Security Directory

cargo-partner is a midsized logistics and transportation company specializing in integrated supply chain solutions including air, sea, rail, and road freight, as well as warehousing and SCM services. The company targets businesses requiring comprehensive logistics support and operates with a pan-European and global presence. The website reflects a professional business with consistent branding and a clear service offering. Technically, the site is built on TYPO3 CMS with PHP backend and uses modern web technologies including Friendly Captcha and Cookiebot for privacy compliance. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness, exposing users to potential risks. Security headers are partially implemented but lack a proper Content-Security-Policy. Privacy compliance is supported by a clear privacy policy and cookie consent mechanism. Overall, the website is functional but requires urgent security improvements to protect user data and enhance trust.

B

Bene GmbH

bene.com

0

Bene GmbH is a well-established Austrian manufacturer and international supplier of high-quality office furniture and workspace solutions, with a history dating back to 1790. The company positions itself as a leader in modern office design, combining Austrian quality with innovative and functional products. The website is built on TYPO3 CMS and uses modern web technologies, but lacks a valid SSL certificate, which is a critical security shortfall. The site includes comprehensive content, a contact form with CAPTCHA, and social media integration, but does not implement cookie consent mechanisms or advanced security headers. Overall, the business is credible and well-presented, but the lack of HTTPS significantly impacts the security posture.

B

Baustoffservice

baustoffservice.at

0

Baustoffservice is a small Austrian manufacturing business specializing in patented lightweight concrete products (VULKAN and LAVA). With over 30 years of industry experience, they serve architects, construction firms, and public space planners by providing half-finished concrete parts, furniture, and facade elements. Their website is built on the 1AND1/IONOS platform and uses standard web technologies including jQuery and Mapbox. While the site presents clear contact information and social media presence, it suffers from a critical security issue: the absence of a valid SSL certificate and HTTPS support, which severely impacts trust and security posture. Privacy compliance is basic, with a cookie notification but no detailed privacy or security policies. Overall, the site is functional and professionally designed but requires urgent security improvements.

G

Grand Hotel Wien

grandhotelwien.com

0

Grand Hotel Wien is a well-established luxury hospitality business located in Vienna, Austria, with a history dating back to 1870. The website presents a professional image with comprehensive information about its services including luxury accommodations, gourmet dining, spa, and event hosting. The business is positioned as a high-end hotel targeting affluent travelers and tourists seeking premium experiences. Technically, the website uses a mix of modern JavaScript libraries and frameworks such as AngularJS, jQuery, and Foundation CSS, hosted behind Cloudflare CDN. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts its security posture. Privacy and cookie policies are present and appear GDPR compliant, and contact information is clearly provided. The domain registration data supports the legitimacy and maturity of the business. Overall, while the business and content quality are strong, the lack of proper SSL/TLS implementation is a major risk that should be addressed immediately.

O

Oberbank AG

oberbank.at

0

Oberbank AG is a well-established regional bank operating primarily in Austria and neighboring countries, offering a broad range of financial services including retail banking, corporate banking, savings, investments, financing, and online/mobile payment solutions. The website reflects a mature digital presence with comprehensive content tailored to private and corporate customers, supported by a modern technology stack based on Liferay and JavaServer Faces. The site demonstrates strong privacy compliance with detailed cookie consent mechanisms and GDPR-aligned privacy policies. However, the security posture is weakened by an invalid or missing SSL certificate and lack of TLS protocol support, which poses significant risks to secure communications. No explicit security or incident response policies are published, indicating room for improvement in transparency and readiness. Overall, the site is professional and trustworthy but requires urgent remediation of SSL issues to ensure secure user interactions.

