Security Directory

Takeda Pharma A/S, a subsidiary of Japan's largest pharmaceutical company, operates a comprehensive and professionally designed Danish website that reflects its global presence and commitment to healthcare innovation. The company focuses on developing and providing innovative pharmaceutical solutions, emphasizing patient access and collaboration with healthcare partners. The website demonstrates strong digital maturity with modern technologies like Next.js and React, hosted on Cloudflare and Vercel, and integrates privacy and cookie compliance mechanisms effectively. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the site's security posture. While security headers and best practices are partially implemented, the lack of HTTPS significantly impacts the overall security score. The site provides clear contact information, social media links, and extensive business information, reinforcing its credibility. Strategic recommendations include immediate SSL certificate renewal, full HSTS implementation, and enhanced security policy disclosures to improve trust and compliance.

The Würth Group is a globally established enterprise specializing in the development, manufacturing, and distribution of assembly and fastening materials. With over 400 companies in 80 countries and more than 2,800 branches, it holds a world market leader position in its core business. The website reflects a mature digital presence with consistent branding and comprehensive corporate information primarily targeting industrial and business clients. Technically, the site employs modern web technologies including Bootstrap, jQuery, and the FirstSpirit CMS, ensuring good mobile optimization and user experience. However, a critical security deficiency is the absence of a valid SSL certificate and enabled TLS protocols, severely impacting the site's security posture. Privacy and cookie policies are present and GDPR compliant, indicating attention to data protection regulations. Overall, the site is professional and credible but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and maintain trust.

M

MASSIVE ART WebServices GmbH

massiveart.at

0

MASSIVE ART WebServices GmbH is a full-service digital agency based in Austria, specializing in digital strategy, website and portal development, e-commerce solutions, performance marketing, data analytics, mobile apps, and UI/UX design. The company targets B2B clients, particularly industry leaders and established businesses seeking sustainable digital transformation. With a strong market position supported by long-term partnerships and recognized certifications such as Google Partner and HubSpot Gold Partner, MASSIVE ART demonstrates a reputable presence in the technology sector. The website employs modern web technologies including nginx, Google Tag Manager, Matomo Analytics, and HubSpot forms, with advanced SVG animations enhancing user experience. The site is mobile-optimized and exhibits excellent design quality and navigation clarity. However, performance is currently slow, and the SSL/TLS configuration is inadequate, lacking a valid certificate and modern protocol support. Security posture is basic, with essential security headers present but critical issues such as an invalid SSL certificate and absence of TLS protocols significantly lowering the security score. Privacy compliance is good, with a comprehensive privacy policy and GDPR adherence, though no explicit cookie consent mechanism was detected. Contact information is clearly provided across multiple office locations, enhancing business credibility. Overall, MASSIVE ART's digital presence is professional and trustworthy, but immediate improvements in SSL/TLS security are recommended to enhance user trust and comply with best security practices.

Marriott Hotels is a globally recognized hospitality brand offering a wide range of hotel and resort accommodations, loyalty rewards, and premium guest experiences. The website reflects a mature digital presence with professional design, rich content, and integration of modern technologies such as React, Brightcove video, and Adobe DTM for analytics and marketing. However, the site currently lacks a valid SSL certificate, which is a critical security flaw that undermines user trust and data protection. Privacy and terms of use policies are present and comprehensive, supporting GDPR compliance. Overall, the business is well-established with consistent branding and a strong market position, but the technical security posture requires urgent improvement to meet industry standards.

E

Endress+Hauser AG

endress.com

0

Endress+Hauser AG is a global leader in industrial measurement instrumentation and automation solutions, serving diverse sectors including energy, chemical, life sciences, water treatment, and oil & gas. The company offers a comprehensive portfolio of products and services, including flow, level, liquid analysis, optical analysis, pressure, and temperature measurement devices, alongside software and system products. Their website reflects a mature digital presence with extensive product information, customer support, and training resources, targeting industrial process engineers and related professionals worldwide. Technically, the website employs modern web technologies such as JavaScript, CSS, JSON-LD structured data, and utilizes Tealium for analytics and tag management. The site is hosted on reliable infrastructure, likely Amazon AWS, and demonstrates good mobile optimization, accessibility, and SEO practices. However, performance metrics indicate slow loading times, which may impact user experience. From a security perspective, the site has critical deficiencies: it lacks a valid SSL certificate and does not enable HTTPS or modern TLS protocols, severely impacting its security posture. While some security headers are present, the absence of proper SSL/TLS configuration is a major risk. Privacy and cookie policies are well implemented with consent mechanisms, and contact information is clearly provided, enhancing trust. Overall, the site is professionally designed and content-rich but requires urgent security improvements to protect user data and maintain trust. Strategic recommendations include immediate SSL certificate installation, enabling HTTPS and modern TLS versions, and enhancing security headers and session management. These steps will significantly improve the site's security score and user confidence.

