Security Directory

V

VINICKY Armaturen Handels GmbH

vinicky.at

0

VINICKY Armaturen Handels GmbH is an established Austrian company specializing in industrial valves and pumps, serving sectors such as water treatment, petrochemical, building technology, and power plants. The company has a long history dating back to 1952 and recently expanded its portfolio by acquiring Sonnleitner Industriearmaturen GmbH, enhancing its market position and product offerings. The website reflects a professional B2B supplier model targeting industrial clients with a focus on reliability and comprehensive solutions. Technically, the website is built on Joomla CMS with common JavaScript libraries and plugins, but lacks modern performance optimizations and mobile responsiveness is basic. Security posture is weak due to the absence of HTTPS and modern TLS protocols, exposing users to risks. Privacy compliance is partially addressed with cookie consent mechanisms and basic privacy policy presence. Overall, the site is functional but requires significant improvements in security and technical modernization to meet current standards.

The Sigmund Freud PrivatUniversität Berlin is a private European university accredited under Austrian law, offering a range of degree programs primarily in psychology, psychotherapy, media, digital journalism, and related fields. The institution targets students and professionals seeking academic and continuing education in these disciplines, positioning itself as a specialized private university with a European footprint. The website reflects a professional and well-structured digital presence, leveraging WordPress CMS and common web technologies, with good content quality and clear navigation tailored for its academic audience. Technically, the website uses Apache hosting on a Hetzner IP, with WordPress and several JavaScript libraries including jQuery and Turbolinks. SEO and accessibility features are adequately implemented, though performance data is unavailable. However, a critical security shortfall is the absence of a valid SSL certificate and HTTPS support, which severely impacts the site's security posture and user trust. Cookie consent mechanisms and GDPR compliance indicators are present, reflecting attention to privacy regulations. Security-wise, the lack of HTTPS and modern TLS protocols, absence of HSTS, and missing security headers expose the site to potential risks. No incident response or security policies are publicly documented. WHOIS data aligns well with the university's identity, showing consistent registration and no privacy protection, supporting legitimacy. Overall, while the website excels in content and business credibility, urgent improvements in security infrastructure are necessary to protect users and enhance trust. Strategic recommendations include immediate SSL deployment, enabling security headers, and enhancing incident response visibility.

Website security analysis completed with a risk score of 40/100.

C

Coursebox Pty Ltd.

nobel-education.com

0

Coursebox Pty Ltd. operates an AI-powered training platform designed to streamline and enhance the creation and delivery of online courses. The platform offers a suite of AI-driven tools including course creation, video generation, assessment, grading, and chatbot tutoring, targeting a broad audience of training providers, educational institutions, and creators. Positioned as a leading AI training platform, Coursebox emphasizes automation, engagement, and integration capabilities to support scalable e-learning businesses. Technically, the website is built on Webflow CMS, utilizes Cloudflare CDN, and integrates multiple third-party services such as Chargebee for payments and Chatbase for chatbot functionality. Despite a professional design and rich content, the site lacks a valid SSL certificate, which critically undermines its security posture. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols poses significant risks. Privacy compliance is moderate, with a privacy policy present but no cookie consent mechanism detected. Business credibility is supported by consistent branding, customer testimonials, and partner logos, though direct contact details are limited to forms and social media links. Overall, the site demonstrates strong business and technical maturity but requires urgent security improvements to protect user data and build trust.

E

ErgoServices Ltd.

ergogroup.ie

0

ErgoServices Ltd. is a leading Irish IT solutions provider with over 30 years of experience, specializing in managed services, cloud infrastructure, digital transformation, security, and license management. The company holds prestigious certifications such as Microsoft Country Partner of the Year 2024 and Azure Expert MSP, positioning it strongly in the Irish technology market. Their target audience includes organizations in financial services, public sector, and life sciences sectors. The website reflects a professional and consistent brand with rich content and clear navigation, supporting their market position. Technically, the website is built on WordPress hosted on WP Engine with Cloudflare CDN, utilizing modern JavaScript libraries and SEO tools like Yoast. The site is mobile-optimized and includes multilingual support via WPML. However, performance metrics are unavailable, and accessibility is basic. Security headers are well implemented, but the SSL certificate is invalid or missing, and no modern TLS protocols are enabled, which is a significant security concern. The security posture shows strengths in header implementation and cookie security but is critically weakened by the lack of valid SSL/TLS encryption. No explicit security or incident response policies are found, and no vulnerability disclosure mechanism is present. Privacy compliance is strong with comprehensive privacy and cookie policies and consent mechanisms. Business credibility is high with clear company information, awards, and trust indicators. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure communications and improve its security score. Strategic recommendations include fixing SSL configuration, enabling modern TLS protocols, implementing vulnerability disclosure, and enhancing accessibility and performance monitoring.

