Security Directory

P

Poesis Consulting GmbH

poesis.at

0

Poesis Consulting GmbH is a small, dynamic consulting firm specializing in strategy, project management, process management, and training services. The company targets businesses requiring tailored consulting solutions, particularly in complex projects where internal resources or expertise are limited. Their market position is regional with offices in Vorarlberg and Liechtenstein, emphasizing a personalized and deep consulting approach. The website reflects a professional and consistent brand image with clear service offerings and client testimonials, supporting their credibility. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Fonts, Google Tag Manager, and Cookiebot for consent management. Hosting is via Cloudflare CDN with DNS managed by United Hoster. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant technical and security deficiency. Performance is rated slow due to missing optimization metrics, but mobile responsiveness and SEO basics are adequately addressed. From a security perspective, the absence of HTTPS and TLS protocols severely undermines the site's security posture. While some security headers and best practices like HttpOnly cookies and reCAPTCHA are implemented, critical vulnerabilities exist including no DNSSEC, no certificate transparency compliance, and no session resumption. Privacy compliance is reasonably addressed with a privacy policy, cookie consent, and GDPR indicators, but no explicit security or incident response policies are published. Overall, the website presents a moderate risk profile primarily due to missing HTTPS and related security controls. Strategic recommendations include immediate SSL/TLS deployment, enhancement of DNS security, and publication of security policies. These improvements will bolster trust, compliance, and protect both the business and its clients from potential threats.

Q

Qidenus Technologies

qidenus.com

0

Qidenus Technologies is a specialized manufacturer of high-performance V-shaped book scanners and related capture software, serving a global clientele including libraries, archives, museums, and cultural heritage organizations. The company positions itself as a market leader with a strong product portfolio and a network of trusted partners and distributors worldwide. The website reflects a professional and well-branded digital presence with comprehensive product information and customer engagement features. Technically, the site is built on WordPress with modern plugins for SEO and analytics, hosted on LiteSpeed servers with PHP 8.1. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is partially addressed with cookie policies and consent mechanisms, but GDPR compliance indicators are limited. Overall, the business credibility is strong, but the security posture requires urgent improvement to protect data and enhance trust.

W

Windhund GmbH

windhund.com

0

Windhund GmbH is a small Austrian company specializing in providing monthly live-streamed and on-demand health keynote presentations aimed at corporate workplace health management. The company has a professional web presence built on TYPO3 CMS, featuring reputable speakers and a solid client base. Technically, the website uses modern marketing and tracking tools such as Google Tag Manager and Facebook Pixel, and implements a cookie consent mechanism compliant with GDPR. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, exposing users to potential risks. The WHOIS data is consistent with the business claims, indicating legitimacy. Overall, the website is functional and professional but requires urgent security improvements.

Compass Group is a global leader in the hospitality sector, specializing in foodservice and support services for corporate and institutional clients. The company operates at an enterprise scale with a strong market position. However, the website content is currently inaccessible due to a security challenge page, which prevents a full content and user experience analysis. The technical infrastructure shows use of Akamai for hosting and JavaScript for client-side operations, but lacks a valid SSL certificate and modern TLS protocols, resulting in no HTTPS support. Security posture is weak due to missing SSL, lack of security headers, and absence of HSTS and OCSP stapling. DNS and WHOIS data confirm legitimate domain ownership consistent with the Compass Group brand and UK location. Overall, the website is protected by a WAF or security mechanism that blocks direct content access, limiting the ability to assess privacy policies, contact information, and other compliance aspects.

O

Ospelt Gruppe

ospelt.com

0

Ospelt Gruppe is a well-established international manufacturer specializing in private label food products including ready meals, fresh meals, convenience foods, and pet food. Founded in 1958 and headquartered in Liechtenstein, the company operates multiple production sites across Liechtenstein, Switzerland, and Germany. The website reflects a mature digital presence with multilingual support and professional branding, targeting both consumers and business clients in the food manufacturing sector. Technically, the site is built on WordPress with the Divi theme and incorporates modern web technologies and SEO best practices. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines HTTPS security and user trust. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent improvements in security infrastructure to protect user data and enhance trust.

OTP Bank is a leading Hungarian financial institution with a strong regional presence in Central and Eastern Europe. Founded in 1949, it offers a comprehensive range of banking services including retail and corporate banking, loans, savings, insurance, and digital banking solutions. The website reflects a mature and professional digital presence with excellent content quality, clear navigation, and strong branding consistency. The bank leverages modern web technologies such as Vue.js and integrates multiple analytics and marketing tools to enhance user experience and business intelligence. From a technical perspective, the website employs robust security headers and content security policies, but suffers from critical SSL/TLS configuration issues including an invalid SSL certificate and lack of modern TLS protocol support. These issues significantly impact the security posture score and should be addressed promptly to ensure secure communications and user trust. Privacy compliance is well handled with clear GDPR-aligned privacy and cookie policies, supported by a consent mechanism. Overall, OTP Bank's website demonstrates high business credibility and professionalism, with comprehensive contact information and trust indicators such as awards and certifications. The domain registration data aligns well with the business history and legitimacy. Strategic improvements in SSL/TLS configuration and ongoing security audits are recommended to enhance the security posture and maintain customer confidence.

