Security Directory

A

APG

apg.nl

0

APG is a large Dutch pension fund service provider specializing in pension administration, asset management, and advisory services. The website is content-rich, professionally designed, and targets pension participants and institutional investors. The technical infrastructure includes Cloudflare hosting, Umbraco CMS, and multiple marketing and analytics tools such as Google Tag Manager and Cookiebot. However, a critical security issue is the absence of a valid SSL certificate and enabled TLS protocols, which severely impacts the security posture. Security headers are well implemented, but the lack of HTTPS reduces trust and security. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Contact information is primarily via web forms, with no explicit emails or phone numbers found. Social media presence is active on LinkedIn, Facebook, and Instagram. Overall, the website is professional and trustworthy but requires urgent SSL/TLS configuration improvements to enhance security and user trust.

Sulzer Ltd is a globally recognized leader in fluid engineering, specializing in the manufacturing and servicing of pumps, agitators, mixers, separation, and purification technologies. The company serves essential industries such as energy, manufacturing, and process industries, positioning itself as a key player in enabling sustainable and efficient industrial operations worldwide. Their website reflects a mature enterprise with comprehensive product and service offerings, strong branding, and a clear focus on sustainability and innovation. Technically, the website employs a modern technology stack including Apache server, Vue.js framework, and integrates multiple third-party analytics and marketing tools such as Google Analytics, Pardot, and Hotjar. The site is hosted with Azure DNS and demonstrates good SEO and mobile optimization practices. However, performance metrics are not explicitly available. From a security perspective, while the site implements several important security headers and content security policies, it critically lacks a valid SSL/TLS certificate and does not support HTTPS, which severely undermines its security posture. This exposes users to potential risks and reduces trustworthiness. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website is professional and credible but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and improve its security score. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enhancing security header configurations to protect users and maintain trust.

L

Lab42 Games

lab42.games

0

Lab42 Games is a UK-based medium-sized game development company specializing in cross-platform game development and co-development services. As part of the Sumo Group Ltd, it benefits from strong industry partnerships and a veteran management team. The website presents a professional image with clear business information, multiple industry awards, and a focus on recruitment and service offerings. Technically, the site uses OrchardCore CMS and jQuery, hosted on Microsoft IIS, but suffers from critical security shortcomings including lack of HTTPS and valid SSL certificates. Privacy and cookie policies are present, but GDPR compliance indicators are limited. The security posture is weak due to missing SSL, DMARC, DNSSEC, and incident response information. Overall, the site is functional and informative but requires urgent security improvements to protect users and enhance trust.

Diamond Aircraft Industries is a leading manufacturer in the General Aviation sector, specializing in the production of safe and efficient single and twin piston aircraft. The company offers a comprehensive range of products and services including aircraft manufacturing, flight school solutions, special mission aircraft, engine manufacturing through Austro Engine, and pilot and maintenance training. Their global presence is supported by a professional website built on TYPO3 CMS and hosted behind Cloudflare DNS services. The website demonstrates strong digital maturity with good design, navigation, and privacy compliance through the use of a consent management platform. However, a critical security gap exists as the site lacks a valid SSL/TLS certificate, serving content over HTTP only, which significantly impacts the security posture. No explicit security or incident response policies are publicly available. Overall, the domain registration is consistent and trustworthy, aligning with the company's business claims.

T

The Jodel Venture GmbH

jodel-app.com

0

Jodel is a technology company operating a hyperlocal community social app designed to connect users instantly with people around them, primarily targeting young professionals and students (Gen Z and Y). The platform offers local tips, news, stories, and a tailored advertising service for brands, HR campaigns, and market research. The website is built on WordPress using Elementor and Elementor Pro, hosted behind Cloudflare CDN. Despite a professional design and good content quality, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Cookie consent is managed via Cookiebot, indicating good privacy compliance practices. However, no explicit contact information or security policies are found on the homepage, limiting direct user engagement and incident response readiness.

K

ktchng

ktchng.com

0

ktchng is a small Austrian-based technology and e-commerce company offering an augmented reality mobile app that enables users to scan products and environments to receive trend information, community content, and sales offers. The platform integrates a token reward system (KTC) that users can earn and redeem in the ktchng webshop and partner stores. The website is professionally designed with good content quality and consistent branding, targeting consumers interested in AR and digital shopping experiences. Technically, the site uses PHP backend with nginx, Amazon AWS hosting, CloudFront CDN, and integrates monitoring and analytics tools such as New Relic, Google Analytics, and Facebook Pixel. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security vulnerability. Privacy and cookie policies are present and GDPR compliant, with a cookie consent mechanism implemented. Contact information is clearly provided, including emails and phone numbers. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Broadcom Inc. is a global leader in technology, specializing in semiconductor products, enterprise software, and security solutions. The website reflects a professional and consistent brand presence targeting enterprise customers and technology professionals. The technical infrastructure leverages modern web technologies such as React and Cloudflare CDN, with extensive use of third-party marketing and analytics tools to support business operations and user engagement. However, the website currently suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of TLS protocol support, which significantly impacts its security posture. While security headers are well configured, the lack of HTTPS undermines user trust and data protection. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy policy or terms of service. Overall, the site demonstrates good business credibility but requires urgent security improvements to align with best practices.