W

Westcam - The Know-WOW Company

westcam.at

0

Westcam - The Know-WOW Company is a well-established Austrian technology and manufacturing solutions provider founded in 1990. The company offers a comprehensive portfolio of services and products including CAD design, CAM programming, 3D printing, 3D metrology, PDM/MES systems, mechatronics, robotics, and industrial image processing. Their market position is strong in the regional industrial sector, supported by their Autodesk Gold Partner status and ISO 9001:2015 certification. The website demonstrates a high level of digital maturity with a modern WordPress-based infrastructure, multilingual support, and integrated marketing and analytics tools. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS support, which significantly impacts their security posture. Privacy compliance is well addressed with explicit cookie consent mechanisms and a comprehensive privacy policy. Overall, the business presents itself professionally with clear contact information and strong trust indicators.

Urban Outfitters is a large retail company specializing in lifestyle apparel and home decor targeting young adults. The website is protected by a PerimeterX Web Application Firewall (WAF) which presents a CAPTCHA challenge, blocking direct access to content and preventing detailed content and policy analysis. The technical infrastructure includes nginx server hosting and DNS managed via Google Cloud DNS. However, the SSL/TLS configuration is currently invalid or missing, resulting in no HTTPS availability and exposing the site to security risks. DNS and MX records indicate legitimate email infrastructure consistent with the retail business. Overall, the security posture is weak due to lack of HTTPS and missing security headers, and privacy compliance information is not accessible due to the WAF block. The domain registration data is consistent and legitimate, supporting the business credibility. Strategic improvements in SSL deployment and security header implementation are critical.

ChargePoint, Inc. operates the be.ENERGISED platform, a modular SaaS solution designed to support businesses in building and expanding electric vehicle (EV) charging services. The website targets enterprises, fleet operators, partners, and EV drivers primarily in Germany and Europe, offering comprehensive services including charge point operation, software integration, billing, roaming, and white-label solutions. The company holds a strong market position with significant penetration among Fortune 50 companies and a large active charging network. Technically, the site is built on Drupal 10 and hosted on Pantheon, with integrations such as Google Tag Manager and Google Maps API enhancing functionality. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, despite the presence of some security headers and GDPR-compliant privacy and cookie policies. Overall, the site demonstrates high content quality and business credibility but requires urgent improvements in security infrastructure to protect user data and maintain trust.

W

Wellspect HealthCare

wellspect.com

0

Wellspect HealthCare is a global MedTech company specializing in continence care solutions, supporting individuals with urinary and bowel dysfunction through innovative products and educational resources. The company holds a strong market position with over 40 years of industry experience and operates under the parent company Dentsply Sirona. Their website reflects a professional and consistent brand image targeting carers, specialists, and new users in continence care. Technically, the website employs modern analytics and marketing tools such as Microsoft Application Insights, Google Tag Manager, and Salesforce Lightning, hosted behind Cloudflare. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security flaw, severely impacting the site's security posture. Privacy compliance is partial, with a comprehensive privacy policy present but lacking a cookie consent mechanism despite active tracking scripts. Overall, the website offers excellent content quality and user experience but requires urgent security improvements to protect user data and enhance trust.

T

Tractive

tractive.com

0

Tractive is a leading global provider of GPS and health monitoring trackers for pets, specializing in real-time location tracking and wellness insights for dogs and cats. The company operates a robust e-commerce platform offering subscription-based services that enable worldwide cellular connectivity for their devices. Their market position is strong, supported by extensive customer testimonials, high Trustpilot ratings, and a broad international presence with multi-language support. Technically, the website leverages modern web technologies including nginx, Amazon AWS infrastructure, CloudFront CDN, and advanced JavaScript frameworks. They utilize performance monitoring and A/B testing tools such as New Relic and Visual Website Optimizer, indicating a mature digital infrastructure. The site is well-optimized for mobile devices and accessibility, with good SEO practices. From a security perspective, while the site implements several important security headers and policies, it suffers from a critical issue: the SSL certificate is invalid or missing, and no TLS protocols are enabled. This severely impacts the security posture and user trust. Other security best practices like HSTS and CSP are in place, but the lack of proper HTTPS is a major vulnerability. Overall, the risk assessment highlights the need for immediate remediation of SSL/TLS issues to protect user data and maintain trust. Strategic recommendations include fixing the SSL certificate, enabling modern TLS versions, and improving session security. The business credibility is high, but security gaps could undermine customer confidence if not addressed promptly.