V

VRVis GmbH

vrvis.at

0

VRVis GmbH is Austria's largest research institution specializing in Visual Computing, integrating Artificial Intelligence and Simulation to address complex data-driven challenges. With 25 years of experience and strong industry collaborations, VRVis offers research, tailored products, and consulting services primarily targeting industrial and scientific audiences. The website is professionally designed, multilingual, and content-rich, reflecting a mature digital presence. Technically, the site runs on TYPO3 CMS with Matomo analytics, demonstrating a modern but self-managed infrastructure. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is minimal, lacking cookie consent mechanisms and explicit GDPR indicators. Overall, VRVis presents a credible and trustworthy business profile but requires urgent improvements in security and privacy practices to align with modern standards.

Global LT is a medium-sized education company specializing in instructor-led language and cultural training services targeted at corporations and governments worldwide. The company offers a comprehensive suite of services including language training, translation, interpretation, and destination services, supported by a technology-driven platform. The website is professionally designed, well-branded, and provides clear navigation and rich content relevant to its business domain. Technically, the site is built on HubSpot CMS and integrates Google Analytics and Tag Manager for marketing and analytics purposes. However, the absence of a valid SSL certificate and HTTPS support is a significant security concern. Security headers are partially implemented, but critical TLS protocols and certificate transparency are missing, exposing the site to potential risks. Privacy compliance is moderate, with a privacy policy present but lacking a cookie consent mechanism despite tracking scripts. Contact information is clearly provided, enhancing business credibility. Overall, the site demonstrates strong business presence and digital maturity but requires urgent security improvements to protect user data and enhance trust.

B

Bufab International AB

bufab.com

0

Bufab International AB operates as a global supply chain partner specializing in C-parts for manufacturing industries. Their website presents a comprehensive portfolio of services including supplier management, logistics, quality assurance, and sustainability consulting. The company targets manufacturing purchasers seeking to optimize their C-parts supply chain. Technically, the website is built on HubSpot CMS with integrations for marketing and analytics, delivering a professional and content-rich user experience. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which is critical for secure communications. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and professionally maintained but requires urgent security improvements to protect user data and enhance trust.

W

Wolf Systems Ltd

wolfsystem.co.uk

0

Wolf Systems Ltd is a mature UK-based company specializing in software and products that simplify timber engineering. Their offerings include advanced software solutions, metal webs, nailplates, expert support, training, and machinery advice, targeting timber engineering professionals and manufacturers. The company maintains a strong market position supported by certifications such as BBA approval and CE marking, and operates a network of country-specific partner domains across Europe. Technically, the website is built on ASP.NET with modern frontend libraries like Bootstrap and jQuery, hosted on Microsoft IIS. However, the site lacks HTTPS, which is a critical security gap. Security headers are partially implemented, and cookie consent mechanisms are present, indicating some privacy awareness. The WHOIS data confirms a consistent and trustworthy domain registration with no privacy protection, aligning with the company's public identity.

J

Jaroona

jaroona.com

0

Jaroona is a small technology company specializing in AI and Machine Learning solutions aimed at transforming raw data into actionable business intelligence. Their offerings include predictive analytics, natural language processing, computer vision, reinforcement learning, anomaly detection, and custom AI model development. The company targets businesses seeking to leverage AI for automation, fraud detection, and personalized customer experiences. The website is professionally designed using the Contao CMS and hosted by IONOS SE, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and HTTPS support. While security headers are implemented, the lack of TLS protocols and proper SSL configuration significantly lowers the security posture. Privacy and cookie policies exist but are basic, and no explicit terms of service or incident response policies are present. Contact information is limited to a contact form with no direct emails or phone numbers provided. Overall, the domain registration is mature and consistent with the business claims, supporting legitimacy. Strategic improvements in SSL/TLS deployment and enhanced privacy compliance are recommended to improve trust and security.

C

Coface

coface.com

0

Coface is a global leader in trade credit insurance, debt collection, and business information services, supporting over 100,000 clients across approximately 200 countries. Founded in 1946 and headquartered in France, the company offers comprehensive solutions to help businesses manage credit risks and optimize credit management. The website reflects a mature digital presence with professional design, clear navigation, and extensive content tailored to its target audience of businesses seeking credit risk solutions. Technically, the site uses modern web technologies including a CDN (CloudFront), a CMS (Ibexa), and integrates advanced consent management and analytics tools. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which is a critical issue that must be addressed to ensure secure communications. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, Coface's website demonstrates high business credibility and professionalism but requires urgent SSL/TLS remediation to improve security and trust.