D

DIETZEL GmbH

dietzel-univolt.com

0

Dietzel Univolt is a medium-sized, independent family-owned manufacturing and distribution company specializing in electrical installation materials and related civil engineering products. With production facilities in Austria, Slovakia, and China, the company serves professional customers internationally, including regional subsidiaries in the UK and Hungary. The website reflects a professional and consistent brand presence with comprehensive product and service information, supporting a strong market position in manufacturing. Technically, the site uses a modern CMS and common web technologies but suffers from critical security shortcomings due to the lack of a valid SSL certificate and HTTPS support, which exposes users to risks. Privacy compliance is well addressed with clear cookie consent and privacy policies, aligning with GDPR requirements. Overall, the site is functional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

D

dm Slovensko

dm-drogeriemarkt.sk

0

dm Slovensko operates a well-branded online drugstore e-commerce platform targeting Slovak consumers with a broad range of personal care and health products. The website leverages a modern JavaScript and CSS technology stack with integrations from multiple third-party services for analytics, marketing, and user consent management. The technical infrastructure is hosted on Google Cloud, indicating a scalable and reliable hosting environment. However, the website currently lacks a valid SSL/TLS certificate, resulting in no HTTPS availability, which is a critical security concern. Security headers are mostly well implemented, but the disabled X-XSS-Protection header and malformed DNS CAA records indicate areas for improvement. Privacy and cookie policies are not detected in the provided content, representing a compliance gap with GDPR and related regulations. Overall, the website is functional and professionally designed but requires urgent security and compliance enhancements to protect user data and build trust.

R

REICHLUNDPARTNER Werbeagentur

reichlundpartner.com

0

REICHLUNDPARTNER Werbeagentur is a well-established, large full-service advertising agency based in Austria with offices in Linz, Vienna, and Graz. The company offers a broad range of marketing and communication services including advertising, digital marketing, media planning, public relations, social media, event management, and innovative business model development through its Future Thinking division. The agency holds a strong market position supported by numerous industry awards and a large, skilled team. The website reflects a professional and comprehensive digital presence with multilingual support and clear branding. Technically, the site is built on WordPress with modern tools like Google Tag Manager and HubSpot integration, but suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and user trust. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant. Contact information is clearly provided with multiple channels and physical addresses. Overall, the business credibility and content quality are high, but urgent security improvements are recommended.

Y

Yahoo Inc

maven.net

0

Yahoo Inc. operates a comprehensive corporate website showcasing its position as a global media and technology company with a strong focus on advertising solutions and digital media services. The site highlights key offerings such as Yahoo Ads, Yahoo DSP, and Yahoo Search, targeting advertisers and partners worldwide. The company leverages a modern technical infrastructure including Webflow CMS, AWS hosting, and Cloudflare CDN, supported by Google Tag Manager for analytics and marketing. While the website design and content quality are excellent, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which poses significant risks for data confidentiality and user trust. Privacy policies and terms of service are well documented, reflecting good compliance practices. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to align with best practices and protect users.

DiaSorin S.p.A. operates a comprehensive corporate website focused on molecular diagnostics, immunodiagnostics, and licensed technology platforms. The company positions itself as a global leader in laboratory diagnostics, targeting healthcare providers, laboratories, and scientific communities. The website provides extensive product information, corporate governance details, investor relations, and career opportunities, reflecting a mature and professional business presence. Technically, the site is built on Drupal 10 with modern front-end technologies and integrates marketing and analytics tools such as Google Tag Manager and Cookiebot for privacy compliance. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, exposing users to potential risks. Security headers are partially implemented, but the lack of HTTPS significantly lowers the security posture. Privacy policies and cookie consent mechanisms are well implemented, indicating good compliance with GDPR. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

A

Avconjet

avconjet.at

0

Avconjet is a prominent European private jet management and charter company operating a fleet of over 100 aircraft worldwide. The company offers comprehensive services including jet management, business jet charter, aircraft sales and acquisition, aviation consulting, and asset management. Their market position is strong with an international presence and recognized certifications such as IS-BAO Stage 2 and WYVERN verification. Technically, the website is built on WordPress with Elementor and optimized using WP Rocket, providing a good user experience and SEO optimization. However, the security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which poses a significant risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent improvements in SSL and security configurations.

