Security Directory

A

Ableneo

ableneo.com

0

Ableneo is a medium-sized technology and transformation partner specializing in bridging business consulting with software engineering to support startups, scaleups, and corporates in driving innovation and growth. The company offers key services including AI & Data enabling, Business Optimization & Efficiency, Product Design & Development, and Software Engineering. With over 80 team members, multiple offices worldwide, and a client base exceeding 50, Ableneo positions itself as a trusted partner in the technology consulting space. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, Contact Form 7, and Complianz GDPR for compliance. The hosting infrastructure appears to be on AWS, and the site uses various frontend technologies including Bootstrap, Swiper.js, and Lottie animations. SEO and mobile optimization are well implemented, though performance metrics indicate slow loading times. From a security perspective, the site lacks a valid SSL certificate and does not support any TLS protocols, which is a critical vulnerability. No advanced security headers or incident response policies are present. However, email authentication via SPF is configured, and no known SSL vulnerabilities like Heartbleed or POODLE are detected. Privacy compliance is strong with GDPR-aligned cookie consent and privacy policies. Overall, the website is professional and content-rich, but the absence of HTTPS significantly impacts its security posture and trustworthiness. Strategic improvements in SSL/TLS deployment and security headers are essential to enhance protection and user confidence.

G

Grizzly GmbH

grizzlynt.com

0

Grizzly GmbH is a well-established digital agency based in Austria, founded in 2006, specializing in web design, app development, digital strategies, and consulting services. The company serves a diverse clientele including major brands, positioning itself as a creative and technology-driven partner for digital communication and software solutions. Their website reflects a professional and content-rich presence, showcasing their services, clients, and job opportunities. Technically, the site is built on WordPress with modern plugins and themes, hosted behind Cloudflare, but suffers from a critical lack of a valid SSL certificate, which undermines security and trust. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the business credibility is strong, but the security posture requires urgent improvement to meet modern standards.

W

Web2Asia

web2asia.com

0

Web2Asia is a Shanghai-based digital marketing and e-commerce agency specializing in China market entry and operations for foreign brands. They are a certified 5-Star / Gold-Star rated Tmall Partner (TP) endorsed by Alibaba, providing comprehensive services including digital strategy, e-commerce setup, performance marketing, and logistics. The company serves major international clients and operates on a Jimdo CMS platform hosted on AWS. Technically, the website uses legacy jQuery and lacks modern performance optimizations, with no valid SSL certificate currently implemented, exposing it to security risks. Privacy compliance is partial, with a cookie control mechanism present but disabled by default. Overall, the business is credible and well-positioned in the China e-commerce ecosystem but needs urgent security improvements.

M

Masternaut Limited

masternaut.com

0

Masternaut Limited operates as a leading UK provider of fleet telematics and tracking solutions, now branded under MICHELIN Connected Fleet. The company targets fleet operators seeking to optimize operations and reduce costs, offering telematics systems and fleet management services. The website reflects a professional B2B business model with a strong market position in transportation technology. Technically, the site is built on HubSpot CMS, leveraging modern marketing and analytics tools, but suffers from critical SSL certificate issues that undermine HTTPS security. Security headers are present but cannot compensate for the lack of a valid SSL certificate. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is available via phone and a contact form, but no explicit security or incident response policies are published. Overall, the site is functional and professional but requires urgent remediation of SSL and privacy compliance gaps.

T

The Natural History Museum

nhm.ac.uk

0

The Natural History Museum website serves as a comprehensive digital portal for one of the UK's leading educational and cultural institutions. It offers extensive information on exhibitions, scientific research, educational resources, and visitor services, targeting a broad audience including the general public, educators, and researchers. The site is well-branded, professionally designed, and provides clear navigation and rich content relevant to its mission. Technically, the website leverages modern web technologies such as React with Next.js and Adobe Experience Manager as its CMS, hosted on Microsoft Azure. While the site is mobile-optimized and accessible, performance is currently hindered by an invalid SSL certificate and lack of enabled TLS protocols, which also impacts the security posture. Security-wise, the site implements some security headers like HSTS and X-Frame-Options but lacks a valid SSL certificate and proper TLS support, which are critical for secure communications. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism in place. Social media integration and tracking tools like Google Tag Manager and Adobe DTM are used responsibly with privacy considerations. Overall, the website is trustworthy and professional but requires urgent remediation of SSL and TLS issues to ensure secure user interactions and improve its security score. Strategic improvements in SSL management and security best practices will enhance user trust and compliance.

