Security Directory

T

TAUERN SPA World Betriebs GmbH & Co KG

tauernspakaprun.com

0

TAUERN SPA Kaprun is a mature, well-established 4-star superior resort located in the Austrian Alps, offering a comprehensive spa and wellness experience combined with high-quality accommodation and culinary services. The business is part of the VAMED Vitality World group, indicating strong market positioning in the hospitality and wellness sector. The website is professionally designed with rich content, clear navigation, and strong trust signals including multiple awards and certifications. Technically, the site uses Pimcore CMS and integrates modern tracking and consent management tools, but suffers from a critical security weakness due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

I

impact_

thinkimpact.com

0

ThinkImpact.com is a small, niche content website focused on providing research, trends, and statistical data in the education and business sectors for the United States market in 2025. The site offers free access to well-researched papers and reviews, targeting researchers, educators, and business professionals. The business model appears to be content publishing monetized primarily through advertising networks such as Mediavine and Google Ad Manager. Technically, the website is built on WordPress and uses common web technologies and marketing tools, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security flaw. The security posture is weak with no HTTPS, no security headers, and no advanced protections, exposing users to potential risks. Privacy compliance is basic but present, with cookie consent and a privacy policy aligned with GDPR requirements. Overall, the site is legitimate and mature based on WHOIS data but requires urgent security improvements to protect users and enhance trust.

I

IVM Ltd.

ivm-vending.eu

0

IVM Ltd. is a medium-sized manufacturing company based in Hungary specializing in industrial vending machines and tool management solutions. Their website, built on WordPress with the Divi theme, presents a professional and well-structured digital presence targeting industrial clients and partners. The company emphasizes innovation in micrologistics and asset management, supported by proprietary software and certifications such as ISO 9001 and ISO 27001. Technically, the site uses common web technologies including Apache, jQuery, and Google Tag Manager, but lacks a valid SSL certificate, which impacts security posture negatively. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information and social media links are clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires improvements in security and privacy compliance to meet modern standards.

E

Evangelical Free Church of America

efca.org

0

The Evangelical Free Church of America (EFCA) operates as a large non-profit religious association focused on uniting and supporting approximately 1,600 evangelical congregations across the United States. Their website serves as a central hub for ministry resources, church networking, events, and informational content aimed at their faith community and interested individuals. The organization maintains a strong market position within the evangelical sector, supported by trust indicators such as ECFA accreditation and active social media engagement. Technically, the website leverages modern frontend frameworks including Vue.js and Nuxt.js, delivering a visually appealing and accessible user experience. However, the site suffers from slow load times and lacks a content delivery optimization strategy. Hosting is provided by DreamHost, and the site integrates third-party services such as Mailchimp for newsletter subscriptions and Vimeo for video content. From a security perspective, the site exhibits critical vulnerabilities, most notably the absence of a valid SSL/TLS certificate, resulting in no HTTPS support. This severely undermines user trust and data security. Additionally, the lack of security headers, HSTS, and other best practices further exposes the site to potential risks. Privacy compliance is limited, with no cookie consent mechanism detected and only a basic privacy policy present. Overall, while the EFCA website is professionally designed and content-rich, its security posture is weak and requires urgent remediation to protect users and maintain organizational credibility. Strategic improvements in SSL implementation, security headers, and privacy compliance will significantly enhance the site's trustworthiness and resilience.

G

Geberit Gruppe

geberit.com

0

Geberit Gruppe is a leading European manufacturer of sanitary products, recognized as a market leader with a comprehensive product portfolio including installation and flushing systems, piping systems, and bathroom systems. The company targets professionals in the sanitary industry, investors, media, and career seekers, emphasizing innovation, quality, and sustainability. The website reflects a mature digital presence with modern technologies such as React and Next.js, hosted on Microsoft Azure, and includes a consent management system for privacy compliance. Security headers are implemented; however, the SSL certificate is currently invalid, and no modern TLS protocols are enabled, which poses a security risk. Overall, the website is professional, well-structured, and trustworthy, but the SSL issues should be addressed promptly to enhance security and user trust.