fischerAppelt AG is a leading German content marketing and PR agency, offering a wide range of marketing and communication services to strong brands across various industries globally. The company maintains a professional and well-structured website with rich multimedia content and clear navigation, targeting businesses seeking comprehensive marketing solutions. Technically, the website is built on modern frameworks such as Next.js and served via Apache, but it suffers from a critical security issue due to an invalid or missing SSL certificate, which undermines secure HTTPS connections. Privacy and cookie policies are well implemented and GDPR compliant, reflecting a mature approach to data protection. Overall, the site demonstrates high professionalism and trustworthiness, though the SSL issue requires urgent remediation to improve security posture and user trust.

Fait Internet Software GmbH is an Austrian FinTech company with over 20 years of experience specializing in digital solutions for wealth management and securities advisory. Their offerings include a modern securities advisory tool (PIA), a comprehensive suite of APIs for financial institutions, and digitalization projects tailored for asset management and private banking. The company targets banks, FinTechs, and insurance firms, positioning itself as a trusted niche player in the German-speaking financial technology market. Technically, the website is built on TYPO3 CMS with modern frontend libraries such as Bootstrap and jQuery, and integrates Google services like Maps and Analytics. While the site is well-structured, mobile-optimized, and SEO-friendly, it suffers from critical security shortcomings due to the absence of a valid SSL certificate and disabled TLS protocols, severely impacting its security posture. Privacy compliance is strong, with GDPR-aligned cookie consent mechanisms and comprehensive privacy policies. Overall, the business presents a professional and credible front but must urgently address its SSL/TLS deficiencies to ensure secure communications and maintain trust.

experts, a brand under the I.K. Hofmann GmbH group, is a leading HR service provider in Germany specializing in the placement of skilled and managerial personnel. The company operates an extensive network of locations and offers a broad range of services including personnel leasing, recruitment, freelancer services, RPO, interim management, and career coaching. The website is professionally designed and targets both job seekers and companies looking for qualified staff. Technically, the site is built on TYPO3 CMS and uses modern JavaScript libraries and analytics tools, but suffers from critical SSL/TLS configuration issues that undermine security. The absence of a valid SSL certificate and disabled HTTPS protocols represent significant vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the business is credible and well-positioned in the HR sector, but the security posture requires urgent improvement to protect user data and trust.

TIMETRON is a mature, family-owned investment company based in Vienna, Austria, with a diversified portfolio in consumer goods, medical devices, real estate, and e-commerce. The company has a strong market presence with 40 years of history and focuses on financing innovative brands and projects. The website reflects a professional business with good content quality and moderate branding consistency. Technically, the site uses a traditional Apache server with PHP and several JavaScript libraries but lacks modern security implementations such as HTTPS. The absence of a valid SSL certificate and security headers significantly impacts the security posture. Privacy compliance is basic, with a cookie consent banner but no dedicated privacy policy on the main domain. Overall, the site is functional but requires improvements in security and privacy to meet modern standards.

Laserer alpin OG is a specialized alpine travel and training company founded in 1989 in Graz, Austria, now headquartered in Gosau. The company offers a wide range of mountain-related services including ski tours, climbing courses, trekking, and expeditions worldwide, supported by certified mountain guides. It holds the Gütesiegel der Alpinschulen Österreichs, reflecting high quality standards. The website is professionally designed with comprehensive content targeting outdoor enthusiasts and adventure travelers. Technically, the site runs on WordPress with WooCommerce and integrates marketing tools like Rapidmail and Google Analytics. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, lowering the overall security posture significantly. Privacy and cookie policies are well implemented and GDPR compliant, enhancing user trust. Business information is transparent and consistent with domain registration data, supporting legitimacy. Strategic improvements in security infrastructure are recommended to enhance trust and compliance.

Häuser zum Leben is Austria's largest provider of senior care and housing services, operating 30 pensioners' homes and 135 clubs in Vienna. The organization focuses on providing accommodation, care, assisted living, dementia support, and social activities for senior citizens. Their business model is non-profit, emphasizing quality of life and integration for seniors. The website is professionally designed, content-rich, and targets senior citizens and their families in Vienna. Technically, the site runs on WordPress with modern plugins and optimizations, but suffers from critical security issues due to lack of a valid SSL certificate and disabled TLS protocols, which significantly impact its security posture. Privacy compliance is strong with GDPR-aligned cookie consent and privacy policies. Contact information and social media presence are clear and professional. Overall, the site is trustworthy but urgently needs to address its SSL/TLS configuration to improve security and user trust.