CliftonLarsonAllen LLP (CLA) is a large, established professional services firm in the finance sector, offering integrated wealth advisory, digital, audit, tax, outsourcing, and consulting services. The company targets businesses and individuals seeking comprehensive financial and consulting solutions, operating across more than 130 locations in the United States. The website reflects a professional and consistent brand presence with rich content and multiple client engagement portals. Technically, the site uses modern JavaScript frameworks such as Vue.js, integrates marketing and analytics tools like Google Tag Manager, HubSpot, and Microsoft Web Tracking, and is hosted behind Cloudflare. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, severely impacting the security posture. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the site demonstrates strong business credibility and digital maturity but requires urgent remediation of its SSL configuration to ensure secure communications and maintain trust.

Korean Air operates as a major airline company primarily serving air travelers with passenger and cargo transportation services. The website branding and metadata confirm the business identity as a South Korean airline with an enterprise scale. The technical infrastructure leverages Amazon Web Services for hosting and Akamai for content delivery, supplemented by multiple third-party analytics and marketing tools such as Dynatrace, Quantum Metric, Adobe DTM, and Google Tag Manager. However, the website lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security deficiency. Security headers are present but insufficient without HTTPS, and no privacy or cookie policies are detected, indicating gaps in compliance and user trust mechanisms. The website content is accessible without WAF or security challenges, but the absence of contact information and legal policies reduces overall credibility. The domain registration data aligns well with the business claims, supporting legitimacy. Overall, the site requires urgent security improvements and enhanced privacy compliance to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Haemonetics Corporation operates a professional and content-rich website focused on delivering innovative medical technology solutions primarily for hospitals, plasma centers, and blood centers. The company positions itself as a leader in healthcare technology, targeting healthcare providers and institutions with B2B solutions that improve patient care and operational efficiency. The website is built on a modern CMS (Sitecore) and integrates multiple marketing and analytics tools, reflecting a mature digital infrastructure. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and disabled TLS protocols, which severely impact the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, but incident response and security policy disclosures are missing. Overall, the website is professional and trustworthy in business presentation but requires urgent security improvements to protect user data and maintain trust.

Kennametal Inc. is a leading enterprise in the manufacturing sector, specializing in productivity solutions for metalworking, earth cutting, and wear components. The company serves industrial manufacturers and mining and construction industries with a broad portfolio of products including metalworking tools, carbide wear parts, and additive manufacturing components. The website reflects a strong market position with comprehensive product catalogs, collaboration tools, and extensive customer support options. Technically, the site is built on Adobe Experience Manager with modern JavaScript libraries and integrates advanced monitoring and analytics tools such as New Relic and Adobe Launch. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS enforcement, which significantly impacts the security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent security improvements to protect user data and maintain credibility.

British Airways operates as a major airline providing passenger air transportation services. The website content analyzed is minimal, serving as an informational placeholder indicating high demand on the site. The business is positioned as a large enterprise in the transportation sector, targeting airline passengers and travelers. The site lacks comprehensive content, policies, or contact information, limiting user engagement and trust signals. Technically, the site is served via Akamai CDN but lacks HTTPS encryption and modern security configurations, exposing it to potential risks. Security posture is weak due to absence of SSL/TLS, HSTS, and other security headers. Overall, the site presents a low trustworthiness profile with critical security gaps and minimal privacy compliance. Strategic improvements are needed to enhance security, privacy, and user experience.

The Scripps Research Institute is a well-established nonprofit research organization focused on pioneering scientific discovery and translational medicine to address major health challenges. With a century-long history and a strong reputation in the life sciences, it combines fundamental research with drug discovery and education. The website reflects a professional and content-rich platform targeting researchers, donors, and students. Technically, the site uses modern frameworks like Vue.js and integrates analytics and marketing tools such as Google Tag Manager and Klaviyo. However, the lack of a valid SSL certificate significantly impacts the security posture, exposing visitors to risks and undermining trust. No explicit privacy or cookie policies were found, and security policies or incident response contacts are absent, indicating compliance gaps. Overall, the site is credible and authoritative but requires urgent security improvements to protect user data and enhance trust.