W

WIFI Österreich

wifi.at

0

WIFI Österreich is a prominent educational institution in Austria, offering a vast range of courses, seminars, and professional training programs across multiple sectors including academic education, business, health, IT, and management. It serves a broad audience including individuals seeking career advancement, apprentices, and corporate clients. The website reflects a well-structured, content-rich platform with excellent design and navigation, supporting both in-person and online learning modalities. Technically, the site uses standard web technologies like jQuery and lazy loading but lacks a valid SSL certificate, resulting in no HTTPS support, which is a significant security concern. Security headers and advanced SSL features are missing, indicating room for improvement in security posture. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the domain and business information are consistent and trustworthy, aligned with the parent organization Wirtschaftskammer Österreich. Strategic improvements in SSL implementation and security headers are recommended to enhance user trust and security.

C

connex.cc IT-Consulting GmbH

connex.cc

0

connex.cc IT-Consulting GmbH is a well-established Austrian IT consulting firm specializing in the public sector, with over two decades of experience. The company operates as a subsidiary of xrxes.cc Holding GmbH and offers a range of services including IT consulting, business analysis, test management, project management, and project assistance. The website is professionally designed, content-rich, and targets public sector organizations in Austria. Technically, the site is built on WordPress using Elementor and Astra theme, with modern plugins enhancing user experience. However, a critical security weakness is the lack of a valid SSL certificate and proper HTTPS configuration, which significantly impacts the security posture. Privacy compliance is well addressed with a comprehensive privacy and cookie policy and a consent mechanism. Contact information is clearly provided, enhancing business credibility.

iteratec GmbH is a medium-sized, established software development company founded in 1996, with multiple offices across Germany, Austria, and Poland. The company specializes in digital transformation, AI and data analytics, IT security, and sustainable technology solutions, targeting enterprises in automotive, energy, and logistics sectors. Their website reflects a professional and comprehensive digital presence, leveraging TYPO3 CMS and modern web technologies. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts their security posture. Privacy and cookie policies are well implemented with consent mechanisms, indicating good compliance with GDPR. Overall, the company demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to improve security and trust.

H

HK/Danmark

hk.dk

0

HK/Danmark is a well-established Danish trade union and unemployment insurance provider, founded in 1900, serving a large membership base with comprehensive services including career guidance, legal advice, and member benefits. The website is professionally designed, content-rich, and targets employees, students, and job seekers in Denmark. Technically, the site uses modern web technologies such as ASP.NET, jQuery, and integrates analytics and chat services, but suffers from a critical security issue due to the absence of a valid SSL certificate, which undermines its HTTPS security posture despite having HSTS headers configured. Privacy and cookie policies are present and indicate GDPR compliance, with clear contact information and trust signals like Trustpilot integration enhancing business credibility. Overall, the site is highly professional but requires urgent security improvements to ensure user trust and data protection.

C

Communi5

communi5.com

0

Communi5 is a medium-sized Austrian software manufacturer specializing in communications solutions for service providers, focusing on UCaaS and Cloud PBX offerings. The company demonstrates a mature market position with a future-oriented approach, integrating modern collaboration tools such as MS Teams. The website reflects a professional and consistent brand image with comprehensive content targeting service providers and business customers. Technically, the site is built on WordPress with Elementor and uses modern UI components like Smart Slider 3, but lacks a valid SSL certificate and modern TLS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. However, the absence of explicit security policies and incident response information is noted. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

SPGPrints is a well-established global company specializing in textile and industrial printing solutions, with a strong focus on rotary screen and digital textile printing technologies. The company offers a comprehensive range of products including printing machines, consumables, and services, targeting businesses in textile, label, healthcare, and printed electronics sectors. Their market position is supported by decades of experience, numerous patents, and a global presence. Technically, the website is built on HubSpot CMS and leverages modern web technologies and marketing tools, but lacks a valid SSL certificate, which is a significant security concern. The security posture is basic with some security headers present but critical gaps in SSL/TLS configuration and privacy compliance. Overall, the website is professional and content-rich but requires urgent improvements in security and privacy compliance to enhance trust and protect user data.

K

Kolibri

kolibri.is

0

Kolibri is a small Icelandic digital design and development agency offering comprehensive services including web and app solutions, product development, and optimization. The company presents a professional portfolio showcasing notable projects, targeting businesses and organizations seeking digital transformation. The website is built on modern web technologies such as Webflow and uses Cloudflare for hosting and CDN services, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate is a critical security flaw that undermines user trust and data protection. Additionally, the lack of privacy and cookie policies suggests compliance gaps with GDPR and related regulations. Overall, while the business demonstrates professionalism and a clear market position, urgent improvements in security and privacy compliance are necessary to enhance trust and protect users.

