Security Directory

x-tention is a medium-sized Austrian IT company specializing in comprehensive IT solutions for the healthcare and social sectors. Founded in 2001 and part of the xt Unternehmensgruppe, it offers consulting, software development, data science, managed services, and cybersecurity. The company targets healthcare providers and social organizations, emphasizing innovative and secure digital health solutions. The website is professionally designed, content-rich, and well-structured, supporting multiple languages and providing clear contact and support channels. Technically, the site uses Drupal 10 and modern web technologies, but suffers from critical security issues due to the absence of a valid SSL certificate and HTTPS support, severely impacting its security posture. Privacy compliance is strong with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the business credibility is high, but urgent improvements in SSL/TLS implementation are needed to secure user data and trust.

B

Barmherzige Brüder Wien

bbwien.at

0

Barmherzige Brüder Wien operates as a large, well-established non-profit hospital in Austria, providing a broad range of medical services and patient care. The website reflects a mature digital presence with comprehensive content, clear navigation, and active social media engagement. Technically, the site uses a modern CMS (siteswift) and popular JavaScript libraries to enhance user experience. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in all traffic being served over HTTP, which exposes users to potential interception risks. The site implements GDPR-compliant privacy and cookie consent mechanisms, indicating awareness of privacy regulations. WHOIS data confirms domain legitimacy and consistency with the hospital's identity. Overall, the site is professional and trustworthy but urgently requires HTTPS implementation to secure user data and improve security posture.

C

CTI Meeting Technology

ctimeetingtech.com

0

CTI Meeting Technology is a mature and established provider of comprehensive meeting management software solutions, serving the STEM meeting industry for over 40 years. Their all-in-one platform supports virtual, hybrid, and in-person events with a wide range of modules including abstract management, presentation management, program management, and more. The company targets meeting organizers, associations, PCOs, and other stakeholders involved in event planning and execution. Technically, the website is built on WordPress with Elementor and integrates various modern tools such as Calendly and Microsoft Clarity. However, the absence of a valid SSL certificate and HTTPS significantly impacts the security posture. While security headers are present, the lack of encryption is a critical vulnerability. The website demonstrates good privacy compliance with clear policies and contact information. Overall, the business is credible and well-positioned in its market, but it must address critical security issues to improve trust and compliance.

The website arionsolutions.com.br is currently inactive and displays an error page indicating that the site does not exist or the content has been removed. The page promotes Locaweb's site creation service as an alternative. There is no substantive business information, contact details, or privacy and security policies available on the site. Technically, the site is served via HTTP without SSL/TLS encryption, which is a critical security deficiency. Basic security headers are present but insufficient to ensure a strong security posture. DNS and mail records indicate hosting and mail services are provided by Locaweb, a known Brazilian hosting provider. Overall, the site lacks content, security, and compliance features, resulting in a low trust and credibility score.

Ö

Ökovolt Solartechnik GmbH

oekovolt.com

0

Ökovolt Solartechnik GmbH is a well-established company specializing in photovoltaic solutions for industry, commerce, municipalities, real estate developers, and private households. With over 15 years of experience, the company offers comprehensive services including planning, financing, installation, and operation of photovoltaic large-scale systems. Their market position is strong, supported by detailed project references and a professional online presence. Technically, the website is built on WordPress with modern SEO and analytics tools, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which undermines security and trust. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policies. Overall, the company demonstrates a mature digital infrastructure but must urgently address SSL issues to improve security posture and user trust.

The website ledon-lamp.com currently serves only a default cPanel placeholder page indicating server or DNS misconfiguration. There is no active business content, product information, or marketing material available. The only contact information is a webmaster email address. The domain is registered and uses Cloudflare DNS but lacks a valid SSL certificate and HTTPS support, severely limiting security and user trust. Performance is poor with a very slow load time, and no privacy or cookie policies are present, indicating low digital maturity and compliance. Security posture is weak due to missing TLS, security headers, and DNS security features. Overall, the site appears inactive or misconfigured, posing a risk to visitors and undermining business credibility.

N

nora systems GmbH

nora.com

0

nora systems GmbH is a globally recognized manufacturer specializing in high-quality rubber floor coverings, headquartered in Germany with a history dating back to 1950. The company holds a strong market position as a leader in resilient flooring solutions across multiple sectors including healthcare, education, industry, and public buildings. Their business model focuses on manufacturing and direct sales, supported by innovative installation and cleaning systems. The website reflects a professional and comprehensive digital presence with rich content tailored to architects, builders, and facility managers. Technically, the site is built on Sitecore CMS and served via Microsoft IIS, with integrations for marketing and analytics through Google Tag Manager and Usercentrics consent management. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security gap, exposing the site to potential risks. Privacy and cookie policies are well implemented, indicating good compliance with GDPR standards. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and enhance trust.