X

XAL

xal.com

0

XAL is a well-established Austrian company specializing in innovative LED lighting solutions with a strong focus on design, sustainability, and tailored products for various applications including commercial, retail, and hospitality sectors. The company maintains a global presence with subsidiaries and a parent group, offering a comprehensive range of lighting products and digital services. Technically, the website is built on the Pimcore CMS platform, utilizing modern frameworks like Bootstrap and analytics tools such as Matomo, with good privacy compliance via OneTrust. However, the absence of a valid SSL certificate and lack of HTTPS significantly weaken the security posture, exposing the site to potential risks. Despite this, the site demonstrates excellent content quality, professional design, and strong business credibility. Strategic improvements in SSL implementation and security configurations are critical to enhance trust and protect user data.

S

STRG

strg.at

0

STRG is a well-established Austrian technology and research company specializing in custom software solutions, AI research, and digital transformation services. With over 20 years of experience, STRG offers a modular approach to software development, integrating AI and sustainability principles to optimize business processes across various industries including manufacturing, healthcare, finance, and media. The company maintains a strong market position supported by client testimonials, case studies, and industry partnerships. Technically, the website is built on WordPress with Elementor and employs modern web technologies and performance optimizations. However, the absence of a valid SSL certificate and HTTPS configuration is a critical security gap that undermines user trust and data protection. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, STRG demonstrates a mature digital presence but must urgently address its SSL/TLS security to enhance its security posture and trustworthiness.

J

Jarltech Europe GmbH

jarltech.com

0

Jarltech Europe GmbH is a well-established specialist distributor in the technology sector, focusing on point-of-sale and automatic identification equipment across Europe. With a mature domain and a broad manufacturer partnership network, it serves a large customer base with premium distribution services. The website is professionally designed, content-rich, and provides comprehensive legal and privacy information, reflecting a strong commitment to GDPR compliance and user privacy. Technically, the site uses Drupal 10 with modern web technologies and integrates reputable analytics and marketing tools, although performance is moderate. Security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which is a critical risk that should be addressed promptly. Overall, the business demonstrates high credibility and transparency, but the security configuration requires urgent improvement to protect user data and maintain trust.

I

ICMPD

icmpd.org

0

ICMPD is an established international organization focused on migration policy development, capacity building, and research, serving 21 member states with a global project footprint. The website reflects a mature, professional entity with comprehensive content and strong branding consistency. Technically, the site uses modern CMS technology (eZ Platform) and integrates analytics tools like Google Analytics and Matomo, but suffers from poor SSL implementation and lacks critical security headers, impacting its security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and enhance trust.

B

BRANDL TALOS Rechtsanwälte GmbH

btp.at

0

BRANDL TALOS Rechtsanwälte GmbH is a leading Austrian law firm specializing in a broad range of legal services including labor law, compliance, corporate transactions, and regulatory matters. The firm targets business clients seeking expert legal advice to support their commercial success. The website reflects a professional and comprehensive presentation of their services and expertise, positioning them as a trusted partner in the Austrian legal market. Technically, the website is built on WordPress with modern SEO and cookie consent tools, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security shortfall. Security posture is weak due to missing HTTPS and security headers, though no active vulnerabilities or malware were detected. Privacy compliance is strong with a clear GDPR-compliant privacy and cookie policy. Overall, the site is credible and professional but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include immediate SSL implementation, security header deployment, and performance optimization to improve user experience and security.

Z

Zukunftsinstitut GmbH

zukunftsinstitut.de

0

Zukunftsinstitut GmbH is a reputable future research and consulting company based in Germany with a subsidiary in Austria. The company specializes in transforming exclusive trend analyses into actionable strategies and concepts for organizations. Their market position is strong, supported by a professional website, a broad range of services including research, consulting, publishing, keynotes, and conferences, and a solid client base evidenced by displayed client logos. Technically, the website is built on HubSpot CMS, leveraging modern JavaScript libraries and integrates Google Analytics and Tag Manager for marketing and analytics. However, the security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which poses a critical risk. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

SunEdison operates in the energy sector, but the current website at sunedison.com provides minimal content, consisting solely of a redirect script to a subpath (/lander). The lack of metadata, business information, or contact details limits the ability to fully assess the company's market position or services. The domain is registered with standard DNS records and uses Microsoft Outlook for mail exchange, indicating some level of operational infrastructure. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. No privacy or cookie policies are present, and no security best practices such as security headers or DNSSEC are implemented. Overall, the website appears underdeveloped or in a placeholder state, which impacts trust and user experience negatively.

