Security Directory

The website plantweave.com is currently inaccessible due to a DNS resolution error as indicated by the Cloudflare error page. No business content, contact information, or policies are available on the site, preventing any meaningful analysis of the company's offerings or market position. The site is protected by Cloudflare but lacks a valid SSL certificate and modern TLS protocols, resulting in a poor security posture. The absence of privacy and cookie policies further indicates non-compliance with common data protection standards. Overall, the website's digital presence is minimal and blocked, severely limiting trust and credibility assessments.

T

TECHNOMA Technology Consulting & Marketing GmbH

technoma.at

0

TECHNOMA Technology Consulting & Marketing GmbH is an Austrian consulting company specializing in environmentally friendly mobility solutions, particularly in rail and electromobility sectors. Established in 1995, it serves an international clientele with services including e-bus consulting, management systems, procurement, authorizations management, research projects, and system engineering. The company maintains a professional online presence with a well-structured website showcasing its services and client partnerships. Technically, the website is built on WordPress with common plugins and libraries, but lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes users to potential data interception risks. Privacy compliance is partially addressed with a cookie consent banner and a privacy policy page, though the latter is in German and may limit accessibility for international users. Overall, the website demonstrates good business credibility but requires urgent security enhancements to protect user data and improve trust.

Ö

Österreichische Staatsdruckerei

staatsdruckerei.at

0

The Österreichische Staatsdruckerei (Austrian State Printing House) is a well-established government-related entity specializing in secure identity document production and digital identity solutions. With over 200 years of experience, it holds a strong market position internationally, offering tailored ID products and digital government services. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding consistency. Technically, the site is built on WordPress with modern SEO and analytics tools, but suffers from a critical SSL/TLS misconfiguration that undermines its security posture. Privacy compliance is robust, featuring detailed policies and a consent mechanism. Overall, the business credibility is high, supported by multiple certifications and active social media engagement.

K

kronehit

kronehit.at

0

kronehit.at is an Austrian online radio platform delivering streaming media content primarily to German-speaking audiences. The website focuses on radio and video streaming services supported by advertising, leveraging technologies such as Cloudflare CDN, Usercentrics for cookie consent, Firebase Cloud Messaging for push notifications, and Google Analytics for tracking. The site is positioned as a recognized media outlet in Austria with a medium-sized operational scale. Technically, the site uses modern JavaScript libraries and streaming players but suffers from slow performance and basic mobile optimization. Security posture is weak due to the absence of a valid SSL certificate and incomplete TLS configuration, despite the presence of multiple security headers. Privacy compliance is partial, with cookie consent implemented but no visible privacy policy or terms of service. Overall, the site demonstrates moderate business credibility but requires significant improvements in security and privacy transparency to enhance trust and compliance.

E

ERRP | Expired Registration Recovery Policy

pressel.com

0

The website pressel.com currently serves as a placeholder page indicating that the domain registration has expired and is pending renewal or deletion. It provides multilingual notices about the Expired Registration Recovery Policy but does not offer active business services or detailed company information. The site uses minimal technical infrastructure, including an nginx server and Google Analytics for tracking, but lacks modern security features such as HTTPS, SSL certificates, and DNSSEC. The absence of contact information, privacy compliance mechanisms, and security policies indicates a low level of digital maturity and business readiness. Overall, the site is not operational for business purposes and presents significant security and compliance gaps.

L

Life and Career Design Consulting GmbH

lifeandcareer.eu

0

Life and Career Design Consulting GmbH is a small Austrian consulting firm specializing in career development and interim management services. Their website, built on Squarespace, offers bilingual content in German and English, targeting professionals seeking coaching, training, and assessment services. The company maintains a professional online presence with clear contact information and active social media channels. Technically, the website uses standard Squarespace infrastructure and Typekit fonts but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The absence of privacy and terms of service policies indicates gaps in compliance. Security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Overall, the business appears legitimate and consistent with its domain registration data, but improvements in security and privacy compliance are necessary to enhance trust and user safety.

Diakoniewerk is a well-established non-profit organization operating in the social and healthcare sectors across multiple Austrian regions and internationally. With a workforce of approximately 4,000 employees, it provides a broad range of services including senior care, disability support, education, integration, and community development. The website reflects a mature digital presence with comprehensive content, active recruitment, and engagement through social media and newsletters. Technically, the site is built on the Ibexa Open Source CMS and integrates modern marketing and analytics tools, though performance data is unavailable. Security posture is weak due to the absence of HTTPS, which poses a critical risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent security improvements.

C

Clarivate

unycom.com

0

Clarivate's Unycom website presents a comprehensive corporate IP lifecycle management software solution targeted at mid-size to global corporations. The site is professionally designed with rich content, clear navigation, and extensive integration of analytics and marketing tools, reflecting a mature digital presence. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. The WHOIS data confirms domain legitimacy and corporate ownership, reinforcing business credibility. Overall, the site demonstrates strong business positioning and technical maturity but requires urgent security improvements to meet modern standards.