The website dondusang.net represents the official French public blood service, Etablissement français du sang (EFS). It provides comprehensive information and services related to blood, plasma, and platelet donations across France. The site is well-branded, content-rich, and targets donors, associations, and the general public with clear calls to action and partner engagement. Technically, the site is built on Drupal CMS, uses modern tracking and analytics tools, and integrates multiple partner domains. However, it lacks HTTPS support, which is a critical security flaw exposing users to risks. Security headers are well configured but cannot compensate for the absence of SSL/TLS. Privacy policies and cookie consent mechanisms are present and GDPR compliant. Overall, the site demonstrates a high level of professionalism and trustworthiness but requires urgent security improvements.

The website for kerstin-schleicher.de currently serves as a placeholder or customer menu page for Lind & Quittek GmbH, a small company based in Mannheim, Germany. The site content is minimal and displays a message indicating the requested domain could not be found on the server, suggesting the domain is not actively hosting business content or services. The technical infrastructure includes common JavaScript libraries and the Bulma CSS framework, but lacks a valid SSL/TLS certificate and modern HTTPS configuration, which significantly impacts security and trustworthiness. Security headers are present but insufficient without proper SSL. No privacy, cookie, or terms of service policies are found, indicating poor compliance with privacy regulations. Overall, the website's digital maturity is low, with poor content quality and minimal user engagement features.

S

Smartly.io Solutions Oy

smartly.io

0

Smartly.io Solutions Oy operates a mature, enterprise-grade AI advertising platform focused on creative, media, and intelligence suites to optimize cross-channel advertising performance. The company is well-positioned in the technology sector with a strong market presence, supported by industry certifications and a comprehensive digital marketing infrastructure. The website is professionally designed, content-rich, and targets advertising professionals and teams seeking AI-powered campaign automation and insights. Technically, the site leverages modern web technologies including Webflow CMS, Marketo forms, and multiple analytics and tracking tools, hosted via Cloudflare CDN. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, significantly impacting the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the business credibility is high, but urgent remediation of SSL/TLS issues is recommended to ensure secure user interactions and trust.

x-tention is a medium-sized Austrian IT company specializing in comprehensive IT solutions for the healthcare and social sectors. Founded in 2001 and part of the xt Unternehmensgruppe, it offers consulting, software development, data science, managed services, and cybersecurity. The company targets healthcare providers and social organizations, emphasizing innovative and secure digital health solutions. The website is professionally designed, content-rich, and well-structured, supporting multiple languages and providing clear contact and support channels. Technically, the site uses Drupal 10 and modern web technologies, but suffers from critical security issues due to the absence of a valid SSL certificate and HTTPS support, severely impacting its security posture. Privacy compliance is strong with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the business credibility is high, but urgent improvements in SSL/TLS implementation are needed to secure user data and trust.

B

Barmherzige Brüder Wien

bbwien.at

0

Barmherzige Brüder Wien operates as a large, well-established non-profit hospital in Austria, providing a broad range of medical services and patient care. The website reflects a mature digital presence with comprehensive content, clear navigation, and active social media engagement. Technically, the site uses a modern CMS (siteswift) and popular JavaScript libraries to enhance user experience. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in all traffic being served over HTTP, which exposes users to potential interception risks. The site implements GDPR-compliant privacy and cookie consent mechanisms, indicating awareness of privacy regulations. WHOIS data confirms domain legitimacy and consistency with the hospital's identity. Overall, the site is professional and trustworthy but urgently requires HTTPS implementation to secure user data and improve security posture.

C

CTI Meeting Technology

ctimeetingtech.com

0

CTI Meeting Technology is a mature and established provider of comprehensive meeting management software solutions, serving the STEM meeting industry for over 40 years. Their all-in-one platform supports virtual, hybrid, and in-person events with a wide range of modules including abstract management, presentation management, program management, and more. The company targets meeting organizers, associations, PCOs, and other stakeholders involved in event planning and execution. Technically, the website is built on WordPress with Elementor and integrates various modern tools such as Calendly and Microsoft Clarity. However, the absence of a valid SSL certificate and HTTPS significantly impacts the security posture. While security headers are present, the lack of encryption is a critical vulnerability. The website demonstrates good privacy compliance with clear policies and contact information. Overall, the business is credible and well-positioned in its market, but it must address critical security issues to improve trust and compliance.

The website arionsolutions.com.br is currently inactive and displays an error page indicating that the site does not exist or the content has been removed. The page promotes Locaweb's site creation service as an alternative. There is no substantive business information, contact details, or privacy and security policies available on the site. Technically, the site is served via HTTP without SSL/TLS encryption, which is a critical security deficiency. Basic security headers are present but insufficient to ensure a strong security posture. DNS and mail records indicate hosting and mail services are provided by Locaweb, a known Brazilian hosting provider. Overall, the site lacks content, security, and compliance features, resulting in a low trust and credibility score.