S

starlim sterner

starlim-sterner.com

0

starlim sterner is a well-established Austrian manufacturing company specializing in liquid silicone injection molding, holding a world market leader position. Their website reflects a mature business with comprehensive service offerings including product development, tooling, and cleanroom production. Technically, the site is built on WordPress with modern SEO and cookie consent implementations, but lacks a valid SSL certificate, which is a critical security gap. The security posture is basic with no advanced protections like DNSSEC or security headers. Privacy compliance is strong with GDPR-aligned policies and cookie management. Overall, the business presents a professional image with moderate website performance and good user experience, but must urgently address HTTPS and security hardening to improve trust and security.

C

Cloudera

cloudera.com

0

Cloudera is a leading enterprise technology company specializing in hybrid data platforms that enable secure data management and cloud-native analytics. The company targets large enterprises across multiple sectors including technology, healthcare, finance, manufacturing, and government. Their platform supports data engineering, AI, streaming, and operational databases, positioning them strongly in the hybrid multi-cloud data market. The website reflects a mature digital presence with comprehensive content, strong branding, and extensive customer references. Technically, the site is built on Adobe Experience Manager with integrations of Adobe Analytics, Segment, Coveo search, and Brightcove video services. The site is mobile optimized and well structured for SEO and accessibility. However, the SSL configuration is currently invalid with no TLS protocols enabled, which is a critical security concern. Security headers are partially implemented but HSTS is not fully enabled. Privacy and compliance policies are comprehensive and prominently linked, indicating good GDPR and data protection awareness. Contact information is clearly provided with phone numbers and support portals. No WAF or blocking mechanisms were detected, allowing full content access. Overall, Cloudera's website demonstrates strong business credibility and digital maturity but requires urgent remediation of SSL and TLS configurations to improve security posture and user trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

T

Triumph Intertrade AG

triumph.com

0

Triumph Intertrade AG operates a mature and well-established e-commerce platform specializing in lingerie and related apparel, primarily targeting the German market. The website demonstrates a high level of professionalism, rich content, and strong brand consistency, supported by a comprehensive customer loyalty program and active social media presence. The technical infrastructure leverages modern e-commerce technologies including Salesforce Commerce Cloud and Cloudflare for hosting and delivery, with integrated marketing and analytics tools such as Google Tag Manager and CQuotient. However, the absence of a valid SSL/TLS certificate on the main domain significantly undermines the site's security posture, exposing users to potential risks. Additionally, a subdomain takeover vulnerability on blog.triumph.com presents a notable security concern. Privacy and cookie policies are present and indicate GDPR compliance, with clear contact information and incident response channels available. Overall, the site is functional and credible but requires urgent security improvements to protect user data and maintain trust.

Z

Zentrum für Ethik in der Medizin (ZEM)

medizinethik-frankfurt.de

0

The Zentrum für Ethik in der Medizin (ZEM) was a specialized non-profit center focused on medical ethics, affiliated with the Evangelische Kirche in Hessen und Nassau (EKHN). Founded in 1996, it served as a key institution in the region until its closure in April 2025. The website provides information about its services, publications, and contact details, targeting individuals and organizations interested in medical ethics within the church and healthcare sectors in Germany. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall, significantly impacting the site's security posture. The site implements a comprehensive cookie consent mechanism and provides clear privacy policy information, demonstrating good privacy compliance. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

N

New Frontier Investment AG

newfrontier.eu

0

New Frontier Investment AG is a technology-focused investment group based in Vienna, Austria, specializing in leading digital transformation initiatives with enterprise customers globally. The company manages a portfolio of subsidiary companies across various technology sectors, positioning itself as a key player in digital innovation and enterprise solutions. The website reflects a professional business presence with clear branding and consistent messaging about its investment and transformation leadership role. Technically, the website is built on WordPress with common plugins such as LayerSlider and Contact Form 7, but suffers from critical security shortcomings including lack of a valid SSL certificate and disabled HTTPS, which significantly impacts its security posture. The absence of privacy and cookie policies further reduces compliance with GDPR and privacy best practices. Contact information is clearly provided, including a physical address, phone number, and a contact form protected by Google reCaptcha, indicating some level of user interaction security. Overall, the site is functional and professional but requires urgent improvements in security and privacy compliance to meet modern standards.