I

ION Group

openlink.com

0

ION Group operates the Openlink commodity management software, a comprehensive front-to-back solution designed for global commodity markets. The platform supports multiple commodity asset classes with advanced risk management, workflow automation, and customization capabilities, targeting large commodity-intensive corporations. The website demonstrates a mature digital presence with professional design, structured content, and extensive integration of analytics and marketing tools. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is strong, with a clear cookie consent mechanism and GDPR adherence. Overall, the business is well-positioned in the energy and finance sectors with a robust product offering, but should prioritize fixing SSL issues to enhance security and trust.

IT-Services der Sozialversicherung GmbH (ITSV) is a specialized technology company focused on managing and coordinating IT activities for the Austrian social insurance sector. The company plays a pivotal role in driving digital transformation and efficiency improvements within the healthcare and social insurance ecosystem in Austria. Their key services include IT coordination, digitalization of social insurance services, and SAP support through a dedicated Customer Center of Expertise. The website reflects a professional and consistent brand presence targeting social insurance entities and insured individuals in Austria. Technically, the site uses a modern tech stack including Apache, Jakarta Faces, and jQuery, supported by a Gentics CMS platform. However, performance appears slow and SSL/TLS security is critically lacking, with no valid certificate or secure protocols enabled. Security headers such as Content Security Policy are well implemented, but the absence of HTTPS and TLS protocols represents a significant risk. Privacy compliance is strong, with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site is content-rich and trustworthy but requires urgent security improvements to protect user data and maintain trust.

I

Immobilien Scout GmbH

immobilien.net

0

Immobilien.net is a well-established Austrian real estate platform operated by Immobilien Scout GmbH, offering a broad range of residential and commercial property listings. The website targets individuals and investors seeking to rent or buy properties in Austria, providing expert services and a knowledge portal. Technically, the site uses modern frontend technologies such as React and is hosted on AWS CloudFront CDN, ensuring good mobile optimization and SEO. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw, severely impacting the site's security posture. Privacy and cookie policies are present and appear comprehensive, supporting GDPR compliance. Overall, while the business and content quality are good, the lack of HTTPS significantly reduces trust and security.

M

Moodsonic Services Ltd

moodsonic.com

0

Moodsonic Services Ltd operates a professional website focused on intelligent soundscaping solutions for workplaces and healthcare environments. The company leverages generative sound technology and biophilic design principles to enhance occupant well-being and productivity. Their market position is supported by notable clients such as HSBC, GSK, SAP, and Microsoft, and they provide technology, training, and consultancy services primarily targeting commercial and healthcare sectors. The website is well-designed, content-rich, and professionally branded, reflecting a small but focused technology business based in the UK. Technically, the site is built on the Webflow CMS platform, uses Cloudflare for DNS and CDN services, and integrates marketing and analytics tools such as Google Tag Manager, HubSpot, and Apollo.io. The site is mobile-optimized and SEO-friendly but lacks performance metrics data. Security-wise, the site has critical issues including the absence of a valid SSL certificate and no HTTPS enforcement despite having some security headers configured. This significantly lowers the security posture score and poses risks to user data confidentiality. Privacy compliance is partial; a comprehensive privacy policy is present and GDPR compliant, but no cookie policy or consent mechanism is detected. Contact information is limited to forms without direct emails or phone numbers, which may affect user trust and accessibility. Overall, the website is professional and credible but requires urgent security improvements to protect visitors and enhance trust. Strategic recommendations include obtaining and properly configuring SSL/TLS certificates, implementing cookie consent mechanisms, and enhancing contact transparency. These steps will improve security, privacy compliance, and user trust, supporting Moodsonic's growth and reputation in the soundscape technology market.

I

ION Group

reval.com

0

ION Group operates the Reval treasury software platform, a SaaS solution designed to automate and optimize treasury operations for global corporations, financial institutions, and government entities. The platform offers advanced features including real-time cash visibility, machine learning for forecasting and fraud detection, and seamless integration with banking and ERP systems. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site is built on WordPress and leverages modern analytics and marketing tools, hosted behind Cloudflare for performance and security. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and disabled TLS protocols, which significantly impacts the security posture. Privacy compliance is well addressed with GDPR-aligned cookie consent mechanisms. Overall, the site demonstrates high business credibility but requires urgent remediation of SSL issues to ensure secure user interactions.

H

Honeywell International Inc.

honeywell.com

0

Honeywell International Inc. is a mature, enterprise-level industrial technology company with a strong global presence and a broad portfolio of solutions spanning aerospace, automation, energy transition, cybersecurity, and more. The website reflects a professional and comprehensive digital presence, targeting industrial operators and commercial clients with detailed content and multi-regional support. Technically, the site uses modern CMS and analytics tools but lacks a valid SSL certificate and proper TLS support, which is a critical security gap. Security headers are well implemented, but a subdomain takeover vulnerability on dev.honeywell.com poses a risk. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy practices. Overall, the site is trustworthy and professionally maintained but requires urgent remediation of SSL and subdomain issues to improve security posture.