H

hokify GmbH

hokify.at

0

hokify GmbH operates a mobile-first job platform primarily serving the Austrian and German-speaking job market. The company offers a user-friendly job search portal and mobile app with over 11,000 job listings, emphasizing ease of application without the need for traditional cover letters. Technically, the website is built on modern JavaScript frameworks such as Vue.js and Nuxt.js, hosted on Amazon CloudFront CDN, and optimized for mobile devices. However, the site currently lacks a valid SSL certificate, which is a critical security concern. Privacy policies are comprehensive and GDPR compliant, and the company maintains active social media engagement. Overall, hokify presents a professional and trustworthy business with room for security improvements.

W

WTW

acclaris.com

0

WTW is a global leader in risk management, employee benefits, and capital advisory services, offering data-driven and insightful solutions to enterprises. The Finnish localized website reflects a mature digital presence with comprehensive content, professional design, and clear navigation targeting corporate clients and enterprises. The technical infrastructure leverages modern web technologies including Sitecore CMS, Bootstrap framework, Coveo search, and Brightcove video players, hosted likely on Microsoft Azure. Despite a strong security header configuration, the site suffers from a critical SSL certificate issue, lacking valid HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The site extensively uses third-party analytics and marketing tools, indicating a high level of user tracking and data collection. Overall, the website is professional and trustworthy but requires urgent remediation of SSL issues to ensure secure communications and maintain user trust.

G

Global Hospitality Solutions

ghsolutions.net.au

0

Global Hospitality Solutions is an established Australian company specializing in premium housekeeping, cleaning, maintenance, and outsourcing services for the hospitality sector. With over 18 years of experience and a client base of 50+ hotels, the company positions itself as a trusted partner offering tailored solutions to enhance hospitality operations. Their digital presence is built on a modern WordPress platform with Elementor, hosted on Hostinger with LiteSpeed server technology, ensuring good performance and mobile optimization. Security measures include valid SSL but lack advanced features like HSTS and OCSP stapling, indicating room for improvement. The website provides clear contact channels and client testimonials, enhancing business credibility. However, privacy compliance is basic with no cookie policy or consent mechanism detected. Overall, the site is professional and trustworthy but could benefit from enhanced security and privacy practices.

C

Continental Exchange Solutions, Inc.

riafinancial.com

0

Ria Financial Services operates a global money transfer platform, providing services to individuals and businesses for sending and receiving money internationally. The company maintains a strong market presence with localized country-specific websites and a corporate section, supported by a parent company, Euronet Worldwide, Inc. The website is built on the Liferay CMS platform, leveraging modern web technologies such as jQuery and Bootstrap, and includes multi-language support and a cookie consent mechanism to comply with privacy regulations. However, a critical security deficiency is the absence of a valid SSL certificate and TLS support, which severely impacts the security posture and user trust. While privacy and cookie policies are comprehensive and GDPR compliant, the lack of HTTPS undermines data protection efforts. The site includes social media integration and a contact form with CAPTCHA to mitigate spam. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to meet industry standards.

S

SPS Technik Ges.m.b.H

sps.at

0

SPS Technik Ges.m.b.H is a well-established Austrian company specializing in turnkey automation solutions for various industries including manufacturing, transportation, and energy. The company operates internationally with subsidiaries in China and Poland, offering comprehensive services from electro planning, robot programming, mechanical construction, to service and maintenance. Their market position is strong, supported by over 70 years of experience and installations in more than 50 countries. Technically, the website is built on a modern WordPress CMS with Elementor and Yoast SEO, featuring good mobile optimization and accessibility. Security-wise, the site uses a valid SSL certificate but lacks modern TLS protocols and some security headers, which lowers its security posture. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the website reflects a professional and credible business presence with room for security improvements.

H

HellermannTyton

hellermanntyton.at

0

HellermannTyton is a well-established manufacturer and provider of cable management and connectivity products, serving industrial sectors such as manufacturing, energy, and transportation. The website presents comprehensive product information, industry solutions, and sustainability initiatives, targeting professional and industrial customers primarily in Austria and surrounding regions. The company maintains a strong brand presence with consistent design and multiple social media channels. Technically, the website uses a modern tech stack including Apache, jQuery, Google Tag Manager, and Usercentrics for consent management, hosted behind Cloudflare DNS services. However, the SSL/TLS configuration is outdated, supporting only TLS 1.1 without TLS 1.2 or 1.3, which is a security concern. Security headers are well implemented, including a strict Content Security Policy and HSTS header, though HSTS is not fully enabled in SSL configuration. Privacy compliance is strong with clear privacy and cookie policies and active consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and compliant, but would benefit from modernizing its TLS support and enhancing SSL configurations.