S

Spark

agi-world.com

0

The website agi-world.com serves as a minimal landing page for the company now branded as Spark, which has a long history of over 50 years in marketing transformation and creative production services. The business is positioned as a trusted partner delivering localized marketing solutions. The site itself is minimalistic, with no forms, contact details, or privacy policies, and primarily directs visitors to the main corporate site sparkbrighterthinking.com. From a technical perspective, the site is hosted on Amazon S3 with CloudFront CDN, uses basic HTML5 and CSS3 technologies, and includes a video background and SVG logo for branding. Mobile optimization is basic but functional. However, the site lacks HTTPS support, security headers, and any analytics or tracking technologies, indicating a low level of digital maturity. Security posture is weak due to the absence of SSL/TLS encryption, no HSTS, and no security headers. There are no detected vulnerabilities such as subdomain takeover or SSL vulnerabilities, but the lack of HTTPS is a critical issue. Privacy compliance is poor, with no privacy or cookie policies present, and no GDPR compliance indicators. Business credibility is moderate based on the company's history and branding but is weakened by the lack of contact information and policies on this domain. Overall, the site presents a basic online presence with significant room for improvement in security, privacy compliance, and content richness. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, enhancing security headers, and providing clear contact information to improve trust and compliance.

Austro Control GmbH is the Austrian national air navigation service provider responsible for ensuring aviation safety, air traffic control, and aeronautical information management. The company serves a broad audience including pilots, airlines, airports, and government agencies, positioning itself as a key player in the transportation and government sectors. Their services include air traffic control, pilot licensing, flight weather services, and drone regulation. The website reflects a professional and comprehensive digital presence with strong branding and trust signals such as industry awards and certifications. Technically, the site uses modern web technologies like Bootstrap and jQuery but suffers from critical security shortcomings due to the absence of a valid SSL certificate and lack of TLS protocol support, which undermines secure communications. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Overall, the site is trustworthy and authoritative but requires urgent improvements in SSL/TLS security to protect users and maintain credibility.

M

Mubea Carbo Tech GmbH

carbon.at

0

Mubea Carbo Tech GmbH is a medium-sized Austrian company specializing in the design, development, and manufacturing of fiber composite components primarily for the automotive, motorsport, aeronautics, and industrial sectors. As part of the global Mubea Group, it holds a leading market position as a pioneer in lightweight construction technology since its founding in 1993. The company offers full-service solutions from design to series production, targeting automotive manufacturers and other high-tech industries. The website reflects a professional and comprehensive digital presence with multilingual support and detailed business information. Technically, the site is built on WordPress with Elementor and includes modern web technologies, though performance is hampered by the lack of a valid SSL certificate and HTTPS support, which is a critical security concern. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. However, explicit security policies and incident response information are absent. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

C

CRIF S.p.A.

crif.com

0

CRIF S.p.A. is a globally recognized enterprise specializing in credit bureau reporting, business information systems, analytics, and outsourcing services. The company operates in 37 countries with over 85 subsidiaries, serving both businesses and consumers with advanced digital solutions including open banking and ESG analytics. The website reflects a mature business with comprehensive service offerings and a strong market position in the finance sector. Technically, the website uses modern JavaScript libraries and frameworks such as jQuery, Bootstrap, and Swiper.js, and is hosted on a CDN network (Akamai), ensuring good performance and mobile optimization. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, severely impacting the security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the website is professional and trustworthy but requires urgent remediation of its SSL/TLS configuration to protect user data and maintain trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