I

Interbrand

interbrand.com

0

Interbrand is a leading global brand consultancy with a 50-year history, specializing in brand strategy, experience design, and brand valuation. The company targets global enterprises seeking to enhance their brand value and market presence through comprehensive consultancy services. The website reflects a mature digital presence built on WordPress, integrating modern analytics and marketing tools such as Google Analytics, HubSpot, and MonsterInsights. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing the site to potential risks and undermining user trust. Privacy compliance is well addressed with GDPR-compliant cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates strong business credibility and professional content but requires urgent security improvements.

Security assessment incomplete. Successfully analyzed: gdpr, nis2, emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders. 21 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Romer Labs is a mature, globally recognized company specializing in innovative diagnostic solutions for food and feed safety, with a focus on mycotoxins, allergens, GMOs, and microbial contaminants. The company operates primarily in the healthcare sector, serving B2B clients such as laboratories and food industry professionals. It is a subsidiary of dsm-firmenich, reflecting strong corporate backing and market presence. The website is professionally designed, content-rich, and well-structured, supporting multiple languages and providing comprehensive resources including news, webinars, and product catalogs. Technically, the site is built on Magento CMS, hosted on AWS CloudFront, and integrates modern marketing and analytics tools such as Google Tag Manager, HubSpot forms, and Yoast SEO. While the site is mobile-optimized and SEO-friendly, performance metrics are not explicitly available. Security headers are implemented, but the lack of a valid SSL certificate and absence of TLS protocols represent critical vulnerabilities that significantly reduce the site's security posture. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Contact information is transparent and easily accessible, including email, phone, and physical address. No WAF or blocking mechanisms are detected, and WHOIS data confirms domain legitimacy and maturity. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain trust.

Pakistan Telecommunication Authority (PTA) is the official government regulatory body overseeing the telecommunication sector in Pakistan. The website serves as a comprehensive portal offering licensing information, consumer protection services, cyber security strategies, and digital inclusion initiatives. It targets telecom industry stakeholders, consumers, and government entities within Pakistan. The site is professionally designed with good content quality, clear navigation, and accessibility features, reflecting a mature digital presence for a government entity. Technically, the site uses modern front-end frameworks such as Bootstrap and Foundation, along with jQuery and Font Awesome, but suffers from poor SSL/TLS implementation with no valid certificate and no enabled TLS protocols, which significantly impacts security posture. Security headers are well configured, but lack of HTTPS and modern TLS protocols is a critical weakness. Privacy compliance is basic with a privacy policy and terms of use present but no cookie consent mechanism or GDPR compliance indicators. Contact information including phone and physical address is clearly provided, along with official social media links. Overall, the site is trustworthy and authoritative but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website amanet.org is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking page, preventing access to any actual site content. The domain is mature, registered since 1995, and uses privacy protection services for its WHOIS data. The technical infrastructure relies on Cloudflare for hosting and security, but the SSL certificate is invalid or missing, resulting in no HTTPS support. No metadata, business information, or contact details are available from the accessible content. The security posture is weak due to lack of proper SSL/TLS configuration and absence of security headers beyond basic ones. Overall, the site cannot be properly evaluated for business credibility, privacy compliance, or content quality due to the blocking mechanism.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

D

DSV A/S

panalpina.com

0

DSV A/S is a leading global transport and logistics company founded in Denmark in 1976, offering comprehensive freight forwarding and contract logistics services worldwide. The website reflects a mature and professional business with a strong market position and a broad portfolio of services including air, sea, road, and rail freight. The digital infrastructure is modern, leveraging Sitecore CMS and Microsoft Azure hosting, with good SEO and accessibility practices. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocols, which should be addressed promptly to maintain trust and compliance. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the website is trustworthy, well-branded, and provides clear business information and customer engagement channels.

The website cashpoint.se appears to be an online sports betting platform branded as MERKUR BETS, targeting German-speaking customers interested in prematch and live sports betting across various sports such as football, basketball, tennis, and Formula 1. The site is built using modern web technologies, likely Angular, and is served via Cloudflare. However, the website lacks visible content in the raw HTML, with no privacy, cookie, or terms of service policies present, and no contact information or social media links available. The SSL/TLS configuration is critically deficient, with no valid certificate or HTTPS support, severely impacting security and trustworthiness. DNSSEC is not enabled, and domain protection mechanisms are absent, although the domain is mature and registered consistently. Overall, the site demonstrates a basic technical infrastructure but falls short in security, privacy compliance, and business transparency.