Ö

Ökovolt Solartechnik GmbH

oekovolt.com

0

Ökovolt Solartechnik GmbH is a well-established company specializing in photovoltaic solutions for industry, commerce, municipalities, real estate developers, and private households. With over 15 years of experience, the company offers comprehensive services including planning, financing, installation, and operation of photovoltaic large-scale systems. Their market position is strong, supported by detailed project references and a professional online presence. Technically, the website is built on WordPress with modern SEO and analytics tools, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which undermines security and trust. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policies. Overall, the company demonstrates a mature digital infrastructure but must urgently address SSL issues to improve security posture and user trust.

The website ledon-lamp.com currently serves only a default cPanel placeholder page indicating server or DNS misconfiguration. There is no active business content, product information, or marketing material available. The only contact information is a webmaster email address. The domain is registered and uses Cloudflare DNS but lacks a valid SSL certificate and HTTPS support, severely limiting security and user trust. Performance is poor with a very slow load time, and no privacy or cookie policies are present, indicating low digital maturity and compliance. Security posture is weak due to missing TLS, security headers, and DNS security features. Overall, the site appears inactive or misconfigured, posing a risk to visitors and undermining business credibility.

N

nora systems GmbH

nora.com

0

nora systems GmbH is a globally recognized manufacturer specializing in high-quality rubber floor coverings, headquartered in Germany with a history dating back to 1950. The company holds a strong market position as a leader in resilient flooring solutions across multiple sectors including healthcare, education, industry, and public buildings. Their business model focuses on manufacturing and direct sales, supported by innovative installation and cleaning systems. The website reflects a professional and comprehensive digital presence with rich content tailored to architects, builders, and facility managers. Technically, the site is built on Sitecore CMS and served via Microsoft IIS, with integrations for marketing and analytics through Google Tag Manager and Usercentrics consent management. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security gap, exposing the site to potential risks. Privacy and cookie policies are well implemented, indicating good compliance with GDPR standards. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and enhance trust.

I

Implenia AG

implenia.com

0

Implenia AG is a leading Swiss construction and real estate services company with a strong multinational presence, particularly in Switzerland and Germany. The company specializes in infrastructure, real estate development, and specialized construction services such as tunnel and civil engineering. The website reflects a mature business with comprehensive content targeting business clients, investors, and partners. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates consent management and analytics tools. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing the site to risks and undermining user trust. Security headers are partially implemented but insufficient without HTTPS. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism and business credibility but requires urgent security improvements to align with best practices.

B

Bayer G4A

grants4apps.com

0

Bayer G4A operates as a healthcare innovation accelerator focused on digital health startups, providing funding, consulting, and expertise to scale businesses that transform healthcare experiences. The website positions Bayer G4A as a leading pharmaceutical accelerator with a portfolio of over 150 startups and multiple commercial collaborations worldwide. Technically, the site is built on modern frameworks such as Next.js and hosted on Vercel, with content managed via Builder.io, reflecting a contemporary digital infrastructure. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Additionally, privacy and cookie policies are not found, and direct contact information such as emails or phone numbers is absent, limiting transparency and user trust. Overall, the site demonstrates moderate business credibility and technical maturity but requires urgent security and privacy improvements.

W

WestLicht

westlicht.com

0

WestLicht is a well-established cultural venue in Vienna specializing in photography exhibitions, a camera museum, and related services such as a bookshop and café. The website targets photography enthusiasts and cultural visitors, offering detailed information about exhibitions, events, memberships, and retail options. The domain age of 24 years and consistent WHOIS data support the legitimacy and maturity of the business. Technically, the site uses a modern JavaScript stack with jQuery, Swiper.js, and Google services integrated, managed via the siteswift CMS and hosted by Hetzner Online GmbH. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. The site implements a cookie consent mechanism compliant with GDPR, but lacks explicit security policies or incident response information. Overall, the website is professionally designed with good content quality and user experience but requires urgent security improvements to protect visitors and enhance trust.

B

Business Upper Austria - OÖ Wirtschaftsagentur GmbH

biz-up.at

0

Business Upper Austria - OÖ Wirtschaftsagentur GmbH is a government agency serving as the location and investment promotion agency for the state of Upper Austria. The organization provides tailored solutions for companies' investment and innovation projects, supporting national and international businesses with services such as investor services, human capital management, innovation promotion, cooperation facilitation, and industrial transformation. The website reflects a professional and comprehensive digital presence with clear navigation and relevant content targeted at businesses and investors interested in the region. Technically, the website is built on the TYPO3 CMS platform, utilizing modern frontend libraries such as Swiper.js and Font Awesome 6 Pro. The site includes a cookie consent mechanism compliant with GDPR and uses Matomo analytics for user tracking with explicit consent. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts the security posture and user trust. Security-wise, while SPF and DMARC records are properly configured to protect email integrity, the lack of TLS encryption and modern security headers exposes the site to risks. No incident response or security policy information is publicly available, which could be a concern for security-conscious visitors. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, reinforcing trust in the entity behind the website. Overall, the site is content-rich and professionally presented but requires urgent security improvements to enable HTTPS and modern TLS protocols to protect user data and enhance trust. Strategic recommendations include obtaining and maintaining a valid SSL certificate, enabling HSTS, and improving security headers. These steps will significantly improve the security posture and compliance standing of the website.