S

Spencer Stuart

spencerstuart.com

0

Spencer Stuart is a globally recognized executive search and leadership consulting firm specializing in senior executive and board-level placements. The website reflects a mature, professional services business with a strong market position and comprehensive service offerings tailored to corporate clients. Technically, the site uses a custom ASP.NET CMS hosted on AWS CloudFront, integrating modern analytics and consent management tools. However, the absence of a valid SSL certificate and disabled modern TLS protocols represent significant security gaps. The site employs good security headers and cookie management but lacks advanced email security measures such as DMARC and DNSSEC. Overall, the website is content-rich and professionally designed but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

J

Johns Hopkins University School of Advanced International Studies

sais-jhu.edu

0

Johns Hopkins University School of Advanced International Studies (SAIS) operates a comprehensive and professionally designed website offering graduate programs in international relations. The institution is well-positioned in the education sector with campuses in Washington DC, Europe, and China, serving a diverse international student body. The website content is rich, relevant, and professionally presented, reflecting the institution's high market position and reputation. Technically, the site uses Drupal 7 with a variety of modern JavaScript libraries and is hosted behind Cloudflare, but lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Security headers are present but insufficient without proper TLS. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The WHOIS data confirms domain legitimacy and consistency with the institution's identity. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS deployment and privacy compliance to enhance security and user trust.

The bwinparty.com domain currently serves an inaccessible website due to a DNS resolution error as indicated by the Cloudflare error page. This prevents access to any substantive content, including business descriptions, policies, or contact information. The domain is associated with online gaming and betting services, but no direct content is available to confirm details. Technically, the site is behind Cloudflare but lacks a valid SSL certificate and modern TLS support, resulting in poor security posture. Basic security headers are present but insufficient. The absence of privacy and cookie policies, contact details, and business information further reduces trust and compliance. Overall, the site is currently non-functional from a user perspective, representing a critical risk for business continuity and reputation.

MOTIONDATA VECTOR Gruppe is a well-established Austrian software and IT solutions provider specializing in Dealer Management Systems and related automotive industry services. With over 40 years of experience and a strong presence in the D-A-CH region and other European markets, the company offers a comprehensive portfolio including cloud-based DMS, sales management tools, web portfolios, mobile apps, and IT infrastructure services. The website reflects a mature digital presence with professional design, multilingual support, and clear navigation. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which undermines user trust and data security. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Social media integration and brand certifications further enhance credibility.

R

Raiffeisen Bank International

rbinternational.com

0

Raiffeisen Bank International AG is a leading business bank headquartered in Austria, serving Austria and Central and Eastern Europe. The website presents comprehensive information about the bank's services, sustainability efforts, investor relations, and career opportunities, targeting investors, corporate clients, institutions, and private customers. The technical infrastructure leverages modern web technologies including Vue.js, Adobe Experience Manager CMS, and Cloudflare hosting, with integrations for analytics and marketing such as Mouseflow, Leadfeeder, and Google Tag Manager. Security headers are well implemented; however, the absence of a valid SSL certificate and disabled TLS protocols represent critical vulnerabilities that undermine the site's security posture. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

I

Irian Solutions Softwareentwicklungs GmbH

irian.at

0

Irian Solutions Softwareentwicklungs GmbH is a well-established software development company based in Austria, specializing in digital product development using technologies such as Java, Angular, and .NET. The company targets businesses requiring custom software solutions, with a strong market presence evidenced by notable clients in finance, energy, and transportation sectors. Their website reflects a professional and modern digital presence, leveraging the Astro framework and Cloudflare for hosting and CDN services. However, the website's security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS enforcement, which is a critical vulnerability. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the company demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to ensure secure communications and maintain trust.

A

Aeroficial Intelligence GmbH

aeroficial.com

0

Aeroficial Intelligence GmbH is a specialized provider of smart air traffic and airport operational insights, leveraging AI-driven analytics to enhance efficiency, safety, and performance for airports, airlines, and air navigation service providers. The company positions itself as a trusted partner for Tier 1 airports and leading airlines worldwide, offering a suite of solutions under the Cockpit Suite brand. The website reflects a professional and consistent brand image with clear messaging targeted at aviation industry stakeholders. Technically, the website is built on WordPress using the Divi theme and several plugins including Google Analytics and GDPR compliance tools. While the site is mobile-optimized and well-structured, performance metrics are not fully available, and some SEO and accessibility features are basic. The hosting provider is linked to the DNS servers world4you.at. Security posture is a significant concern as the website lacks a valid SSL certificate and does not support HTTPS, exposing users to potential risks. No advanced security headers or incident response policies are evident. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms in place. Overall, the website is credible and professional but requires urgent security improvements, especially enabling HTTPS and enhancing security headers, to protect user data and improve trustworthiness. Strategic recommendations include implementing SSL, enhancing security policies, and expanding transparency on incident response and certifications.

