Security Directory

S

Studio Snap

studiosnap.ca

0

Studio Snap is a small photography service business with a website built on the GoDaddy Website Builder platform. The site presents a simple business description emphasizing timeless photography and friendly service, targeting local photography clients. The technical infrastructure relies on GoDaddy hosting and includes Google reCAPTCHA for form protection. However, the website lacks a valid SSL certificate and does not support HTTPS, which is a critical security shortfall. No privacy policy or terms of service pages are present, and contact information is limited to a contact form without direct emails or phone numbers. The site performance is slow, and security headers are absent, indicating a basic security posture. Overall, the business appears legitimate but is in an early stage with room for significant improvements in security and compliance.

RAG Austria AG is Austria's largest energy storage company and a leading technical storage operator in Europe, specializing in the storage, conversion, and conditioning of gaseous energy carriers with a strong focus on renewable gases such as hydrogen. The company has a well-established market position with a history spanning over 90 years and operates multiple subsidiaries and partnerships in the energy sector. Technically, the website is built on TYPO3 CMS and uses modern tools like Usercentrics for cookie consent and Matomo for analytics, reflecting a moderate digital maturity. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS, which significantly impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the company presents a professional and trustworthy online presence but must urgently address its SSL/TLS configuration to improve security and trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website domcollection.ch currently hosts a default Apache HTTP server test page running on Rocky Linux, indicating that the server is operational but no actual business content or services are published. The site lacks any commercial or organizational information, contact details, or user engagement features. Technically, the infrastructure is basic, with Apache on Linux, but critically lacks HTTPS support and modern security configurations. The security posture is weak due to the absence of SSL/TLS, minimal security headers, and no privacy or cookie policies. Overall, the site appears to be either under construction or abandoned, presenting a low trust profile and minimal business credibility.

OBI is a leading German home improvement and garden retailer with a strong online and physical presence. The website offers a comprehensive range of products and services including project planning, rental services, and loyalty programs. Technically, the site uses modern frameworks like Vue.js and Nuxt.js, hosted on AWS CloudFront, with extensive use of third-party analytics and marketing tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user data protection. The site is well-structured, mobile-optimized, and provides clear contact and business information, supporting a high level of trustworthiness. Strategic improvements in security and privacy compliance are recommended to enhance overall risk posture.

R

Roswel

roswel.nl

0

Roswel is a small international wholesale company specializing in fittings, piping systems, and sustainable heating technologies, including pellet stoves. Established in 2009, it serves various sectors such as water technology, agriculture, and installation technology, primarily targeting businesses in the Netherlands and Germany. The company also acts as a distributor for SALUS CONTROLS in the Netherlands, offering products and support for heating and cooling control systems. The website reflects a professional business with clear product offerings and contact channels but lacks advanced security measures.

GeoVille Information Systems and Data Processing GmbH is a medium-sized Austrian technology company specializing in satellite-based Earth Observation services. With over 25 years of experience and a global footprint spanning 140 countries and 510 implementations, GeoVille offers a range of services including satellite imagery, data access, land monitoring analytics, platform interfaces, and advisory capacity building. Their target audience includes government agencies, environmental organizations, and sectors such as energy, security, and urban planning. The website is built on TYPO3 CMS with modern frontend technologies and demonstrates good design and navigation, though performance data is limited. From a technical perspective, the website uses Apache server technology and integrates libraries such as Bootstrap, jQuery, FontAwesome, and Google Tag Manager. However, the site lacks HTTPS encryption, which is a critical security deficiency. Security headers are minimal, and no advanced security mechanisms like HSTS or OCSP stapling are enabled. Privacy compliance is basic, with a privacy policy page present but no cookie consent mechanism detected. Contact information is limited to a contact form, with no direct emails or phone numbers published. The security posture is weak due to the absence of SSL/TLS, exposing users to potential interception risks. No incident response or vulnerability disclosure policies are published, which could impact trust. The domain registration data is consistent with the company's claims, showing a long-established presence since 1998. Social media presence is strong, supporting business credibility. Overall, the website is professionally designed and content-rich but requires urgent security improvements, especially enabling HTTPS and enhancing privacy compliance. Strategic recommendations include installing a valid SSL certificate, implementing cookie consent mechanisms, publishing security policies, and improving contact transparency to enhance trust and compliance.