EssenceMediacom Holdings Limited operates as a global media and communications agency, delivering integrated media solutions, analytics, and creative futures to a diverse range of brands. With a mature domain age of 20 years and a presence in 96 markets supported by 120 offices and over 10,000 employees, the company holds a strong market position within the media industry. Their website reflects a professional and content-rich platform targeting brands seeking breakthrough communications strategies. Technically, the website leverages modern frameworks such as Next.js and React, hosted on Cloudflare, and managed via DatoCMS, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the security posture despite the presence of robust security headers and content security policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

The website sensix.net is currently inaccessible due to a Cloudflare Turnstile human verification challenge, which blocks access to the actual site content. The domain is mature, registered since 2016 with GoDaddy, and uses Cloudflare for DNS and security services. However, no valid SSL certificate is configured, and the site does not support HTTPS, which is a critical security deficiency. The landing page contains minimal content, primarily a security challenge message, with no visible business information, contact details, or privacy policies. Performance is poor with a high load time, and there are no indications of SEO or accessibility optimizations. Overall, the technical infrastructure relies on Cloudflare but lacks essential security configurations and content accessibility, limiting the ability to assess the business or security posture fully.

V

VAM USA

vam-usa.com

0

VAM USA is a medium-sized company specializing in premium connection solutions for the oil and gas industry, with a strong market position as a world leader and a parent company relationship to Vallourec Oil and Gas France. The website provides comprehensive business information, product details, and service offerings targeted at energy sector professionals and distributors in North America. Technically, the site is built on WordPress with common marketing and analytics tools but suffers from slow performance and lacks modern security implementations such as HTTPS and security headers. The security posture is weak due to the absence of a valid SSL certificate and no HTTPS support, which is a critical issue. Privacy compliance is poor, with no visible privacy or cookie policies. Overall, the site is professional and credible but requires urgent security improvements to protect users and enhance trust.

Trūata Limited is a UK-based technology company specializing in privacy-enhancing data analytics solutions. Their offerings include anonymization services, privacy risk assessments, and privacy-compliant analytics platforms designed to help businesses extract value from data while maintaining compliance with global data protection regulations. The company targets enterprises and organizations seeking to leverage data securely and ethically, positioning itself as a leader in privacy technology with notable partnerships including IBM, Microsoft Azure, and Mastercard. The website is professionally designed, content-rich, and well-structured, supporting a positive user experience and clear navigation. Technically, the site is built on WordPress with integrations of marketing and analytics tools such as Adobe Analytics and HubSpot, and hosted on Microsoft Azure infrastructure. However, the security posture is weakened by the absence of a valid SSL certificate and lack of enabled TLS protocols, which is a critical vulnerability that undermines secure communications and user trust. Privacy compliance is well addressed with comprehensive privacy and cookie policies and GDPR-aligned consent mechanisms. WHOIS data confirms the domain's legitimacy and consistent registration history. Overall, while the business and content quality are strong, urgent improvements in SSL/TLS security are necessary to elevate the site's security and trustworthiness.

The website exporttradinggroup.com currently serves minimal content consisting solely of a redirect script to a /lander page, with no accessible metadata, business information, or user-facing content. The domain is registered and has valid DNS A records, but lacks proper mail exchange configuration and does not use DNSSEC or CAA records. Critically, the site does not have a valid SSL certificate and does not support HTTPS, exposing it to security risks and reducing user trust. No privacy, cookie, or terms of service policies are present, and no contact or social media information is available, indicating a very low level of digital maturity and transparency. From a technical perspective, the site lacks any detectable technology stack, frameworks, or CMS. Performance data is absent, and the site is not optimized for mobile or accessibility. Security posture is weak due to missing HTTPS, absence of security headers, and no incident response or vulnerability disclosure information. The DNS SPF record is configured to reject all mail, which may indicate no email services are intended for this domain. Overall, the security posture is poor with critical issues such as no SSL and no content, which severely limits the ability to assess business credibility or compliance. The domain registration appears consistent but lacks publicly available registrant details. Strategic recommendations include immediate implementation of HTTPS with a valid certificate, deployment of basic security headers, and publishing of privacy and cookie policies to improve compliance and trust. Additionally, the website should provide meaningful content and contact information to enhance business credibility and user experience.