G

George Labs GmbH

george-labs.com

0

George Labs GmbH operates the digital banking platform 'George', serving over 10 million users across Europe. The platform is positioned as a modern, intelligent, and personal financial companion, backed by Erste Group Bank AG. The website reflects a mature digital presence with professional design, clear branding, and multi-country banking partnerships. Technically, the site is built on WordPress with Elementor and uses modern web technologies, but suffers from critical SSL/TLS misconfigurations that undermine security. Privacy compliance is well addressed with GDPR-aligned cookie consent and policies. Overall, the business is credible and well-positioned in the European digital banking sector, but must urgently address its SSL issues to ensure user trust and security.

P

Porsche Informatik Gesellschaft m.b.H.

porscheinformatik.at

0

Porsche Informatik Gesellschaft m.b.H. is a medium-sized Austrian company specializing in software solutions and IT services for the automotive industry, operating as a subsidiary of the Porsche Holding group. The company focuses on digitalizing automotive trade and enabling future mobility through specialized software development. Their website reflects a professional and consistent brand image, targeting automotive clients and IT professionals. Technically, the site is built on WordPress with PHP 7.2.24 and Apache, but lacks a valid SSL certificate, which is a critical security shortfall. The absence of HTTPS impacts user trust and security posture significantly. Privacy and cookie policies are well implemented and GDPR compliant, with clear contact information provided. Social media presence is robust, supporting brand trust and outreach.

H&M is a globally recognized fashion retailer offering online shopping services with a focus on sustainable fashion at competitive prices. The website serves a broad international audience with multiple language and regional options, reflecting its enterprise scale and global market position. The technical infrastructure leverages ASP.NET technology and Akamai CDN services, with integration of Google Maps APIs for enhanced user experience. However, the website currently lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security deficiency. Security headers are well implemented but cannot compensate for the absence of encrypted communication. Privacy and cookie policies are not evident on the landing page, indicating potential compliance gaps. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements to protect user data and enhance trust.

M

ManpowerGroup

manpower.com

0

ManpowerGroup operates a comprehensive workforce solutions platform primarily targeting job seekers and employers in the United States. The company offers staffing, recruitment, and workforce management services across multiple sectors including transportation, logistics, engineering, and financial services. The website reflects a mature digital presence with a modern React and Sitecore CMS infrastructure, supported by Cloudflare for hosting and CDN services. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR and related regulations. However, the website's security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which are critical issues that must be addressed to protect user data and maintain trust. Overall, the site is professionally designed with excellent content quality and strong business credibility, supported by consistent WHOIS data and recognized certifications.

G

Gerhard Trittenwein

bindertrittenwein.com

0

Gerhard Trittenwein operates a specialized IT consulting and project management business focused on complex IT, change management, and digital transformation projects. The company emphasizes lean and agile methodologies to deliver early and visible results, targeting organizations facing challenging IT projects. The website presents a professional image with clear service offerings and contact information, supported by over 30 years of experience. Technically, the site uses Mono CMS with external CDNs and integrates Google Analytics and ConsentManager for tracking and cookie consent. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw, exposing visitors to risks and undermining trust. Privacy policies and cookie consent mechanisms are in place, indicating GDPR awareness, but no security policy or incident response information is provided. Overall, the business appears legitimate and consistent with its domain registration and DNS records, but urgent improvements in security posture are needed.

G

Gronda

gronda.eu

0

Gronda operates as a leading culinary community platform connecting chefs worldwide to share recipes, culinary creations, and educational content. The business targets professional and aspiring chefs and culinary enthusiasts, offering a mobile app and subscription-based PRO services. The platform is positioned as a top community in its niche with a strong digital presence and active social media engagement. Technically, the website is built on modern web technologies including Webflow CMS, AWS CloudFront CDN, and integrates Google Tag Manager and Weglot for analytics and multilingual support. However, performance data is missing, and inferred loading speed is slow. Security posture is weak due to the absence of a valid SSL certificate and incomplete HTTPS implementation, which poses risks to user data and trust. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site is professional and credible but requires urgent security improvements to protect users and enhance trust.

L

Linde PLC

the-linde-group.com

0

Linde PLC is a leading global industrial gases and engineering company focused on delivering innovative solutions to support customers across various sectors including clean energy and sustainability. The website reflects a mature, enterprise-level business with comprehensive content covering their expertise, sustainability initiatives, investor relations, and corporate governance. The technical infrastructure leverages modern tools such as Sitecore CMS, Azure Application Insights, and OneTrust for compliance, indicating a digitally mature platform. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of modern TLS protocol support, which exposes the site to potential risks and impacts user trust. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and compliance.