C

Campofrío Food Group, S.A.U

campofrio.es

0

Campofrío Food Group, S.A.U is a well-established Spanish company specializing in the production and commercialization of meat products. It holds a strong market position in Spain with a diverse portfolio of brands and products, focusing on quality, innovation, and sustainability. The website demonstrates a high level of content quality, with detailed product information, recipes, and corporate social responsibility initiatives. Technically, the site uses modern frameworks such as Next.js and Drupal CMS, ensuring good mobile optimization and user experience. However, the absence of a valid SSL certificate significantly impacts the security posture, reducing the overall security score. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, reflecting a mature approach to data protection. The company is part of the larger Sigma Alimentos group, with several subsidiary brands and dedicated service platforms. Overall, the website is professional and trustworthy but requires urgent attention to its SSL configuration to enhance security and user trust.

The website flyniki.com serves as an informational portal for NIKI Luftfahrt GmbH, a defunct airline that ceased operations in December 2017. The site primarily informs visitors about the suspension of flight services and directs affected passengers to their travel agencies and an external insolvency information page. The business focus was on passenger air transportation, but the airline is no longer operational. Technically, the website is minimalistic, running on an Apache server with no modern web technologies or CMS detected. The site lacks HTTPS, exposing visitors to security risks. There are no privacy or cookie policies, no contact information, and no forms, indicating limited digital maturity and user engagement capabilities. Security posture is weak due to the absence of SSL/TLS, security headers, and DNS security features. Overall, the site reflects a legacy presence rather than an active business platform.

F

Fuhrparkverband Austria

fuhrparkverband.at

0

Fuhrparkverband Austria (FVA) is a specialized Austrian platform dedicated to fleet management information and networking. It serves as an independent voice and competence partner for fleet operators, companies, and policymakers in Austria. The organization offers membership-based services including events, seminars, newsletters, and surveys to foster knowledge exchange and professionalization in corporate mobility management. The website reflects a medium-sized organization with a clear focus on the transportation sector and a strong presence in Austria. Technically, the site is built on WordPress with modern plugins and SEO tools, but lacks HTTPS, which is a critical security gap. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. The site integrates Google Analytics and Mailchimp for marketing and analytics purposes. Social media presence is robust across major platforms. Overall, the site is professional and content-rich but requires urgent security improvements to enable HTTPS and modern TLS protocols.

N

Next Research GmbH

nextresearch.org

0

Next Research GmbH is a specialized contract research organization (CRO) based in Austria, focusing on clinical research, scientific consulting, and market analytics primarily in the healthcare sector, especially interventional radiology. The company leverages a decade of experience and strong ties to the CIRSE medical society to deliver tailored research services. Their website presents a professional image with comprehensive service descriptions, a detailed team section, and clear contact options including direct scheduling links. Technically, the site is built on WordPress with modern plugins for cookie consent and analytics, but suffers from a critical lack of a valid SSL certificate, impacting security and trust. Privacy policies are thorough and GDPR compliant, with user-friendly cookie consent mechanisms and opt-out options for analytics tracking. Overall, the business appears credible and well-positioned in its niche, but the absence of HTTPS is a significant security gap.

S

Ski Lodge Jaktman

skilodgejaktman.com

0

Ski Lodge Jaktman is a small hospitality business located in Bad Gastein, Austria, specializing in ski holiday accommodation and related tourism services. The website positions itself strongly in the local market, boasting the number one ranking on Tripadvisor for eight consecutive years, which indicates a solid reputation and customer satisfaction. The business offers rooms, apartments, ski equipment rental discounts, and packages for skiing and other alpine activities, targeting winter sports enthusiasts and tourists visiting the Gastein Valley. Technically, the website is hosted on IONOS SE infrastructure using the IONOS MyWebsite CMS platform. The site uses Apache server technology and includes JavaScript libraries such as jQuery and lightbox plugins for image galleries. However, the website lacks a valid SSL/TLS certificate and does not serve content over HTTPS, which is a critical security and trust issue. Performance is slow, and mobile optimization and accessibility are basic. SEO is also basic with some meta tags but no advanced structured data or JSON-LD. From a security perspective, the site has minimal security headers and no active HTTPS, which severely limits its security posture. The Content Security Policy is set to report-only mode, and the X-XSS-Protection header is disabled. No incident response or vulnerability disclosure policies are published. The domain is mature and registered consistently with the business location, but the lack of HTTPS and privacy policies are significant compliance and security gaps. Overall, the website is functional and provides good business information and user experience but requires urgent improvements in security, privacy compliance, and technical modernization to enhance trust and protect user data.

