-positioned technology offering. Technically, the site is hosted on GitHub Pages, uses modern web technologies like Bootstrap and jQuery, and integrates Plausible Analytics for minimal user tracking. However, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security deficiency. Security headers are partially implemented, but the absence of HTTPS significantly lowers the security posture. Privacy compliance is basic, with a privacy policy linked but no cookie consent mechanism despite analytics usage. Business credibility is strong due to clear branding, parent company association, and open-source transparency. Overall, the site is trustworthy and professional but requires urgent security improvements.

I

i5growth Inc

i5growth.com

0

i5growth Inc is a small technology-focused growth accelerator specializing in supporting European tech companies to enter and expand in the US market. The company positions itself as a niche partner for international growth, leveraging its presence in Silicon Valley and Vienna. The website content is minimal but clearly communicates the core business purpose and target audience. Technically, the website uses a basic stack with nginx server, Bootstrap CSS, and Google Fonts, but lacks modern TLS protocols and advanced security headers. The SSL certificate is valid and issued by a reputable CA, but the absence of TLS 1.2 or 1.3 and HSTS reduces security posture. No privacy, cookie, or terms of service policies are published, indicating limited privacy compliance. Contact information is provided via email and physical addresses, but no phone numbers or social media links are present. Overall, the website is functional but basic in design and security, with room for improvement in privacy and security best practices.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 13 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

G

Gasteiner

infinitymusictour.at

0

The Infinity Music Tour website is a well-structured promotional platform for Gasteiner's music events and product marketing in Austria. It targets music fans and consumers with event information, artist showcases, and an engaging contest offering tickets and prizes. The site leverages modern technologies including Drupal 10 CMS, PHP 8.3, and integrates multimedia content such as Spotify playlists and Lottie animations to enhance user experience. The technical infrastructure is robust, hosted on a reputable provider with secure HTTPS and appropriate security headers, although improvements like HSTS and OCSP stapling could enhance security further. Privacy compliance is strong with clear cookie and privacy policies aligned with GDPR requirements. However, the site lacks explicit terms of service, security policies, and incident response contacts, which are recommended for comprehensive compliance and trust. Overall, the website presents a professional and trustworthy digital presence with moderate risk and room for security and compliance enhancements.

The website agentbot.net is currently inaccessible, returning a 403 Forbidden error with minimal HTML content. This prevents any meaningful extraction of business, contact, or policy information. The domain is registered and DNS records indicate hosting on Amazon AWS infrastructure, but there is no valid SSL certificate installed, resulting in no HTTPS support. The lack of accessible content and security features severely limits the ability to assess the company's market position or services. From a technical perspective, the site lacks modern security configurations and performance optimizations. Security posture is weak due to missing HTTPS, security headers, and no evidence of incident response or data protection policies. Overall, the site presents a high risk due to inaccessibility and poor security hygiene, and strategic improvements are urgently needed to enable secure and compliant operations.

O

Oktalite Lichttechnik GmbH

oktalite.com

0

Oktalite Lichttechnik GmbH is a German-based company specializing in the development and implementation of customized LED lighting concepts and systems for modern retail environments such as stores, shops, and showrooms. The company operates as a medium-sized B2B supplier and service provider within the retail lighting sector and is a member of the TRILUX group, which enhances its market position and brand credibility. The website content is rich, professionally designed, and well-structured, targeting retail businesses and lighting professionals. Technically, the website is built on TYPO3 CMS and hosted on an Apache server, with integrations such as Google Tag Manager and OneTrust for analytics and cookie consent management. However, a critical security shortfall is the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. The site includes comprehensive contact information, legal pages, and social media presence, supporting business credibility and privacy compliance. Overall, while the business and content quality are strong, the lack of HTTPS is a major vulnerability that needs urgent remediation.