Grayling is a large, international PR and public affairs agency operating in over 30 countries with a strong global network of offices and affiliates. The company specializes in brand communications, corporate affairs, and public affairs, serving a diverse range of clients including major global brands. Their website reflects a professional and consistent brand image, with comprehensive content showcasing their services, case studies, and client portfolio. Technically, the site is built on WordPress with modern frontend frameworks and integrates multiple marketing and analytics tools such as Google Analytics, HubSpot, and OneTrust for cookie consent management. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses significant risks to user data and trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates good business credibility and digital maturity but requires urgent security improvements to protect visitors and maintain trust.

Docolution GmbH is a specialized Austrian company providing tailored document management and output management solutions, focusing on quality assurance, accessibility, and customer communication. Their business model targets organizations requiring professional document handling and communication services, supported by consulting and software development. The website reflects a professional presence with clear service offerings and contact information, but lacks some standard compliance documents such as privacy policy and terms of service. Technically, the site uses modern web technologies including JavaScript, jQuery, and Google Analytics, and is mobile optimized with good accessibility features. However, the absence of HTTPS and a valid SSL certificate is a critical security shortfall, exposing users to risks and undermining trust. Security headers are minimal, and no advanced security policies or incident response contacts are published. Overall, the site is functional and credible but requires urgent improvements in security and privacy compliance to meet modern standards.

The domain 20minutes.fr is a mature media website with a registration age of 23 years, indicating a well-established presence in the French media sector. However, the website content is currently inaccessible due to a CloudFront 403 error, which blocks access and prevents content retrieval. The technical infrastructure relies on Amazon CloudFront for hosting and DNS services via AWS, consistent with a large-scale media operation. Despite this, the absence of a valid SSL certificate and lack of HTTPS support significantly undermine the site's security posture. No privacy, cookie, or terms of service policies are detectable, and no contact or social media information is available from the provided HTML content. Overall, the site exhibits a weak security configuration and poor content availability, limiting the ability to perform a full analysis.

R

Retronic Vertriebs GmbH

retronic.de

0

Retronic Vertriebs GmbH is an established German distributor specializing in electronic components, serving various industries including technology and transportation. With over 25 years of experience and TÜV ISO 9001:2015 certification, the company emphasizes long-term partnerships with manufacturers and offers tailored solutions for its clients. The website reflects a professional business model focused on reliability and technical orientation. Technically, the website is built on a modern WordPress platform using PHP 8.4.8 and Elementor for design. It incorporates SEO best practices via Yoast SEO and employs performance optimization tools like WP Rocket. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant security shortfall. Mobile optimization and accessibility are adequate, and cookie consent mechanisms comply with GDPR requirements. From a security perspective, the absence of HTTPS and TLS protocols severely undermines the site's security posture, exposing users to potential data interception risks. While cookie consent and privacy policies are well implemented, the site should urgently address SSL/TLS configuration to protect user data and improve trustworthiness. No incident response or vulnerability disclosure policies are evident. Overall, the site is functional and professional but requires critical security improvements. Strategic recommendations include immediate SSL certificate deployment, enabling modern TLS protocols, and enhancing security headers. These steps will elevate the site's security, compliance, and user trust, aligning with its reputable business standing.

A

APILayer

apilayer.net

0

APILayer is a mature and reputable API marketplace founded in 2015, offering a wide range of APIs across multiple categories such as finance, geolocation, marketing, and developer tools. The platform targets developers and engineering teams seeking scalable, easy-to-integrate API solutions. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, the site uses modern web technologies including OAuth for authentication, Google Tag Manager for analytics, and Cloudflare for CDN and security headers. However, a critical security issue is the absence of a valid SSL certificate and proper HTTPS configuration, which severely impacts the security posture and trustworthiness of the site. Privacy and legal policies are comprehensive and hosted on the parent company domain, indicating corporate governance. Social media presence and client testimonials add to the trust signals. Overall, while the business and content aspects are strong, the security configuration requires urgent remediation to ensure safe user interactions and compliance.