Plansee SE is a globally recognized manufacturer specializing in refractory metals such as molybdenum, tungsten, and tantalum, serving high-tech industries including electronics, aerospace, and energy. With a century of experience and multiple production sites worldwide, Plansee positions itself as a leader in high-performance materials and sustainable manufacturing solutions. The website reflects a mature digital presence built on Adobe Experience Manager and Next.js, leveraging Akamai CDN and Google Tag Manager for performance and analytics. However, the current lack of a valid SSL certificate and disabled TLS protocols represent critical security vulnerabilities that undermine user trust and data protection. Despite these issues, the site maintains comprehensive privacy and cookie policies aligned with GDPR, and showcases certifications like EcoVadis Gold and ASML Sustainability Excellence Award, reinforcing its market credibility. Strategic improvements in SSL/TLS deployment and enhanced security configurations are recommended to elevate the overall security posture and user confidence.

H

HOERBIGER

hoerbiger.com

0

HOERBIGER is a large industrial company specializing in emissions solutions and performance-defining components across sectors such as energy, automotive, and hydrogen industries. The company holds a strong market position as a world leader in compression and rotary unions, providing innovative products and services aimed at increasing efficiency, safety, and sustainability. The website reflects a professional and well-branded digital presence, leveraging modern technologies such as Neos CMS and Flow Framework, with multimedia content and clear navigation tailored for industrial clients and partners. Technically, the website employs advanced content security policies, privacy compliance tools like Cookiebot, and analytics via Matomo, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which severely impacts the site's security posture and user trust. Other security headers are well implemented, but the lack of encryption exposes users to potential risks. Overall, the security posture is weak due to missing HTTPS, but privacy compliance and business credibility are strong. The site is accessible without WAF or blocking mechanisms, allowing full content analysis. Strategic improvements in SSL deployment and enhanced security practices are essential to elevate the site's trustworthiness and compliance. The risk assessment highlights the urgent need for SSL certificate installation and enabling HTTPS to protect data integrity and confidentiality. The company should also consider publishing vulnerability disclosure policies and incident response contacts to further strengthen security culture and transparency.

E

Erste Digital GmbH

erstegroupit.com

0

Erste Digital GmbH operates as the digital and IT service arm of Erste Group, the largest banking group in Central and Eastern Europe. The company focuses on delivering IT solutions and digital transformation services to support banking operations across the region. The website reflects a professional and consistent brand image aligned with Erste Group, targeting banking customers, IT professionals, and potential employees. Technically, the site uses modern frameworks and CDNs but suffers from a critical lack of SSL/TLS configuration, which severely impacts its security posture. Privacy and cookie policies are well implemented, indicating GDPR compliance. Overall, the site is functional and professional but requires urgent security improvements to protect user data and maintain trust.

The website tyrolit.com is currently inaccessible due to a Cloudflare security challenge page that requires JavaScript and cookies to be enabled. This prevents access to any meaningful content or business information. The domain is protected by Cloudflare, but the SSL/TLS configuration is severely lacking, with no valid certificate detected and no HTTPS support. Security headers are present but cannot compensate for the lack of encryption. No privacy, cookie, or terms of service policies are found, and no contact or business information is accessible. The DNS records and WHOIS data indicate a legitimate domain registration without privacy protection, but the lack of accessible content limits further analysis. Overall, the site’s digital maturity and security posture are poor due to the blocking mechanism and missing SSL.