umdasch Store Makers Management GmbH is a large, internationally operating company specializing in shopfitting and retail solutions, including consulting, project management, general contracting, and digital retail integration. The company is part of the Umdasch Group AG and serves retail businesses with comprehensive store design and implementation services. Their website reflects a professional and consistent brand presence with multilingual support and active social media engagement. Technically, the website uses Apache server technology with common JavaScript libraries for UI components but lacks a modern CMS indication. Hosting is managed via Azure DNS. Performance metrics are not provided but inferred as slow due to zero load time data. Security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which critically impacts secure communications. Privacy compliance is addressed with a comprehensive GDPR policy and cookie consent mechanism, though no explicit security policy or incident response contacts are found. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

RUD Gruppe is a well-established German manufacturing company specializing in chain systems and components for diverse industrial applications including lifting, securing, and transportation. With a history spanning approximately 140 years, the company operates globally and offers a broad product portfolio including lifting chains, securing devices, conveyor and drive technology, and specialized military and forestry chains. The website reflects a mature digital presence with multilingual support and structured navigation, powered by TYPO3 CMS and enhanced with caching and Google Tag Manager for analytics. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS configuration, exposing users to potential risks. Privacy policies and terms of service are present and comprehensive, supporting GDPR compliance, though cookie consent mechanisms are lacking. Social media integration is robust, enhancing brand trust and engagement.

Stepan Company operates as a global specialty and intermediate chemical supplier, providing chemical ingredients and formulations tailored to consumer and industrial markets. The company emphasizes innovation, sustainability, and extensive R&D capabilities, positioning itself as a large, reputable player in the manufacturing sector. Their website reflects a professional and comprehensive digital presence with clear navigation and rich content targeting B2B customers seeking chemical solutions. Technically, the website leverages Adobe Experience Manager as its CMS, integrates Salesforce platforms, and uses modern marketing and analytics tools such as Pardot, Adobe DTM, and Google Tag Manager. The site is hosted on Microsoft Azure DNS infrastructure and employs standard security headers and content security policies. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. From a security perspective, while some best practices like CSP and secure cookies are implemented, the lack of HTTPS and modern TLS protocols exposes the site to risks and undermines user trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information is primarily available via web forms, with no direct emails or phone numbers published. Overall, the site is trustworthy and professionally managed but requires urgent remediation of its SSL/TLS configuration to meet modern security standards and improve user confidence.

fab it Consulting GmbH is a small German company specializing in IT consulting and software development services tailored for the financial industry. Established in 1995, the company focuses on delivering market-oriented software solutions, particularly in interface and API development for front-, middle-, and back-office financial systems. Their target audience includes banks, insurance companies, investment firms, and financial departments of large industrial enterprises. The website content is professional and relevant, reflecting a niche market position with a clear business model centered on B2B IT services in finance. Technically, the website uses an older technology stack including Apache server, Bootstrap 3, and jQuery 3.1.1. The site lacks modern performance optimizations and accessibility features, and the absence of HTTPS severely impacts security and trust. The website is accessible without WAF or blocking mechanisms, but it lacks critical security configurations such as SSL/TLS, HSTS, and security headers. There is no evidence of privacy or cookie policies, GDPR compliance indicators, or contact emails and phone numbers, limiting user trust and regulatory compliance. From a security perspective, the site is at high risk due to the lack of HTTPS and modern security headers. DNS records show no DNSSEC or CAA records, and the SSL certificate is invalid or missing. No incident response or security policies are published. The WHOIS data aligns well with the business claims, showing consistent registration and legitimacy. Overall, the website scores low on security and privacy compliance, moderate on business credibility, and good on content quality. Strategic recommendations include immediate implementation of HTTPS with a valid certificate, addition of security headers, publication of privacy and cookie policies to meet GDPR requirements, and enhancement of contact information transparency. These steps will improve trust, security posture, and regulatory compliance, supporting the company’s professional image and business growth.

R

R-Tech Dental

rtechdental.com

0

R-Tech Dental is a small, regionally focused dental equipment repair and sales company based in Minnesota, established in 1985. The company offers a range of services including equipment repair, chair re-upholstery, handpiece repair, consultation, and maintenance training, targeting dental professionals and offices primarily in Minnesota. Their website is built on HubSpot CMS using Bootstrap and jQuery, providing a professional and well-structured user experience with clear navigation and relevant content. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. While basic security headers are present, modern TLS protocols and advanced DNS security features are missing. Privacy compliance is minimal, with no cookie consent mechanism and limited GDPR indicators. Contact information is clearly provided, and trust signals such as testimonials and a published founder article enhance credibility. Overall, the website demonstrates good business credibility and content quality but requires urgent improvements in security and privacy compliance to reduce risk and enhance user trust.