S

SVCI

svci.net

0

SVCI is a specialized angel investor syndicate composed of leading Chief Information Security Officers (CISOs) focused on early-stage cybersecurity startups. The group leverages its deep industry expertise and network to identify promising companies and provide both capital and mentorship. Powered by Notable Capital, a significant early-to-growth VC firm, SVCI operates independently with a strong emphasis on ethics and transparency. The website presents a professional image with clear messaging about its mission and operations, targeting cybersecurity entrepreneurs and investors.

C

CrateDB

crate.io

0

CrateDB operates as a technology company specializing in a real-time unified data layer that supports analytics, search, and AI workloads. Their platform enables rapid ad-hoc querying, hybrid search capabilities, and seamless AI model integration, targeting developers and enterprises requiring scalable, high-performance data solutions. The website demonstrates a strong market position with customer testimonials, industry use cases, and active engagement through webinars and events. Technically, the site is built on HubSpot CMS with integrations for analytics and marketing tools, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the business credibility is high, supported by consistent branding and trust signals.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

G

Grupo La República Publicaciones

larepublica.pe

0

La República.pe is a prominent Peruvian news media company providing comprehensive news coverage across multiple domains including politics, economy, sports, entertainment, and international affairs. The website offers rich multimedia content such as videos, podcasts, and live updates, targeting Spanish-speaking audiences primarily in Peru. The company is well-established since 1981 and operates several subsidiary and partner sites, reinforcing its market presence. Technically, the site is built on modern web technologies including React and Next.js, hosted on Amazon CloudFront, and integrates advertising and analytics tools like Google Tag Manager, Teads, and Taboola. The site is mobile-optimized and SEO-friendly, providing a good user experience with clear navigation and professional design. From a security perspective, the site currently suffers from an invalid SSL certificate, which is a critical issue that undermines user trust and secure communications. Other security best practices such as HSTS, OCSP stapling, and DNSSEC are not implemented, indicating room for improvement. Privacy compliance is partial, with a comprehensive privacy policy but no detected cookie consent mechanism. Overall, the site is a high-quality, trusted news source with strong business credibility but needs urgent attention to its SSL configuration and privacy compliance to enhance security and user trust.

M

Mississippi University for Women

muw.edu

0

Mississippi University for Women (The W) is a public co-educational university founded in 1884, offering a broad range of undergraduate and graduate programs with a strong emphasis on academic excellence and leadership development. The university holds a solid market position in the southern United States, recognized for low student debt and transfer student friendliness. The website reflects a professional and comprehensive digital presence, targeting prospective and current students, faculty, staff, and alumni. The content is rich, well-structured, and supported by active social media channels and event management tools.

N

Nameshift.com

racon.co.uk

0

The website racon.co.uk is a domain sales landing page operated by Nameshift.com, a small technology business based in the Netherlands specializing in domain name transfers and escrow services. The business model focuses on providing a safe, fast, and fee-free domain transfer experience for buyers, with the seller paying commissions. The site content is minimal and primarily serves as a transactional interface for domain purchase via Nameshift.com. Technically, the site uses modern frameworks such as SvelteKit and is hosted by Hosting Concepts B.V., but suffers from poor performance and incomplete content presentation. Security posture is weak due to the absence of a valid SSL certificate and HTTPS support, alongside malformed DNS CAA records and lack of domain protection locks. Privacy compliance is minimal, with no visible privacy or cookie policies, and no contact emails or phone numbers provided. Overall, the site presents moderate trustworthiness but requires significant improvements in security and privacy to meet professional standards.

U

USP Indicator Solutions GmbH

usp.at

0

USP Indicator Solutions GmbH is a specialized service provider that helps R&D and marketing teams in the consumer goods industry translate complex scientific claims into compelling demo assets. The company has a strong market presence with over 400 brands served, including major global names such as L'Oréal, Johnson & Johnson, and Bayer. Their key services include demo creation, real demo videos, product and claim demos, and digital experiences embedding AI and custom algorithms. The website reflects a mature digital infrastructure built on WordPress with Elementor and WooCommerce, supported by LiteSpeed hosting and modern web technologies. Privacy and cookie policies are well implemented with GDPR compliance and consent mechanisms. However, the security posture is weakened by the absence of a valid SSL certificate and incomplete HTTPS configuration, which poses a critical risk to user trust and data security. Strategic improvements in SSL deployment and security headers are recommended to enhance the overall security and compliance stance.