M

MUSO TNT

muso.com

0

MUSO TNT is a UK-based company specializing in data-driven content intelligence and content protection solutions for the media and entertainment industry. The company offers services including audience demand measurement, piracy intelligence, and automated protection for independent content creators. It holds a strong market position, trusted by major global media companies and industry associations. The website is professionally designed, content-rich, and targets enterprise clients and indie creators alike. Technically, the site is built on HubSpot CMS, uses Cloudflare for hosting and CDN, and integrates various marketing and analytics tools such as Google Analytics 4 and LinkedIn Insight Tag. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website demonstrates good business credibility and digital maturity but requires urgent improvements in SSL/TLS configuration to enhance security.

B

BYTEPOETS

bytepoets.com

0

BYTEPOETS is a well-established software development company based in Graz, Austria, specializing in app development, web development, UI/UX design, and consulting services. With a domain age of 24 years and a recent integration into the MXP group, BYTEPOETS positions itself as a reliable partner for digital transformation projects, targeting businesses seeking tailored software solutions. The website content is professional, comprehensive, and clearly structured, reflecting a mature business with a strong client portfolio and detailed team information. Technically, the website employs modern technologies including Angular, Flutter, .NET Core, and various analytics tools such as Matomo and Google Tag Manager. However, the site lacks HTTPS, which is a critical security shortfall. The absence of a valid SSL certificate and related security headers significantly impacts the security posture, despite the presence of cookie consent mechanisms and privacy policies that indicate good privacy compliance. Security-wise, the site shows no evidence of incident response or vulnerability disclosure policies, and the SSL configuration is incomplete, lacking HSTS and OCSP stapling. The domain registration is consistent and mature, supporting the legitimacy of the business. Overall, BYTEPOETS demonstrates strong business credibility and digital maturity but must urgently address HTTPS implementation to improve security and trust. Strategically, BYTEPOETS should prioritize securing their website with a valid SSL certificate and enhancing security headers. Maintaining comprehensive privacy compliance and transparent contact information supports user trust and regulatory adherence. The integration with MXP suggests growth and potential for expanded market reach.

L

LIMAK Austrian Business School GmbH

limak.at

0

LIMAK Austrian Business School is a well-established educational institution in Austria specializing in executive education and leadership development. With over 30 years of experience, LIMAK offers a broad portfolio of academic programs including various MBA tracks, university courses, inhouse corporate training, and digital learning solutions. The institution targets professionals and companies seeking advanced management and leadership skills. The website reflects a mature digital presence with rich content, testimonials, and strong branding aligned with its market position. Technically, the site is built on WordPress with WooCommerce and uses modern plugins and CDN services, but suffers from critical SSL/TLS misconfigurations that undermine security. Privacy compliance is well addressed with cookie consent and GDPR-aligned policies. Overall, LIMAK presents a credible and professional business front but must urgently address its HTTPS and SSL issues to protect users and maintain trust.

B

Boom Software

boomsoftware.com

0

Boom Software is an established software company specializing in innovative solutions for maintenance, service, and production management across selected industrial sectors such as transportation, manufacturing, and energy. With over 25 years of experience, the company offers tailored software products including Maintenance Manager, Production Manager, and Rail Solutions, targeting niche markets like rail and public transport. The website reflects a professional digital presence with comprehensive content and clear business focus. Technically, the site is built on WordPress with Elementor and integrates modern marketing and analytics tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, exposing users to potential risks. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the company demonstrates strong business credibility but must urgently address its SSL/TLS configuration to improve security posture and user trust.

C

Celebrating Diversity Through Global Artistry | nightbluetheater.com

nightbluetheater.com

0

Nightbluetheater.com is a small-scale content platform focused on celebrating diversity through global artistry, covering topics such as photography, graphic design, literature, audio, and event organization. The website targets art enthusiasts and creative professionals seeking insights and inspiration in these fields. The business model appears to be informational publishing without evident e-commerce or direct service offerings. Technically, the site uses a basic nginx server and Bootstrap 5 for responsive design. However, it lacks HTTPS support, serving content over unsecured HTTP, which significantly impacts security and trust. Performance metrics are unavailable or incomplete, but the site is mobile optimized and has a clear navigation structure. From a security perspective, the absence of SSL/TLS, security headers, and privacy policies presents critical vulnerabilities and compliance gaps. No contact emails or phone numbers are provided, limiting user trust and communication channels. The domain registration is consistent and legitimate but lacks advanced DNS security features like DNSSEC or CAA. Overall, the website requires urgent improvements in security posture, privacy compliance, and business credibility to enhance user trust and protect data. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, and providing clear contact information.