M

moodley design group

moodley.at

0

Moodley design group is a medium-sized, Austria-based consultancy specializing in brand and business transformation through strategy, design, and technology services. The company targets businesses and organizations seeking to accelerate their brand transformation and growth, especially in challenging times. Their market position is that of an established design and strategy consultancy with an international presence, offering services including brand transformation, product design, and digital product and service design. The website content is professionally crafted, with clear navigation and strong branding consistency, targeting a professional audience. Technically, the website is built on a modern stack including nginx, JavaScript, Vimeo embeds, and uses Usercentrics for consent management and Google Tag Manager for analytics. The CMS appears to be Statamic. However, performance metrics are missing, and the site lacks HTTPS, which is a critical security shortfall. Mobile optimization and SEO are good, but accessibility is basic. From a security perspective, the absence of a valid SSL certificate and HTTPS is a major vulnerability, exposing users to risks. No advanced security headers or policies are implemented, and no incident response or vulnerability disclosure information is available. Cookie consent and privacy policies are present and GDPR compliant, indicating good privacy practices. Overall, the website is professional and trustworthy in business presentation but requires urgent security improvements, especially enabling HTTPS and enhancing security headers, to protect users and improve trustworthiness. Strategic recommendations include immediate SSL installation, security header implementation, and enhanced incident response transparency.

L

Light for the world INTERNATIONAL

light-for-the-world.org

0

Light for the World International is a well-established non-profit organization founded in 2004, focused on disability rights and eye health globally. The organization operates multiple country-specific websites, indicating a broad international presence and a strong commitment to inclusive education, economic empowerment, and humanitarian action. Their website content is rich, professionally designed, and regularly updated, targeting individuals and organizations interested in disability inclusion and health advocacy. Technically, the website is built on WordPress with modern SEO plugins and accessibility features, providing a good user experience and mobile optimization. However, the hosting environment lacks a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Other security headers and best practices are partially implemented but require improvement. The security posture is currently weak due to missing HTTPS and related configurations, posing risks to user data confidentiality and trust. Privacy compliance is well addressed with GDPR-compliant cookie consent mechanisms and a comprehensive privacy policy. Business credibility is high, supported by transparent WHOIS data, trust seals, and clear contact information. Overall, the website is functional and trustworthy from a business and content perspective but requires urgent security enhancements to protect users and improve trustworthiness. Strategic recommendations include immediate SSL certificate installation, enabling HTTPS, and strengthening security headers and protocols.

The website postserver.com currently serves only a minimal HTML page containing a JavaScript redirect to /lander, with no additional content, metadata, or business information. The domain is registered and resolves to two IP addresses hosted on Amazon AWS infrastructure, but lacks a valid SSL certificate and does not support HTTPS, exposing users to security risks. No privacy, cookie, or terms of service policies are present, and no contact or business details are available on the site. The DNS configuration is basic with no DNSSEC or CAA records, and the SPF record strictly disallows email sending from this domain. Overall, the site appears to be in an early or placeholder state with very limited digital maturity and poor security posture.

The website agentprovocateur.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) security challenge page, which blocks direct content access. This prevents extraction of meaningful business, privacy, or contact information from the site itself. The domain is mature, registered since 1999, and shows strong domain protection with consistent WHOIS data, indicating a legitimate retail business presence. However, the lack of a valid SSL/TLS certificate and absence of HTTPS severely impacts the security posture and trustworthiness of the site. The technical infrastructure relies on Cloudflare for security and hosting, but the SSL configuration is incomplete or invalid, which is a critical security issue. No privacy policies, cookie consent mechanisms, or terms of service were found in the accessible content, limiting compliance assessment. Overall, the site’s security posture is weak due to missing HTTPS, and content quality cannot be evaluated due to blocking. Strategic improvements in SSL deployment and content accessibility are essential for better security and user trust.

Suomen Euromaster Oy operates a comprehensive automotive service website focused on tire sales, installation, and vehicle maintenance services across Finland. The company serves both individual consumers and business clients with a wide network of over 80 service points. The website is professionally designed, localized primarily in Finnish, and integrates modern web technologies and marketing tools. However, the site suffers from a critical security flaw due to an invalid SSL certificate and lack of TLS protocol support, which significantly impacts its security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided, supporting business credibility. The domain registration data aligns well with the business claims, indicating legitimacy.