S

Sovos Compliance, LLC

tocbiometrics.com

0

Sovos LATAM is a regional branch of Sovos Compliance, LLC, specializing in trust services that secure digital transactions, identity verification, and document management primarily for Latin American markets. The website presents a professional and comprehensive overview of their offerings, targeting businesses seeking compliance and digital trust solutions. Technically, the site is built on WordPress with Elementor and integrates multiple marketing and analytics tools, hosted on Pagely-ARES. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, significantly impacting the security posture. While security headers are well configured, the lack of encryption exposes users to risks. Privacy compliance is supported by a comprehensive privacy policy, but no cookie consent mechanism is detected despite tracking scripts. Overall, the site is trustworthy and professionally maintained but urgently needs to address SSL/TLS to ensure secure communications.

The website visit-ucds.de is currently inaccessible beyond a Cloudflare security challenge page, which blocks access to any substantive content. This prevents a full assessment of the business, its services, or compliance posture. The domain is registered and uses Cloudflare for protection, but the SSL certificate is invalid or missing, resulting in no HTTPS support. The site lacks any visible privacy, cookie, or terms of service policies, and no contact information or business details are provided. Technically, the site uses Cloudflare's security and analytics services but fails to deliver meaningful content or user experience. Security headers are well configured, but the absence of valid SSL is a critical vulnerability. Overall, the site scores very low on content quality, privacy compliance, and business credibility due to the blocking and lack of information.

R

Red On line (COM)

gutwinski.at

0

Red-on-line is a well-established provider of integrated EHS (Environment, Health, and Safety) management solutions, combining software, consulting, and legal content to support corporate compliance and sustainability efforts. The company serves a broad international clientele, with over 2000 companies across more than 85 countries, positioning itself as a leader in the HSE software and consulting market. Their business model focuses on SaaS delivery complemented by expert consulting services, targeting medium to large enterprises with complex compliance needs. Technically, the website is built on WordPress with modern SEO and performance optimizations, including caching and monitoring tools like WP Rocket and New Relic. The presence of a GDPR-compliant consent management platform (Didomi) indicates a mature approach to privacy compliance. Security posture is basic but adequate, with HSTS enabled but lacking a valid SSL certificate on the analyzed domain, which may be a legacy or redirect domain. Overall, the site demonstrates professionalism and trustworthiness, though improvements in SSL configuration and additional security headers are recommended.

A

amazee.io

amazee.com

0

amazee.io is a managed open source enterprise hosting platform provider targeting large enterprises with a focus on data sovereignty, flexibility, and security. The company offers a fully managed PaaS leveraging Kubernetes and modern infrastructure, aiming to reduce time-to-market and increase ROI for its customers. The platform supports a wide range of frameworks and technologies, including Drupal, Gatsby, React, and more. Technically, the website is built using modern technologies such as React and Gatsby, with integrations for analytics and marketing tools like Google Tag Manager and HubSpot. The security posture is moderate, with essential security headers in place but lacking a valid SSL certificate and modern TLS support, which are critical for secure communications. Privacy compliance is strong, with clear privacy and cookie policies and GDPR considerations. Overall, the website presents a professional and trustworthy image, supported by certifications like ISO 27001 and SOC_NonCPA, and a parent company relationship with Mirantis.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

S

SW Umwelttechnik Stoiser & Wolschner AG

sw-umwelttechnik.com

0

SW Umwelttechnik Stoiser & Wolschner AG is a well-established manufacturer specializing in precast concrete products for infrastructure development, including civil engineering, traffic, and building sectors. The company operates across multiple Central and Eastern European countries with subsidiaries in Austria, Hungary, Romania, and Slovakia, positioning itself as a regional leader in sustainable construction materials. Their website reflects a professional and comprehensive digital presence, targeting infrastructure developers and construction companies. Technically, the site is built on TYPO3 CMS with PHP 8.1 and Bootstrap, offering good mobile optimization and accessibility, though performance is moderate due to lack of SSL and modern protocols. Security posture is weak, with no HTTPS enabled and missing critical SSL configurations, exposing the site to risks. Privacy compliance is strong, with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the business credibility is high, supported by detailed contact information, investor relations, and trust signals such as LinkedIn presence. Strategic improvements in security infrastructure are recommended to enhance trust and protect user data.

