Security Directory

Raiffeisen is Austria's largest banking group, offering a wide range of financial services to private and corporate customers through a strong regional presence and digital platforms. The website reflects a mature digital infrastructure built on Adobe Experience Manager with modern JavaScript frameworks, providing excellent user experience and comprehensive content. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocols, which is a critical issue for a financial institution. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect customer data and maintain trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

L

Lottomatica Group SpA

lottomaticagroup.com

0

Lottomatica Group SpA is a leading operator in the legal gaming sector in Italy, offering a comprehensive range of services including online gaming, sports betting, and franchising of gaming venues. The company emphasizes innovation, sustainability, and responsibility, targeting both consumers and investors within the Italian market. The website reflects a mature digital presence with clear navigation, professional design, and rich content focused on ESG commitments and corporate governance. Technically, the site uses modern frontend technologies such as Bootstrap, jQuery, and Kentico CMS, ensuring good mobile optimization and SEO practices. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS, exposing users to potential risks. Security headers are partially implemented, but the SSL/TLS configuration is poor, significantly impacting the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information is complete and professionally presented, enhancing business credibility. Overall, while the business and content quality are excellent, urgent improvements in security infrastructure are necessary to protect users and maintain trust.

A

Agos Ducato S.p.A.

agosducato.it

0

Agos Ducato S.p.A. is a well-established Italian consumer credit company with over 30 years of market presence, serving millions of customers through a large network of branches and digital platforms. The website provides comprehensive corporate information, social responsibility initiatives, and partner portals, reflecting a mature business model focused on customer-centric financial services. Technically, the site uses ASP.NET Web Forms with modern JavaScript libraries and integrates advanced consent management and analytics tools. However, the absence of a valid SSL certificate and missing DNS records represent significant security and operational risks. While the site demonstrates good privacy compliance and business credibility, these technical shortcomings reduce overall trust and security posture. Strategic improvements in SSL deployment, DNS configuration, and enhanced security headers are recommended to align the website with industry best practices and regulatory requirements.

The website for blumatix-consulting.at is currently not configured and serves a default Microsoft Azure 404 error page. There is no accessible business content, contact information, or policies available on the site. The domain is registered and DNS records indicate hosting on Microsoft Azure with email services via Outlook, consistent with a small consulting business based in Austria. However, the lack of a valid SSL certificate and absence of any meaningful content or security configurations significantly reduce the website's credibility and security posture. The site does not implement any privacy or cookie policies, nor does it provide contact or incident response information, indicating a very low level of digital maturity and compliance readiness.

The hoyer-group.com website is currently non-functional, serving only a TYPO3 default 404 error page indicating no site configuration is present. This suggests the website is either under construction, misconfigured, or decommissioned. The domain is registered but lacks DNS records and a valid SSL certificate, which severely impacts accessibility and trust. The technical infrastructure includes an Apache server and TYPO3 CMS, but no active content or business information is available. Security posture is weak due to missing HTTPS and DNS configurations, despite some security headers being present. No privacy, cookie, or terms of service policies are found, and no contact information or forms exist on the site. Overall, the site is not operational and presents significant risks and gaps in security and compliance.

The AES Corporation is a global energy company focused on delivering clean, renewable, and innovative energy solutions worldwide. The company positions itself as a Fortune 500 leader with a strong commitment to sustainability, serving diverse audiences including businesses, investors, and career seekers. Their business model emphasizes greener capacity, smart grids, carbon-free electricity, and digital solutions, supported by a broad network of regional subsidiaries. Technically, the website is built on Drupal 10 with modern frontend technologies and demonstrates good mobile optimization and accessibility. However, critical security issues exist, notably the absence of a valid SSL certificate and disabled TLS protocols, which severely impact the security posture. Privacy and cookie policies are present with consent mechanisms, and the site employs extensive analytics and marketing tools. Overall, the website is professional and content-rich but requires urgent security improvements to align with best practices.