The website olly.us currently presents minimal content, consisting solely of a client-side redirect script to a /lander path. There is no accessible business information, metadata, or contact details available on the root page. The domain is registered and has DNS A records but lacks DNSSEC and CAA records, and the SPF record is restrictive with no authorized mail senders. Critically, the site does not have a valid SSL certificate and does not support HTTPS, which severely impacts trust and security posture. No privacy, cookie, or terms of service policies are present, and no forms or external links are found. Overall, the site appears to be either under construction or improperly configured, providing no meaningful business or security information.

S

Symrise I Food & Beverage I Scent & Care I Fragrance - Symrise

symrise.com

0

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

G

GIG Fassaden GmbH

gig.at

0

GIG Fassaden GmbH is a medium-sized Austrian company specializing in premium metal and glass facade solutions for international architecture projects. Their business model focuses on B2B services including design, engineering, prototyping, manufacturing, installation, maintenance, and renovation of building envelopes. The company maintains a strong market position with a consistent brand presence and comprehensive service offerings. Technically, the website is built on WordPress with modern libraries and plugins, optimized for SEO and mobile responsiveness. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing the site to risks and undermining user trust. Privacy policies and cookie consent mechanisms are well implemented, reflecting GDPR compliance. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

B

baningo GmbH

baningo.com

0

baningo GmbH is a technology company specializing in digital networking solutions, primarily through their digital business card platform and NFC business cards. Founded in 2015 and based in Austria, the company serves a broad professional audience seeking modern, sustainable ways to share contact information. Their market position is supported by over 10,000 customers and partnerships with notable companies. Technically, the website leverages Cloudflare for hosting and security, uses Matomo and Google Tag Manager for analytics, and integrates Facebook Pixel for marketing. However, the absence of a valid SSL certificate and HTTPS severely undermines the security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Overall, the website is professionally designed and trustworthy but requires urgent security improvements.

S

Sto SE & Co. KGaA

sto.com

0

Sto SE & Co. KGaA is a global enterprise specializing in facade systems, insulation, acoustic surfaces, and floor coatings with over 50 years of industry experience. The company targets architects, builders, and developers seeking sustainable and aesthetic building solutions. Their website reflects a mature digital presence with comprehensive content, localized contacts, and professional branding. Technically, the site uses a custom Sto framework with modern JavaScript and CSS but lacks a valid SSL certificate, resulting in insecure HTTP connections and a weak security posture. Privacy and cookie policies are well implemented with consent mechanisms, and marketing tools like Salesforce Marketing Cloud and Usercentrics CMP are integrated. Security headers are configured but undermined by missing HTTPS. Overall, the site is professional and trustworthy but requires urgent SSL/TLS implementation to improve security and user trust.

N

NovaTaste

frutaromsavory.com

0

NovaTaste is a globally recognized leader in taste innovation, specializing in providing customized and sustainable food ingredient solutions to food manufacturers, butchers, and foodservice players. With a strong global presence spanning 19 sites and over 2,200 employees, the company offers a broad portfolio including herbs, spices, seasonings, marinades, and functional ingredients. Their business model focuses on tailored solutions and turnkey R&D projects, positioning them as a key player in the manufacturing sector of the food industry. Technically, the website leverages modern frameworks such as Next.js and React, hosted on Amazon CloudFront, delivering a professional and responsive user experience with good SEO and accessibility standards. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocol support, which poses risks to user trust and data security. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and trustworthiness.

M

Messe Wels GmbH

messe-wels.at

0

Messe Wels GmbH operates a prominent exhibition center in Wels, Austria, providing event hosting, exhibition space rental, and related services. The website targets exhibitors and visitors interested in trade fairs and events, positioning itself as a leading venue in Austria. The digital infrastructure relies on legacy technologies such as Microsoft IIS 8.5 and older versions of jQuery and Bootstrap, with Google Tag Manager implemented for analytics and marketing. However, the website lacks a valid SSL certificate and does not support modern TLS protocols, significantly impacting its security posture. While contact information and privacy policies are present, the absence of advanced security headers and incident response information indicates room for improvement. Overall, the site is functional and professional but requires urgent security upgrades to protect user data and enhance trust.

A

Apitech

apitech.fr

0

Apitech is a French technology company specializing in open source productivity solutions and custom software development. With over 30 years of experience, it positions itself as a trusted partner for organizations seeking sovereign and secure digital tools. The company leverages open source expertise and partnerships with major technology providers like Microsoft and Dell to deliver tailored solutions. The website reflects a professional and consistent brand image targeting business clients in France. Technically, the site is built on WordPress with the Divi theme and uses modern plugins and analytics tools. However, a critical security issue is the lack of a valid SSL certificate, resulting in no HTTPS, which significantly impacts the security posture. While some security headers are present, the absence of HTTPS and modern TLS protocols is a major vulnerability. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and trust.