I

Implenia AG

implenia.com

0

Implenia AG is a leading Swiss construction and real estate services company with a strong multinational presence, particularly in Switzerland and Germany. The company specializes in infrastructure, real estate development, and specialized construction services such as tunnel and civil engineering. The website reflects a mature business with comprehensive content targeting business clients, investors, and partners. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates consent management and analytics tools. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing the site to risks and undermining user trust. Security headers are partially implemented but insufficient without HTTPS. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism and business credibility but requires urgent security improvements to align with best practices.

B

Bayer G4A

grants4apps.com

0

Bayer G4A operates as a healthcare innovation accelerator focused on digital health startups, providing funding, consulting, and expertise to scale businesses that transform healthcare experiences. The website positions Bayer G4A as a leading pharmaceutical accelerator with a portfolio of over 150 startups and multiple commercial collaborations worldwide. Technically, the site is built on modern frameworks such as Next.js and hosted on Vercel, with content managed via Builder.io, reflecting a contemporary digital infrastructure. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Additionally, privacy and cookie policies are not found, and direct contact information such as emails or phone numbers is absent, limiting transparency and user trust. Overall, the site demonstrates moderate business credibility and technical maturity but requires urgent security and privacy improvements.

W

WestLicht

westlicht.com

0

WestLicht is a well-established cultural venue in Vienna specializing in photography exhibitions, a camera museum, and related services such as a bookshop and café. The website targets photography enthusiasts and cultural visitors, offering detailed information about exhibitions, events, memberships, and retail options. The domain age of 24 years and consistent WHOIS data support the legitimacy and maturity of the business. Technically, the site uses a modern JavaScript stack with jQuery, Swiper.js, and Google services integrated, managed via the siteswift CMS and hosted by Hetzner Online GmbH. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. The site implements a cookie consent mechanism compliant with GDPR, but lacks explicit security policies or incident response information. Overall, the website is professionally designed with good content quality and user experience but requires urgent security improvements to protect visitors and enhance trust.

B

Business Upper Austria - OÖ Wirtschaftsagentur GmbH

biz-up.at

0

Business Upper Austria - OÖ Wirtschaftsagentur GmbH is a government agency serving as the location and investment promotion agency for the state of Upper Austria. The organization provides tailored solutions for companies' investment and innovation projects, supporting national and international businesses with services such as investor services, human capital management, innovation promotion, cooperation facilitation, and industrial transformation. The website reflects a professional and comprehensive digital presence with clear navigation and relevant content targeted at businesses and investors interested in the region. Technically, the website is built on the TYPO3 CMS platform, utilizing modern frontend libraries such as Swiper.js and Font Awesome 6 Pro. The site includes a cookie consent mechanism compliant with GDPR and uses Matomo analytics for user tracking with explicit consent. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts the security posture and user trust. Security-wise, while SPF and DMARC records are properly configured to protect email integrity, the lack of TLS encryption and modern security headers exposes the site to risks. No incident response or security policy information is publicly available, which could be a concern for security-conscious visitors. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, reinforcing trust in the entity behind the website. Overall, the site is content-rich and professionally presented but requires urgent security improvements to enable HTTPS and modern TLS protocols to protect user data and enhance trust. Strategic recommendations include obtaining and maintaining a valid SSL certificate, enabling HSTS, and improving security headers. These steps will significantly improve the security posture and compliance standing of the website.

EssenceMediacom Holdings Limited operates as a global media and communications agency, delivering integrated media solutions, analytics, and creative futures to a diverse range of brands. With a mature domain age of 20 years and a presence in 96 markets supported by 120 offices and over 10,000 employees, the company holds a strong market position within the media industry. Their website reflects a professional and content-rich platform targeting brands seeking breakthrough communications strategies. Technically, the website leverages modern frameworks such as Next.js and React, hosted on Cloudflare, and managed via DatoCMS, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the security posture despite the presence of robust security headers and content security policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

The website sensix.net is currently inaccessible due to a Cloudflare Turnstile human verification challenge, which blocks access to the actual site content. The domain is mature, registered since 2016 with GoDaddy, and uses Cloudflare for DNS and security services. However, no valid SSL certificate is configured, and the site does not support HTTPS, which is a critical security deficiency. The landing page contains minimal content, primarily a security challenge message, with no visible business information, contact details, or privacy policies. Performance is poor with a high load time, and there are no indications of SEO or accessibility optimizations. Overall, the technical infrastructure relies on Cloudflare but lacks essential security configurations and content accessibility, limiting the ability to assess the business or security posture fully.