Julius Meinl am Graben is a historic gourmet food retailer based in Austria, specializing in fine foods and delicatessen products with a legacy dating back to 1862. The website meinlamgraben.at serves primarily as a redirect to the main domain meinlamgraben.eu, indicating a consolidated online presence. The business targets consumers interested in high-quality culinary specialties and operates within the retail sector. Technically, the site is built on TYPO3 CMS and hosted on Microsoft IIS, but the current domain lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts security and user trust. Security headers are present, but the absence of HTTPS and modern TLS protocols is a critical vulnerability. Privacy and cookie policies are not found on this domain, and no contact forms or detailed business contact information are provided here, limiting direct user engagement. Overall, the site exhibits basic content quality and technical implementation but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

F

FLIGHTKEYS GmbH

flightkeys.com

0

FLIGHTKEYS GmbH is an Austrian-based company specializing in advanced flight planning and trajectory optimization solutions for the aviation industry. Founded in 2015, the company offers a sophisticated 5D flight management system designed to optimize airline operations cost-effectively while integrating environmental sustainability and real-time flight dynamics. Their market position is that of a niche technology innovator serving airlines and aviation stakeholders globally. The website presents detailed product information and company background, targeting aviation professionals and potential customers. Technically, the website uses a traditional web stack including nginx, jQuery, and slick carousel, with a responsive design suitable for mobile devices. However, the site lacks HTTPS support and a valid SSL certificate, which is a critical security deficiency. Security headers are partially implemented but insufficient without encryption. No analytics or tracking services are detected, indicating minimal user tracking. From a security perspective, the absence of HTTPS and privacy policies significantly lowers the site's security posture and privacy compliance. The site does not provide terms of service, security policies, or incident response contacts, which are important for trust and compliance. The WHOIS data is consistent and indicates a mature, legitimate domain registration aligned with the company's Austrian base. Overall, while the business and content quality are good, the lack of HTTPS and privacy compliance are critical issues that must be addressed to improve trustworthiness and security. Strategic improvements in security infrastructure and privacy transparency are recommended to align with industry best practices.

V

Vizrt

vizrt.com

0

Vizrt is a leading media technology company specializing in live broadcast and video storytelling solutions. Their website showcases a comprehensive portfolio of products and services designed to empower content creators across various sectors including broadcasting, sports, corporate, government, education, and house of worship. The company positions itself as a pioneer in real-time graphics, virtual sets, production automation, and cloud-based production workflows, reaching a global audience of over 4.5 billion people daily. Technically, the website is built on WordPress with modern frameworks and technologies such as Kadence Blocks, Gravity Forms, and Slider Revolution. It leverages Cloudflare for CDN and security, integrates Vimeo for video content, and uses advanced analytics and marketing tools like Google Tag Manager and Facebook Pixel. The site is well-optimized for SEO, accessibility, and mobile responsiveness, providing a professional and engaging user experience. From a security perspective, the site implements several important HTTP security headers and restricts permissions for sensitive APIs. However, the SSL certificate is currently invalid or missing, and TLS 1.2 or higher is not enabled, which are critical issues that reduce the overall security posture. Privacy compliance is strong with clear privacy and cookie policies, including consent mechanisms, aligning with GDPR requirements. Overall, Vizrt's website reflects a mature and professional digital presence with strong business credibility and technical implementation. Addressing the SSL and TLS issues would significantly enhance their security posture and trustworthiness. Strategic recommendations include updating SSL certificates, increasing HSTS duration, enabling modern TLS protocols, and maintaining rigorous security best practices.