H

Harouge Oil Operations

harouge.com

0

Harouge Oil Operations is a Libyan energy company specializing in the development and exploitation of oil fields. The company operates under international agreements and OPEC directives, focusing on safe and efficient oil extraction and export. Their website provides corporate information, news, tenders, and operational details primarily targeting industry stakeholders and partners. Technically, the site is built on Joomla CMS with K2 content management and uses common web technologies like jQuery and Bootstrap. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which critically impacts security posture. Security headers are partially implemented but insufficient without proper TLS. Privacy compliance is weak, with no cookie consent or detailed privacy policy. Contact information is limited to a contact form and webmail link, with no explicit emails or phone numbers. Overall, the website is functional but requires significant improvements in security and privacy to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

A

AdWords Agentur GmbH

adwordsagentur.at

0

AdWords Agentur GmbH is a specialized Google AdWords agency based in Vienna, Austria, focusing on delivering measurable and cost-efficient search engine advertising services. The company offers comprehensive campaign analysis, management, and optimization services, emphasizing conversion tracking and ROI maximization. Their market position is supported by over 100 partners and detailed case studies showcasing significant client success. Technically, the website is built on WordPress with modern plugins and technologies, though it suffers from critical SSL/TLS misconfiguration, impacting security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business demonstrates professionalism and trustworthiness but must urgently address its HTTPS implementation to improve security and user trust.

Schachermayer GmbH is a well-established Austrian wholesale company specializing in technical products and design solutions, serving primarily B2B customers in trade, industry, and commerce. With a history dating back to 1838, the company offers a broad product range exceeding 100,000 items, supported by professional consulting and logistics services. Their digital presence includes a comprehensive web catalog and partner portal, facilitating efficient ordering and customer engagement. Technically, the website is built on TYPO3 CMS, employs Matomo for analytics, and integrates a cookie consent mechanism via Klaro, reflecting a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent management. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent security improvements to safeguard data and user trust.

R

realme

realme.com

0

realme is a large technology company focused on the European market, offering smartphones, IoT devices, and accessories through a direct-to-consumer e-commerce model. The website is professionally designed with consistent branding and supports multiple regional versions and languages. The technical infrastructure leverages modern JavaScript frameworks such as Vue.js, and integrates payment solutions from Adyen and PayPal, indicating a mature digital presence. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, which is a critical issue for user trust and data protection. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Contact information is primarily via email, with no phone numbers or physical addresses found on the site.

Aon plc operates a comprehensive global professional services website focused on risk and human capital advisory services. The site presents a strong market position with extensive content, clear navigation, and professional design targeting enterprise clients worldwide. The technical infrastructure leverages modern JavaScript frameworks, Cloudflare CDN, and advanced analytics tools such as New Relic and Eloqua, indicating a mature digital presence. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, significantly impacting the site's security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Overall, the site reflects a reputable enterprise with strong business credibility but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

Kontron is a global leader in IoT and embedded computing technology, offering a broad range of smart IoT solutions and electronics manufacturing services. The company targets industrial and technology sectors with a focus on innovation, sustainability, and advanced technology integration. The website is professionally designed using modern frameworks such as Nuxt.js and hosted on Hetzner infrastructure. However, the security posture is weak due to the absence of a valid SSL/TLS certificate and lack of HTTPS enforcement, which poses a significant risk to user data and trust. Privacy compliance is partially addressed through the use of Cookiebot for cookie consent, but no explicit privacy policy or terms of service are found. Overall, the website reflects a credible business but requires urgent security improvements.