V

VAM USA

vam-usa.com

0

VAM USA is a medium-sized company specializing in premium connection solutions for the oil and gas industry, with a strong market position as a world leader and a parent company relationship to Vallourec Oil and Gas France. The website provides comprehensive business information, product details, and service offerings targeted at energy sector professionals and distributors in North America. Technically, the site is built on WordPress with common marketing and analytics tools but suffers from slow performance and lacks modern security implementations such as HTTPS and security headers. The security posture is weak due to the absence of a valid SSL certificate and no HTTPS support, which is a critical issue. Privacy compliance is poor, with no visible privacy or cookie policies. Overall, the site is professional and credible but requires urgent security improvements to protect users and enhance trust.

Trūata Limited is a UK-based technology company specializing in privacy-enhancing data analytics solutions. Their offerings include anonymization services, privacy risk assessments, and privacy-compliant analytics platforms designed to help businesses extract value from data while maintaining compliance with global data protection regulations. The company targets enterprises and organizations seeking to leverage data securely and ethically, positioning itself as a leader in privacy technology with notable partnerships including IBM, Microsoft Azure, and Mastercard. The website is professionally designed, content-rich, and well-structured, supporting a positive user experience and clear navigation. Technically, the site is built on WordPress with integrations of marketing and analytics tools such as Adobe Analytics and HubSpot, and hosted on Microsoft Azure infrastructure. However, the security posture is weakened by the absence of a valid SSL certificate and lack of enabled TLS protocols, which is a critical vulnerability that undermines secure communications and user trust. Privacy compliance is well addressed with comprehensive privacy and cookie policies and GDPR-aligned consent mechanisms. WHOIS data confirms the domain's legitimacy and consistent registration history. Overall, while the business and content quality are strong, urgent improvements in SSL/TLS security are necessary to elevate the site's security and trustworthiness.

The website exporttradinggroup.com currently serves minimal content consisting solely of a redirect script to a /lander page, with no accessible metadata, business information, or user-facing content. The domain is registered and has valid DNS A records, but lacks proper mail exchange configuration and does not use DNSSEC or CAA records. Critically, the site does not have a valid SSL certificate and does not support HTTPS, exposing it to security risks and reducing user trust. No privacy, cookie, or terms of service policies are present, and no contact or social media information is available, indicating a very low level of digital maturity and transparency. From a technical perspective, the site lacks any detectable technology stack, frameworks, or CMS. Performance data is absent, and the site is not optimized for mobile or accessibility. Security posture is weak due to missing HTTPS, absence of security headers, and no incident response or vulnerability disclosure information. The DNS SPF record is configured to reject all mail, which may indicate no email services are intended for this domain. Overall, the security posture is poor with critical issues such as no SSL and no content, which severely limits the ability to assess business credibility or compliance. The domain registration appears consistent but lacks publicly available registrant details. Strategic recommendations include immediate implementation of HTTPS with a valid certificate, deployment of basic security headers, and publishing of privacy and cookie policies to improve compliance and trust. Additionally, the website should provide meaningful content and contact information to enhance business credibility and user experience.

Hermes Europe GmbH operates a mature and professionally presented website focused on integrated supply chain and logistics solutions, targeting national and international trading companies. The company positions itself as a leading expert in the transportation sector, offering services such as global e-commerce support, parcel distribution, and specialized handling solutions. The website content is well-structured, with clear navigation and multilingual support, reflecting a large enterprise with multiple subsidiaries. Technically, the site is hosted on Google Cloud infrastructure using nginx and incorporates modern analytics and consent management tools. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to potential risks. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant, supporting responsible data handling practices. Overall, the domain registration data corroborates the business legitimacy and maturity, but urgent improvements in security configurations are recommended.

P

perma-tec

perma-tec.com

0

perma-tec is a globally recognized leader in manufacturing automatic lubrication systems, offering innovative and reliable solutions that reduce maintenance costs and prevent equipment failures. Their product portfolio includes single- and multi-point lubrication systems, connected solutions like perma CONNECT, and comprehensive services such as installation and technical training. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site is built on the Flow Framework and Neos CMS, with Apache hosting and uses Matomo for analytics, indicating a privacy-conscious approach. However, the absence of a valid SSL certificate and HTTPS support is a significant security vulnerability, exposing users to risks and undermining trust. Security headers are partially implemented, but the lack of TLS protocols and cipher suites further weakens the security posture. Privacy policies and cookie consent mechanisms are present and comprehensive, supporting GDPR compliance. Overall, the site is content-rich and business credible but requires urgent security improvements to protect users and enhance trust.