H

Herz Jesu Krankenhaus GmbH

kh-herzjesu.at

0

Herz Jesu Krankenhaus GmbH is a medium-sized, non-profit orthopaedic specialist hospital located in Vienna, Austria, operating under the parent company Vinzenz Kliniken Wien. The hospital offers specialized healthcare services in orthopaedics, rheumatology, osteology, remobilisation, and operates the largest pulmonological sleep laboratory in Vienna. The website targets patients, visitors, medical professionals, and job seekers, providing comprehensive information about services, events, and career opportunities. The hospital emphasizes professional, personal, and compassionate care with external quality certifications such as the 'Audit Beruf und Familie'. Technically, the website is built on TYPO3 CMS with Bootstrap and jQuery frameworks, delivering a responsive and well-structured user experience. However, the site suffers from slow loading times and lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security deficiency. The cookie consent mechanism and privacy policy are well implemented, reflecting good privacy compliance. Social media integration and external partnerships are clearly presented, enhancing the hospital's digital presence. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the security posture, exposing users to potential risks. No advanced security headers or incident response information are found, indicating room for improvement in security maturity. The WHOIS data confirms the domain's legitimacy and consistency with the hospital's business claims. Overall, the website is professional and content-rich but requires urgent security enhancements, particularly SSL/TLS implementation, to protect user data and improve trust. Performance optimization and additional security best practices are recommended to elevate the site's technical and security standards.

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 29 security findings identified across all modules.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

GMS GOURMET GmbH is a leading Austrian company specializing in community catering, private label food production, and gastronomy services with over 45 years of experience. The company serves a broad audience including kindergartens, schools, workplaces, senior homes, and event catering, positioning itself as the market leader in Austria's community gastronomy sector. Their business model focuses on delivering high-quality, healthy, and sustainable food solutions tailored to diverse customer needs. The website reflects a mature digital presence built on TYPO3 CMS, integrating modern marketing and consent management tools such as Google Tag Manager and Cookiebot. However, a critical security gap exists due to the absence of HTTPS, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms. The company demonstrates strong trust signals through multiple certifications, sustainability initiatives, and family-friendly employer awards.

A

AMETEK Grabner Instruments

grabner-instruments.com

0

AMETEK Grabner Instruments is a medium-sized business specializing in the development and manufacturing of automatic petroleum testing equipment, including vapor pressure testers, flashpoint testers, and fuel analyzers. The company operates globally with a strong market position as an innovator and thought leader in fuel analysis technology. Their website reflects a professional business model focused on manufacturing, sales, training, and technical support services for the petroleum and energy sectors. Technically, the website uses ASP.NET technology with JavaScript libraries and is hosted on AWS infrastructure. While the site is mobile optimized and has good content quality, it suffers from slow load times and lacks a valid SSL certificate, which impacts security posture significantly. Privacy compliance is well addressed with comprehensive cookie and privacy policies and a consent mechanism. Security best practices are partially implemented but require urgent improvements, especially regarding HTTPS and security headers. Overall, the domain registration data aligns well with the business claims, indicating a trustworthy and legitimate entity.

W

Wittur Group

wittur.com

0

Wittur Group operates as a leading global supplier of elevator components, offering a broad portfolio including doors, cars, drives, safety devices, and modernization solutions. The company targets elevator manufacturers, suppliers, and service providers, positioning itself as a trusted B2B partner in the transportation sector. Their website reflects a mature digital presence with comprehensive product information, customer service tools, and compliance documentation. Technically, the site uses a modern tech stack including jQuery, Bootstrap, and analytics platforms like Google Analytics and Matomo. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses that could impact user trust and data protection. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the website is professional and content-rich but requires urgent security improvements to meet industry best practices.

T

TAC | The Assistant Company

tac.eu.com

0

TAC | The Assistant Company is a medium-sized technology provider specializing in all-in-one business software solutions tailored for the hospitality and wellness sectors, including spas, fitness clubs, and thermal baths. Their product suite includes Reservation Assistant, Club Assistant, and Entry Assistant software, complemented by automated wristband issuance and online webshop capabilities. The company has a solid market position supported by long-term client relationships and partnerships with notable industry players. Their website reflects a professional and consistent brand image with good content quality and user experience, targeting businesses seeking integrated software solutions to streamline operations. Technically, the website is built on a modern WordPress CMS platform using PHP 8.1, nginx, and popular plugins such as WPBakery Page Builder and Slider Revolution. The site employs lazy loading for images and integrates marketing and analytics tools like Google Analytics and Sendinblue. Hosting is managed by internex.at, and the site demonstrates good SEO and mobile optimization practices. However, performance is moderate, and accessibility features are basic. From a security perspective, the site implements several important HTTP security headers and a cookie consent mechanism compliant with GDPR. Unfortunately, the SSL/TLS configuration is critically lacking, with no valid SSL certificate installed, no TLS protocols enabled, and malformed CAA DNS records. This significantly reduces the security posture and exposes the site to risks associated with unencrypted traffic. No explicit security policies or incident response information are found. Overall, TAC presents a trustworthy and professional business with strong privacy compliance and marketing transparency. The primary risk lies in the absence of HTTPS, which should be urgently addressed to protect user data and maintain trust. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and improving SSL configuration to enhance security and user confidence.