The website portfoliomc.com currently serves a security verification page that blocks access to its main content. This page uses Google reCAPTCHA v3 to verify visitors are not bots, indicating a protective measure likely implemented to prevent automated abuse or attacks. Due to this blocking, no business-specific content, contact information, or policies are accessible for analysis. The domain is registered and has standard DNS records but lacks DNSSEC and CAA configurations. The absence of a valid SSL certificate and HTTPS support is a critical security deficiency, exposing users to potential risks and undermining trust. The technical stack includes nginx as the web server and Bootstrap 5 for styling, but the overall digital maturity is low given the lack of accessible content and security best practices. Security posture is weak, with no modern TLS protocols enabled and missing essential security headers. Privacy compliance is non-existent as no privacy or cookie policies are found. Business credibility cannot be established due to lack of visible company information. Overall, the site is currently inaccessible for meaningful user interaction and requires significant improvements in security and content availability.

E

Education Group GmbH

edugroup.at

0

Education Group GmbH is a well-established full-service educational agency based in Linz, Austria, specializing in providing pedagogical, media, and technological solutions for schools and educational institutions. The company offers a broad portfolio including products, services, projects, seminars, and helpdesk support, targeting educators, municipalities, and educational authorities. Their market position is strong within the Upper Austria region, supported by a professional and content-rich website that clearly communicates their offerings and expertise. Technically, the website is built on TYPO3 CMS with a modern tech stack including PHP 8.2, OpenResty server, and uses advanced front-end libraries like Swiper.js and Font Awesome. The site is fast, mobile-optimized, and accessible, with good SEO practices and structured data enhancing discoverability and trust. Analytics are handled via Matomo, reflecting a privacy-conscious approach. Security posture is solid with HTTPS enabled, strict Content-Security-Policy headers, and a strict DMARC policy for email protection. However, there is room for improvement by enabling HSTS, OCSP stapling, and refining CAA records. No critical vulnerabilities or WAF blocking were detected, indicating a secure and reliable online presence. Overall, the website and business demonstrate high professionalism, compliance with GDPR, and strong trust indicators. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enhancing HTTPS security headers and adding a vulnerability disclosure policy to further strengthen security and trust.

M

Marketagent.com online reSEARCH GmbH

arbeitsmarktkompass.at

0

Marketagent.com online reSEARCH GmbH operates the Arbeitsmarkt-Kompass website, providing quarterly labor market insights and surveys focused on the Austrian workforce. The company is positioned as a pioneer in digital market research in Austria, leveraging a large ISO-certified online panel. The website serves as a dashboard and information portal for labor market trends, targeting employees, employers, and analysts. Technically, the site uses standard web technologies with embedded dashboards but lacks modern security configurations, notably missing HTTPS support despite HSTS headers. Security posture is weak due to absence of SSL/TLS, which is a critical issue. Privacy compliance is minimal with no explicit privacy policy or terms of service pages, though a cookie consent mechanism is implemented but hidden by default. Business credibility is strong with transparent contact and company information consistent with WHOIS data. Overall, the site is functional and professional but requires urgent security improvements.

S

Schlüsselbauer Technology GmbH & Co KG

schluesselbauer.com

0

Schlüsselbauer Technology GmbH & Co KG is an Austrian-based medium-sized manufacturing company specializing in special machine construction for the concrete industry, sustainable building materials production, and environmental technology consumables. The company holds a strong international market position as a leading complete provider in its sector, targeting B2B customers in construction and environmental industries. Their website reflects a professional and consistent brand image with clear contact channels and social media presence. Technically, the website is built on an Apache server with a CMS likely to be Redaxo, using standard web technologies and Bootstrap for responsive design. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. Security headers are minimal, and no advanced security policies or incident response information is publicly available. Privacy compliance is supported by a cookie consent mechanism and a comprehensive privacy policy hosted on a related corporate domain. Overall, the website is functional and professional but requires urgent improvements in SSL implementation and security best practices to enhance trust and compliance.