G

Grant Thornton

grantthornton.com

0

Grant Thornton is a leading professional services firm specializing in audit, assurance, tax, and advisory services. With a large community of nearly 10,000 professionals, the company serves a diverse range of industries including energy, financial services, healthcare, manufacturing, and technology. The website reflects a mature digital presence built on Adobe Experience Manager, featuring comprehensive content, clear navigation, and strong branding consistency. However, the current SSL/TLS configuration is critically deficient, with no valid certificate and no enabled TLS protocols, which poses a significant security risk. The site implements standard security headers and privacy policies, including GDPR-compliant privacy and cookie policies with consent mechanisms. Social media integration and external partnerships are well established, enhancing business credibility. Overall, the site is content-rich and professionally designed but requires urgent remediation of its SSL/TLS security posture to ensure user trust and compliance.

V

Victory Capital Management Inc.

pioneerinvestments.com

0

Pioneer Investments, a franchise of Victory Capital Management Inc., operates a comprehensive investment services website targeting investors and financial professionals. The site offers a broad range of asset management products including mutual funds, separately managed accounts, and closed-end funds, supported by investment insights and research. The business is well-established with a history dating back to 1928 and maintains a strong market position within the finance sector in the United States. Technically, the website leverages Adobe Experience Manager CMS, integrates multiple modern libraries and marketing tools, and is hosted via Amazon CloudFront CDN, indicating a mature digital infrastructure. However, the site suffers from a critical security flaw due to an invalid or missing SSL certificate, which undermines the security posture despite the presence of robust security headers. Privacy compliance is moderate with a clear privacy policy but lacking explicit cookie consent mechanisms. Overall, the website is professional and trustworthy but requires urgent remediation of SSL issues to ensure secure user interactions and compliance.

C

CAE Expert Group GmbH

caeexpert.group

0

CAE Expert Group GmbH is a specialized provider of ECAD engineering services and software solutions, operating primarily in Austria and Germany. The company offers a broad range of services including system automation, consulting, software development, training, and project support, positioning itself as a trusted expert with TÜV SÜD certification. The website is professionally designed, content-rich, and targets businesses and professionals seeking ECAD system expertise. Technically, the website is built on WordPress with Elementor and employs modern SEO and cookie consent tools, but suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and overall trustworthiness from a cybersecurity perspective. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Contact information is comprehensive and transparent, supporting business credibility. Strategic improvements in SSL/TLS implementation and security headers are essential to elevate the security maturity and user trust.

'

's Heeren Loo

sheerenloo.nl

0

's Heeren Loo is a large, established healthcare organization in the Netherlands specializing in providing tailored care and support for people with intellectual and other disabilities. Their services span diagnostics, treatment, home support, education, work and day activities, and residential care. The organization targets clients with disabilities, their families, and care professionals, emphasizing a mission to help clients live as well as possible with appropriate care levels. Technically, the website employs modern JavaScript frameworks like Vue.js and Vuex, integrates Matomo analytics for user tracking, and uses Google Tag Manager for marketing. Accessibility and SEO are well addressed, with good mobile optimization and structured data markup. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical vulnerability. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, the website is professional, content-rich, and trustworthy but requires urgent improvements in SSL/TLS security to protect user data and maintain trust.

D

DACHSER

dachser.com

0

DACHSER is a well-established global logistics provider with a strong market position and comprehensive service offerings across multiple transport and warehouse networks. The website reflects a mature digital presence with multilingual support, rich content, and clear corporate governance and compliance information. Technically, the site uses modern tracking and consent management technologies but suffers from critical SSL certificate issues that undermine its security posture. Security headers and policies are well implemented, but the lack of valid HTTPS and modern TLS protocols is a significant risk. Overall, the site is professional and trustworthy but requires urgent remediation of SSL and TLS configurations to ensure secure user interactions and maintain compliance. Strategic recommendations include fixing SSL certificates, enabling modern TLS, and enhancing security mechanisms such as OCSP stapling and session resumption.

S

SOL4 IT-Consulting GmbH

sol4.at

0

SOL4 IT-Consulting GmbH is a specialized IT consulting firm based in Austria, focusing on CRM software solutions and digitalization services for small and medium-sized enterprises. The company offers CRM software consulting, project implementation, industry-specific solutions, and support services, positioning itself as a market leader in CRM solutions within its region. The website reflects a professional and consistent brand image with comprehensive content tailored to its target audience. Technically, the site is built on Joomla CMS with modern UIkit framework and common JavaScript libraries, providing a good user experience and mobile optimization. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the site's security posture and trustworthiness. The site implements GDPR-compliant privacy and cookie policies with active consent mechanisms and transparent contact information. Overall, while the business and content quality are strong, the lack of HTTPS is a major risk that should be addressed promptly.