Funstage GmbH is a well-established social casino game publisher founded in 2005 and operating under the parent company Greentube, a division of NOVOMATIC. The company offers a portfolio of over 20 social casino and gaming apps targeting a global audience, with a strong presence in Europe and the US. Their business model focuses on delivering engaging social casino experiences with unique meta features and strong player satisfaction. Technically, the website uses modern web technologies including the Astro framework and Cloudflare hosting, with good mobile optimization and SEO practices. However, the site lacks a valid SSL certificate, which is a critical security flaw. Security headers are present but insufficient without HTTPS. Privacy compliance is basic, with a privacy notice but no cookie or terms of service policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but requires urgent security improvements.

H

haagswerkbedrijf.nl

haagswerkbedrijf.nl

0

The website haagswerkbedrijf.nl currently serves as a minimal placeholder or parked page with no substantive business content or contact information. The domain is registered and DNS records indicate hosting with Dovendi, but the site lacks a valid SSL certificate and does not support HTTPS, which significantly undermines its security posture. There are no privacy or cookie policies, no terms of service, and no visible business or security policies, indicating a very low level of digital maturity and compliance. The absence of contact details and business descriptions further reduces the site's credibility and trustworthiness. Overall, the site appears inactive or underdeveloped from a business and security perspective.

The website energy.at is currently inaccessible beyond a Cloudflare security challenge page, which blocks direct content access. This prevents a full assessment of the business, its services, or its digital presence. The site lacks a valid SSL/TLS certificate, serving content only over HTTP, which is a critical security deficiency. No privacy, cookie, or terms of service policies are present, and no contact information or business details are visible. The technical infrastructure relies on Cloudflare for protection, but the challenge page limits user access and analysis. Overall, the site exhibits poor content quality, minimal technical implementation, and a weak security posture. The lack of HTTPS and visible business information significantly reduces trust and credibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

L

Lenus Pharma

lenuspharma.com

0

Lenus Pharma is a well-established Austrian healthcare company specializing in evidence-based products in urology, gynecology, and ophthalmology. The company operates globally with presence in over 70 countries and emphasizes clinical research and product quality. Their website reflects a professional and consistent brand image with comprehensive content and clear navigation, targeting medical professionals, distributors, and patients. Technically, the site is built on WordPress with modern plugins and themes but suffers from a critical lack of HTTPS, which severely impacts security posture. The absence of a valid SSL certificate exposes users to risks and undermines trust. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism. Business credibility is strong with clear contact information and trust signals such as testimonials and export awards. Overall, the site is content-rich and professionally presented but requires urgent security improvements to meet modern standards.

Landeskrankenhaus Bregenz is a key healthcare institution in the Vorarlberg region of Austria, operating under the Vorarlberger Krankenhaus-Betriebsgesellschaft.m.b.H. umbrella. The hospital provides a wide range of medical services, including specialized departments, emergency care, and patient support, serving both local and regional populations. The website reflects a mature and professional healthcare provider with a strong emphasis on quality assurance, ethics, and patient engagement. Technically, the site uses modern JavaScript libraries and analytics tools, including CookieHub for consent management and both Google Analytics and Matomo for visitor tracking. However, the website suffers from a critical security shortfall due to an invalid or missing SSL certificate and lack of proper HTTPS enforcement, which undermines user trust and data security. The absence of DNSSEC and CAA records further indicates room for improvement in DNS security. Overall, while the content and business credibility are strong, the technical and security posture requires urgent attention to meet modern standards and regulatory compliance.

J

Jobindex A/S

jobindex.dk

0

Jobindex A/S operates a leading Danish job portal that aggregates over 30,000 job listings daily, providing services for both job seekers and employers. The platform offers comprehensive job search capabilities, CV creation, job application guidance, and recruitment services, positioning itself as a key player in Denmark's employment market. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency, targeting Danish-speaking users primarily but also supporting English language options. Technically, the site employs modern JavaScript libraries and analytics tools such as jQuery, Bootstrap, Sentry, Google Tag Manager, and Piwik PRO, ensuring a robust digital infrastructure. However, the absence of a valid SSL certificate and disabled TLS protocols represent a critical security vulnerability that undermines user trust and data protection. Privacy compliance is well addressed with explicit cookie consent mechanisms and comprehensive privacy and cookie policies. Contact information and company legitimacy are clearly presented, enhancing business credibility.