E

Envases Öhringen GmbH

envases.de

0

Envases Öhringen GmbH is a well-established German manufacturer specializing in metal and plastic packaging solutions, serving industries such as paints, chemicals, food, and beverages. The company holds a strong market position, notably as a world leader in 5-liter party kegs for breweries, and emphasizes sustainability and innovation in its product offerings. The website reflects a mature digital presence with professional design, multilingual support, and comprehensive business information. Technically, the site is built on the Jimdo Creator platform, leveraging modern web standards including HTTPS with strong TLS protocols and OCSP stapling, ensuring secure and performant user experiences. Security posture is solid with appropriate headers and no detected vulnerabilities, though improvements in DNS security and incident response transparency are recommended. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high trustworthiness and business credibility, supporting Envases Öhringen GmbH's reputation as a global packaging leader.

O

OVHcloud

kimsufi.com

0

Kimsufi.com is a website representing the Kimsufi brand, which offers low-cost dedicated servers and hosting solutions. The brand is now integrated into the OVHcloud Eco range, reflecting a strategic consolidation under the OVHcloud umbrella. The website provides information about the migration of Kimsufi services to OVHcloud, emphasizing cost-effective and sustainable server offerings. The target audience includes cost-conscious customers seeking affordable dedicated servers and hosting services. The business operates within the technology sector, with OVH SAS as the parent company. The website is professionally designed, mobile-optimized, and uses Drupal CMS with modern web technologies. However, a critical security issue is the lack of a valid SSL certificate and HTTPS support, which significantly impacts the security posture score. Privacy and cookie policies are comprehensive and GDPR compliant. Social media presence is strong across major platforms, enhancing trust and engagement.

The website cmdesign.hu is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page, which blocks access to actual business content. The domain is mature, registered since 2008, and uses Cloudflare for DNS and security services. The SSL certificate is valid but lacks modern TLS protocol support, and HSTS is not enabled, indicating room for security improvements. No privacy, cookie, or terms of service policies are present, nor is there any visible contact or business information on the accessible page. This severely limits the ability to assess the company's business model, services, or compliance posture. The presence of Cloudflare Insights indicates minimal analytics tracking, but no marketing or advertising tools are detected. Overall, the site’s security posture is moderate due to valid HTTPS and security headers, but the lack of accessible content and compliance information is a significant concern.

C

CODITY LLC

movilaesweb.com

0

The website movilaesweb.com serves as an online portal for AES El Salvador, focusing on providing customers with services related to electricity bill payments, outage reporting, and general information about AES El Salvador's energy services. The business appears to be a small-scale service portal operated or developed by CODITY LLC, targeting customers in El Salvador. The site uses modern web technologies such as React and is hosted on Amazon AWS infrastructure, indicating a moderate level of technical maturity. However, the website suffers from significant security shortcomings, most notably the absence of a valid SSL certificate and HTTPS support, which severely undermines user trust and data security. Additionally, the lack of privacy policies, cookie consent mechanisms, and contact information further detracts from compliance and user confidence. Overall, the site is functional but basic in content quality and technical implementation, with critical security improvements needed to meet industry standards and regulatory requirements.

A

Alpine Brands GmbH & Co KG

goal.at

0

GOAL is an established Austrian beverage brand specializing in fruit-based refreshing drinks with reduced sugar content and added vitamins. The company targets consumers seeking healthier alternatives to traditional soft drinks, positioning itself as a trusted brand with a history dating back to 1929. The website effectively communicates product details, brand history, and contact information, supporting a positive market presence in retail and C&C sectors. Technically, the website is built on WordPress using the GeneratePress theme and Kadence Blocks, leveraging modern JavaScript libraries such as jQuery and Flickity for interactive elements. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with room for improvement in loading speed and technical optimizations. From a security perspective, the site uses HTTPS with modern TLS protocols but lacks advanced security headers and features like HSTS and OCSP stapling. Cookie consent mechanisms are implemented in compliance with GDPR, and privacy policies are clearly presented. However, there is no visible incident response or vulnerability disclosure information, which could be enhanced to improve trust. Overall, the website presents a professional and trustworthy digital presence with minor technical and security improvements recommended to strengthen its posture and user trust.