Hermes Europe GmbH operates a mature and professionally presented website focused on integrated supply chain and logistics solutions, targeting national and international trading companies. The company positions itself as a leading expert in the transportation sector, offering services such as global e-commerce support, parcel distribution, and specialized handling solutions. The website content is well-structured, with clear navigation and multilingual support, reflecting a large enterprise with multiple subsidiaries. Technically, the site is hosted on Google Cloud infrastructure using nginx and incorporates modern analytics and consent management tools. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to potential risks. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant, supporting responsible data handling practices. Overall, the domain registration data corroborates the business legitimacy and maturity, but urgent improvements in security configurations are recommended.

P

perma-tec

perma-tec.com

0

perma-tec is a globally recognized leader in manufacturing automatic lubrication systems, offering innovative and reliable solutions that reduce maintenance costs and prevent equipment failures. Their product portfolio includes single- and multi-point lubrication systems, connected solutions like perma CONNECT, and comprehensive services such as installation and technical training. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site is built on the Flow Framework and Neos CMS, with Apache hosting and uses Matomo for analytics, indicating a privacy-conscious approach. However, the absence of a valid SSL certificate and HTTPS support is a significant security vulnerability, exposing users to risks and undermining trust. Security headers are partially implemented, but the lack of TLS protocols and cipher suites further weakens the security posture. Privacy policies and cookie consent mechanisms are present and comprehensive, supporting GDPR compliance. Overall, the site is content-rich and business credible but requires urgent security improvements to protect users and enhance trust.

U

University of Aleppo

alepuniv.edu.sy

0

The University of Aleppo website serves as an online presence for a major educational institution in Syria, focusing on higher education and academic services. The site content is minimal, primarily a placeholder with a single app container and no visible user-facing content or policies. Technically, the site runs on an nginx server with PHP 7.4 but lacks a valid SSL/TLS certificate, resulting in no HTTPS support and exposing users to security risks. Security headers are minimal, and no advanced protections such as HSTS or DNSSEC are implemented. The absence of privacy, cookie, and terms of service policies indicates a lack of compliance with modern data protection regulations. Overall, the website's digital maturity is low, with slow performance and basic mobile optimization.

Crystalline Mirror Solutions is a small technology company specializing in crystalline mirror products, currently operating as a subsidiary of Thorlabs. The website serves primarily as a landing page announcing the acquisition by Thorlabs and providing links to products and press releases hosted on the parent company's domain. The technical infrastructure is basic, utilizing Bootstrap for styling and conditional loading of Google Tag Manager for analytics. However, the site lacks HTTPS, which severely impacts its security posture. Security headers are minimal, and no privacy or cookie policies are present, indicating low privacy compliance. The absence of contact information and business details on the site further limits its credibility and user trust. Overall, the website is functional but minimalistic, with significant room for improvement in security, privacy, and content richness.

B

bulmor industries GmbH

bulmor-airground.com

0

Bulmor airground technologies GmbH is a specialized manufacturer of medical highloaders (Ambulift SideBull) designed to facilitate safe and efficient boarding of mobility-impaired passengers at airports. The company has a niche market position with patented technology and partnerships with major airports and airlines. The website is built on TYPO3 CMS and uses several JavaScript libraries for enhanced user experience. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. The domain is mature and trustworthy, registered since 2011 with no suspicious patterns beyond lack of domain protection locks.

K

Startseite - KFV - Kuratorium für Verkehrssicherheit

kfv.at

0

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 28 security findings identified across all modules.

A

Audit Partner Austria Wirtschaftsprüfer GmbH

auditpartner.at

0

Audit Partner Austria Wirtschaftsprüfer GmbH is a professional services firm specializing in tax consulting and auditing services primarily serving Austrian businesses and professionals. The company emphasizes expertise, personal consultation, and proactive advisory services. Their website reflects a medium-sized firm with a consistent brand and a clear focus on finance-related services. The technical infrastructure is based on WordPress with common web technologies such as jQuery and Bootstrap, hosted on Austrian DNS infrastructure. However, the website lacks a valid SSL certificate, which significantly impacts its security posture. While basic security headers like HSTS are present, they are ineffective without HTTPS. The site provides comprehensive contact information and privacy policies, but lacks cookie consent mechanisms and explicit security or incident response policies. Overall, the website is professional and trustworthy but requires urgent improvements in SSL configuration and security transparency.

M

Mars Hospitality Group

mars-world.com

0

Mars Hospitality Group operates a portfolio of hotels, restaurants, catering outlets, and an exclusive recreation club primarily in Mumbai, India, with additional venues in Mussoorie, Landour, and Summit, New Jersey. The company targets hospitality customers seeking boutique and upscale experiences, positioning itself as a notable player in the hospitality sector with multiple brands and venues. The website content reflects this business focus but lacks comprehensive contact and compliance information. Technically, the website is hosted on an Apache server serving XHTML 1.0 Transitional content with basic CSS styling. The absence of a valid SSL certificate and HTTPS support is a significant technical and security deficiency. The site lacks modern web frameworks, performance optimizations, and accessibility features, indicating a low level of digital maturity. From a security perspective, the site does not implement HTTPS, modern TLS protocols, or essential security headers, exposing it to potential risks. No privacy or cookie policies are present, and no incident response or security policies are disclosed. The Entrust SSL seal script is included but misleading due to the invalid certificate. DNS records are standard but lack DNSSEC and CAA protections. Overall, the website presents moderate business credibility but suffers from critical security and compliance gaps. Strategic improvements in SSL implementation, security headers, privacy compliance, and contact transparency are recommended to enhance trust and protect users.