A

APK Pensionskasse AG

apk-pensionskasse.at

0

APK Pensionskasse AG operates as a leading Austrian pension fund provider specializing in occupational retirement provisions. The company offers services to employers and employees to facilitate additional pension savings, managing contributions and investments to provide monthly payouts upon retirement. The website reflects a professional and consistent brand presence with clear business information and regulatory compliance references. Technically, the site is built on TYPO3 CMS and protected by Sucuri Cloudproxy, with Matomo analytics for privacy-conscious tracking. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy compliance is well addressed through cookie banners and a comprehensive privacy policy. Overall, the site demonstrates solid business credibility but requires urgent security improvements.

K

Kollective Technology

kontiki.com

0

Kollective Technology operates a sophisticated enterprise video and collaboration platform focused on delivering observability, analytics, and optimization for large-scale video events. The company targets large enterprises and IT leadership teams, positioning itself as a leader in the technology sector with AI-powered solutions. The website is professionally designed, content-rich, and well-branded, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and integrations, hosted behind Cloudflare, and uses various marketing and analytics tools. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, which poses significant risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent security improvements.

F

Franziskus Spital GmbH

franziskusspital.at

0

Franziskus Spital GmbH operates as a non-profit healthcare provider with two hospital locations in Vienna, Austria, offering a broad range of medical services including internal medicine, surgery, anesthesiology, and specialized centers such as hernia surgery and breast health. The website targets patients, visitors, referring physicians, and career seekers, positioning itself as a regional healthcare institution with a focus on individualized medicine and comprehensive patient care. Technically, the website employs a mix of legacy and modern JavaScript libraries and includes Google Analytics and a cookie consent mechanism, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall that undermines user trust and data protection. Security headers are partially implemented but lack advanced protections such as HSTS and DNSSEC. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent. Overall, the site is professionally designed and content-rich but requires urgent security improvements to meet modern standards.

Hitachi Vantara LLC is a leading enterprise technology company specializing in sustainable data infrastructure and hybrid cloud solutions. The company offers a broad portfolio including storage platforms, data management, infrastructure as a service, and integrated systems, supported by a strong partner ecosystem and customer success services. The website reflects a mature digital presence with professional design, comprehensive content, and clear navigation targeting enterprise IT professionals. Technically, the site is built on Adobe Experience Manager hosted on AWS, utilizing modern frameworks and third-party integrations for video and analytics. However, the absence of a valid SSL certificate and missing security headers represent significant security weaknesses that reduce the overall security posture. Privacy compliance is well addressed with visible cookie consent mechanisms and a comprehensive privacy policy. Business credibility is high, supported by structured data, customer testimonials, and clear contact information. Overall, the site is trustworthy and professional but requires urgent improvements in SSL and security headers to enhance user trust and security.

D

Deutsche Lufthansa AG

ltt.aero

0

Lufthansa Technical Training (LTT) is a well-established aviation technical training provider affiliated with Deutsche Lufthansa AG. The company offers a broad range of training services including vocational, basic, and type training for aviation professionals worldwide. Their business model targets both individual trainees and corporate clients, leveraging customized training solutions to meet specific needs. The website reflects a professional and consistent brand image with comprehensive content and strong trust indicators such as EASA certification and Lufthansa Group affiliation. Technically, the site is built on the Scrivito CMS platform and hosted on Amazon S3 with CloudFront CDN, but suffers from a critical lack of HTTPS due to an invalid or missing SSL certificate, which severely impacts security posture. Privacy and cookie policies are well implemented and GDPR compliant, with moderate user tracking via Google Analytics and marketing tools like Intercom and Usercentrics. Overall, the website provides a good user experience and clear navigation but requires urgent security improvements to enable HTTPS and strengthen SSL/TLS configurations.