The website telefonicaando2careers.com is currently inaccessible in terms of meaningful content. It serves a frameset that redirects users to a different domain (ww17.telefonicaando2careers.com) without providing any visible content, metadata, or business information. The SSL certificate is invalid or missing, resulting in no HTTPS support, which is a critical security flaw. The site includes New Relic Browser monitoring scripts indicating some level of performance and analytics tracking, but lacks essential privacy, cookie, and contact policies. Overall, the site appears to be either parked, under construction, or blocked by security mechanisms, severely limiting its usability and trustworthiness.

OeKB Gruppe is a central financial service provider based in Austria, supporting the Austrian economy with a broad range of services including export financing, capital market services, energy market services, development financing, and tourism services. The website presents a professional and comprehensive overview of their offerings, targeting Austrian businesses, investors, and financial institutions. The company holds a strong market position as a key financial institution in Austria. Technically, the website uses a custom CMS with JavaScript and Bootstrap frameworks, but suffers from slow load times and lacks modern security configurations such as a valid SSL certificate and TLS protocols. Mobile optimization and SEO are good, but accessibility is basic. The website lacks cookie consent mechanisms and some security best practices. Security posture is weak due to the absence of HTTPS, no security headers, and missing email authentication records like DMARC. DNSSEC is disabled and CAA records are malformed. These issues pose significant risks to user data confidentiality and trust. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect users and comply with modern standards. Strategic recommendations include implementing HTTPS, enabling security headers, and adding privacy and cookie consent mechanisms.

M

Mark Heath

eventsassociate.com

0

Events Associate is a small education-focused business specializing in bespoke language and professional training services, including Business English, professional development, educational training for children, and translation work. The company targets non-native English speakers and organizations primarily in Austria, Spain, and Europe. The website is hosted and managed via IONOS MyWebsite, reflecting a modest technical infrastructure with basic digital maturity. The site lacks HTTPS, which significantly undermines security and user trust. Security headers are partially implemented but insufficient without SSL/TLS. Privacy and cookie policies are absent, indicating non-compliance with GDPR and related regulations. Contact information is clearly provided, but no forms or advanced interaction mechanisms are present. Overall, the website presents basic content and functionality with room for significant improvement in security, compliance, and technical sophistication.

A

Austria Wirtschaftsservice Gesellschaft mbH

awsg.at

0

Austria Wirtschaftsservice Gesellschaft mbH (aws) is the official Austrian federal promotional bank dedicated to fostering innovation and economic growth within Austria. The website serves as a comprehensive portal for Austrian entrepreneurs and companies seeking funding, subsidies, and advisory services. It offers a broad range of programs targeting startups, SMEs, and established companies, with a strong emphasis on energy, sustainability, and internationalization. The site is well-branded, professionally designed, and provides clear navigation and rich content in German, targeting primarily Austrian businesses and innovators. Technically, the website is built on TYPO3 CMS and uses Apache as the web server. It integrates Matomo analytics for privacy-compliant user tracking and employs modern web technologies including CSP and various security headers. However, the SSL/TLS configuration is currently invalid or missing, which is a critical security concern. Performance metrics are not available, but the site appears mobile-optimized and accessible. From a security perspective, while several security headers are implemented, the lack of a valid SSL certificate and disabled TLS protocols significantly reduce the security posture. No explicit security or incident response policies are found on the site. Privacy compliance is strong, with a clear cookie consent mechanism and a comprehensive privacy policy in place, aligned with GDPR requirements. Overall, the site is a credible and professional government service platform with excellent content and user experience but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and improve trustworthiness.

A

Achtzehn Grad GmbH

digitalwerk.agency

0

Achtzehn Grad GmbH is a full-service creative agency based in Vienna, Austria, specializing in branding, digital marketing, and communication services. The company positions itself as a premium agency focused on uncovering hidden potential in brands and delivering innovative marketing solutions. Their target audience includes businesses in German-speaking countries seeking comprehensive marketing and creative services. The website reflects a high level of professionalism with excellent design, clear navigation, and rich content, including case studies and a blog. Technically, the site leverages modern JavaScript libraries such as GSAP and Swiper, is hosted on Webflow with Cloudflare CDN, and integrates bot protection on forms. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support and no modern TLS protocols, which significantly impacts the security posture. Privacy compliance is good with a comprehensive privacy policy and terms of service, but no explicit cookie consent mechanism was detected. Overall, the site is trustworthy and professionally managed but requires urgent SSL/TLS remediation to ensure secure user interactions.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

G

GDV Group

gdv.com.mx

0

GDV Group is a well-established market and consumer intelligence consultancy based in Mexico with over 50 years of experience. The company offers research and consulting services aimed at helping clients make informed business decisions. Their digital presence is built on WordPress with the Divi theme, leveraging common plugins and tracking tools such as Google Tag Manager and Facebook Pixel. While the website content is professionally presented and navigation is clear, the absence of a valid SSL certificate is a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are present but basic, with no visible terms of service or incident response policies. Overall, the business appears credible and consistent with its domain registration data, but security improvements are urgently needed.