E

ELIX Polymers, S.L.U.

elix-polymers.com

0

ELIX Polymers, a member of Sinochem International, is a leading European manufacturer of ABS resins and derivatives, serving diverse industrial sectors including automotive, healthcare, and consumer goods. The company emphasizes innovation, sustainability, and customer service, operating globally with business relations in 40 countries. Their website reflects a professional and comprehensive digital presence with detailed corporate, product, and sustainability information. Technically, the site uses modern frameworks like Bootstrap and jQuery, hosted behind Cloudflare, but suffers from a critical lack of a valid SSL certificate and modern TLS support, which significantly impacts security posture. Privacy and cookie policies are well implemented with GDPR compliance and active consent mechanisms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

T

Tech Gate Vienna

techgate.at

0

Tech Gate Vienna operates as a real estate business specializing in leasing office spaces and event rooms primarily targeting professionals, experts, and investors in Austria. The website content is in German and reflects a medium-sized business with a clear affiliation to STRABAG SE, a large construction and real estate group, as indicated by DNS and CDN usage. The technical infrastructure relies on legacy Lotus Domino servers with modern frontend libraries like jQuery and Bootstrap. However, the site lacks HTTPS, which is a critical security vulnerability. Cookie consent is implemented via OneTrust, showing GDPR compliance awareness. The absence of visible contact emails and phone numbers on the homepage limits direct user engagement. Overall, the website is professionally designed but technically outdated and insecure.

The website starragheckert.com is currently a parked domain page with no active business content or services. It primarily serves as a domain-for-sale landing page with advertising scripts and minimal textual content. The technical infrastructure is basic, hosted on Hetzner Online with a Caddy server, but lacks HTTPS and modern security configurations. The site uses third-party ad networks such as Google Adsense Domains CAF and AdsDeli for monetization. Security posture is weak due to the absence of SSL/TLS, security headers, and compliance policies. Overall, the site presents a low trust profile and minimal business credibility.

B

BFW

bfwindia.com

0

BFW is a well-established Indian machine tool manufacturer with a history dating back to 1961. The company specializes in high-precision machinery and custom manufacturing solutions, serving industries such as automotive, aerospace, electronics, and agriculture. Their website reflects a mature digital presence built on WordPress with Elementor and related plugins, offering rich content including product details, case studies, blogs, and event information. However, the site lacks a valid SSL certificate, which is a critical security gap. Contact information is comprehensive, including email, phone, and social media channels, but privacy and cookie policies are absent, indicating compliance gaps. Overall, BFW demonstrates strong business credibility and branding consistency but needs to improve its security posture and privacy compliance to meet modern standards.

I

i5invest corporate development

i5invest.com

0

i5invest corporate development is a medium-sized corporate development firm based in Austria, specializing in supporting innovative tech founders with strategy, business development, M&A, and capital provision. The company boasts a strong market position with over 250 transactions closed and a large executive network spanning multiple continents. Their business model focuses on long-term partnerships with tech scale-ups and providing hands-on support across capital, growth, and M&A processes. Technically, the website is built on WordPress with Elementor and integrates modern marketing and analytics tools such as Google Analytics and Tag Manager. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocols, which poses a critical risk. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

U

Unverschwendet

unverschwendet.at

0

Unverschwendet is a small Austrian retail business specializing in transforming surplus fruits and vegetables into high-quality, sustainable food products such as jams, syrups, chutneys, and more. The company operates an e-commerce platform alongside physical market stands and partnerships with retail chains like HOFER under the 'Rettenswert' brand. Their business model focuses on sustainability and social responsibility, targeting environmentally conscious consumers and businesses seeking unique, sustainable gifts. Technically, the website is built on the Shopware platform, leveraging modern marketing and analytics tools including Google Tag Manager, Facebook Pixel, and Hotjar. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to insecure HTTP connections. Despite this, the site implements strong security headers and cookie consent mechanisms, demonstrating good privacy compliance. The domain registration is consistent and legitimate, supporting the business's credibility. Strategic improvements in security infrastructure are recommended to enhance user trust and compliance.