ROS Retail Outlet Shopping GmbH is a medium-sized Austrian company specializing in retail real estate consulting and centre management, focusing on premium designer outlet shopping destinations across Europe. The company operates 14 outlet locations and offers services including centre management, development, leasing, retail, marketing, and facility management. Their business model targets retail investors, brand partners, and customers seeking outlet shopping experiences. The website is professionally designed on the Squarespace platform, featuring a consistent brand presence and comprehensive portfolio showcase. However, the site lacks a valid SSL certificate, which is a critical security vulnerability that undermines user trust and data protection. Privacy policies are present and GDPR compliance is indicated, but cookie consent mechanisms are limited. Contact information is thorough, including email, phone, physical addresses, and a newsletter form. Social media integration is active on Instagram, LinkedIn, and YouTube, enhancing engagement and trust. Overall, the website demonstrates good content quality and business credibility but requires urgent security improvements to meet modern standards.

Veolia Australia and New Zealand operates as a leading provider of sustainable environmental solutions focusing on water, energy, and waste management. The company leverages global expertise and innovative technologies to support ecological transformation and sustainability goals for businesses and communities in the region. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding consistent with a large enterprise. Technically, the site is built on Drupal 10 and uses modern web technologies and Cloudflare CDN for delivery. However, the absence of a valid SSL certificate and lack of modern TLS protocols significantly weaken the security posture. Privacy compliance is well addressed with accessible privacy and cookie policies and consent mechanisms. Contact is primarily facilitated through webforms and social media channels, with no explicit company emails or phone numbers publicly listed. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the site is professional and content-rich but requires urgent security improvements to meet best practices.

P

Paul & Partner Immobilien. Investments.

paulpartner.at

0

Paul & Partner Immobilien. Investments. is a small Austrian real estate agency specializing in property sales, rentals, and investments primarily in Vienna, Lower Austria, and Burgenland. The website presents a professional and well-structured digital presence using the Justimmo platform and Bootstrap framework, targeting property buyers, renters, and investors in the regional market. However, the technical infrastructure shows critical weaknesses, notably the absence of a valid SSL certificate and incomplete DNS configuration, which undermines security and trust. The site includes basic GDPR compliance elements such as a privacy policy and cookie consent modal but lacks comprehensive security policies or incident response information. Overall, the business credibility is moderate, supported by clear contact details and structured data markup, but the security posture is poor due to missing HTTPS and DNS records.

Marionnaud is a luxury retail brand specializing in perfumes and cosmetics, operating across multiple European countries with country-specific websites. The website analyzed serves as a landing page for country selection, providing minimal content and navigation to localized sites. The business is positioned as a large retail entity under Hutchison Whampoa Limited, targeting consumers interested in luxury beauty products. Technically, the site uses Apache server technology and Akamai CDN services, with basic front-end assets including Typekit fonts. However, the site lacks a valid SSL/TLS certificate, resulting in insecure HTTP connections, and does not implement modern security headers or compliance policies. This exposes the site to security risks and undermines user trust. Overall, the website's digital maturity is basic, with opportunities for significant improvements in security and privacy compliance. The absence of privacy and cookie policies, as well as contact information, limits transparency and user assurance. Strategic recommendations include immediate SSL deployment, security header implementation, and privacy policy publication to enhance compliance and trust.

Health Cloud Initiative (HCI) is a Dutch healthcare software provider specializing in comprehensive EHR solutions and digital healthcare platforms. The company serves a broad range of healthcare providers including mental health institutions, paramedical practices, general practitioners, pharmacies, dental care, and rehabilitation care. With over 4 million users and 40,000 healthcare professionals, HCI holds a significant market position in the Netherlands, offering an all-in-one platform that integrates EHR, eHealth apps, client environments, and consultancy services. The website reflects a professional and well-structured digital presence, targeting healthcare providers seeking efficient and user-friendly software solutions. Technically, the site is built on WordPress with Elementor and uses modern web technologies, though performance metrics are not explicitly available. Security-wise, the site has strong indicators such as ISO 27001 and NEN 7510 certifications and appropriate security headers; however, it critically lacks a valid SSL certificate and TLS support, which severely impacts its security posture. Privacy compliance is well addressed with accessible privacy and cookie policies, and GDPR compliance is evident. Overall, while the business and content quality are excellent, the lack of proper SSL/TLS implementation poses a significant risk that should be urgently addressed to protect user data and maintain trust.