L

Leviton Manufacturing Co., Inc.

brand-rex.com

0

Leviton Manufacturing Co., Inc. operates a comprehensive and professionally designed website offering a wide range of electrical and lighting control products targeting residential, commercial, and industrial markets. The company positions itself as a leader in home electrical safety with over 115 years of history, providing products such as lighting controls, wiring devices, networking solutions, electric vehicle charging, and submetering. The website demonstrates a mature digital presence with extensive product catalogs, market segmentation, and partner integrations. Technically, the site is built on Adobe Experience Manager with modern marketing and analytics tools integrated, ensuring good user experience and SEO. However, a critical security gap exists due to the absence of a valid SSL certificate and disabled TLS protocols, significantly impacting the security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance practices. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

M

M.Tech Products Pte Ltd

mtechpro.com

0

M.Tech Products Pte Ltd is a leading distributor and solutions provider specializing in cyber security and network performance solutions across the Asia-Pacific region. The company maintains a strong market position with presence in 14 countries, 24 offices, and a reseller network exceeding 2,000 partners. Their business model focuses on partnering with market-leading vendors to deliver integrated security and network performance management solutions, complemented by professional services and training offerings. The website reflects a professional and consistent brand image with good content quality and clear navigation tailored for their target audience of enterprises and resellers. Technically, the website is built on WordPress using common libraries such as jQuery and Owl Carousel, with Gravity Forms for data collection. While the site is mobile optimized and SEO friendly, performance appears slow based on provided data. Critically, the site lacks a valid SSL certificate and proper HTTPS configuration despite having security headers like HSTS, which severely impacts its security posture. Analytics usage is moderate with Google Analytics implemented, but no cookie consent mechanism or explicit cookie policy was found. From a security perspective, the site demonstrates basic best practices through HTTP security headers but suffers from the absence of HTTPS and modern TLS protocols, exposing users to potential risks. No incident response or vulnerability disclosure information is available, and no security certifications are displayed. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, the website is functional and professional but requires urgent security improvements, especially regarding SSL/TLS implementation, to protect user data and enhance trust. Privacy compliance is partially met with a comprehensive privacy policy but lacks cookie consent mechanisms. Strategic recommendations include securing the website with valid certificates, enabling modern security protocols, and enhancing privacy and incident response disclosures.

T

TachoEASY GmbH

tachoeasy.com

0

TachoEASY GmbH is a medium-sized Austrian company specializing in telematics and tachograph data archiving software solutions for the transportation and logistics sector. With nearly two decades of market presence, it offers products such as tacholog² and BlueLOGICO® targeting fleet operators and transport companies. The website is built on Joomla CMS with modern UIkit framework and integrates various third-party services including Calendly and friendly-challenge captcha for user interaction. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, representing a critical security vulnerability. Security headers are partially implemented but key protections like HSTS and DNSSEC are missing. The company provides comprehensive privacy and cookie policies with a consent mechanism, reflecting good GDPR compliance. Contact information is clearly presented with multiple channels including phone, email, and contact forms. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

F

finderly GmbH & Co KG (Medieninhaber)

shpock.com

0

Shpock is a well-established online marketplace specializing in local second-hand classifieds across the United Kingdom, operated by finderly GmbH & Co KG based in Austria. The platform offers a wide range of categories including electronics, fashion, baby products, home & garden, and motors, supported by a strong mobile app presence with over 50 million downloads. The business model focuses on zero fees for sellers, monetizing through promoted listings and memberships, positioning Shpock as a leading player in the UK second-hand market. Technically, the website leverages modern web technologies such as React and Next.js, hosted behind Cloudflare, and integrates with payment and marketing services like Adyen, SendGrid, and Zendesk. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS support, which poses risks to user data confidentiality and trust. Privacy and legal compliance are well addressed with comprehensive policies and GDPR adherence. Overall, Shpock presents a professional and trustworthy e-commerce platform with room for critical security improvements to enhance user trust and compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

W

Werner Kolb / KOLB DIGITAL AUDIO

werner-kolb.de

0

Werner Kolb operates a personal brand website focused on music production, performance, and authorship, particularly addressing musicians with tinnitus. The site presents a niche media business with a strong personal touch, targeting a broad audience interested in music and health. The technical infrastructure is based on WordPress with popular plugins like Elementor and Slider Revolution, hosted likely by 1&1 IONOS. While the site is well-structured and content-rich, it lacks a valid SSL certificate, which is a critical security gap. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy awareness. Social media integration and contact information enhance business credibility. Overall, the site is functional but requires urgent security improvements to protect user data and improve trust.