McArthurGlen operates as a leading European designer outlet shopping group with 23 locations across 8 countries, targeting fashion-conscious shoppers seeking significant discounts on luxury brands. The website reflects a professional retail business model focused on providing outlet shopping experiences, sustainability initiatives, and tax refund services for non-EU residents. Technically, the website uses modern JavaScript, Google Tag Manager, and Microsoft Application Insights for analytics, and is hosted behind Cloudflare. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. The site implements cookie consent mechanisms and privacy policies consistent with GDPR compliance but lacks visible contact information and security policies. Overall, the website is functional and well-branded but requires urgent improvements in security infrastructure.

C

Chaya Fuera

chayafuera.com

0

Chaya Fuera is a small hospitality and media business operating a high-quality event venue in Vienna, Austria, specializing in clubs, live concerts, and business events. The website provides detailed event information, including dates, pricing, and VIP reservation contacts, targeting local event attendees and business clients. The business model revolves around event hosting and ticket sales with partnerships with known brands and ticket providers. Technically, the website uses basic HTML, CSS, and JavaScript with some modern font and icon libraries but lacks advanced CMS or frameworks. Performance is slow with minimal mobile optimization and basic SEO. Security posture is weak due to the absence of HTTPS, valid SSL certificates, and security headers, exposing the site to risks. Privacy compliance is poor with no privacy or cookie policies detected. Overall, the site is functional but requires significant improvements in security and privacy to meet modern standards.

T

Teach For Austria

teachforaustria.at

0

Teach For Austria is a small non-profit NGO focused on promoting educational fairness in Austria through its Social Leadership Program and fellowship initiatives. The organization targets potential fellows, educators, and partners interested in improving educational outcomes for children and youth. The website presents a professional and consistent brand image with rich content about its programs, partner networks, and impact statistics. Technically, the site uses a basic but modern stack including Apache server, JavaScript, CSS, and SVG graphics, with analytics provided by Plausible. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. Security headers are minimal but present, and no advanced security policies or incident response contacts are found. Privacy compliance is limited, with no cookie consent mechanism detected, though a privacy policy page exists. Social media presence is strong, linking to multiple official channels. Overall, the website is functional and professional but requires urgent security improvements to protect user data and build trust.

M

MedQuest Imaging

mqimaging.com

0

MedQuest Imaging operates as a leading outpatient imaging provider in the United States, managing a network of over 60 radiology centers affiliated with hospitals and health systems. Their business model focuses on partnerships that enhance financial performance and patient care quality in radiology services. The website reflects a professional presence with clear business information and a comprehensive privacy policy. However, the absence of a valid SSL certificate and lack of cookie consent mechanisms indicate significant security and privacy compliance gaps. Technically, the site is built on WordPress with Elementor and uses Google Analytics for tracking, but performance data is unavailable. Security posture is weak due to missing HTTPS and security headers, which poses risks to user data confidentiality and trust. Overall, the site is functional and credible but requires urgent security improvements to meet modern standards.

ORF Beitrags Service GmbH operates the official website for managing ORF broadcasting fees in Austria, providing services such as SEPA direct debit, data changes, exemptions, and customer support. The website targets Austrian residents and businesses subject to ORF fees, positioning itself as a key public service provider in the media sector. The content is well-structured, professionally designed, and localized in German with multiple language options. The business model revolves around public service fee collection and administration. Technically, the website is built on the TYPO3 CMS platform, leveraging modern JavaScript libraries like Alpine.js and integrating analytics tools such as Matomo and Google Analytics. The site uses a comprehensive Content Security Policy and other security headers to protect against common web attacks. However, the absence of a valid SSL/TLS certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Security posture is moderate with good header implementations but severely impacted by the lack of HTTPS, no TLS protocols enabled, and missing HSTS. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms in place. Business credibility is supported by clear contact information, legal pages, and consistent branding. Overall, the website is functional and professional but requires urgent security improvements to enable HTTPS and strengthen encryption protocols. Strategic recommendations include installing a valid SSL certificate, enabling modern TLS versions, and enhancing session security. These steps will improve trust, compliance, and user safety significantly.