S

Searchteam Consulting OG

searchteam.at

0

Searchteam Consulting OG is a small SEO agency based in Graz, Austria, specializing in search engine optimization services to help clients improve their online visibility and sales. The company presents a professional website with clear branding, named senior consultants, and active social media profiles, positioning itself as a niche local SEO expert. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. The site includes GDPR-compliant privacy and cookie policies with a consent mechanism, but lacks published security policies or incident response information. Overall, the website is functional and professional but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website finanzamt-geilenkirchen.de serves as the official online presence of the Finanzamt Geilenkirchen, a regional tax office under the Oberfinanzdirektion Nordrhein-Westfalen in Germany. It provides comprehensive tax-related information, contact details, online services such as appointment booking and electronic tax declaration (ELSTER), and current news updates. The site targets residents and businesses in the Nordrhein-Westfalen region, offering clear navigation and well-structured content tailored to public service needs. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies including Apache server, Matomo analytics for user tracking, and a robust Content Security Policy. The site demonstrates good mobile optimization and accessibility features, ensuring usability across devices and for users with disabilities. However, the SSL/TLS configuration is critically flawed, with no valid certificate and no TLS protocols enabled, which undermines secure HTTPS access. From a security perspective, the site implements several best practices such as strict security headers (X-Frame-Options, X-Content-Type-Options, CSP), HSTS with preload directive, and referrer policies. Despite these, the lack of a valid SSL certificate and HTTPS support is a major vulnerability that must be addressed urgently to protect user data and maintain trust. Overall, the website is professional, trustworthy, and compliant with GDPR, featuring clear privacy and cookie policies with consent mechanisms. The business credibility is high given its government affiliation, but the security posture is currently weak due to SSL issues. Strategic recommendations include immediate remediation of SSL/TLS configuration, enhancement of session security features, and continuous monitoring of security compliance.

S

S. Spitz GmbH

spitz.at

0

S. Spitz GmbH is a well-established Austrian food and beverage manufacturer with over 160 years of tradition, specializing in beverages, sweets, baked goods, and delicatessen products. The company operates multiple production sites in Austria and emphasizes quality, sustainability, and customer-specific private label solutions. Their website reflects a professional and comprehensive digital presence targeting B2B customers, job seekers, and sustainability-conscious consumers. Technically, the site is built on WordPress with common plugins and libraries, offering good mobile optimization and SEO features. However, the absence of a valid SSL/TLS certificate and missing DNS records represent significant security and technical weaknesses. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the business credibility is strong, but the security posture requires urgent improvement to protect user data and enhance trust.

Leder & Schuh AG operates the HUMANIC brand, a well-established shoe retailer and manufacturer with over 150 years of history. The company serves multiple Central and Eastern European markets through both online shops and physical stores, positioning itself as a market leader in Austria and surrounding countries. The website provides comprehensive business and product information, targeting consumers seeking quality footwear internationally. Technically, the site uses a modern tech stack including SAP Commerce, Google Tag Manager, and various marketing and analytics tools, hosted behind Cloudflare. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, exposing users to potential risks. Privacy compliance is addressed with cookie consent mechanisms and privacy policies, though some improvements are recommended. Overall, the website is professional and trustworthy but requires urgent security enhancements to protect user data and maintain credibility.

The website cajamadrid.com is currently inaccessible beyond a Cloudflare security challenge page that requires JavaScript and cookies to proceed. This prevents access to any meaningful content or business information. The domain lacks DNS records and does not have a valid SSL/TLS certificate configured, resulting in no HTTPS support. The visible content is minimal and only displays a generic Cloudflare challenge page with no metadata, forms, or contact details. Consequently, the website's technical infrastructure is immature, and its digital maturity is low. Security posture is weak due to missing HTTPS and incomplete SSL configuration, despite some security headers being present. Overall, the site presents a high risk due to lack of accessible content, no privacy or cookie policies, and no verifiable business credibility. Strategic recommendations include obtaining a valid SSL certificate, configuring DNS properly, and removing or properly configuring the WAF challenge to allow legitimate user access.