M

Mons Royale

monsroyale.com

0

Mons Royale is a specialized e-commerce retailer offering high-performance merino wool apparel targeting outdoor and active lifestyle consumers. The company emphasizes sustainability and natural performance materials, positioning itself as a niche brand with a global presence through regional subdomains. Technically, the website is built on the Shopify platform with a modern tech stack including jQuery, GSAP, and various marketing and analytics integrations. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which undermines user trust and data security. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism despite extensive tracking. Business credibility is supported by consistent branding, social media presence, and B Corp certification. Overall, the site is professional and content-rich but requires urgent security improvements to meet industry standards.

U

Unisto

unisto.co.uk

0

Unisto is a mature manufacturing company specializing in security seals and brand profiling solutions, operating globally with Swiss quality standards. The website reflects a professional business presence targeting companies requiring security and brand protection products. Technically, the site is built on TYPO3 CMS with modern frontend libraries such as jQuery, Swiper, and Bootstrap, hosted by Fasthosts Internet Ltd. However, the absence of HTTPS/SSL is a critical security flaw that undermines user trust and data protection. Privacy and cookie policies are implemented with a consent mechanism, but direct contact details are limited to forms without explicit emails or phone numbers. Overall, the website is functional and professional but requires urgent security improvements.

T

T-Mobile Austria GmbH

upc.at

0

The website for upc.at, branded as Magenta Austria, represents a major telecommunications provider offering a wide range of services including mobile tariffs, internet packages, TV offerings, and bundled solutions for both consumers and business customers. The site is professionally designed with rich content, clear navigation, and consistent branding that aligns with the corporate identity of T-Mobile Austria GmbH. Structured data and social media presence further reinforce the company's legitimacy and market position in Austria. Technically, the site is built on Adobe Experience Manager CMS and utilizes modern marketing and analytics tools such as Google Tag Manager and Usercentrics for consent management. However, the website currently suffers from a critical security issue: the SSL/TLS certificate is invalid or missing, and no secure HTTPS protocols are enabled. This significantly impacts the security posture and user trust, despite the presence of security headers and content security policies. Privacy compliance is well addressed with clear privacy and cookie policies and an active consent mechanism. Contact information is available primarily via phone numbers and contact forms, though no direct company email addresses are exposed. The WHOIS data confirms the domain's legitimacy and consistency with the business identity. Overall, while the website excels in content quality, user experience, and privacy compliance, the lack of valid HTTPS and proper SSL configuration is a critical vulnerability that must be addressed immediately to ensure secure communications and maintain customer trust.

D

Daikin

daikin-ce.com

0

Daikin Central Europe operates as a regional branch of Daikin Industries, Ltd., specializing in air conditioning, heating, ventilation, heat pump, and refrigeration solutions. The website targets businesses and consumers in Central Europe, offering a broad portfolio of HVAC products and services. The company maintains a strong market position with multiple country-specific domains, reflecting a well-established regional presence. Technically, the website is built on Adobe Experience Manager CMS and leverages modern frontend technologies including Adobe Helix RUM for performance monitoring and Google Tag Manager for analytics. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap. Security headers are partially implemented but insufficient without proper encryption. Privacy compliance is weak, with no visible privacy or cookie policies, and no contact information is provided on the landing page, limiting user trust and regulatory compliance. Overall, the site is professional and well-branded but requires urgent security and privacy improvements.

I

Italoffice Büromöbel

italoffice.at

0

Italoffice is a small Austrian retail business specializing in high-quality office furniture, including ergonomic chairs, height-adjustable desks, conference furniture, and acoustic solutions. The company targets businesses and individuals in Vienna and Lower Austria, offering personalized consultation, delivery, and assembly services. The website is professionally designed using WordPress, WooCommerce, and Elementor, providing a comprehensive product catalog and clear contact options. However, the absence of a valid SSL certificate and HTTPS significantly impacts the security posture, exposing users to potential risks. Privacy and cookie policies are present and GDPR compliant, indicating good privacy awareness. Overall, the business appears legitimate and well-positioned in its niche, but security improvements are critical to protect customer data and enhance trust.