U

University of Aleppo

alepuniv.edu.sy

0

The University of Aleppo website serves as an online presence for a major educational institution in Syria, focusing on higher education and academic services. The site content is minimal, primarily a placeholder with a single app container and no visible user-facing content or policies. Technically, the site runs on an nginx server with PHP 7.4 but lacks a valid SSL/TLS certificate, resulting in no HTTPS support and exposing users to security risks. Security headers are minimal, and no advanced protections such as HSTS or DNSSEC are implemented. The absence of privacy, cookie, and terms of service policies indicates a lack of compliance with modern data protection regulations. Overall, the website's digital maturity is low, with slow performance and basic mobile optimization.

Crystalline Mirror Solutions is a small technology company specializing in crystalline mirror products, currently operating as a subsidiary of Thorlabs. The website serves primarily as a landing page announcing the acquisition by Thorlabs and providing links to products and press releases hosted on the parent company's domain. The technical infrastructure is basic, utilizing Bootstrap for styling and conditional loading of Google Tag Manager for analytics. However, the site lacks HTTPS, which severely impacts its security posture. Security headers are minimal, and no privacy or cookie policies are present, indicating low privacy compliance. The absence of contact information and business details on the site further limits its credibility and user trust. Overall, the website is functional but minimalistic, with significant room for improvement in security, privacy, and content richness.

B

bulmor industries GmbH

bulmor-airground.com

0

Bulmor airground technologies GmbH is a specialized manufacturer of medical highloaders (Ambulift SideBull) designed to facilitate safe and efficient boarding of mobility-impaired passengers at airports. The company has a niche market position with patented technology and partnerships with major airports and airlines. The website is built on TYPO3 CMS and uses several JavaScript libraries for enhanced user experience. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. The domain is mature and trustworthy, registered since 2011 with no suspicious patterns beyond lack of domain protection locks.

K

Startseite - KFV - Kuratorium für Verkehrssicherheit

kfv.at

0

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 28 security findings identified across all modules.

A

Audit Partner Austria Wirtschaftsprüfer GmbH

auditpartner.at

0

Audit Partner Austria Wirtschaftsprüfer GmbH is a professional services firm specializing in tax consulting and auditing services primarily serving Austrian businesses and professionals. The company emphasizes expertise, personal consultation, and proactive advisory services. Their website reflects a medium-sized firm with a consistent brand and a clear focus on finance-related services. The technical infrastructure is based on WordPress with common web technologies such as jQuery and Bootstrap, hosted on Austrian DNS infrastructure. However, the website lacks a valid SSL certificate, which significantly impacts its security posture. While basic security headers like HSTS are present, they are ineffective without HTTPS. The site provides comprehensive contact information and privacy policies, but lacks cookie consent mechanisms and explicit security or incident response policies. Overall, the website is professional and trustworthy but requires urgent improvements in SSL configuration and security transparency.

M

Mars Hospitality Group

mars-world.com

0

Mars Hospitality Group operates a portfolio of hotels, restaurants, catering outlets, and an exclusive recreation club primarily in Mumbai, India, with additional venues in Mussoorie, Landour, and Summit, New Jersey. The company targets hospitality customers seeking boutique and upscale experiences, positioning itself as a notable player in the hospitality sector with multiple brands and venues. The website content reflects this business focus but lacks comprehensive contact and compliance information. Technically, the website is hosted on an Apache server serving XHTML 1.0 Transitional content with basic CSS styling. The absence of a valid SSL certificate and HTTPS support is a significant technical and security deficiency. The site lacks modern web frameworks, performance optimizations, and accessibility features, indicating a low level of digital maturity. From a security perspective, the site does not implement HTTPS, modern TLS protocols, or essential security headers, exposing it to potential risks. No privacy or cookie policies are present, and no incident response or security policies are disclosed. The Entrust SSL seal script is included but misleading due to the invalid certificate. DNS records are standard but lack DNSSEC and CAA protections. Overall, the website presents moderate business credibility but suffers from critical security and compliance gaps. Strategic improvements in SSL implementation, security headers, privacy compliance, and contact transparency are recommended to enhance trust and protect users.