Wolters Kluwer Financial and Corporate Compliance is a division of Wolters Kluwer N.V., a global leader providing technology-enabled compliance, regulatory, and corporate services solutions primarily targeting financial institutions, corporations, and legal professionals. The website presents a professional, well-branded digital presence with comprehensive content describing their portfolio of compliance and regulatory products and services. The technical infrastructure leverages modern web technologies, including Cloudflare CDN, Azure DNS, and marketing/analytics tools such as Google Tag Manager, Marketo, and OneTrust for privacy compliance. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and lack of enabled TLS protocols, which severely impacts the security posture and trustworthiness of the site. Privacy and cookie policies are well implemented with consent mechanisms, but no explicit security or incident response policies are published. Overall, the site reflects a mature enterprise business with strong branding and content quality but requires urgent remediation of its SSL/TLS configuration to meet security best practices.

A

Are you human? | Norwegian

norwegian.com

0

The norwegian.com website is currently inaccessible to general users due to a Cloudflare Web Application Firewall (WAF) security challenge page that requires human verification. This prevents access to the actual website content, resulting in minimal visible information. The domain is registered and uses Cloudflare for DNS and protection, with Microsoft Outlook handling email services. However, the SSL certificate is invalid or missing, and no HTTPS is enabled, which is a critical security flaw. No privacy, cookie, or terms of service policies are found on the challenge page, nor is any contact or business information exposed. The technical infrastructure relies on Cloudflare's security and CDN services, but the lack of valid SSL and the blocking challenge significantly reduce the website's accessibility and trustworthiness.

C

Coleago Consulting

coleago.com

0

Coleago Consulting is a specialized telecommunications consulting and training firm offering expert services primarily to operators, regulators, digital service providers, and investors in the telecom sector. The company emphasizes experience-based consulting with partner-level consultants having over 20 years of industry experience. Their service portfolio includes spectrum valuation, auction strategy, regulatory advice, business planning, transaction services, and professional training. The website presents a professional and content-rich experience with clear navigation and strong branding consistency. Technically, the site is built on WordPress and uses Cloudflare for hosting and CDN services, with Google Analytics integrated for visitor tracking. However, the website lacks a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Cookie consent mechanisms are implemented and GDPR compliant, but no terms of service or explicit security policies are found. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

Maillis Group is a well-established manufacturing company specializing in secondary packaging systems, including strapping, wrapping, and box handling solutions. With over 50 years of experience, the company serves industrial and manufacturing sectors, providing integrated packaging machines, consumables, and services. The website reflects a professional and consistent brand presence targeting industrial clients. Technically, the site is built on Drupal 8 with PHP 7.2 backend and hosted likely on AWS infrastructure. It employs modern tracking and marketing tools such as Google Analytics, Google Tag Manager, and Albacross, alongside a comprehensive cookie consent mechanism. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to risks and reducing trust. Security headers are well implemented but weakened by unsafe CSP directives. The domain registration data aligns well with the business claims, indicating legitimacy and consistency. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Eviso Austria GmbH is a small marketing agency based in Vienna, Austria, operating since 2010. It functions as part of Canal+ Luxembourg S. à r.l, focusing on marketing and brand support for satellite television services, particularly the HD Austria® brand. The company targets consumers and business customers interested in satellite TV in Austria. The website content is minimal but provides essential business information and contact details. Technically, the website runs on Microsoft IIS 7.0 with ASP.NET and uses older JavaScript libraries. The site lacks HTTPS, modern security headers, and cookie consent mechanisms, indicating a low security posture. No forms or tracking scripts are present, reducing privacy risks but also limiting user engagement and analytics capabilities. Overall, the site is functional but outdated and insecure, requiring significant improvements in security and privacy compliance to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

S

Sweco

swecogroup.com

0

Sweco is a leading European architecture and engineering consultancy specializing in sustainable urban development, infrastructure, energy, and water solutions. With a workforce of 22,000 experts, the company serves a broad client base including public and private sectors, emphasizing sustainability and innovation. The website reflects a mature digital presence with comprehensive content, investor relations, and sustainability reporting. Technically, the site is built on WordPress with modern plugins and scripts, but suffers from a critical security flaw due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which undermines user trust and security. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, Sweco's digital footprint is professional and content-rich but requires urgent remediation of its SSL/TLS configuration to meet security best practices.