M

MSD Tiergesundheit Deutschland

msd-tiergesundheit.de

0

MSD Tiergesundheit Deutschland is a well-established veterinary pharmaceutical company operating in Germany, providing a range of animal health products including vaccines and pharmaceuticals targeted primarily at veterinarians. The company is part of the global Merck & Co., Inc. group, which lends it strong market credibility and resources. The website reflects a professional and consistent brand presence with comprehensive content tailored to its target audience, including educational resources and an online shop. Technically, the site is built on WordPress VIP, leveraging modern web technologies and SEO best practices, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, strong security headers, and cookie consent mechanisms in place, although some improvements like OCSP stapling and updated TLS protocol support could enhance security further. Privacy compliance is well addressed with clear policies and GDPR adherence. Overall, the website represents a mature digital presence with good business credibility and technical implementation.

A

Alpine Brands GmbH & Co Kg

blaschke-original.at

0

Blaschke Original is a traditional Austrian confectionery brand specializing in the production and sale of the iconic Kokoskuppel sweet. With a heritage spanning over 100 years, the company maintains a strong market position in the retail confectionery sector, emphasizing quality and tradition. The website reflects a professional digital presence built on WordPress with Elementor, optimized for SEO and user experience. Security posture is adequate with HTTPS enabled and cookie consent implemented, though improvements such as HSTS and additional security headers are recommended. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact information and social media engagement.

H

Honigmayr Honigmanufaktur

honigmayr.at

0

Honigmayr is a medium-sized Austrian honey manufacturer and retailer specializing in high-quality honey products sourced from the best regions worldwide. The company emphasizes product traceability through its Beetracker system and offers a diverse product range including classic, organic, and specialty honey editions. The website is built on WordPress with a modern tech stack and demonstrates strong digital maturity with multilingual support, SEO optimization, and mobile responsiveness. Security posture is adequate with HTTPS and no critical vulnerabilities detected, though improvements in security headers and OCSP stapling are recommended. Privacy compliance is robust with a comprehensive privacy policy and cookie consent mechanism. Overall, the business presents a trustworthy and professional online presence with clear contact information and active social media engagement.

A

ALPINE BRANDS GmbH & Co KG

auer-waffeln.at

0

Auer is a well-established Austrian brand specializing in gourmet waffle products since 1920, operated by ALPINE BRANDS GmbH & Co KG. The company offers a range of premium waffle specialties and confectionery products targeting consumers who appreciate high-quality gourmet foods. The website reflects a mature digital presence with a WordPress CMS enhanced by Elementor and optimized with WP Rocket. It includes comprehensive metadata, structured data, and social media integration, supporting good SEO and user engagement. Security posture is solid with HTTPS enabled and cookie consent mechanisms in place, though improvements such as HSTS and additional security headers are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, providing clear contact information and business legitimacy.

A

ALPINE BRANDS GmbH & Co KG

gasteiner.at

0

Gasteiner Mineralwasser, operated by ALPINE BRANDS GmbH & Co KG, is a well-established Austrian beverage brand specializing in pure alpine mineral water and natural fruit juice beverages. The company leverages its unique alpine origin and lifestyle branding, including event sponsorship such as the Infinity Music Tour, to engage its target audience. The website reflects a professional and consistent brand image with clear product offerings and active social media engagement. Technically, the website is built on a modern Drupal 11 CMS with PHP 8.3 backend, served via nginx and hosted on a PleskLin environment. It employs modern web technologies including Lottie animations and Swiper.js for interactive content. The site is mobile-optimized and performs well with fast load times and good SEO practices. From a security perspective, the site uses HTTPS with TLS 1.2 and 1.3 protocols and includes important security headers like X-Content-Type-Options and X-Frame-Options. However, it lacks HSTS and OCSP stapling, which are recommended for enhanced security. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a clear cookie consent mechanism and a comprehensive privacy policy aligned with GDPR. Overall, the website demonstrates a solid security posture and business credibility with transparent WHOIS data matching the business identity. Strategic improvements in security headers and incident response disclosures could further enhance trust and compliance.