S

Sonnenberg-Apotheke, Helge Lehnert e.K.

sonnenberg-apotheke.com

0

Sonnenberg-Apotheke is a well-established local pharmacy in Chemnitz, Germany, operating since 2001. The business offers a range of pharmaceutical services including certified travel vaccination advice, medication reservation, rental of medical devices, and substitution care for opioid-dependent patients. The website reflects a professional and consistent brand presence targeting local customers with additional online service capabilities. Technically, the site uses a modern front-end stack with Foundation framework and common JS libraries but lacks performance metrics and has no valid SSL certificate, which is a critical security concern. Security headers are partially implemented but the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy and cookie policies are present, indicating GDPR awareness, though the cookie consent mechanism is minimal. Contact information is clearly provided and consistent with WHOIS data, supporting business credibility. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

Dynea AS is a Norwegian-based manufacturer specializing in wood adhesives and related chemical solutions, serving primarily the European market with additional sales in Asia, Africa, and the Americas. The company offers a broad portfolio of products including amino-based resins, polyurethanes, emulsion polymers, and hot melt adhesives, complemented by services such as consulting, tank cleaning, and toll production. Established in 1947, Dynea maintains a strong market position as a leader in the European wood adhesives sector with multiple production sites and subsidiaries. Technically, the website employs modern front-end technologies such as Bootstrap, AOS, and Swiper, providing a good user experience with responsive design and clear navigation. However, the site lacks HTTPS support and a valid SSL certificate, which critically undermines its security posture. The absence of cookie consent mechanisms and limited privacy compliance features further highlight areas for improvement. From a security perspective, the site shows no evidence of common vulnerabilities like Heartbleed or POODLE but suffers from the lack of encryption and security headers. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims, supporting trustworthiness despite technical security shortcomings. Overall, Dynea's website reflects a professional and established business with solid content and branding but requires urgent security enhancements to protect user data and comply with modern web security standards.

CNH Industrial N.V. is a leading global manufacturer and technology provider in the agriculture and construction sectors, operating through well-known brands such as Case IH, New Holland, and CASE. The company is publicly listed on the New York Stock Exchange, reflecting its strong market position and investor focus. The website provides comprehensive investor relations content, sustainability reporting, and career opportunities, targeting investors, industry professionals, and customers in agriculture and construction. Technically, the site is built on modern frameworks including React and Sitecore CMS, leveraging Akamai CDN for hosting and performance. However, a critical security gap exists due to the absence of a valid SSL certificate, exposing users to risks and undermining trust. Security headers and policies are well implemented, but the lack of HTTPS significantly impacts the overall security posture. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR. Overall, the site is professional and content-rich but requires urgent remediation of SSL issues to ensure secure user interactions.

M

MTEL Austria

mtel.at

0

MTEL Austria is a telecommunications provider offering a range of services including mobile tariffs, internet, and TV entertainment packages primarily targeting private and business customers in Austria. The company is part of the Telekom Serbien Group, indicating a solid regional market presence. The website is professionally designed with good content quality, clear navigation, and mobile optimization. It leverages modern JavaScript libraries and integrates marketing and analytics tools such as Google Tag Manager, Hotjar, and Cookiebot for consent management. However, the site currently lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are properly configured, but the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with a consent mechanism in place. Contact information including email and phone numbers is clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires urgent security improvements to protect user data and build trust.

Deloitte Digital is a leading digital creative and marketing consultancy operating primarily in the Nordics region, backed by the global Deloitte network. The company offers a broad range of services including customer strategy, advertising, marketing, digital commerce, sales, service, and digital product design. Their market position is strong, evidenced by recognition as a leader in the 2024 Gartner Magic Quadrant for Digital Experience Services. The website reflects a mature, enterprise-level organization with a consistent brand and professional content targeting businesses seeking digital transformation and marketing consultancy. Technically, the site leverages Adobe Experience Manager, Akamai CDN, and modern JavaScript libraries, providing a good user experience with mobile optimization and accessibility features. However, the absence of a valid SSL/TLS certificate and lack of HTTPS enforcement significantly weaken the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and social media presence. Overall, Deloitte Digital demonstrates a high level of business credibility and digital maturity but must address critical security gaps to ensure trust and compliance.

T

TAUERN SPA World Betriebs GmbH & Co KG

tauernspakaprun.com

0

TAUERN SPA Kaprun is a mature, well-established 4-star superior resort located in the Austrian Alps, offering a comprehensive spa and wellness experience combined with high-quality accommodation and culinary services. The business is part of the VAMED Vitality World group, indicating strong market positioning in the hospitality and wellness sector. The website is professionally designed with rich content, clear navigation, and strong trust signals including multiple awards and certifications. Technically, the site uses Pimcore CMS and integrates modern tracking and consent management tools, but suffers from a critical security weakness due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

I

impact_

thinkimpact.com

0

ThinkImpact.com is a small, niche content website focused on providing research, trends, and statistical data in the education and business sectors for the United States market in 2025. The site offers free access to well-researched papers and reviews, targeting researchers, educators, and business professionals. The business model appears to be content publishing monetized primarily through advertising networks such as Mediavine and Google Ad Manager. Technically, the website is built on WordPress and uses common web technologies and marketing tools, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security flaw. The security posture is weak with no HTTPS, no security headers, and no advanced protections, exposing users to potential risks. Privacy compliance is basic but present, with cookie consent and a privacy policy aligned with GDPR requirements. Overall, the site is legitimate and mature based on WHOIS data but requires urgent security improvements to protect users and enhance trust.