C

CardivAI GmbH

cydeckt.com

0

CardivAI GmbH operates in the healthcare technology sector, specializing in generative AI-driven diagnostics for cardiovascular diseases. Their offerings include AI integrations, AWS cloud-based solutions architecture, and DevOps services tailored for mobile-first healthcare applications. The company positions itself as a niche provider leveraging advanced AI models such as Anthropic's Claude 4 and AWS infrastructure to deliver innovative healthcare diagnostics solutions. The website content and branding reflect a professional and consistent image targeting healthcare professionals and technology adopters in the medical diagnostics field. Technically, the website is hosted on AWS infrastructure using Amazon S3 and CloudFront, with modern frontend technologies including Bootstrap, Swiper, and JavaScript libraries for UI enhancements. Google Tag Manager and CookieYes scripts indicate moderate analytics and cookie consent management. However, the site lacks HTTPS support, which is a significant technical and security shortfall. Mobile optimization and SEO appear adequate, but performance metrics are unavailable. From a security perspective, the absence of a valid SSL/TLS certificate and HTTPS severely impacts the security posture, exposing users to potential data interception risks. No advanced security headers or protocols are implemented, and no incident response or vulnerability disclosure policies are evident. The use of AWS server-side encryption for content storage is a positive aspect, but overall security maturity is low. Privacy compliance is basic with cookie consent but lacks explicit GDPR compliance indicators. Overall, the website presents a credible business with professional content and clear contact information but requires urgent improvements in security, particularly enabling HTTPS and enhancing security headers. Strategic recommendations include implementing SSL/TLS, adopting security best practices, and formalizing privacy and incident response policies to improve trust and compliance.

R

RAITEC GmbH

grz.at

0

RAITEC GmbH is a prominent IT service provider specializing in delivering high-tech infrastructure and operational services to the financial sector in Austria. The company supports a large-scale environment with over 50 million daily online transactions, 35,000 client workstations, and extensive data storage capabilities. Their market position is strong as one of Austria's leading IT system houses focused on finance. Technically, the website is built on Adobe Experience Manager with modern JavaScript frameworks and tracking tools, providing a professional and accessible user experience. However, the critical lack of a valid SSL certificate and HTTPS support significantly undermines the security posture. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the business credibility and content quality are high, but urgent security improvements are needed to protect user data and trust.

W

Welser Profile GmbH

welser.com

0

Welser Profile GmbH is a well-established family-owned manufacturing company specializing in steel and stainless steel profiles, serving various industrial sectors including mobility, energy, and construction. The website presents a professional and content-rich platform with multilingual support and detailed service offerings. Technically, the site uses Apache server technology, HubSpot CMS, and integrates Google Maps and various marketing and analytics tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness, exposing users to potential risks. Security headers are partially implemented but need enhancement. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates good business credibility but requires urgent security improvements.

F

FLOTAINMENT

flotainment.com

0

FLOTAINMENT is a medium-sized Austrian media company established in 1998, specializing in audio production, PR management, design, studio services, and label operations. The company targets clients in the creative and entertainment sectors, offering a diversified portfolio through multiple subdomains representing its key services. The website is built on WordPress with Elementor and integrates Jetpack for analytics and security features. However, the site lacks HTTPS, which is a critical security shortfall. While cookie consent and privacy policies are well implemented and GDPR compliant, the absence of SSL/TLS encryption exposes visitors to potential risks. Contact information is clearly provided, enhancing business credibility. Overall, the digital infrastructure is functional but requires urgent security upgrades to meet modern standards.

Wieland Austria Ges.m.b.H. is a well-established manufacturing company specializing in copper tubes and semi-finished and finished copper alloy products. Founded in 1904 and part of the global Wieland Group since 1999, it holds a strong market position in Europe with modern production sites in Amstetten and Enzesfeld, Austria. The company targets industrial and energy sectors, providing engineered products and services with a focus on quality and sustainability. The website reflects a professional digital presence with comprehensive content, certifications, and contact options. Technically, the site uses modern CMS and caching technologies but lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with a consent management platform and clear policies. However, the absence of incident response and vulnerability disclosure information indicates room for improvement in security transparency. Overall, the website is credible and professional but requires urgent SSL/TLS remediation to ensure secure communications and trust.

A

abss interactive GmbH

abss.at

0

abss interactive GmbH is a well-established Austrian digital agency specializing in custom web development, digital transformation consulting, and tailored software solutions. With nearly 25 years of experience, the company serves a diverse client base ranging from small businesses to large international corporations. Their key services include digitalization, website and e-commerce development, search portals, custom tools, and consulting expertise, with a strong emphasis on accessibility and blockchain technology integration. Technically, the website employs a modern technology stack including Apache server, jQuery, Bootstrap grid, and various JavaScript libraries for enhanced user experience. However, the hosting environment lacks a valid SSL/TLS certificate and does not support modern TLS protocols, which is a significant security concern. The site is mobile-optimized and demonstrates good SEO and accessibility practices, but performance metrics are unavailable. From a security perspective, while several security headers are implemented, the absence of HTTPS and proper SSL configuration severely undermines the site's security posture. No incident response or vulnerability disclosure policies are evident. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Business credibility is strong, supported by certifications, client references, and transparent contact information. Overall, the site is professionally designed and content-rich, but critical security improvements are necessary to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing cookie consent, and establishing formal security policies.