P

Paris Lodron Universität Salzburg

uni-salzburg.at

0

Paris Lodron Universität Salzburg is a large, well-established public university in Austria, founded in 1622. It offers a broad range of academic programs across six faculties and serves approximately 18,000 students. The university maintains a strong regional and international research presence and provides extensive student services and community engagement. The website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on WordPress with common web technologies such as jQuery and CSS. However, the absence of a valid SSL certificate and HTTPS support is a significant security shortfall, exposing users to potential risks. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. The university demonstrates trustworthiness through certifications and active social media engagement.

I

Informa Connect Australia

informa.com.au

0

Informa Connect Australia is a leading event organiser specializing in conferences, exhibitions, and corporate training services primarily targeting business professionals in Australia. As part of the global Informa PLC group, it holds a strong market position with a large-scale operational footprint. The website reflects a professional business model focused on event management and corporate learning, supported by a consistent brand presence and trust indicators such as testimonials and social media engagement. Technically, the site is built on WordPress with WooCommerce and uses modern web technologies and frameworks, although performance metrics are unavailable. Security posture is weak due to the absence of a valid SSL certificate and HTTPS support, despite the presence of some security headers and Cloudflare protection. Privacy compliance is moderate with clear privacy and cookie policies and consent mechanisms, but lacks explicit GDPR compliance indicators or security policies. Overall, the site is functional and credible but requires urgent improvements in security infrastructure to protect user data and enhance trust.

A

Anaplan Inc

anaplan.com

0

Anaplan Inc operates a mature, enterprise-grade AI-infused scenario planning and connected planning platform targeting large organizations across multiple industries including finance, supply chain, sales, marketing, and HR. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, the site uses Adobe Experience Manager CMS with modern marketing and analytics tools such as Marketo and OneTrust for privacy compliance. However, a critical security issue is the invalid or missing SSL certificate and lack of TLS protocol support, which significantly impacts the security posture score. Privacy compliance is strong with clear cookie consent mechanisms and a comprehensive privacy policy. Business credibility is high, supported by analyst recognitions and a large customer base. Overall, the site is trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 28 security findings identified across all modules.

S

Swissport International AG

swissport.com

0

Swissport International AG operates as a global leader in airport ground services and air cargo handling, serving 286 airports worldwide. The company offers a broad portfolio of services including passenger services, ramp handling, air cargo services, airport hospitality, and executive aviation. Swissport targets airlines, airport operators, and cargo handlers, positioning itself as a market leader with a comprehensive service offering and a strong global network. The website reflects a professional and consistent brand image with extensive content and media releases supporting its market presence. Technically, the site leverages modern technologies such as Cloudflare CDN, Cookiebot for consent management, Google Tag Manager, and social media integrations, hosted on a CMS platform identified as Ibexa DXP. However, the website's SSL certificate is invalid or missing, which is a critical security concern that impacts the overall security posture. Security headers are well configured, but the lack of valid HTTPS and TLS protocols reduces the security score significantly. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Business credibility is high, supported by trust indicators such as ISO 27001 certification and official social media presence. Overall, the website is functional and professional but requires urgent remediation of SSL/TLS issues to improve security and trust.

A

Ascent

parkside-interactive.com

0

Ascent is a UK-based design-led technology company specializing in data, AI, software, and cloud solutions. With a large team of over 530 professionals, they serve a broad client base across multiple industries including insurance, healthcare, retail, and technology. Their service offerings include data strategy, software engineering, cloud migration, and AI-driven innovation. The website reflects a mature and professional digital presence with comprehensive content, client case studies, and certifications, positioning Ascent as a credible player in the technology consulting market. Technically, the website uses modern frameworks such as Vue.js and Bootstrap and is hosted on Microsoft Azure, but suffers from a critical lack of HTTPS and valid SSL certificates, which significantly impacts security posture. Security headers are partially implemented, but the absence of TLS protocols and SSL undermines trust and user safety. Privacy compliance is moderate with a privacy policy present but no cookie consent mechanism detected. Overall, the site is content-rich and professionally designed but requires urgent security improvements to meet modern standards.