F

Fast Lane Computer Consultancy FZ LLC

flane.com

0

Fast Lane Computer Consultancy FZ LLC operates the website flane.com, providing IT training and consultancy services primarily in the UAE with international branches in South Africa and Spain. The company targets technology professionals and organizations seeking specialized training in network security, cloud, and IT infrastructure. The website is built on the Wix platform, leveraging multiple Wix applications such as Wix Bookings, Wix Stores, and Wix Blog, indicating a mature digital infrastructure. However, the site lacks a valid SSL certificate, which is a critical security concern that undermines user trust and data protection. While privacy and terms of service policies are present, cookie consent mechanisms and explicit security policies are absent, indicating partial compliance with privacy regulations. Overall, the site demonstrates good business credibility and content quality but requires urgent improvements in security and privacy compliance to enhance trust and protect users.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

M

Moore Salzburg GmbH Wirtschaftsprüfungs- und Steuerberatungsgesellschaft

moore-salzburg.at

0

Moore Salzburg GmbH is a professional services firm based in Salzburg, Austria, specializing in tax consulting, auditing, accounting, payroll, and management consulting. The company operates as part of the global Moore network, providing a broad range of financial and consulting services to businesses and individuals. Their website reflects a medium-sized enterprise with a clear focus on regional expertise and international affiliation. Technically, the website is built on ASP.NET WebForms with Kentico CMS, utilizing modern front-end libraries such as Bootstrap and jQuery. However, the site suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS, no security headers, and absence of cookie consent mechanisms despite using Matomo analytics. Contact information is clearly presented, enhancing business credibility. Overall, the site is professional but requires urgent security improvements to protect user data and comply with privacy regulations.

A

ATP Koncernen

atp.dk

0

ATP Koncernen is a large Danish financial and governmental entity focused on securing economic welfare through pension management and welfare administration for Danish citizens. The website reflects a strong market position with comprehensive services including lifelong pension and welfare benefits administration. The digital infrastructure is built on Drupal CMS with integrations for cookie consent and analytics, demonstrating a mature technical setup. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing the site to risks and reducing trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to align with best practices.

R

Rustler Gruppe

rustler.eu

0

Rustler Gruppe is a well-established Austrian real estate services company with a strong market position in property management, brokerage, development, facility management, and construction project management. Founded in 1935, it operates primarily in Austria and Central and Eastern Europe, targeting property owners, tenants, and investors. The website reflects a professional digital presence with comprehensive service descriptions and multilingual support. Technically, the site is built on WordPress using the Enfold theme and several plugins including Yoast SEO and Borlabs Cookie for privacy compliance. However, the security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, exposing users to potential risks. Privacy compliance is well addressed with cookie consent mechanisms and detailed policies. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

S

SABIC

sabic.com

0

SABIC is a large multinational petrochemical company headquartered in Saudi Arabia, specializing in manufacturing and supplying polymers, chemicals, specialties, and agri-nutrients. The website reflects a mature enterprise with a comprehensive digital presence targeting industrial customers, investors, and job seekers. The content is professionally presented with clear navigation and consistent branding. Technically, the site uses ASP.NET technology with modern JavaScript libraries and Google Tag Manager for analytics and marketing. However, the SSL/TLS configuration is critically flawed with no valid certificate and no TLS protocols enabled, severely impacting security posture. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, the site is trustworthy and professional but requires urgent remediation of HTTPS and SSL issues to ensure secure user interactions.

N

NTS Retail

ntsretail.com

0

NTS Retail is a specialized B2B software provider offering smart commerce and retail management solutions primarily for telecommunications operators and specialist retailers. The company positions itself as a preferred partner for leading telco brands worldwide, delivering unified commerce platforms and tailored retail management services. Their website reflects a professional and consistent brand image with strong client references and active social media engagement. Technically, the website is built on Drupal CMS, hosted on Azure DNS infrastructure, and utilizes Apache server technology. It incorporates modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager. However, the website suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the security posture and user trust. Security-wise, while some security headers are implemented, the lack of HTTPS, HSTS, and incident response information exposes the site to risks and compliance gaps. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site demonstrates good business credibility but requires urgent security improvements. Strategically, the company should prioritize securing its website with HTTPS, implement comprehensive privacy and cookie consent mechanisms, and publish clear security policies and incident response contacts to enhance trust and compliance.