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 29 security findings identified across all modules.

T

TCG Lifesciences Pvt. Limited

tcgls.com

0

TCG Lifesciences Pvt. Limited is a well-established global Contract Research and CDMO company specializing in pharmaceutical and biotech R&D services. Founded in 2001 and headquartered in India, the company operates internationally with subsidiaries such as Clininvent Research Pvt. Ltd. Their service portfolio includes chemistry synthesis, pharmacology, DMPK, analytical development, and manufacturing. The website reflects a mature digital presence built on WordPress with modern UI frameworks and SEO optimizations. However, the absence of a valid SSL/TLS certificate is a critical security gap that undermines user trust and data protection. While security headers are present, the lack of HTTPS and modern TLS protocols significantly reduces the security posture. Privacy compliance is partially addressed with a privacy policy but lacks cookie consent mechanisms and terms of service. Overall, the business credibility is strong, supported by certifications and social proof, but technical and security improvements are necessary to align with best practices.

E

EnliteAI GmbH

enlite.ai

0

EnliteAI GmbH is a specialized technology provider focused on Artificial Intelligence solutions, particularly in Reinforcement Learning, Computer Vision, and Power Grid Optimization. The company offers open-source frameworks like Maze and commercial platforms such as Detekt, targeting organizations seeking advanced AI integration. Their client portfolio includes notable enterprises, and recent seed funding supports their growth trajectory. Technically, the website is built on Webflow with modern analytics and consent tools, but lacks a valid SSL certificate, which impacts security posture. Security headers are partially implemented, and forms use Google reCAPTCHA for bot protection. Overall, the site is professional and content-rich but requires urgent SSL deployment to secure communications. Privacy compliance is addressed with cookie consent and policies, though no explicit security or incident response policies are published. Strategic recommendations include immediate SSL installation, enhanced security policy publication, and continuous privacy compliance improvements.

Y

YUMMY Publishing GmbH

yummy.digital

0

YUMMY Publishing GmbH operates the digital publishing platform Yumpu.com, providing tools for converting documents into online magazines with a global user base. The company targets publishers and businesses seeking innovative digital publishing solutions, leveraging cloud hosting and advanced rendering technologies. The website presents a professional brand image with notable client logos and a clear business focus on digital content publishing. Technically, the site uses SilverStripe CMS and common frontend libraries but lacks HTTPS, which is a critical security gap. The absence of SSL/TLS and security headers exposes the site to risks and undermines user trust. Privacy compliance is minimal, with no cookie consent mechanism detected and only a basic privacy policy available. Overall, the site is functional and informative but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

S

Specialised Dispute Management Pty Ltd

sdmlegal.com

0

Specialised Dispute Management Pty Ltd is a small Australian legal services provider specializing in on-demand legal expertise and specialist litigation support, including employment law advisory services. The company targets businesses and law firms seeking pragmatic and commercial legal solutions. The website is built on the Squarespace platform, featuring professional design and clear navigation, but lacks advanced SEO and accessibility features. Security posture is weak due to the absence of a valid SSL certificate, disabled HSTS, and minimal security headers, exposing the site to potential risks. Privacy compliance is poor with no privacy or cookie policies present. Overall, the site demonstrates moderate business credibility with professional content and contact information but requires significant security improvements.

C

Cook Medical

cookmedical.com

0

Cook Medical is a family-owned healthcare company specializing in the development and manufacturing of minimally invasive medical devices. The company targets physicians, healthcare professionals, and patients globally, offering a broad portfolio of products and services including customer support, education, and innovation collaboration. The website reflects a well-established business with consistent branding and a professional online presence. Technically, the site is built on WordPress with modern technologies such as PHP 8, jQuery, and integrates third-party services like Google Tag Manager and Cookiebot for analytics and consent management. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, which significantly undermines the site's security posture despite the presence of strong security headers. Privacy and cookie policies are comprehensive and GDPR compliant, and contact information is clearly provided, enhancing trust and compliance. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements to protect user data and maintain trust.