U

UNIVERSAL Eisen und Stahl GmbH

universal-stahl.com

0

UNIVERSAL Eisen und Stahl GmbH is a German medium-sized full-service steel trading company specializing in heavy plates and advanced processing services. It operates as part of the Salzgitter AG group, leveraging a large inventory and extensive logistics capabilities to serve industrial clients across Europe. The company emphasizes sustainability and quality, certified under ISO 9001, and promotes innovative green steel production initiatives such as SALCOS®. Technically, the website is built on TYPO3 CMS and uses Matomo for analytics, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and HTTPS support. Security headers are partially implemented, but modern TLS protocols and HSTS are missing, exposing the site to risks. Privacy compliance is well addressed with cookie consent and GDPR-aligned policies. Overall, the business is credible and professionally presented, but the lack of HTTPS significantly undermines security posture.

G

Grünenthal

grunenthal.com

0

Grünenthal is a globally recognized pharmaceutical company specializing in pain management and related diseases. The company operates with a strong focus on innovation, patient support, and corporate responsibility, positioning itself as a leader in its sector. The website reflects a mature digital presence with comprehensive content targeting healthcare professionals, patients, partners, and investors. Technically, the site uses modern tools such as Matomo analytics and consent management but suffers from a critical lack of valid SSL/TLS configuration, which undermines its security posture. Despite this, privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent security improvements to protect user data and maintain credibility.

nicsell.com is a domain backorder and auction platform operated by DomainProfi GmbH, targeting the German-speaking market with services for acquiring domains in deletion phases. The business model focuses on low starting bids and a no-risk payment approach, supported by ICANN accreditation and partnerships with multiple domain registries. Technically, the website uses a standard stack including nginx, Bootstrap, and jQuery, but lacks a valid SSL certificate, which is a significant security concern. The site is mobile optimized and SEO friendly but has slow performance metrics. Security posture is weak due to missing HTTPS and modern TLS protocols, although some security headers and cookie flags are set. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Contact information is limited to forms, with no direct emails or phone numbers publicly listed. Overall, the site is legitimate and professionally presented but requires urgent security improvements.

S

Sport England

sportengland.org

0

Sport England is a UK government-related non-profit organization dedicated to promoting sport and physical activity across England. The website serves as a comprehensive resource hub offering funding opportunities, research data, guidance, and campaigns to support various stakeholders including volunteers, grassroots organizers, schools, and national governing bodies. The organization is primarily funded by the National Lottery, which is prominently acknowledged on the site. The website is professionally designed with clear navigation and strong branding consistency, targeting a broad audience involved in sport and physical activity.

The website tvginsights.com is currently offline and displays only a minimal placeholder page indicating it has been disabled for technical reasons. There is no accessible content, metadata, or business information available on the site. The domain is registered and uses Sherweb for DNS and mail services, but no SSL certificate is installed, and HTTPS is not supported. This results in a poor security posture and low trustworthiness. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available. Overall, the site lacks any meaningful digital presence or business information, severely limiting its utility and credibility. From a technical perspective, the site runs on an Apache server but lacks modern security configurations such as TLS protocols, HSTS, and OCSP stapling. Performance metrics are unavailable due to the offline status. No analytics or tracking technologies are detected, and no external business or social media links are present except for a single external image resource. Security evaluation reveals critical issues including the absence of HTTPS and SSL certificates, no security headers, and no vulnerability mitigations. The domain registration appears consistent but the lack of active content and security measures significantly reduces the domain's legitimacy score. The overall risk is high due to the offline status and missing security controls. Strategic recommendations include immediate restoration of website content, implementation of a valid SSL certificate, enabling HTTPS, and adoption of security best practices. Additionally, publishing privacy and cookie policies, contact information, and business details would improve trust and compliance. Until these improvements are made, the site remains non-functional and insecure.

R

RP Global

rp-global.com

0

RP Global is a well-established large-scale developer, operator, and investor in the renewable energy sector with over 40 years of experience. The company focuses on solar PV, wind, hydro, hydrogen, and energy storage projects primarily in Europe and Latin America, with a significant project pipeline exceeding 14 GW(p). Their business model centers on project development, investment, and strategic partnerships, positioning them as a key player in the renewable energy market. Technically, the website is built on ASP.NET and hosted on Microsoft IIS with Umbraco CMS, incorporating modern web technologies such as Google Tag Manager and Google Fonts. However, performance is slow and accessibility is basic. Security posture is weak due to the absence of a valid SSL certificate, lack of HTTPS, missing security headers, and no incident response or security policy disclosures. Privacy compliance is minimal with policies present but no consent mechanisms. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

P

PPG Industries, Inc.