P

PRAXIS

praxispr.ca

0

PRAXIS is a Canadian marketing communications agency specializing in integrated services including PR, digital marketing, live events, social media management, and collaborations. The company positions itself as a leading Canadian-owned agency with a strong client portfolio including major brands such as Pepsi, Cineplex, and Purina. The website is professionally designed with rich content and clear navigation targeting Canadian businesses seeking marketing communications expertise. Technically, the site is built on WordPress with modern plugins and SEO tools, but suffers from a lack of HTTPS security due to an invalid or missing SSL certificate. Security headers are minimal but present, and no cookie consent or GDPR compliance mechanisms are evident. The agency maintains active social media presence and uses Google Analytics and LinkedIn Insight for tracking. Overall, the website reflects a credible and professional business but requires urgent security improvements to protect user data and enhance trust.

eSYS Informationssysteme GmbH is a regional IT service provider based in Austria, specializing in IT support, network management, software development, and cloud solutions, with a strong focus on serving businesses and schools in Upper Austria. The company maintains a professional online presence with comprehensive service descriptions and a clear target audience. Their website is built on WordPress with Elementor and uses modern plugins for SEO and cookie management. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security shortfall that undermines user trust and data protection. The site includes privacy and cookie policies with consent mechanisms, indicating good GDPR compliance. Social media integration and structured data enhance their digital maturity. Overall, eSYS demonstrates a solid business and technical foundation but must urgently address its SSL/TLS configuration to improve security posture and user confidence.

The website schurflexibles.com currently lacks accessible content and does not have a valid SSL certificate configured, resulting in no HTTPS support. The domain is registered and DNS records are properly set up, but the absence of website content, metadata, and security configurations indicates a very low digital maturity level. There are no visible privacy or cookie policies, contact information, or business details, which severely limits trust and user engagement. The security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Overall, the site presents a high risk from a security and compliance perspective and requires immediate remediation to enable secure access and provide essential business and privacy information.

M

mac. brand spaces GmbH

mac.de

0

mac. brand spaces GmbH is a medium-sized company specializing in sustainable and innovative brand space design and live communication services. They offer comprehensive full-service solutions for events, trade shows, roadshows, and digital live communication, targeting businesses seeking to create immersive brand experiences. The company has an international presence with offices in Germany, China, Singapore, and Austria, emphasizing sustainability as a core value. Technically, the website is built using modern web technologies including React, Gatsby, and Chakra UI, hosted on Netlify. The site demonstrates excellent performance, mobile optimization, and accessibility. SEO practices are well implemented with proper meta tags and structured data. From a security perspective, the site enforces HTTPS with strong security headers such as HSTS, X-Frame-Options, and X-Content-Type-Options. OCSP stapling is enabled, and no vulnerabilities or exposed sensitive data were detected. However, improvements such as enabling HSTS for subdomains and DNSSEC could further enhance security. Overall, the website presents a professional and trustworthy digital presence with good privacy compliance, including GDPR-aligned cookie consent and privacy policies. The company provides clear contact information and maintains active social media channels, supporting strong business credibility.

David Gregory TV is a small-scale personal trainer blog operated by trainers David and Gregory from Brooklyn, NY. The website primarily offers fitness and health-related blog content focusing on yoga, exercise tips, and healthy living. The business model appears to be content-driven, likely supporting personal training services or brand awareness. The site uses WordPress 3.8.1 with an outdated technology stack and is hosted behind Cloudflare DNS with a LiteSpeed server. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. No privacy or cookie policies are present, and no contact emails or phone numbers are explicitly provided, limiting user trust and compliance with privacy regulations. The overall website quality is basic with limited content and minimal SEO or accessibility features.

W

Wiesner-Hager Möbel GmbH

wiesner-hager.com

0

Wiesner-Hager Möbel GmbH is a medium-sized Austrian company specializing in office furniture, interior design, and office consulting services. The company targets businesses and organizations requiring innovative and sustainable office and contract furniture solutions, including hospitality and healthcare sectors. The website presents a professional and comprehensive portfolio of products and services, supported by international design collaborations and a commitment to sustainability. Technically, the website is built on the Pimcore CMS platform with modern JavaScript and CSS technologies, but suffers from a lack of HTTPS encryption, which significantly impacts its security posture. Security headers are partially implemented, but the absence of a valid SSL certificate and modern TLS protocols exposes the site to risks. Privacy compliance is well addressed with a clear privacy policy, cookie consent via Cookiebot, and GDPR adherence. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