G

Global Voices

globalvoices.org

0

Global Voices is a reputable international non-profit media organization founded in 2005, focusing on multilingual journalism, digital rights, and human rights advocacy. The website serves a global audience with rich, regularly updated content and a strong contributor network. Technically, the site is built on WordPress with modern JavaScript libraries and integrates analytics and marketing tools such as Google Tag Manager, Plausible Analytics, and Mailchimp. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security gap. Privacy compliance is moderate, with a comprehensive privacy policy but no cookie consent mechanism detected. Overall, the website demonstrates excellent content quality and business credibility but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

K

KAEFER SE & Co. KG

kaefer.com

0

KAEFER SE & Co. KG is a global industrial services company specializing in technical services such as insulation, access solutions, surface protection, fire protection, and electrical/mechanical services. With over 33,000 employees and a presence in more than 150 cities across approximately 30 countries, KAEFER positions itself as a reliable partner for industrial plants, ships, and buildings worldwide. The website reflects a mature business with comprehensive service offerings and a strong emphasis on sustainability and innovation. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, WP Rocket, and Slider Revolution, providing a good user experience and SEO optimization. However, performance is moderate and accessibility is basic. Mobile optimization is good, and the site uses cookie consent management to comply with GDPR. From a security perspective, the site has implemented several important HTTP security headers and uses secure cookies. However, a critical issue is the absence of a valid SSL certificate and the lack of enabled TLS protocols, which severely impacts the security posture and user trust. This is a significant vulnerability that should be addressed immediately. Overall, the website is professional and trustworthy in content and business representation but requires urgent improvements in SSL/TLS configuration to ensure secure communications and protect user data.

A

Aura Light International AB

auralight.com

0

Aura Light International AB is a well-established company specializing in sustainable and energy-efficient lighting solutions for professional environments such as public spaces, industry, and retail. The company offers a broad range of products including luminaires, light sources, and smart lighting control systems, positioning itself as a leading player in the Nordic and international markets. The website reflects a professional B2B business model with clear product segmentation and customer engagement channels. Technically, the website is built on the Litium e-commerce platform with integrations such as Google Tag Manager and Cookiebot for analytics and privacy compliance. The site is well-structured, mobile-optimized, and SEO-friendly, although performance metrics are not available. Hosting appears to be via Fastly CDN with Varnish caching. From a security perspective, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical vulnerability impacting user trust and data security. Security headers are partially implemented, but modern TLS protocols are disabled. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Contact information is readily available, but no explicit security policy or incident response details are found. Overall, Aura Light's website demonstrates solid business credibility and content quality but requires urgent improvements in SSL/TLS configuration to enhance security posture and user trust. Strategic recommendations include installing a valid SSL certificate, enabling modern TLS protocols, and publishing incident response contacts to strengthen security transparency.

The website at cbre.at is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page, which prevents direct access to any meaningful content. This limits the ability to analyze the business, technical infrastructure, and security posture in detail. The domain is registered and active with consistent DNS records but lacks DNSSEC and CAA records. The SSL/TLS configuration is critically lacking, with no valid certificate and no HTTPS support, which poses a significant security risk. Security headers are present but cannot compensate for the absence of HTTPS. No privacy, cookie, or terms of service policies are detectable, nor is any contact or business information available. Overall, the site appears to be protected by Cloudflare but is not currently serving accessible content, resulting in a low trust and quality score.

L

Leifheit

leifheit.com

0

Leifheit is a well-established German retail company specializing in household and kitchen products, with a strong brand presence and a history of over 65 years. The website serves as an e-commerce platform built on Shopware 6, offering a wide range of products including cleaning tools, laundry drying solutions, and kitchen utensils. The site is professionally designed with good navigation, mobile optimization, and rich multimedia content, targeting household consumers seeking quality products. Technically, the site uses modern JavaScript libraries and integrates marketing and analytics tools such as Bazaarvoice, Klaviyo, and Google Tag Manager. However, a critical security gap exists as the website currently lacks a valid SSL/TLS certificate and does not enforce HTTPS, exposing users to potential risks. Security headers are partially implemented, but the absence of HTTPS severely impacts the overall security posture. Privacy and cookie policies are present and include consent mechanisms, indicating compliance with GDPR requirements. Contact information is available via a contact page, though no explicit emails or phone numbers are embedded in the HTML content. The domain registration and DNS records are consistent with the company's German origin and business claims, supporting legitimacy. Strategic recommendations include immediate implementation of HTTPS, enhancement of security policies, and improved incident response readiness to strengthen trust and compliance.