S

SBA Research gGmbH

sba-research.org

0

SBA Research gGmbH is a well-established research center specializing in information security, funded partly by national and European initiatives such as the COMET Competence Centers for Excellent Technologies. The organization offers a broad range of services including research, professional security consulting, security trainings, and vulnerability disclosure. Their market position is strong within Austria and Europe, supported by partnerships with governmental and scientific bodies. The website reflects a professional and content-rich digital presence targeting researchers, security professionals, and industry partners. Technically, the site is built on WordPress with Apache server and uses jQuery for client-side scripting. While the site is mobile-optimized and accessible, performance data is unavailable. Security headers are well implemented, but the lack of a valid SSL certificate and proper HTTPS configuration is a significant weakness. Privacy compliance is strong with clear cookie consent mechanisms and a comprehensive privacy policy. Business credibility is supported by ISO 27001 certification and transparent partnership disclosures. Overall, the site is trustworthy but requires urgent SSL/TLS remediation to improve security posture and user trust.

N

n-ce Neuwirth Consulting & Engineering

n-ce.at

0

n-ce Neuwirth Consulting & Engineering is a small Austrian consulting and engineering firm specializing in foundry technology and related industrial applications. The company offers consulting, engineering services, and seminars targeted at clients in the foundry and manufacturing sectors. Their website reflects a professional and consistent brand presence with clear contact information and client references, positioning them as a niche specialist in their market. Technically, the website is built on WordPress with common plugins like WPBakery and Slider Revolution, but suffers from very poor performance and lacks HTTPS security. The absence of SSL/TLS and security headers represents a critical security risk. Privacy compliance is addressed with a cookie consent banner and a privacy policy, but no terms of service or incident response information is provided. Overall, the site is accessible and informative but requires urgent security improvements.

A

AURIGON Advisors AG

aurigon.ch

0

AURIGON Advisors AG is a specialized consulting firm focused exclusively on reinsurance and insurance sectors, serving clients primarily in Switzerland, the EU, USA, UK, and Latin America. Their key services include conflict resolution, audits, claims management, exit strategies, and strategic consulting. The company maintains a multilingual website with professional team profiles and contact information, indicating a small but internationally oriented business. Technically, the website is built on WordPress using the Enfold theme and includes multiple shortcodes and scripts, but lacks a valid SSL certificate, which is a critical security deficiency. The cookie consent mechanism is implemented, supporting GDPR compliance. Security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Overall, the website is functional and professional in content but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website team-rottensteiner.com currently serves a 404 Not Found error page, indicating that the site content is inaccessible or missing. There is no visible business information, contact details, or policy documents available on the site. The technical infrastructure shows the use of Phusion Passenger as the application server, but the site lacks a valid SSL certificate and does not support any TLS protocols, resulting in an insecure connection. Security headers are partially implemented but limited by the absence of HTTPS. Overall, the website's digital maturity is low, with poor performance, minimal content, and no evident SEO or accessibility features. The security posture is weak due to the lack of HTTPS and modern cryptographic protocols, exposing visitors to potential risks. Given these factors, the site presents a high risk from a security and trust perspective, and strategic improvements are necessary to establish a secure and professional online presence.

GMB Union is a well-established UK trade union with a mature domain and a large membership base exceeding 500,000. The website serves as a comprehensive platform for union campaigns, news, member benefits, and sector-specific advice, targeting workers across public and private sectors. The technical infrastructure is based on MODX Revolution CMS, hosted on a Plesk platform with nginx web server, and uses modern JavaScript libraries for enhanced user experience. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant security concern. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security or incident response policies are found. Overall, the website is professionally designed, content-rich, and trustworthy but requires urgent improvements in its security posture to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website represents a small German engineering consultancy specializing in building physics, damage assessment, and related services for private clients, insurers, and courts. The business offers expert reports, simulations, and consulting in areas such as thermal protection, moisture protection, and building acoustics. The site is hosted on the Strato platform using the cm4all CMS and employs legacy JavaScript libraries. While the content is relevant and professionally presented, the technical infrastructure is outdated and lacks modern security features. Critically, the site does not support HTTPS, exposing visitors to security risks and undermining trust. Cookie consent mechanisms are implemented, but privacy compliance could be improved. Overall, the business appears legitimate and consistent with its domain registration data, but the website requires urgent security upgrades to meet modern standards.