J

Joint Vienna Institute

jvi.org

0

The Joint Vienna Institute (JVI) is a well-established regional training center founded in 1992, providing policy-oriented training primarily to public officials and selected private sector executives from Central, Eastern, and Southeastern Europe, the Caucasus, and Central Asia. Supported by international organizations such as the IMF, Austrian Finance Ministry, EBRD, and others, JVI offers a broad range of courses, webinars, and special events focused on economics, financial sector management, trade policy, and governance. The website reflects a professional and consistent brand with good content quality and clear navigation, targeting a specialized audience in the education and government sectors. Technically, the site is built on TYPO3 CMS with PHP 7.4, uses Bootstrap and jQuery for frontend, and integrates Matomo and Google Analytics for user tracking. The site is hosted likely by Telekom Austria based on DNS records. While the site is mobile-optimized and SEO-friendly, it lacks HTTPS support, which is a critical security shortfall. The absence of SSL/TLS encryption exposes users to potential data interception risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Security posture is weak due to missing HTTPS, lack of HSTS, and minimal security headers. No incident response or vulnerability disclosure information is provided. Business credibility is strong, supported by clear contact information, partner logos, and active social media presence. Overall, the site is trustworthy but requires urgent security improvements to protect user data and enhance trust. Recommendations include immediate implementation of HTTPS with a valid SSL certificate, enabling security headers, publishing a security policy and vulnerability disclosure, and upgrading PHP to a supported version to improve security and compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

C

Coaching-Yes You Can

coaching-yesyoucan.ch

0

Coaching-Yes You Can is a small Swiss-based health coaching service specializing in stress, mobbing, burnout prevention, and workplace health promotion. The company targets private individuals, youth, children, and business clients, offering personalized coaching and consulting services. The website is hosted by Hostpoint and built on the cm4all CMS platform, utilizing standard web technologies including jQuery and Prototype. While the site presents professional content with clear navigation and partner references, it lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. The cookie policy with consent is implemented, but no privacy policy or terms of service are found, indicating partial privacy compliance. Contact information is limited to a phone number with no email or physical address explicitly provided. The site uses Logaholic analytics with minimal user tracking. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

The website dh-partners.com currently serves only a minimal HTML page that immediately redirects visitors to a /lander path, with no visible content, metadata, or business information. The domain is registered and resolves to two IP addresses, but lacks a valid SSL certificate and HTTPS support, which significantly impacts its security posture and trustworthiness. No privacy, cookie, or terms of service policies are present, and no contact or business details are available on the site. Technically, the site shows poor performance and lacks modern web standards and security best practices. Overall, the website appears to be in an early or placeholder state, limiting its utility and credibility for users and business partners.

The website chatgrape.com currently serves minimal content, consisting solely of a client-side redirect to a /lander path. There is no substantive business information, metadata, or user-facing content available on the root page. The domain is mature, registered since 2014 with GoDaddy.com, LLC, and shows strong domain protection status with no privacy shielding. Technically, the site lacks HTTPS support, with no valid SSL/TLS certificate configured, which severely impacts security posture and user trust. No security headers or policies are implemented, and no privacy or cookie policies are present, indicating low compliance with privacy regulations. Overall, the site appears to be a placeholder or redirector rather than a fully operational business website.

S

SOLVION information management GmbH

solvion.net

0

SOLVION information management GmbH is a well-established IT consulting and solutions provider specializing in digital workplace transformation within the Microsoft 365 ecosystem. With over 22 years of experience, the company serves medium-sized commercial enterprises primarily in the DACH region, focusing on sectors such as production, retail, services, and transportation. Their key services include strategic and technology consulting, adoption and change management, implementation of Microsoft-based solutions, and ongoing technical support. The website reflects a professional and consistent brand image with comprehensive content, active blogs, and customer testimonials, positioning SOLVION as a leading player in their market segment. Technically, the website is built on WordPress with the Divi theme and utilizes modern JavaScript libraries and marketing tools such as Google Tag Manager and Borlabs Cookie for consent management. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of HTTPS support, which significantly impacts its security posture. Other security best practices like HSTS, OCSP stapling, and modern TLS protocols are also missing, exposing the site to potential risks. Privacy compliance is well addressed with clear privacy and cookie policies, including a consent mechanism that aligns with GDPR requirements. The site employs extensive tracking and marketing tools, but these are transparently disclosed. Contact information is clearly presented, including a detailed contact form, phone number, and physical address, enhancing business credibility. Overall, while the business and content aspects of the website are strong and trustworthy, the lack of HTTPS and proper SSL configuration is a critical vulnerability that must be addressed immediately to protect user data and maintain trust. Strategic recommendations include implementing a valid SSL certificate, enabling modern security protocols, and enhancing security headers to improve the site's security posture and compliance.

R

Raiffeisen Bank International

raiffeisen.al

0

Raiffeisen Bank Albania is a major financial institution offering a wide range of retail and corporate banking services, including loans, credit cards, savings, and digital banking platforms. The website is professionally designed, content-rich, and targets Albanian retail customers, SMEs, and corporate clients. Technically, the site uses modern frameworks such as Vue.js and Adobe Experience Manager, with integrations for analytics and marketing tools. However, a critical security issue is the invalid or missing SSL certificate, which undermines the security posture despite good security headers and policies. Privacy compliance is strong with clear cookie consent and GDPR-aligned privacy policies. Overall, the website is trustworthy and credible but requires urgent SSL remediation to ensure secure user interactions.