I

IVM Ltd.

ivm-vending.eu

0

IVM Ltd. is a medium-sized manufacturing company based in Hungary specializing in industrial vending machines and tool management solutions. Their website, built on WordPress with the Divi theme, presents a professional and well-structured digital presence targeting industrial clients and partners. The company emphasizes innovation in micrologistics and asset management, supported by proprietary software and certifications such as ISO 9001 and ISO 27001. Technically, the site uses common web technologies including Apache, jQuery, and Google Tag Manager, but lacks a valid SSL certificate, which impacts security posture negatively. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information and social media links are clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires improvements in security and privacy compliance to meet modern standards.

E

Evangelical Free Church of America

efca.org

0

The Evangelical Free Church of America (EFCA) operates as a large non-profit religious association focused on uniting and supporting approximately 1,600 evangelical congregations across the United States. Their website serves as a central hub for ministry resources, church networking, events, and informational content aimed at their faith community and interested individuals. The organization maintains a strong market position within the evangelical sector, supported by trust indicators such as ECFA accreditation and active social media engagement. Technically, the website leverages modern frontend frameworks including Vue.js and Nuxt.js, delivering a visually appealing and accessible user experience. However, the site suffers from slow load times and lacks a content delivery optimization strategy. Hosting is provided by DreamHost, and the site integrates third-party services such as Mailchimp for newsletter subscriptions and Vimeo for video content. From a security perspective, the site exhibits critical vulnerabilities, most notably the absence of a valid SSL/TLS certificate, resulting in no HTTPS support. This severely undermines user trust and data security. Additionally, the lack of security headers, HSTS, and other best practices further exposes the site to potential risks. Privacy compliance is limited, with no cookie consent mechanism detected and only a basic privacy policy present. Overall, while the EFCA website is professionally designed and content-rich, its security posture is weak and requires urgent remediation to protect users and maintain organizational credibility. Strategic improvements in SSL implementation, security headers, and privacy compliance will significantly enhance the site's trustworthiness and resilience.

G

Geberit Gruppe

geberit.com

0

Geberit Gruppe is a leading European manufacturer of sanitary products, recognized as a market leader with a comprehensive product portfolio including installation and flushing systems, piping systems, and bathroom systems. The company targets professionals in the sanitary industry, investors, media, and career seekers, emphasizing innovation, quality, and sustainability. The website reflects a mature digital presence with modern technologies such as React and Next.js, hosted on Microsoft Azure, and includes a consent management system for privacy compliance. Security headers are implemented; however, the SSL certificate is currently invalid, and no modern TLS protocols are enabled, which poses a security risk. Overall, the website is professional, well-structured, and trustworthy, but the SSL issues should be addressed promptly to enhance security and user trust.

S

starlim sterner

starlim-sterner.com

0

starlim sterner is a well-established Austrian manufacturing company specializing in liquid silicone injection molding, holding a world market leader position. Their website reflects a mature business with comprehensive service offerings including product development, tooling, and cleanroom production. Technically, the site is built on WordPress with modern SEO and cookie consent implementations, but lacks a valid SSL certificate, which is a critical security gap. The security posture is basic with no advanced protections like DNSSEC or security headers. Privacy compliance is strong with GDPR-aligned policies and cookie management. Overall, the business presents a professional image with moderate website performance and good user experience, but must urgently address HTTPS and security hardening to improve trust and security.

C

Cloudera

cloudera.com

0

Cloudera is a leading enterprise technology company specializing in hybrid data platforms that enable secure data management and cloud-native analytics. The company targets large enterprises across multiple sectors including technology, healthcare, finance, manufacturing, and government. Their platform supports data engineering, AI, streaming, and operational databases, positioning them strongly in the hybrid multi-cloud data market. The website reflects a mature digital presence with comprehensive content, strong branding, and extensive customer references. Technically, the site is built on Adobe Experience Manager with integrations of Adobe Analytics, Segment, Coveo search, and Brightcove video services. The site is mobile optimized and well structured for SEO and accessibility. However, the SSL configuration is currently invalid with no TLS protocols enabled, which is a critical security concern. Security headers are partially implemented but HSTS is not fully enabled. Privacy and compliance policies are comprehensive and prominently linked, indicating good GDPR and data protection awareness. Contact information is clearly provided with phone numbers and support portals. No WAF or blocking mechanisms were detected, allowing full content access. Overall, Cloudera's website demonstrates strong business credibility and digital maturity but requires urgent remediation of SSL and TLS configurations to improve security posture and user trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