B

Borouge

borouge.com

0

Borouge is a prominent petrochemical company specializing in the production and supply of innovative polyethylene and polypropylene solutions across multiple sectors including energy, infrastructure, healthcare, and agriculture. The company leverages advanced Borealis Borstar® technology to deliver tailored polymer products that meet specific customer needs, emphasizing sustainability and innovation. The website reflects a well-structured digital presence with comprehensive investor relations, media updates, and e-services, targeting industrial clients and stakeholders in the petrochemical industry. Technically, the site is built on Microsoft SharePoint, incorporating modern web technologies and basic mobile optimization. However, a critical security concern is the invalid or missing SSL certificate, which undermines the security posture despite the presence of multiple security headers and policies. Privacy compliance is well addressed with clear cookie and privacy policies, including GDPR adherence. Contact information is transparent and professional, enhancing business credibility. Overall, the website demonstrates a solid business and digital foundation but requires urgent remediation of SSL issues to improve security and trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

S

Sun Chemical

sunchemical.com

0

Sun Chemical is a globally recognized enterprise manufacturing inks, pigments, and advanced materials serving diverse industrial sectors including packaging, graphics, automotive, electronics, and healthcare. As a member of the DIC Group with over 22,000 employees and a legacy spanning over 200 years, the company holds a strong market position supported by extensive patents and sustainability initiatives. The website reflects a mature digital presence with comprehensive content, professional design, and good SEO practices. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the security posture, exposing users to risks and reducing trust. Security headers are partially implemented but insufficient without proper TLS. Privacy and cookie policies are present and indicate GDPR compliance, though no explicit security or incident response policies are found. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect data and user trust.

P

Pörner Ingenieurgesellschaft mbH

poerner.at

0

Pörner Ingenieurgesellschaft mbH is a well-established independent engineering company specializing in process engineering plant construction, headquartered in Vienna, Austria. With approximately 550 engineers across 10 European locations, the company serves industrial sectors including refineries, petrochemical, chemical, energy, gas, and pharmaceuticals. Pörner is recognized globally for its Biturox® bitumen oxidation technology, having licensed and built over 60 plants worldwide. The website reflects a professional business presence with comprehensive service descriptions and active news updates. Technically, the site is built on TYPO3 CMS with common JavaScript libraries, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS, lack of security headers, and no advanced SSL features. Privacy compliance is strong with a clear cookie consent mechanism and GDPR-aligned privacy policy. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

W

Wiener Messe und Congress GmbH

messe.at

0

Wiener Messe und Congress GmbH operates the VIECON – Vienna Congress & Convention Center, a leading event venue in Vienna offering flexible spaces for congresses, exhibitions, and corporate events. The website presents a professional image with comprehensive information about the venue, services, and sustainability initiatives. Technically, the site is built on WordPress with modern plugins and SEO optimizations, but lacks a valid SSL certificate, resulting in an insecure HTTP-only connection. Security headers are present but insufficient without HTTPS. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is credible and well-structured but requires urgent SSL implementation to improve security and trust.

G

Greater Europe Mission

gemission.org

0

Greater Europe Mission is a well-established Christian missions non-profit organization focused on disciple-making and evangelism throughout Europe. The organization has a mature online presence with a professionally designed WordPress website that clearly communicates its mission, values, and ministry areas. The website targets Christian communities, churches, missionaries, and donors interested in European missions. It offers resources, contact options, and donation capabilities to support its mission. Technically, the site uses modern web technologies including WordPress, Beaver Builder, and integrates Google Analytics and Tag Manager for tracking. However, the site lacks a valid SSL certificate and HTTPS support, which is a significant security concern. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the site is credible and trustworthy but requires urgent security improvements to protect user data and enhance trust.

S

SoftwareOne Österreich GmbH

comparex.at

0

SoftwareOne Österreich GmbH is a leading enterprise software and cloud solutions provider with a strong global presence and local expertise in Austria. The company offers a broad range of services including cloud migration, application modernization, IT asset management, software sourcing, and customer training. Their business model focuses on B2B services, supporting digital transformation initiatives for enterprises across multiple industries. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Vercel, and integrates advanced cookie consent and analytics tools. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses a significant risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website demonstrates high professionalism and business credibility but requires urgent improvements in SSL/TLS configuration to enhance security.

D

dwarfs and Giants eG

dwarfsandgiants.org

0

dwarfs and Giants eG is a small Austrian cooperative consultancy specializing in organizational development and new work methodologies. Their website, built on Drupal 10, offers comprehensive content including workshops, client stories, and toolboxes aimed at helping organizations improve work culture and self-organization. The site is well-designed, mobile-optimized, and provides clear navigation and professional content. However, the technical infrastructure lacks a valid SSL certificate and does not support modern TLS protocols, significantly weakening the security posture. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Overall, the business presents itself as credible and trustworthy, but the lack of HTTPS is a critical security gap that must be addressed.