KREATIVE is a small creative branding agency focused on defining, strategizing, designing, and developing the identity of future iconic brands. The website presents a professional and consistent branding message targeting businesses seeking creative agency services. The technical infrastructure is basic, running on an Apache server with PHP implied, using jQuery and Google Analytics for tracking. However, the website lacks HTTPS, DNS records, and advanced security configurations, which impacts its security posture negatively. The cookie consent mechanism is implemented, but no contact information or security policies are provided on the homepage. Overall, the site is accessible and functional but requires significant improvements in security and technical setup to enhance trust and compliance.

The website lgefund.com currently serves as a minimal placeholder that redirects visitors to lgefund.net via a frameset. There is no substantive content, metadata, or business information available on the site itself. The lack of privacy, cookie, or terms of service policies and absence of contact information indicate a very low level of digital maturity and business transparency. Technically, the site is hosted on Amazon AWS infrastructure but lacks HTTPS support due to an invalid or missing SSL certificate, which severely impacts security posture and user trust. No modern web technologies, analytics, or tracking mechanisms are detected, and the site does not implement any security best practices such as HSTS or security headers. The domain registration is standard without privacy protection, but the absence of business details and minimal site content reduce the legitimacy and credibility of the domain. Overall, the site poses a high risk from a security and compliance perspective and does not provide sufficient information to assess business operations or compliance with data protection regulations.

D

DXC Technology

csc.com

0

DXC Technology is a leading global IT services company specializing in helping enterprises and public sector organizations modernize and secure their IT infrastructure and operations. The company offers a broad portfolio of services including cloud and infrastructure, consulting and engineering, insurance software and business process services, modern workplace solutions, and security services. The website reflects a mature digital presence with comprehensive content, multi-language support, and strong branding consistency. Technically, the site is built on Adobe Experience Manager with integrations for marketing and cookie consent management, providing a modern and responsive user experience. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which is a critical issue for trust and data protection. Privacy and cookie policies are well implemented and GDPR compliant, but no explicit security policy or incident response information is found. Overall, the site is professional and credible but requires urgent remediation of SSL/TLS issues to improve security and user trust.

长沙县聚福市场营销策划有限公司是一家位于中国湖南省长沙市长沙县的综合性企业，业务涵盖市场营销策划、数字化转型、技术咨询、人工智能硬件销售及相关制造和服务领域。公司在本地市场具有一定的知名度和影响力，提供多样化的技术和咨询服务，面向企业客户，致力于推动企业数字化升级和智能化发展。网站内容丰富，涵盖公司介绍、产品展示、服务项目及联系方式，体现了较好的业务覆盖和客户导向。技术基础较为基础，采用nginx服务器和Tailwind CSS框架，网站设计良好且移动优化表现良好，但性能数据不完整，需进一步优化加载速度和资源管理。安全方面，网站未配置有效的SSL证书，未启用HTTPS，缺少关键安全头，存在较大安全隐患，严重影响用户信任和数据安全。隐私合规方面缺乏隐私政策和Cookie政策，未体现GDPR或其他数据保护法规的遵循。整体风险较高，建议优先部署HTTPS，完善安全配置，并补充隐私合规内容以提升整体安全和合规水平。

P

Peter Ofner GmbH

dirak.at

0

Peter Ofner GmbH is a specialized Austrian company providing innovative and tailored locking technology, hinges, and connection solutions primarily for industrial clients. The company positions itself as an expert in the manufacturing sector with a focus on quality products and personalized consulting. The website reflects a professional and well-structured digital presence, leveraging modern consent management and analytics tools, but lacks a valid SSL certificate and HTTPS support, which is a critical security shortfall. DNS records are notably missing or incomplete, which raises concerns about domain configuration consistency. Overall, the site offers comprehensive contact information and basic privacy compliance but lacks explicit security policies and incident response details.

L

Leadcom

leadcom-is.com

0

Leadcom Integrated Solutions (L.I.S.) Ltd., a Tech Mahindra company, is a medium-sized international telecommunications network deployment and solutions provider with a strong presence across Africa. The company offers a comprehensive portfolio of services including telecom infrastructure solutions, tower portfolio management, coverage enhancement, energy efficiency, site security, and network services. Their business model focuses on serving telecom operators, TowerCos, OEMs, and governmental/private enterprises with a professional and efficient network and operations platform. The website reflects a consistent and professional brand image with clear service offerings and geographic presence.