ppg.com

0

PPG Industries, Inc. is a global leader in the manufacturing and distribution of paints, coatings, and specialty materials with a rich history spanning nearly 140 years. The company serves diverse markets including construction, automotive, industrial, and transportation, offering a broad portfolio of products and brands such as Comex, Sigma, Johnstone's, Dulux, and others. Their website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site leverages modern frameworks like Angular and Express, hosted on Microsoft Azure, with integrations for search and consent management. However, a critical security issue is the absence of a valid SSL certificate and lack of modern TLS protocols, which significantly impacts the site's security posture. Privacy policies and cookie consent mechanisms are well implemented, indicating good compliance with GDPR and related regulations. Overall, the site demonstrates high business credibility and professionalism but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

K

Knowles Electronics, LLC

knowles.com

0

Knowles Electronics, LLC is a well-established market leader specializing in high-performance electronic components including advanced micro-acoustic microphones, balanced armature speakers, capacitors, and RF filtering products. The company primarily serves demanding sectors such as Industrial, MedTech, Aerospace/Defense, Electrification, and Consumer Electronics. Their business model focuses on manufacturing and supplying specialized components to these industries, maintaining a strong market position supported by a professional and content-rich website. The company recently divested its Consumer MEMS Microphones Division to Syntiant Corporation, indicating strategic business realignment. Technically, the website is built on a mature ASP.NET framework with Sitefinity CMS, hosted on AWS infrastructure. It integrates modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Hotjar, demonstrating digital maturity and a focus on user experience and data-driven insights. The site is mobile-optimized with good SEO practices and clear navigation, although accessibility features are basic. From a security perspective, the website exhibits critical weaknesses due to the absence of a valid SSL certificate and lack of HTTPS support, severely impacting the security posture. While some security headers are present and cookie consent mechanisms are implemented, the lack of TLS protocols and strong cipher suites exposes the site to significant risks. No explicit security or incident response policies are published, and no vulnerability disclosure or security.txt files are found. Overall, the website is professional and credible from a business standpoint but requires urgent security improvements to protect user data and maintain trust. Strategic recommendations include immediate SSL/TLS deployment, enhanced security header configuration, and publication of security policies to align with industry best practices.

T

Today Experts

today-experts.com

0

Today Experts is a small Austrian IT recruitment company specializing in connecting IT specialists with client projects. Their website is professionally designed using WordPress and Elementor, targeting IT professionals and clients seeking staffing solutions. The company showcases partnerships with notable firms such as A1, ÖBB, IBM, UNIQA, and nagarro, indicating a credible market position within the technology and transportation sectors. Technically, the site uses modern web technologies but suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts user trust and security posture. Privacy compliance is basic, with a cookie consent mechanism implemented but lacking comprehensive GDPR indicators. Overall, the site is functional and content-rich but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

N

NEOS

neos.eu

0

NEOS is a well-established Austrian political party with a strong digital presence and comprehensive content about its programs, members, and activities. The website is professionally designed, mobile-optimized, and provides clear navigation and rich information for its target audience. Technically, the site uses modern frontend technologies such as Alpine.js and Tailwind CSS, and integrates marketing and analytics tools like Google Tag Manager and Microsoft Clarity. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which poses a significant risk to user data and trust. Privacy compliance is generally good, with a clear privacy policy and GDPR consent mechanisms in the newsletter form, but lacks a visible cookie consent banner. Overall, the site is credible and trustworthy but requires urgent security improvements to protect visitors and maintain compliance.

R

Regent AG

regent.ch

0

Regent AG is a Swiss-based lighting manufacturer with a heritage spanning over 100 years, specializing in high-quality, human-centric lighting solutions and bespoke designs. Their website reflects a mature business with a strong brand presence, targeting professional customers such as electrical installers and corporate clients. The company offers a broad portfolio including connected lighting and upcycling services, supported by digital tools like product finders and configurators. Technically, the website is built on TYPO3 CMS and employs modern web technologies and marketing tools, but suffers from a critical security weakness due to the absence of a valid SSL certificate and disabled TLS protocols, which undermines secure HTTPS access. Privacy compliance is well addressed with clear policies and consent mechanisms. Contact information and social media presence are comprehensive, enhancing business credibility.

O

Oracle

sun.com

0

Oracle's website for hardware solutions presents a comprehensive and professional digital presence showcasing its enterprise-grade hardware products optimized for Oracle Database and cloud integration. The site targets IT professionals and enterprises seeking scalable, high-performance infrastructure solutions. The content is rich, well-structured, and supported by multimedia and customer success stories, reflecting Oracle's strong market position in technology and cloud services. Technically, the site leverages Oracle's own content management system, Akamai CDN, and modern JavaScript frameworks, ensuring good performance and accessibility. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, which significantly impacts the security posture and trustworthiness from a technical perspective. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR compliance. Overall, the site demonstrates high business credibility but requires urgent remediation of its SSL configuration to meet modern security standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