T

Triumph Intertrade AG

triumph.com

0

Triumph Intertrade AG operates a mature and well-established e-commerce platform specializing in lingerie and related apparel, primarily targeting the German market. The website demonstrates a high level of professionalism, rich content, and strong brand consistency, supported by a comprehensive customer loyalty program and active social media presence. The technical infrastructure leverages modern e-commerce technologies including Salesforce Commerce Cloud and Cloudflare for hosting and delivery, with integrated marketing and analytics tools such as Google Tag Manager and CQuotient. However, the absence of a valid SSL/TLS certificate on the main domain significantly undermines the site's security posture, exposing users to potential risks. Additionally, a subdomain takeover vulnerability on blog.triumph.com presents a notable security concern. Privacy and cookie policies are present and indicate GDPR compliance, with clear contact information and incident response channels available. Overall, the site is functional and credible but requires urgent security improvements to protect user data and maintain trust.

Z

Zentrum für Ethik in der Medizin (ZEM)

medizinethik-frankfurt.de

0

The Zentrum für Ethik in der Medizin (ZEM) was a specialized non-profit center focused on medical ethics, affiliated with the Evangelische Kirche in Hessen und Nassau (EKHN). Founded in 1996, it served as a key institution in the region until its closure in April 2025. The website provides information about its services, publications, and contact details, targeting individuals and organizations interested in medical ethics within the church and healthcare sectors in Germany. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall, significantly impacting the site's security posture. The site implements a comprehensive cookie consent mechanism and provides clear privacy policy information, demonstrating good privacy compliance. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

N

New Frontier Investment AG

newfrontier.eu

0

New Frontier Investment AG is a technology-focused investment group based in Vienna, Austria, specializing in leading digital transformation initiatives with enterprise customers globally. The company manages a portfolio of subsidiary companies across various technology sectors, positioning itself as a key player in digital innovation and enterprise solutions. The website reflects a professional business presence with clear branding and consistent messaging about its investment and transformation leadership role. Technically, the website is built on WordPress with common plugins such as LayerSlider and Contact Form 7, but suffers from critical security shortcomings including lack of a valid SSL certificate and disabled HTTPS, which significantly impacts its security posture. The absence of privacy and cookie policies further reduces compliance with GDPR and privacy best practices. Contact information is clearly provided, including a physical address, phone number, and a contact form protected by Google reCaptcha, indicating some level of user interaction security. Overall, the site is functional and professional but requires urgent improvements in security and privacy compliance to meet modern standards.

G

George Labs GmbH

george-labs.com

0

George Labs GmbH operates the digital banking platform 'George', serving over 10 million users across Europe. The platform is positioned as a modern, intelligent, and personal financial companion, backed by Erste Group Bank AG. The website reflects a mature digital presence with professional design, clear branding, and multi-country banking partnerships. Technically, the site is built on WordPress with Elementor and uses modern web technologies, but suffers from critical SSL/TLS misconfigurations that undermine security. Privacy compliance is well addressed with GDPR-aligned cookie consent and policies. Overall, the business is credible and well-positioned in the European digital banking sector, but must urgently address its SSL issues to ensure user trust and security.

P

Porsche Informatik Gesellschaft m.b.H.

porscheinformatik.at

0

Porsche Informatik Gesellschaft m.b.H. is a medium-sized Austrian company specializing in software solutions and IT services for the automotive industry, operating as a subsidiary of the Porsche Holding group. The company focuses on digitalizing automotive trade and enabling future mobility through specialized software development. Their website reflects a professional and consistent brand image, targeting automotive clients and IT professionals. Technically, the site is built on WordPress with PHP 7.2.24 and Apache, but lacks a valid SSL certificate, which is a critical security shortfall. The absence of HTTPS impacts user trust and security posture significantly. Privacy and cookie policies are well implemented and GDPR compliant, with clear contact information provided. Social media presence is robust, supporting brand trust and outreach.

H&M is a globally recognized fashion retailer offering online shopping services with a focus on sustainable fashion at competitive prices. The website serves a broad international audience with multiple language and regional options, reflecting its enterprise scale and global market position. The technical infrastructure leverages ASP.NET technology and Akamai CDN services, with integration of Google Maps APIs for enhanced user experience. However, the website currently lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security deficiency. Security headers are well implemented but cannot compensate for the absence of encrypted communication. Privacy and cookie policies are not evident on the landing page, indicating potential compliance gaps. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements to protect user data and enhance trust.