The website at fill.at is currently inaccessible, returning a 403 Forbidden error with minimal HTML content. This indicates that the site is either restricted or blocked, preventing any meaningful content or business information from being accessed. The domain has valid DNS records including multiple A records and an Outlook-based MX record, suggesting some legitimate email infrastructure. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture. No metadata, privacy policies, contact information, or business details are available, limiting the ability to assess the company's market position or services. Overall, the site exhibits poor technical implementation and security maturity, with critical issues that must be addressed to enable secure and accessible web presence.

VALGRAP is a Spanish small business specializing in the distribution and online sales of fastening systems and related industrial tools, including brands such as STANLEY BOSTITCH and SIMES. The company targets professional and industrial customers seeking quality fastening products. The website is built on WordPress with WooCommerce, leveraging common plugins and marketing tools such as Google Analytics and Slider Revolution. While the site offers a good user experience with clear navigation and relevant content, it lacks a valid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are present with consent mechanisms, indicating basic GDPR compliance. Contact information is clearly provided, enhancing business credibility. However, the absence of advanced security headers and DNS security features suggests room for improvement in security maturity.

P

Pel

pelstudio.com

0

Pel is a small, bicoastal creative collective specializing in digital design services including website creation, branding, online advertising, mobile applications, and digital video. The company targets businesses seeking high-quality digital creative solutions and positions itself as a niche player with a focus on design excellence and interactivity. The website content is professional and consistent with the brand identity, featuring an interactive pixel-catching game as a unique user engagement element. Technically, the website runs on an Apache server with PHP 8.2 and uses jQuery 3.3.1 along with Google Fonts and Google Analytics. However, the site lacks a valid SSL certificate, serving content over HTTP only, and DNS records are missing, which raises concerns about domain configuration and reliability. Performance data is incomplete but suggests slow loading. Mobile optimization and accessibility are basic but functional. From a security perspective, the absence of HTTPS and missing DNS records are critical vulnerabilities that significantly reduce the site's trustworthiness. No privacy, cookie, or terms of service policies are present, and no incident response or security frameworks are disclosed. Google Analytics is used for tracking, but no cookie consent mechanism is implemented, indicating poor privacy compliance. Overall, while the business content and branding are solid, the technical and security shortcomings present risks to user trust and data protection. Strategic improvements in SSL deployment, DNS configuration, and privacy compliance are essential to enhance the site's credibility and security posture.

T

TBWA

tbwa.com

0

TBWA is a globally recognized advertising agency network specializing in disruptive creativity to build strong brands. The website reflects a professional and consistent brand image, targeting businesses seeking innovative marketing solutions. The technical infrastructure is based on WordPress, leveraging modern JavaScript libraries and third-party marketing tools, hosted on WP Engine with Cloudflare CDN. While the site is well-structured and optimized for SEO and mobile, a critical security gap exists due to the absence of a valid SSL certificate and disabled TLS protocols, which significantly impacts the security posture. Privacy compliance is well addressed with cookie consent and legal policies present. Overall, the site demonstrates strong business credibility but requires urgent security improvements.

The website grawe.ua is currently inaccessible due to a security block or Web Application Firewall (WAF) mechanism, as evidenced by the minimal HTML content showing a 'Request Rejected' message and a support ID. This prevents any meaningful extraction of business, contact, or policy information. The SSL certificate presented is for grawe.at and its wildcard, not grawe.ua, which may indicate a misconfiguration or unrelated certificate usage. The DNS records for grawe.ua are missing or not detected, which is unusual for an active website. Security headers are partially implemented but lack critical enhancements such as HSTS and OCSP stapling. Overall, the site’s security posture is basic but incomplete, and the lack of accessible content severely limits the ability to assess privacy compliance, business credibility, or technical maturity.