7iD Technologies GmbH is an Austrian company specializing in IoT software and solutions focused on optimizing intralogistics and industrial production processes. Their offerings include track & trace technology, asset management, and predictive maintenance solutions leveraging various IoT technologies such as RFID, BLE, NB-IoT, and UWB. The company positions itself as a leading provider in the manufacturing sector, targeting businesses seeking digital transformation and efficiency improvements. Technically, the website is built on WordPress with common plugins and hosted behind Cloudflare, but lacks a valid SSL certificate, which is a significant security concern. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. The security posture is weak due to missing HTTPS and modern TLS protocols, exposing users to potential risks. Overall, the website is professional and trustworthy but requires urgent security improvements to protect data and enhance user trust.

M

mohemian services GmbH

mohemian.com

0

mohemian services GmbH is a small Austrian technology consultancy specializing in translating business needs into technology solutions. Their offerings include business strategy, entrepreneurial thinking, experience design, corporate governance, and technical architecture and development. The company targets tech startups, corporate ventures, and clients seeking innovative digital product development. Their market position is that of a niche, visionary technology partner with a focus on professional execution and agile processes. Technically, the website is built on GravCMS, hosted on Hetzner infrastructure, and uses nginx as the web server. The site includes modern SVG graphics and several Grav plugins for markdown notices, forms, and login functionality. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Performance metrics are missing, but the site appears to have good mobile optimization and basic accessibility features. From a security perspective, the site implements several security headers such as HSTS, X-Frame-Options, and X-XSS-Protection, but the absence of HTTPS and TLS protocols severely undermines security posture. No incident response or security policy information is provided, and no vulnerability disclosure or security.txt file is found. Email security could be improved by adding a DMARC record. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy in terms of business presentation but requires urgent improvements in security infrastructure, especially enabling HTTPS with a valid certificate. Adding cookie consent and incident response information would enhance compliance and trust. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include securing the website with HTTPS, implementing cookie consent, publishing security policies, and improving email security.

H

HTL Zeltweg

htl-zeltweg.at

0

HTL Zeltweg is a medium-sized Austrian educational institution specializing in technical and vocational education, particularly in mechanical engineering and construction technology. The website reflects an active institution with a focus on practical training, robotics, and international cooperation. The technical infrastructure is based on WordPress with a modern plugin ecosystem, but suffers from critical security shortcomings such as the absence of HTTPS and a valid SSL certificate. The lack of cookie consent and privacy compliance mechanisms further reduces trustworthiness. While the site provides clear contact information and social media presence, the security posture is weak, exposing the institution to risks related to data interception and user trust. Strategic improvements in SSL deployment, security headers, and privacy compliance are essential to enhance the institution's digital maturity and protect its stakeholders.

ALSO Holding AG operates in the technology sector, primarily focusing on IT distribution and related services. The domain also.nl currently serves as a minimal placeholder that immediately redirects users to the main corporate site also.com, indicating that the primary web presence is maintained elsewhere. The business targets B2B customers and partners within the technology industry, positioning itself as an established player with a large organizational size and international reach. Technically, the site is hosted on Apache servers with managed IP DNS services but lacks modern web infrastructure features such as SSL/TLS encryption, security headers, and performance optimizations. The absence of HTTPS and security best practices represents a significant security risk and lowers trustworthiness. No privacy or cookie policies are present, and no contact information is provided on this domain, which further reduces compliance and user trust. Overall, the domain appears legitimate and consistent with the corporate identity but requires urgent improvements in security and content to meet modern standards.

The website at abercrombie.com is currently inaccessible, serving only a minimal 'Bad Request' HTML page with no substantive content. This indicates the presence of a Web Application Firewall (WAF) or other security mechanism blocking access, preventing a full analysis of the site's content, policies, or business information. DNS records show the domain is professionally managed with Akamai CDN and hosted email services, suggesting a legitimate commercial entity behind the domain. However, the lack of a valid SSL/TLS certificate and disabled HTTPS protocols represent critical security weaknesses. No privacy, cookie, or security policies are detectable, and no contact information or business details are available from the site content. Overall, the site’s digital presence is severely limited by accessibility issues and poor security configuration.

The americamovil.com website is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, presenting a security challenge page instead of business content. America Movil is a large telecommunications enterprise, but the website does not expose any business or contact information, privacy policies, or terms of service on the accessible page. The technical infrastructure relies on Cloudflare for security and hosting, but the SSL/TLS configuration is critically lacking with no valid certificate or HTTPS support detected. This severely impacts the security posture and trustworthiness of the site. The absence of privacy and cookie policies further indicates poor compliance with data protection regulations. Overall, the site’s digital maturity is low due to blocked content and missing essential security and compliance features.