F

Fundermax GmbH

fundermax.at

0

Fundermax GmbH is a large Austrian manufacturer specializing in high-quality wood-based materials and compact laminates used in interior and exterior design applications. The company offers a diverse portfolio including raw chipboard, coated chipboard, laminate panels, compact panels, and biofiber panels, targeting architects, designers, and manufacturers. Their website demonstrates a professional and consistent brand presence with multiple industry certifications and awards, indicating a strong market position. Technically, the site is built on Pimcore CMS with Bootstrap framework and integrates modern tools like Google Tag Manager and Cookiebot for analytics and cookie consent management. However, the website currently lacks a valid SSL certificate, which significantly impacts its security posture. While security headers are present, the absence of a valid HTTPS setup and explicit security or incident response policies are notable gaps. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR compliance indicators. Overall, the site is professional and trustworthy but requires urgent attention to its SSL configuration and security policy transparency to enhance its security posture and user trust.

The website for accorhotels.group is currently minimal and lacks substantive content or metadata. The domain appears registered and associated with the hospitality sector, likely linked to the AccorHotels group, a large multinational hospitality company. However, the website itself does not provide any visible business information, contact details, or user-facing content. Technically, the site lacks HTTPS support and does not have any security headers or modern web technologies implemented, indicating a very low digital maturity level. From a security perspective, the absence of SSL/TLS and security best practices exposes the site to risks and undermines user trust. Overall, the site is not currently suitable for public or customer-facing use and requires significant improvements in content, security, and compliance to meet industry standards.

A

All for One Customer Experience GmbH

b4b-solutions.com

0

All for One Customer Experience GmbH is a Germany-based technology company specializing in delivering innovative customer experience solutions leveraging the SAP Customer Experience Suite. Positioned as a SAP Platinum Partner and part of the All for One Group, the company offers comprehensive cloud-based services including consulting, software implementation, and custom development to enhance customer journeys and digital transformation for businesses. The website reflects a professional and consistent brand image targeting enterprises seeking to optimize their customer engagement and sales processes. Technically, the website is hosted on Amazon Web Services using Amazon S3 and CloudFront CDN, employing modern web technologies such as JSON-LD structured data and OneTrust for cookie consent management. The site is well-optimized for SEO, accessibility, and mobile responsiveness, providing a high-quality user experience. However, performance metrics were not available. From a security perspective, while the site implements several important security headers and content security policies, it critically lacks a valid SSL/TLS certificate and does not support modern TLS protocols, resulting in a poor security posture. This exposes users to risks and undermines trust. Privacy compliance is strong with comprehensive privacy and cookie policies and consent mechanisms in place. Overall, the website demonstrates strong business credibility and digital maturity but requires urgent remediation of SSL/TLS issues to ensure secure communications and maintain trust. Strategic improvements in security infrastructure will significantly enhance the site's risk profile and user confidence.

Electrolux is a globally recognized leader in household appliances, offering a wide range of products including cooking, cooling, laundry, vacuum cleaners, and small kitchen appliances. The website targets Finnish consumers, providing comprehensive product information, promotions, and support services. The digital infrastructure is built on modern technologies such as Next.js, ensuring a responsive and user-friendly experience. While the site employs multiple analytics and marketing tools for personalization and tracking, it maintains good privacy compliance with clear cookie and privacy policies. Security headers are implemented, but the absence of a valid SSL certificate and some advanced security features reduces the overall security posture. The domain registration aligns well with the business identity, confirming legitimacy. Strategic improvements in SSL management and enhanced security practices are recommended to strengthen trust and compliance.

Stadttaxi Amstetten e.U. is a small, locally focused transportation service provider operating since 2005 in Amstetten and the western Mostviertel region of Austria. The company offers a range of services including taxi rides, limousine service, airport transfers, patient and sick transport, courier services, and minibus rentals. Their fleet consists of modern vehicles suitable for individual and group transport. The website reflects a business with a clear local market focus and provides multiple contact methods including phone, email, and a contact form. However, the technical infrastructure shows signs of aging with older JavaScript libraries and a lack of modern security protocols.