F

Fresh Trading Limited

innocentdrinks.co.uk

0

Innocent Drinks, operated by Fresh Trading Limited and owned by The Coca-Cola Company, is a well-established UK-based beverage company specializing in natural and sustainable drinks such as smoothies, juices, and shots. The company positions itself strongly in the retail sector with a focus on sustainability, social responsibility, and B Corp certification, appealing to environmentally and socially conscious consumers. The website reflects this ethos with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on Adobe Experience Manager and hosted on AWS CloudFront, leveraging modern cloud infrastructure and Adobe's marketing and consent management tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, which significantly impacts the site's security posture. Privacy and legal policies are well documented and accessible, indicating good compliance practices. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

H

HEROLD Business Data GmbH

ichbinderherold.at

0

HEROLD Business Data GmbH operates a professional career portal focused on online media and marketing services for Austrian businesses. The company is well positioned as a leading website producer and Google Premium Partner with a strong employer brand. The website content is rich, professionally designed, and targets job seekers and SMEs in Austria. Technically, the site uses Mono CMS and integrates modern tracking and consent management tools but lacks HTTPS, which is a critical security gap. The security posture is weak due to the absence of SSL/TLS encryption and missing security headers. Privacy compliance is good with a clear privacy policy and cookie consent mechanism. Overall, the site is trustworthy but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Seven Refractories operates as a niche industrial supplier specializing in refractory materials for high temperature and aggressive industrial environments such as steel, iron, and cement production. The website currently serves as a placeholder indicating a forthcoming revised site, with minimal content and no direct contact or policy information. The technical infrastructure is based on WordPress with common plugins and hosted behind Cloudflare, but lacks a valid SSL certificate, which severely impacts security posture. Security headers and best practices are largely absent, exposing the site to potential risks. The absence of privacy and cookie policies, as well as contact details, further reduces trust and compliance standing. Overall, the site is in an early or transitional stage of digital maturity and requires significant improvements in security, content, and compliance to meet industry standards.

D

diego5 studios

diego5studios.com

0

diego5 studios is a medium-sized influencer marketing agency and video content production company based in Austria, founded in 2015. It operates the largest influencer community in Austria and offers comprehensive services including influencer marketing, branded entertainment, workshops, and live events. The company targets brands seeking to engage audiences through digital video content and influencer collaborations. The website reflects a professional and consistent brand presence with good content quality and clear navigation, optimized for mobile users. Technically, the site is built on WordPress using common plugins and jQuery libraries, hosted on servers managed by world4you.at. However, the website lacks a valid SSL certificate and HTTPS support, which is a critical security deficiency. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. The business demonstrates legitimacy through client logos and active social media channels.

The United Nations Office for Outer Space Affairs (UNOOSA) operates as a key UN entity facilitating international cooperation in peaceful space activities, space law, and capacity building. It serves a global audience including member states, space agencies, academia, and industry. The website reflects a mature and consistent brand aligned with UN standards, offering comprehensive information on space policy, events, and programs. Technically, the site uses a legacy tech stack with Apache, jQuery, and Bootstrap, but suffers from slow performance and basic mobile optimization. Security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, exposing users to risks. Privacy compliance is minimal, lacking cookie consent mechanisms and GDPR indicators. Contact information and social media presence are well established, enhancing business credibility. Overall, the site is authoritative but requires urgent security and privacy improvements.

U

Ulrike Lahrs Steuerberatungskanzlei

kanzleilahrs.de

0

Ulrike Lahrs Steuerberatungskanzlei is a small, local tax consultancy firm based in Twistringen, Germany, specializing in tax advisory, accounting, payroll, and tax declaration services. The website presents a professional and clear business description targeting individuals and businesses seeking tax-related services in the region. The technical infrastructure is based on the IONOS MyWebsite platform, utilizing Apache server and common JavaScript libraries such as jQuery and Cookiebot for cookie consent management. However, the website lacks HTTPS support, which significantly undermines its security posture. Security headers are partially implemented, but the Content Security Policy is in report-only mode and permits unsafe script execution, increasing risk. Privacy compliance is addressed with a GDPR-compliant privacy and cookie policy, but no terms of service or explicit security policies are found. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.