G

Glanzer cosmetic engineering GmbH & Co KG

donau-kanol.com

0

Glanzer cosmetic engineering GmbH & Co KG is a well-established Austrian manufacturing company specializing in cosmetics, household cleaners, and biocides. With over 90 years of experience and 100% production in Austria, the company positions itself as a full-service partner for B2B clients seeking high-quality product development and manufacturing services. The website reflects this positioning with clear business descriptions, contact information, and a professional design. Technically, the site uses a modern technology stack centered around Craft CMS and popular JavaScript libraries, but suffers from poor performance metrics and lacks HTTPS security. Security posture is weak due to the absence of a valid SSL certificate and missing security headers, exposing the site to potential risks. Privacy compliance is also lacking, with no privacy or cookie policies present. Overall, the site is functional and professional but requires urgent improvements in security and compliance to reduce risk and enhance trust.

FG Xpress is a healthcare-focused company offering a patented, doctor-formulated medical device product called PowerStrips™ for pain relief. The company operates a direct sales business model targeting a global audience with a simple product and pricing structure. The website presents product information, testimonials, and business opportunity details, positioning itself as a category creator in the pain relief market. Technically, the site is built on WordPress with multilingual support and uses Cloudflare CDN and LiteSpeed server technology. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. No privacy or cookie policies are present, indicating compliance gaps. Contact information and social media links are available, supporting business credibility. Overall, the site demonstrates moderate professionalism but requires urgent security and compliance improvements.

V

Volkswagen Slovakia

volkswagen.sk

0

Volkswagen Slovakia operates as a major automotive manufacturer and brand presence in Slovakia, providing information about Volkswagen vehicles, services, and employment opportunities. The website targets consumers, job seekers, and visitors interested in Volkswagen Slovakia. Technically, the site uses Apache server and jQuery, with a professional design and good mobile optimization, but lacks performance metrics and modern SSL/TLS configuration. Security posture is weak due to absence of a valid SSL certificate and HTTPS, despite some security headers being present. Privacy compliance is poor with no detected privacy or cookie policies. Overall, the site is functional and professional but requires significant improvements in security and privacy to meet modern standards.

Chalmers tekniska högskola is a prestigious Swedish technical university founded in 1829, specializing in education and research in technology, natural sciences, transportation, and energy sectors. The institution offers a wide range of undergraduate and graduate programs, conducts cutting-edge research, and actively collaborates with industry and society. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency, targeting students, researchers, and partners. Technically, the site leverages modern frameworks such as Next.js and React, with a CMS likely based on Umbraco. However, performance data is limited, and some improvements could be made in hosting and optimization. Security posture is weakened by the lack of a valid SSL certificate and absence of DNSSEC and CAA records, which are critical for protecting user data and ensuring trust. Privacy compliance is well addressed with detailed policies and cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security enhancements to meet best practices.

The website overthefuckingtop.com serves as a login gateway redirecting users to Instagram's official login page, which is owned and operated by Meta Platforms, Inc. It primarily facilitates user authentication for Instagram services. The site exhibits professional branding consistent with Instagram and Meta, targeting Instagram users who need to log in to access their accounts. The business model revolves around social media platform user authentication, supporting Instagram's global social networking services. Technically, the site employs modern web technologies including React, JavaScript, and GraphQL, hosted on Meta's infrastructure. Performance is moderate with good mobile optimization and basic accessibility features. Security headers are well implemented, including strict content security policies and frame denial, but the absence of a valid SSL certificate is a critical vulnerability that undermines the security posture. Privacy and cookie policies are not found on this domain, which is typical for a login redirect page but limits privacy compliance. Overall, the domain is legitimate and consistent with Instagram's operations, but the lack of SSL must be addressed to ensure secure user interactions.

T

Transped Europe GmbH

transped.at

0

Transped Europe GmbH is a medium-sized Austrian transportation and logistics company specializing in European haulage and intermodal freight transportation since 1983. The company positions itself as a specialist in European road haulage, targeting logistics customers and transport partners across Europe. The website reflects a professional business with clear navigation and relevant content focused on their core services. Technically, the site uses a custom ASP.NET backend with common frontend libraries such as jQuery and Bootstrap, but lacks modern security implementations such as HTTPS and security headers, which significantly impacts its security posture. The absence of a valid SSL certificate and missing security headers expose the site to potential risks and reduce trustworthiness. Privacy compliance is basic, with a privacy policy and cookie consent mechanism present, but no explicit data protection officer or incident response information is found. Overall, the website is functional and informative but requires urgent security improvements to protect user data and enhance trust.