M

ManpowerGroup

manpower.com

0

ManpowerGroup operates a comprehensive workforce solutions platform primarily targeting job seekers and employers in the United States. The company offers staffing, recruitment, and workforce management services across multiple sectors including transportation, logistics, engineering, and financial services. The website reflects a mature digital presence with a modern React and Sitecore CMS infrastructure, supported by Cloudflare for hosting and CDN services. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR and related regulations. However, the website's security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which are critical issues that must be addressed to protect user data and maintain trust. Overall, the site is professionally designed with excellent content quality and strong business credibility, supported by consistent WHOIS data and recognized certifications.

G

Gerhard Trittenwein

bindertrittenwein.com

0

Gerhard Trittenwein operates a specialized IT consulting and project management business focused on complex IT, change management, and digital transformation projects. The company emphasizes lean and agile methodologies to deliver early and visible results, targeting organizations facing challenging IT projects. The website presents a professional image with clear service offerings and contact information, supported by over 30 years of experience. Technically, the site uses Mono CMS with external CDNs and integrates Google Analytics and ConsentManager for tracking and cookie consent. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw, exposing visitors to risks and undermining trust. Privacy policies and cookie consent mechanisms are in place, indicating GDPR awareness, but no security policy or incident response information is provided. Overall, the business appears legitimate and consistent with its domain registration and DNS records, but urgent improvements in security posture are needed.

G

Gronda

gronda.eu

0

Gronda operates as a leading culinary community platform connecting chefs worldwide to share recipes, culinary creations, and educational content. The business targets professional and aspiring chefs and culinary enthusiasts, offering a mobile app and subscription-based PRO services. The platform is positioned as a top community in its niche with a strong digital presence and active social media engagement. Technically, the website is built on modern web technologies including Webflow CMS, AWS CloudFront CDN, and integrates Google Tag Manager and Weglot for analytics and multilingual support. However, performance data is missing, and inferred loading speed is slow. Security posture is weak due to the absence of a valid SSL certificate and incomplete HTTPS implementation, which poses risks to user data and trust. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site is professional and credible but requires urgent security improvements to protect users and enhance trust.

L

Linde PLC

the-linde-group.com

0

Linde PLC is a leading global industrial gases and engineering company focused on delivering innovative solutions to support customers across various sectors including clean energy and sustainability. The website reflects a mature, enterprise-level business with comprehensive content covering their expertise, sustainability initiatives, investor relations, and corporate governance. The technical infrastructure leverages modern tools such as Sitecore CMS, Azure Application Insights, and OneTrust for compliance, indicating a digitally mature platform. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of modern TLS protocol support, which exposes the site to potential risks and impacts user trust. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and compliance.

Grayling is a large, international PR and public affairs agency operating in over 30 countries with a strong global network of offices and affiliates. The company specializes in brand communications, corporate affairs, and public affairs, serving a diverse range of clients including major global brands. Their website reflects a professional and consistent brand image, with comprehensive content showcasing their services, case studies, and client portfolio. Technically, the site is built on WordPress with modern frontend frameworks and integrates multiple marketing and analytics tools such as Google Analytics, HubSpot, and OneTrust for cookie consent management. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses significant risks to user data and trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates good business credibility and digital maturity but requires urgent security improvements to protect visitors and maintain trust.

Docolution GmbH is a specialized Austrian company providing tailored document management and output management solutions, focusing on quality assurance, accessibility, and customer communication. Their business model targets organizations requiring professional document handling and communication services, supported by consulting and software development. The website reflects a professional presence with clear service offerings and contact information, but lacks some standard compliance documents such as privacy policy and terms of service. Technically, the site uses modern web technologies including JavaScript, jQuery, and Google Analytics, and is mobile optimized with good accessibility features. However, the absence of HTTPS and a valid SSL certificate is a critical security shortfall, exposing users to risks and undermining trust. Security headers are minimal, and no advanced security policies or incident response contacts are published. Overall, the site is functional and credible but requires urgent improvements in security and privacy compliance to meet modern standards.

The domain 20minutes.fr is a mature media website with a registration age of 23 years, indicating a well-established presence in the French media sector. However, the website content is currently inaccessible due to a CloudFront 403 error, which blocks access and prevents content retrieval. The technical infrastructure relies on Amazon CloudFront for hosting and DNS services via AWS, consistent with a large-scale media operation. Despite this, the absence of a valid SSL certificate and lack of HTTPS support significantly undermine the site's security posture. No privacy, cookie, or terms of service policies are detectable, and no contact or social media information is available from the provided HTML content. Overall, the site exhibits a weak security configuration and poor content availability, limiting the ability to perform a full analysis.