B

Beontag

beontag.com

0

Beontag is a global manufacturing and technology company specializing in identification and digital transformation solutions, including graphics and label materials as well as RFID and IoT enablers. The company has a strong market presence with over 16 facilities worldwide and operations in more than 60 countries. Their website reflects a professional and comprehensive digital presence targeting businesses requiring advanced labeling and IoT solutions. Technically, the site is built on modern frameworks such as Next.js and hosted on AWS CloudFront, ensuring scalability and performance. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, which significantly impacts the overall security posture. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR compliance and consent mechanisms. The site integrates analytics and marketing tools like Google Analytics and HubSpot, balancing user tracking with privacy considerations. Overall, while the business and technical maturity are strong, immediate attention to SSL/TLS implementation is necessary to enhance security and trust.

T

Default Parallels Plesk Panel Page

testacuitysolutions.com

0

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website vbleasing.com currently presents only a minimal HTML page that immediately redirects visitors to a /lander path, with no accessible content, metadata, or business information. The domain is registered but lacks any DNS records and does not have a valid SSL certificate, resulting in no HTTPS support. This severely limits the website's accessibility, security, and trustworthiness. There are no privacy, cookie, or terms of service policies, nor any contact or security-related information available. The technical infrastructure is incomplete and does not follow basic web security best practices. Overall, the site appears non-operational or under development, with significant gaps in security posture and compliance.

R

Rutar GmbH & Co KG

rutar.at

0

Rutar GmbH & Co KG operates a professional and comprehensive online presence for its retail furniture business in Austria. The website showcases a wide range of furniture categories, including kitchens, living rooms, bedrooms, and garden furniture, supported by detailed product listings and brand partnerships. The company emphasizes customer service with offerings such as free 3D kitchen planning, delivery, and assembly services. Technically, the website is built on WordPress with a modern tech stack including PHP 7.4, nginx, and popular plugins like Yoast SEO and Contact Form 7. The site is well-optimized for mobile devices and includes SEO best practices. Security measures include HTTPS with TLS 1.2 and 1.3, OCSP stapling, and secure cookie flags, though improvements like enabling HSTS and additional security headers are recommended. Privacy compliance is strong, with a clear privacy policy, cookie consent mechanisms, and GDPR adherence. Overall, the site reflects a mature digital infrastructure with a solid security posture and good business credibility.

The website musikalessons.com is currently inaccessible due to a Sucuri WebSite Firewall block triggered by a GEO-based country restriction. The site presents an access denied page with no actual business content, metadata, or interactive elements available for analysis. The technical infrastructure shows a lack of valid SSL/TLS certificates and no DNS records, indicating either misconfiguration or an inactive domain. Security headers are partially implemented but insufficient without proper HTTPS support. No privacy, cookie, or terms of service policies are present on the site itself, only a link to the Sucuri privacy policy. Overall, the site exhibits a very low security posture and lacks visible business credibility or compliance indicators.

The website horustechnology.com is currently inaccessible, serving an HTTP 403 Forbidden error indicating directory access is blocked or no index document is present. There is no visible content, metadata, or business information available on the site. The absence of DNS records and a valid SSL certificate further indicates that the domain is either misconfigured or inactive. Due to these factors, the website's technical infrastructure is minimal and lacks modern security and compliance features. The security posture is weak, with no HTTPS support, no security headers, and no evidence of privacy or cookie policies. Overall, the site presents a high risk and low trustworthiness profile, limiting its utility for business or customer engagement.

L

LexisNexis Verlag ARD Orac GmbH & Co KG

lexisnexis.at

0

LexisNexis Österreich is a leading provider of intelligent legal, tax, and business information solutions in Austria, offering a broad portfolio of products including Lexis 360®, Lexis+ AI, compliance tools, and educational seminars. The company operates under the parent company RELX plc and targets professionals such as lawyers, tax advisors, companies, and public sector entities. The website demonstrates a high level of professionalism, rich content, and strong branding consistency, positioning LexisNexis as a market leader in its sector. Technically, the website is built on WordPress with modern front-end technologies and SEO best practices, including structured data and accessibility features. However, performance is rated slow, and hosting details are not fully clear. The site integrates marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent management. From a security perspective, the website lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability impacting user trust and data protection. While some security headers like HSTS are present, the overall SSL/TLS configuration is poor. Privacy and cookie policies are comprehensive and GDPR compliant, but no explicit security or incident response policies are found. Overall, the website is credible and professional but requires urgent security improvements to enable HTTPS and strengthen its security posture. Strategic recommendations include installing a valid SSL certificate, enabling modern TLS protocols, and publishing security policies to enhance trust and compliance.