S

SPAX International GmbH & Co. KG

spax.com

0

SPAX International GmbH & Co. KG is a well-established German manufacturer specializing in screws and fastening technology, producing large volumes daily for a global market. Their website reflects a mature digital presence with comprehensive product information, multilingual support, and digital tools for professionals in construction and woodworking. The company demonstrates strong branding consistency and trust indicators including certifications and detailed contact information. Technically, the site is built on Adobe Experience Manager with modern marketing and consent management tools, offering good user experience and SEO optimization. However, a critical security issue exists due to an invalid or missing SSL certificate and lack of enabled TLS protocols, which significantly impacts the security posture. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business credibility and content quality are high, but urgent remediation of SSL/TLS issues is recommended to ensure secure user interactions and maintain trust.

Arjo is a well-established global healthcare company specializing in medical devices and solutions aimed at improving mobility and care for patients with reduced mobility and age-related health challenges. The company operates in over 100 countries with a large workforce and offers a broad portfolio including patient handling equipment, medical beds, hygiene solutions, disinfection products, and prevention systems for pressure injuries and venous thromboembolism. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional design tailored to healthcare providers and institutions. Technically, the website leverages modern web technologies including Episerver CMS, Azure hosting, and multiple analytics and marketing tools such as Google Analytics, Siteimprove, Hotjar, and Microsoft Application Insights. The site is hosted on Microsoft Azure with Cloudflare CDN, ensuring global availability and performance. However, performance metrics were not available, and accessibility is rated as basic, suggesting room for improvement. From a security perspective, the site implements several important HTTP security headers and a detailed Content Security Policy. Nevertheless, the SSL certificate is currently invalid or missing, which is a critical vulnerability that undermines user trust and data security. HSTS is configured but not fully enabled, and session resumption mechanisms are absent. No known vulnerabilities or malware were detected, and no WAF or blocking mechanisms interfere with site access. Overall, the website demonstrates strong business credibility and privacy compliance with clear policies and consent mechanisms. The main risk lies in the SSL certificate issue, which should be addressed promptly to maintain security posture and user confidence. Strategic recommendations include renewing the SSL certificate, enabling full HSTS, and enhancing accessibility and performance monitoring.

S

STIWA Holding GmbH

stiwa.com

0

STIWA Holding GmbH is a well-established Austrian company specializing in automation technology, manufacturing, and software solutions. With over 50 years of experience and a global presence spanning 11 locations across three continents, STIWA serves diverse industries including automotive, electronics, medical technology, and building automation. The company offers comprehensive services from engineering and automated series production to production optimization, positioning itself as a leader in digital, fully automated production solutions. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and integrating marketing and analytics tools such as HubSpot and Google Analytics. However, the absence of a valid SSL certificate and HTTPS support significantly impacts the security posture. While security headers and content security policies are well implemented, the lack of proper SSL/TLS encryption is a critical vulnerability. Privacy and cookie policies are present and GDPR compliant, and contact information is comprehensive and clearly presented. Overall, the website reflects a professional and trustworthy business but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

R

Randstad

randstad.com

0

Randstad is a global leader in the HR services industry, providing a wide range of staffing, recruitment, and workforce management solutions. The company targets job seekers, employers, investors, and press with a comprehensive digital presence and multiple country-specific subsidiaries. Their business model focuses on delivering specialized talent solutions at scale, supported by digital and enterprise services. The website reflects a mature and professional brand with strong market positioning and trust indicators. Technically, the website uses modern technologies including React and Drupal CMS, hosted on Amazon Web Services infrastructure. While the site is well-structured and mobile-optimized, performance data is unavailable. Security headers are properly configured, but the SSL certificate is invalid or missing, which is a critical vulnerability that undermines secure communications. The security posture shows good practices in headers and cookie management but lacks proper SSL/TLS implementation and explicit security or incident response policies. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR. Contact information is primarily via forms, with no direct emails or phone numbers publicly listed. Overall, the site is professional and trustworthy but requires urgent remediation of SSL issues to ensure secure user interactions and maintain business credibility.

The website coach.com is currently inaccessible due to a Web Application Firewall (WAF) or security mechanism blocking access, as evidenced by the Access Denied page and minimal HTML content. This prevents any direct analysis of the website's content, metadata, or business information. The domain itself is mature, registered since 1996, and protected with strong domain status settings, indicating a legitimate and established entity likely operating in the retail sector. The technical infrastructure includes Akamai CDN services and hosted email solutions, but the SSL/TLS configuration is severely lacking with no valid certificate or secure protocols enabled, posing significant security risks. Overall, the site’s security posture is weak due to missing HTTPS and modern security headers, and the performance is poor with very slow load times. Given the blocking, the analysis is limited and the overall risk assessment is elevated due to lack of accessible content and security deficiencies.