KTM Sportmotorcycle GmbH operates a professionally designed and content-rich website targeting motorcycle enthusiasts primarily in Finland and Europe. The company is a leading European manufacturer of high-performance street and offroad motorcycles, supported by a large-scale business model including sales, parts, accessories, and motorsport activities. The website leverages modern technologies such as Adobe Experience Manager, Scene7 Dynamic Media, and Google Tag Manager, indicating a mature digital infrastructure. However, a critical security weakness is present due to an invalid SSL certificate and lack of TLS protocol support, which undermines secure communications. Privacy and cookie policies are well implemented and GDPR compliant, supporting good privacy practices. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and maintain trust.

A

Ahoi Kapptn FlexCo

ahoikapptn.com

0

Ahoi Kapptn FlexCo is a technology-focused company specializing in digital solutions for businesses, including consulting, UI/UX design, AI applications, and scalable software development. The company serves a diverse clientele including notable brands such as Red Bull, SAP, and the Austrian Football Association, positioning itself as a trusted provider of innovative digital products. Their business model revolves around delivering end-to-end digital product development and optimization services, targeting businesses seeking to evolve their digital presence and capabilities. Technically, the website is built on a modern stack using Next.js and React, hosted on Vercel, with native mobile app development capabilities demonstrated in their projects. The site is well-structured, mobile-optimized, and rich in content, reflecting a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS enforcement, which undermines user trust and data security. Privacy compliance is generally good, with a clear privacy policy and GDPR adherence, though the lack of a cookie consent mechanism is a notable shortfall. Overall, the website presents a professional and credible business front but requires urgent security improvements to align with best practices and user expectations.

B

BVAEB Versicherungsanstalt öffentlich Bediensteter, Eisenbahnen und Bergbau

bvaeb.at

0

BVAEB is an Austrian government social insurance institution serving public servants, railway workers, and mining employees. It provides comprehensive information and services related to health insurance, accident insurance, pension, and family benefits. The website is well-structured and targets insured persons, employers, and partners within its sector. Technically, the site uses Apache, Jakarta Faces, and modern JavaScript libraries, but suffers from a critical lack of valid SSL/TLS certificates, severely impacting its security posture. Privacy and cookie policies are implemented with consent mechanisms, and contact information is clearly provided. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and comply with modern standards.

K

Kwizda – Kwizda Unternehmensgruppe

kwizda.at

0

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 30 security findings identified across all modules.

Ö

Österreichische Gesundheitskasse

meineoegk.at

0

The website meineoegk.at serves as the official service portal for the Österreichische Gesundheitskasse, Austria's public health insurance provider. It offers a broad range of online services including e-Rezept, insurance data access, pension applications, and various social insurance related forms. The portal targets insured Austrian residents and provides a secure login mechanism via ID Austria, ensuring user data protection and access control. The site is professionally designed with clear navigation and comprehensive content relevant to its audience. Technically, it employs a custom CMS with Jakarta Faces framework and uses modern JavaScript libraries such as jQuery 3.6.0 and Slick Carousel for UI components. Analytics is managed through Piwik PRO with user consent mechanisms in place, reflecting good privacy practices. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, severely impacting the site's security posture. The Content Security Policy is robust but includes unsafe directives that could be improved. Overall, the site is trustworthy and authoritative but requires urgent security enhancements to protect user data and comply with best practices.

S

Supersnow

supersnow.pl

0

Security assessment completed with an overall score of 0/100 (unknown risk). 6 critical issues require immediate attention. Total of 31 security findings identified across all modules.

B

BH Technologies, Eclairage Public & Gestion des déchets

bh-technologies.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 28 security findings identified across all modules.

S

Scheuch Group

scheuch.com

0

Scheuch Group is a well-established Austrian company specializing in industrial air cleaning and environmental technology solutions, holding a world market leader position since its founding in 1963. The company offers comprehensive services including devices, components, assembly, and consulting tailored to various industries. Their website reflects a professional digital presence with multilingual support and clear business information targeting industrial clients. Technically, the site is built on WordPress with modern plugins and frameworks, but suffers from a critical security weakness due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support. Security headers are partially implemented, but the lack of encryption significantly undermines the site's security posture. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanism via Cookiebot. Overall, the site is trustworthy and professionally maintained, but urgent improvements in SSL/TLS configuration are necessary to enhance security and user trust.