V

Vaillant

vaillant-group.com

0

Vaillant Group is a globally recognized leader in the energy sector, specializing in climate-friendly heating, cooling, and hot water solutions including heat pumps and gas condensing boilers. The company operates in over 60 countries with a workforce of approximately 16,000 employees, emphasizing sustainability and digital services. The website reflects a mature and professional business with consistent branding and comprehensive content tailored to customers, partners, and potential employees. Technically, the site leverages modern JavaScript libraries, lazy loading, and CDN hosting via Amazon S3 and CloudFront, with a CMS likely based on e-Spirit. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, severely impacting the security posture. Privacy and cookie policies are present and GDPR compliant, and the site integrates Google Tag Manager for analytics and Consentmanager.net for consent management. Overall, the site is well-structured and user-friendly but requires urgent security improvements.

V

Vaillant Group Austria GmbH

vaillant.at

0

Vaillant Group Austria GmbH operates a comprehensive website focused on heating solutions including heat pumps, gas heating, photovoltaic systems, and smart home technologies targeted at private customers in Austria. The company is a well-established player with over 150 years of history and a dense service network, positioning itself as a market leader in the energy sector. The website provides detailed product information, customer testimonials, and service offerings, reflecting a mature business model with strong customer engagement. Technically, the site uses modern JavaScript libraries and marketing tools such as Optimizely and Google Tag Manager, with good mobile optimization and SEO practices. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Security headers are well implemented, but the lack of TLS protocols and OCSP stapling reduces the overall security posture. Privacy compliance is strong with GDPR-aligned policies and consent mechanisms in place. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to meet modern security standards.

B

Braintrust

braintrustlv.com

0

Braintrust is a minority-owned integrated marketing and creative agency with a 17-year track record, offering services including branding strategy, creative development, digital marketing, web development, social media, and public relations. The company targets businesses seeking comprehensive marketing solutions and operates offices in multiple US cities. The website reflects a professional and consistent brand image with rich multimedia content and clear navigation. Technically, the site is built on WordPress, hosted on WP Engine with Cloudflare CDN, and uses modern JavaScript libraries and SEO plugins. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user trust and data protection. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates good business credibility but requires urgent security improvements.

Tridonic is a mature company operating in the energy sector, specializing in lighting technology and solutions. The domain has been registered since 1998, indicating a well-established business presence. However, the website content is currently inaccessible due to a Cloudflare security challenge page, which blocks direct content analysis. The visible technical infrastructure includes Cloudflare DNS and WAF protection, but the SSL/TLS configuration is critically lacking with no valid certificate and no HTTPS support. This severely impacts the security posture and user trust. No privacy, cookie, or terms of service policies are visible, and no contact information is accessible on the landing page. The WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the website requires significant improvements in SSL configuration and content accessibility to enhance security, compliance, and user experience.

W

Wismo Automotive A/S

peugeot.dk

0

Peugeot.dk is the official Danish website for Peugeot vehicles, operated by Wismo Automotive A/S, a medium-sized company under the Stellantis group. The site offers comprehensive information on passenger and commercial vehicles, including electric and hybrid models, leasing options, after-sales services, and digital tools such as a vehicle configurator and test drive booking. The website targets Danish consumers and businesses interested in Peugeot's automotive offerings. Technically, the site is built on Adobe Experience Manager with modern web technologies and integrates Google Analytics and Adobe marketing tools for data collection and user tracking. However, the site currently lacks a valid SSL certificate, which significantly impacts its security posture. While security headers like HSTS and X-Content-Type-Options are present, their configurations are suboptimal. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional, well-branded, and trustworthy but requires urgent attention to SSL certificate renewal and enhanced security configurations to improve user trust and data protection.

F

FRANZ OBERNDORFER GmbH & Co KG

oberndorfer.at

0

FRANZ OBERNDORFER GmbH & Co KG is Austria's largest precast concrete manufacturer with over 100 years of experience in planning, development, and production of concrete elements. The company holds a leading market position in Austria, offering a comprehensive product portfolio and full-service solutions including logistics and assembly. Their website reflects a mature digital presence built on Drupal 9, with good content quality and clear navigation targeting B2B customers in construction and real estate sectors. However, the absence of a valid SSL/TLS certificate and HTTPS support is a critical security gap that undermines user trust and data protection. While cookie compliance and privacy policies are well implemented, the lack of explicit security policies and incident response information indicates room for improvement in security governance. Overall, the business is credible and professional, but urgent action is needed to secure the website infrastructure.