M

Mass Response Service GmbH

massresponse.com

0

Mass Response Service GmbH is a medium-sized Austrian telecommunications company specializing in automated mass communication solutions including call centers, SMS, email, fax, and web services. They operate a fiber optic network providing highspeed internet connectivity primarily targeting business customers in Austria. The website content is professional and consistent, with clear navigation and relevant business information. Technically, the site uses Apache and jQuery but lacks modern SSL/TLS configuration, which is a significant security concern. The absence of a valid SSL certificate and HTTPS support undermines the security posture despite the presence of some security headers like HSTS. Privacy compliance is basic but present, with cookie consent mechanisms and a privacy policy linked externally. Social media presence and customer testimonials add trust signals. Overall, the site is functional but requires urgent security improvements to protect user data and enhance trust.

W

W.D. Matthews Machinery Co.

wdmatthews.com

0

W.D. Matthews Machinery Co. is a well-established heavy equipment dealer operating primarily in New England, with a history dating back to 1939. The company specializes in new and used forklifts, heavy machinery, warehousing supplies, rentals, parts, and service. It maintains strong partnerships with reputable brands such as Toyota, Manitou, Clark, and Bobcat, positioning itself as a leading regional provider in the transportation and industrial equipment sector. The website reflects a professional business model focused on equipment sales, rentals, and maintenance services targeting commercial and industrial clients in the region. Technically, the website is built on WordPress with WooCommerce and utilizes modern web technologies including Gravity Forms for data collection and Google Tag Manager for analytics. Hosting is provided by WP Engine with Cloudflare CDN for content delivery. While the site is mobile-optimized and well-structured with good SEO practices, performance data is incomplete, and some accessibility features are basic. The site lacks a valid SSL certificate, which is a critical security gap. From a security perspective, the absence of HTTPS and modern TLS protocols significantly reduces the site's security posture. No advanced security headers or mechanisms such as HSTS or OCSP stapling are implemented. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or terms of service page detected. Contact information is clearly provided, enhancing business credibility. Overall, the site presents a moderate risk profile due to the lack of HTTPS and limited privacy compliance. Strategic improvements in security configuration and privacy practices are recommended to enhance trust and protect user data. The business itself appears legitimate and well-positioned in its market, but the website's security shortcomings could impact user confidence and compliance with regulations.

E

EXERGY Studios, s.r.o.

exergystudios.com

0

EXERGY Studios, s.r.o. is a Slovak-based company specializing in building certification services such as BREEAM and LEED, building simulation, optimization, and integrated design. The company targets building owners, developers, and construction professionals seeking to enhance building performance and certification compliance. Their market position is that of a niche regional expert with a small business size and a focused service portfolio. Technically, the website is built on Joomla CMS using a Gavick template and includes legacy JavaScript libraries like jQuery 1.7 and MooTools. The site lacks HTTPS, which significantly impacts its security posture. Security headers are minimal, and no advanced security practices such as HSTS or OCSP stapling are implemented. Privacy compliance is poor, with no visible privacy or cookie policies or consent mechanisms. Business credibility is moderate due to the presence of trust indicators like membership in SKGBC and USGBC but is weakened by the lack of clear contact information and security best practices.

M

M. M. Newman

mmnewman.com

0

M.M. Newman Corporation is a specialized manufacturer and distributor of Heli-Tube® spiral cable wrap and related specialty tubing and hot tool products. Established in 1956, the company holds a strong market position as a leading supplier in the manufacturing sector, targeting industrial and commercial customers requiring cable management solutions. Their website reflects a professional e-commerce platform built on WordPress and WooCommerce, offering clear navigation and relevant product information. The company demonstrates trustworthiness through certifications such as ISO 9001:2015 and provides comprehensive contact information and social media presence. However, the technical infrastructure shows gaps in security, notably the absence of a valid SSL certificate and incomplete HTTPS implementation, which poses risks to user data and trust. The site uses multiple analytics and marketing tools but lacks a cookie consent mechanism, indicating partial privacy compliance.

H

Habich GmbH

habich.com

0

Habich GmbH is a well-established Austrian manufacturer specializing in inorganic specialty pigments for various industrial applications including coatings, construction chemicals, ceramics, printing inks, and plastics. The company has a long tradition dating back to 1846 and serves a global B2B market with a broad product portfolio including corrosion protection pigments, organic colorants, pigment preparations, and aqueous binder dispersions. Their website reflects a consistent and professional brand image with detailed product information and clear contact details. Technically, the site uses modern front-end libraries and the SilverStripe CMS, but lacks a valid SSL certificate, which is a critical security gap. The cookie consent mechanism is implemented and GDPR compliant, supporting privacy best practices. However, no explicit security policies or incident response information is provided. Overall, the website is functional and professional but requires urgent security improvements to enable HTTPS and enhance trust.