S

Sonnenberg-Apotheke, Helge Lehnert e.K.

sonnenberg-apotheke.com

0

Sonnenberg-Apotheke is a well-established local pharmacy in Chemnitz, Germany, operating since 2001. The business offers a range of pharmaceutical services including certified travel vaccination advice, medication reservation, rental of medical devices, and substitution care for opioid-dependent patients. The website reflects a professional and consistent brand presence targeting local customers with additional online service capabilities. Technically, the site uses a modern front-end stack with Foundation framework and common JS libraries but lacks performance metrics and has no valid SSL certificate, which is a critical security concern. Security headers are partially implemented but the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy and cookie policies are present, indicating GDPR awareness, though the cookie consent mechanism is minimal. Contact information is clearly provided and consistent with WHOIS data, supporting business credibility. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

Dynea AS is a Norwegian-based manufacturer specializing in wood adhesives and related chemical solutions, serving primarily the European market with additional sales in Asia, Africa, and the Americas. The company offers a broad portfolio of products including amino-based resins, polyurethanes, emulsion polymers, and hot melt adhesives, complemented by services such as consulting, tank cleaning, and toll production. Established in 1947, Dynea maintains a strong market position as a leader in the European wood adhesives sector with multiple production sites and subsidiaries. Technically, the website employs modern front-end technologies such as Bootstrap, AOS, and Swiper, providing a good user experience with responsive design and clear navigation. However, the site lacks HTTPS support and a valid SSL certificate, which critically undermines its security posture. The absence of cookie consent mechanisms and limited privacy compliance features further highlight areas for improvement. From a security perspective, the site shows no evidence of common vulnerabilities like Heartbleed or POODLE but suffers from the lack of encryption and security headers. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims, supporting trustworthiness despite technical security shortcomings. Overall, Dynea's website reflects a professional and established business with solid content and branding but requires urgent security enhancements to protect user data and comply with modern web security standards.

CNH Industrial N.V. is a leading global manufacturer and technology provider in the agriculture and construction sectors, operating through well-known brands such as Case IH, New Holland, and CASE. The company is publicly listed on the New York Stock Exchange, reflecting its strong market position and investor focus. The website provides comprehensive investor relations content, sustainability reporting, and career opportunities, targeting investors, industry professionals, and customers in agriculture and construction. Technically, the site is built on modern frameworks including React and Sitecore CMS, leveraging Akamai CDN for hosting and performance. However, a critical security gap exists due to the absence of a valid SSL certificate, exposing users to risks and undermining trust. Security headers and policies are well implemented, but the lack of HTTPS significantly impacts the overall security posture. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR. Overall, the site is professional and content-rich but requires urgent remediation of SSL issues to ensure secure user interactions.

M

MTEL Austria

mtel.at

0

MTEL Austria is a telecommunications provider offering a range of services including mobile tariffs, internet, and TV entertainment packages primarily targeting private and business customers in Austria. The company is part of the Telekom Serbien Group, indicating a solid regional market presence. The website is professionally designed with good content quality, clear navigation, and mobile optimization. It leverages modern JavaScript libraries and integrates marketing and analytics tools such as Google Tag Manager, Hotjar, and Cookiebot for consent management. However, the site currently lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are properly configured, but the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with a consent mechanism in place. Contact information including email and phone numbers is clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires urgent security improvements to protect user data and build trust.

Deloitte Digital is a leading digital creative and marketing consultancy operating primarily in the Nordics region, backed by the global Deloitte network. The company offers a broad range of services including customer strategy, advertising, marketing, digital commerce, sales, service, and digital product design. Their market position is strong, evidenced by recognition as a leader in the 2024 Gartner Magic Quadrant for Digital Experience Services. The website reflects a mature, enterprise-level organization with a consistent brand and professional content targeting businesses seeking digital transformation and marketing consultancy. Technically, the site leverages Adobe Experience Manager, Akamai CDN, and modern JavaScript libraries, providing a good user experience with mobile optimization and accessibility features. However, the absence of a valid SSL/TLS certificate and lack of HTTPS enforcement significantly weaken the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and social media presence. Overall, Deloitte Digital demonstrates a high level of business credibility and digital maturity but must address critical security gaps to ensure trust and compliance.