The website eurocajarural.es is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to any meaningful content or business information. The visible page is a Cloudflare security challenge indicating that the visitor has been blocked due to triggered security rules. This severely limits the ability to analyze the website's content, business model, or compliance posture. The domain is registered but lacks DNS records and has an invalid SSL certificate, which are critical security and operational issues. The technical infrastructure relies on Cloudflare for security and hosting, but the absence of a valid SSL certificate and modern TLS protocols significantly weakens the security posture. No privacy, cookie, or terms of service policies are detectable, and no contact information or business details are available from the accessible content. Overall, the website's current state reflects poor accessibility, security, and compliance readiness, with a high risk of user trust erosion and operational disruption.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

SEQIS GmbH is a specialized IT service provider based in Austria, focusing on software testing, IT analysis, and project management. The company offers a broad range of services including remote testing, DevOps, training, and quality assurance, targeting businesses seeking to improve their software quality and IT project outcomes. The website is professionally designed, content-rich, and well-structured, primarily in German, with clear navigation and active social media engagement. Technically, the website runs on a PHP 8.2.28 backend with nginx and uses the Contao CMS along with Bootstrap and jQuery for frontend functionality. Despite a modern tech stack, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Performance data is missing, but the site appears mobile-optimized and SEO-friendly. Security posture is weak due to the absence of HTTPS, no DNSSEC, and no CAA records, although several security headers are present. Privacy compliance is good with a comprehensive privacy policy and cookie consent via Cookiebot. Contact information is clearly provided, enhancing business credibility. WHOIS data confirms domain legitimacy and consistency with the business location. Overall, the site is functional and professional but requires urgent security improvements, especially SSL/TLS implementation, to enhance trust and protect user data.

LineMetrics GmbH is a medium-sized Austrian company specializing in smart building solutions through integrated sensor systems based on LoRaWAN technology. Their platform enables real-time data collection and analysis for energy consumption, room climate monitoring, and operational efficiency improvements. The company has a strong market presence with over 400 clients and 15,000 sensors deployed, positioning itself as a reliable provider in the real estate and technology sectors. Technically, the website is built on WordPress with modern plugins and integrations such as Kadence Blocks, WP Rocket, Google Tag Manager, and Zoho CRM, reflecting a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS, which significantly impacts the security posture. Privacy compliance is well addressed with comprehensive policies and active consent mechanisms. Overall, while the business and content quality are excellent, urgent improvements in security configurations are recommended to enhance trust and protect user data.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Burgenland Energie is a regional energy provider based in Austria, specializing in renewable energy solutions such as photovoltaic systems, battery storage, heat pumps, and e-mobility services. The company targets private customers, municipalities, and businesses within the Burgenland region, emphasizing energy independence and sustainability. Their digital presence includes a professional website with comprehensive product information, customer portals, and active social media channels. Technically, the website is built using modern web technologies including React and Next.js, hosted on AWS infrastructure with CloudFront and S3. While the site is mobile-optimized and well-structured for SEO and accessibility, performance metrics indicate slow loading times, which could be improved. The use of Google Tag Manager and Zoho CRM scripts indicates integration with marketing and customer relationship management tools. From a security perspective, the website lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability that undermines user trust and data security. Other security best practices such as HSTS, OCSP stapling, and session resumption are also missing. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism in place. Overall, the website presents a trustworthy and professional business with strong content and user experience but requires urgent improvements in SSL/TLS configuration to enhance security posture and protect user data effectively.

myClubs is a membership platform offering access to a wide variety of sports and fitness activities across multiple providers, primarily targeting sports enthusiasts seeking flexible and commitment-free training options. The website is built using modern web technologies such as React and Next.js and is served via Cloudflare CDN, indicating a contemporary digital infrastructure. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user trust and data protection. While privacy and terms of service pages are present and appear comprehensive, the lack of a cookie consent mechanism despite the use of tracking scripts suggests incomplete privacy compliance. Overall, the site demonstrates good content quality and user experience but requires urgent security improvements to meet industry standards.