U

University of Leeds

leeds.ac.uk

0

The University of Leeds is a large, well-established higher education institution in the United Kingdom, recognized as part of the prestigious Russell Group and ranked among the world's top 100 universities. The website serves a broad audience including prospective and current students, staff, researchers, and alumni, offering comprehensive information on undergraduate, masters, and research degree programs, as well as scholarships and events. The content is professionally presented with consistent branding and clear navigation, reflecting a high level of digital maturity. Technically, the website is built on the Jadu CMS platform, utilizing modern web technologies such as Typekit fonts and Modernizr for enhanced user experience and accessibility. Hosting appears to be on cloud infrastructure, likely AWS, with content delivered via a dedicated CDN. The site demonstrates good mobile optimization and accessibility features, alongside solid SEO practices. From a security perspective, the site implements several important HTTP security headers and uses secure cookie flags. However, a critical vulnerability is the absence of a valid SSL/TLS certificate and the lack of HTTPS protocol support, which severely impacts the security posture. No explicit security or incident response policies are publicly available, and advanced TLS features like OCSP stapling and session resumption are not implemented. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, while the University of Leeds website excels in content quality, user experience, and privacy compliance, it faces significant security risks due to missing SSL/TLS configuration. Addressing these security gaps is essential to protect user data and maintain trust. Strategic improvements in security infrastructure and transparency around incident response would enhance the site's resilience and credibility.

A

African Diaspora Youth Forum in Europe (ADYFE)

adyfe.eu

0

The African Diaspora Youth Forum in Europe (ADYFE) is a well-established non-profit platform founded in 2014, serving nearly 110 youth organizations across 31 to 41 European countries. It focuses on empowering African diaspora youth through entrepreneurship, employability, and civic engagement initiatives. The website is built on WordPress with a modern tech stack including Bootstrap and popular plugins for galleries and forms. However, the site suffers from a critical security issue: the lack of a valid SSL certificate, resulting in no proper HTTPS support. Security headers are partially implemented but ineffective without SSL. Privacy compliance is weak, with no visible privacy or cookie policies, and no incident response or vulnerability disclosure mechanisms. Contact information is available via email and contact forms, and social media presence is active on major platforms. Overall, the site presents good content and business credibility but requires urgent security and compliance improvements.

S

St. Gilgen International School

stgis.at

0

St. Gilgen International School is a private international educational institution located in Austria, offering the International Baccalaureate curriculum with a focus on personalized education and a nurturing environment. The school targets families seeking high-quality international education in a scenic Alpine setting. Technically, the website is built on WordPress with Elementor and various plugins, hosted on WP Engine and protected by Cloudflare. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap. Privacy and cookie policies are well implemented, and the site includes multiple contact methods and trust indicators such as accreditations and certifications. Overall, the website is professionally designed and content-rich but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

DHL-express.at is the Austrian localized website for DHL, the global leader in logistics and international shipping. The website offers comprehensive information about DHL's services including express document and package shipping, volume shipping for business customers, freight services, and supply chain logistics. The site targets both individual and business customers in Austria, providing tailored solutions and access to various DHL portals and services. Technically, the site is built on Adobe Experience Manager with integrations of Adobe Launch and other modern web technologies, indicating a mature digital infrastructure. However, a critical security gap exists as the site does not serve content over HTTPS, exposing users to potential risks. Security headers are well implemented, but the lack of SSL/TLS severely impacts the security posture. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the site is professionally designed, content-rich, and trustworthy but urgently requires HTTPS implementation to meet modern security standards.

Theater in der Josefstadt Betriebsges.m.b.H. operates a well-established cultural institution in Austria, providing theatrical performances, ticketing services, subscriptions, and related cultural events. The website serves as a comprehensive portal for current programming, ticket sales, and audience engagement, targeting theatergoers and cultural enthusiasts primarily in Austria. The business enjoys a mature domain with consistent registration details aligning with its public identity. Technically, the website is built on TYPO3 CMS with modern frontend components such as Owl Carousel and YouTube video integration. However, performance metrics are lacking, and the site shows signs of slow loading. Mobile optimization and SEO are adequately addressed, but accessibility is basic. Security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS enforcement, exposing users to potential risks. While some security headers are present, critical TLS protocols and best practices are missing. Privacy compliance is partially met with a privacy policy and terms of service, but no cookie consent mechanism is implemented. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and trust. Strategic enhancements in SSL/TLS deployment, cookie consent, and performance optimization will significantly improve the site's security and user experience.

N

Nemak

nemak.com

0

Nemak is a large manufacturing company specializing in aluminum automotive components, with a strong focus on sustainability and decarbonization initiatives. The company targets automotive manufacturers, investors, suppliers, and job seekers, positioning itself as a global leader in its sector. The website reflects a professional corporate presence with good content quality and consistent branding. Technically, the site uses modern JavaScript libraries and frameworks hosted on Microsoft Azure, but lacks a valid SSL certificate, which is a critical security shortfall. The security posture is weak due to missing HTTPS, lack of security headers, and no published security policies. Privacy compliance is basic, with cookie consent implemented but no detailed GDPR compliance indicators. Contact information and social media presence are well established, supporting business credibility. Overall, the site is functional but requires urgent security improvements to protect user data and enhance trust.

G

Gesundheit Österreich GmbH

goeg.at

0

Gesundheit Österreich GmbH (GÖG) is a national Austrian government-owned research and planning institute specializing in healthcare and health promotion. The website serves as an authoritative platform providing health data, policy advice, publications, and event information targeted at healthcare professionals, policymakers, and the public. The organization holds a strong market position as a key player in Austria's healthcare sector. Technically, the website is built on Drupal 10 with modern frontend technologies and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the website suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in no proper HTTPS support, which significantly impacts the security posture. Other security headers are partially implemented, but improvements are needed to meet best practices. Privacy compliance is good with a comprehensive privacy policy, though no cookie consent mechanism is present despite analytics usage. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

K

Kindifarm

kindifarm.com

0

Kindifarm is a small, established Australian business specializing in mobile animal farm and petting zoo services primarily serving the Sydney region and nearby areas. The company offers educational and interactive animal displays for events such as birthday parties, school visits, aged care, and special requests. The website is built on WordPress with a modern tech stack including Elementor and Yoast SEO, hosted on WP Engine with Cloudflare CDN. However, the site lacks HTTPS, which is a critical security vulnerability. Privacy compliance is poor as no privacy or cookie policies are present. Contact information is clearly provided, and the business shows trust indicators such as licensing and insurance. Overall, the website is functional and professionally presented but requires urgent security and privacy improvements.

S

SpenglerFox

spenglerfox.com

0

SpenglerFox is a globally recognized executive search and talent solutions provider, ranked in the top 40 worldwide. The company operates through a large network of over 380 consultants across 76 offices in 47 countries, offering services including executive search, leadership advisory, interim management, recruitment process outsourcing, and board solutions. Their business model focuses on delivering agile talent solutions to corporate clients seeking leadership and executive talent globally. The website content is professionally crafted, with detailed service descriptions and team profiles, reflecting a mature and established business. Technically, the website is built on WordPress, leveraging common plugins such as Yoast SEO and includes integrations with analytics and tracking tools like Microsoft Clarity, Google Tag Manager, and LinkedIn Insight. The site uses Apache hosting with DNS managed via AWS Route53. However, the website lacks HTTPS encryption, which is a critical security shortfall. Performance is moderate to slow, with good mobile optimization and basic accessibility features. From a security perspective, the absence of a valid SSL certificate and HTTPS is a major vulnerability, exposing users to potential data interception risks. The site also lacks important security headers and cookie consent mechanisms, which are important for GDPR compliance and user privacy. No incident response or security policy pages are found, and no certifications are displayed. The domain registration is consistent and transparent, with a mature domain age of 22 years and strong domain protection, supporting the legitimacy of the business. Overall, while the business and content quality are high, the security posture is weak due to missing HTTPS and security headers. Strategic improvements in SSL deployment, security headers, and privacy compliance are recommended to enhance trust and protect user data.

W

WOLFGANG DENZEL AUTO AG

denzel.at

0

Wolfgang Denzel Auto AG operates a comprehensive automotive retail website offering new and used vehicles, financing, insurance, and service packages primarily targeting car buyers in Austria. The company maintains a strong market position with multiple automotive brands and electric mobility solutions. Technically, the website is built on Drupal 10, leveraging modern web technologies and third-party marketing and analytics tools, but lacks a valid SSL certificate, which significantly impacts security posture. Security headers are well configured, but the absence of HTTPS and modern TLS protocols is a critical vulnerability. Privacy and cookie policies are present and GDPR compliant, enhancing user trust. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and maintain credibility.

F

Film Independent

filmindependent.org

0

Film Independent is a well-established non-profit arts organization dedicated to championing independent filmmakers. The website serves as a comprehensive platform offering information on events, awards, educational programs, and resources tailored to filmmakers and the arts community. The organization has a mature online presence with a domain age of 20 years, reflecting its longstanding role in the independent film sector. The site targets independent filmmakers and film enthusiasts, providing memberships, donations, and community engagement opportunities.

The website at inpera.net currently serves as a minimal placeholder with no substantive content beyond a client-side redirect to a /lander path. The domain is very young, registered in February 2025 via DropCatch.com, a registrar known for domain drop-catching, which suggests the domain may not yet be actively used for a legitimate business. The absence of SSL/TLS certificates and HTTPS support severely limits the site's security posture and user trust. No metadata, structured data, or business information is present to provide insight into the company's operations or market position. Technically, the site lacks modern web standards and performance optimizations, and no security best practices are implemented. Overall, the site appears to be in an early or inactive state with significant risks and no visible compliance or trust indicators.