C

Cardiovascular and Interventional Radiological Society of Europe

cirse.org

0

The Cardiovascular and Interventional Radiological Society of Europe (CIRSE) operates a comprehensive and professionally designed website serving as the primary digital presence for the world's largest community of healthcare professionals specializing in minimally invasive image-guided procedures. The site offers extensive educational resources, certification programs, research initiatives, and event information, positioning CIRSE as a leading authority in interventional radiology. The target audience includes healthcare professionals, trainees, medical students, and patients seeking information about interventional radiology. CIRSE's business model focuses on membership services, educational offerings, research collaborations, and publication dissemination within the healthcare sector. Technically, the website is built on a modern WordPress CMS platform with a robust technology stack including PHP 8.2, WooCommerce for e-commerce functionalities, and various plugins such as WPBakery Page Builder and Modern Events Calendar. Hosting and content delivery are managed via Cloudflare, enhancing availability and performance. Despite a rich content base and good mobile optimization, the site suffers from slow performance and lacks a valid SSL certificate, which critically impacts its security posture. From a security perspective, the absence of a valid SSL certificate and disabled TLS protocols represent significant vulnerabilities, exposing users to potential risks during data transmission. However, the site employs several security headers and Cloudflare protection, and no critical vulnerabilities or malware indicators were detected. Privacy compliance is strong, with clear privacy and cookie policies, GDPR adherence, and active consent mechanisms. The site also integrates analytics tools like Matomo and Facebook Pixel with moderate user tracking. Overall, CIRSE's website demonstrates high business credibility and content quality but requires urgent security improvements to ensure safe user interactions. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enhancing security headers. These steps will strengthen trust, compliance, and user confidence, supporting CIRSE's mission and digital maturity.

T-Mobile US is a leading telecommunications company providing wireless phone plans, devices, and home internet services primarily in the United States and Puerto Rico. The website reflects a mature digital presence with comprehensive product offerings, promotional deals, and customer benefits. It targets both consumer and business segments with a strong emphasis on 5G technology and competitive pricing. The company is a subsidiary of Deutsche Telekom and maintains consistent branding and messaging across its digital assets. Technically, the website leverages modern web technologies including Adobe Experience Manager, Alpine.js, and various third-party SDKs for analytics, marketing, and payment processing. The site is hosted on Akamai CDN, ensuring global content delivery. While the site is mobile-optimized and accessible, performance metrics are not provided, but the design and navigation are professional and user-friendly. From a security perspective, the site implements essential security headers and HSTS with preload, but the SSL certificate is currently invalid or missing, which is a critical issue impacting the overall security posture. No major vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies, consent mechanisms, and GDPR indicators. Overall, the website is trustworthy and professional but requires immediate attention to SSL certificate management and TLS protocol support to enhance security and user trust. Strategic recommendations include updating SSL certificates, enabling modern TLS protocols, and continuous monitoring of security headers and compliance frameworks.

A

ATMOsphere

shecco.com

0

ATMOsphere is a specialized business focused on accelerating the clean cooling and heating economy by providing market intelligence, training, conferences, and a marketplace for natural refrigerants. The company positions itself as a key enabler for stakeholders in the sustainable cooling sector, offering comprehensive reports, labels, and educational resources. The website is professionally designed using WordPress with Elementor and WooCommerce, demonstrating a mature digital presence with good SEO and structured data implementation. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture. Security headers are partially implemented, but critical TLS protocols and encryption are missing, exposing the site to potential risks. Privacy compliance is minimal, with no visible privacy or cookie policies, and contact information is limited to a contact form without direct emails or phone numbers. Overall, the site is credible and professional but requires urgent security and privacy improvements to meet modern standards.

J

Johannes Kepler Universität Linz

jku.at

0

Johannes Kepler Universität Linz operates as a large public university in Austria, offering a wide range of academic programs including Bachelor, Master, Diplom, and doctoral studies. The institution serves students, researchers, and alumni with comprehensive educational and research services, supported by a well-structured and professionally designed website. The university maintains a strong market position as the largest university in Upper Austria with extensive campus services and international programs. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates analytics and marketing tools such as Google Tag Manager and Matomo. However, the absence of a valid SSL/TLS certificate is a critical security gap, exposing users to risks and lowering the overall security posture. Privacy and cookie policies are well implemented with explicit consent mechanisms, reflecting good GDPR compliance. Overall, the website is trustworthy and professional but requires urgent security improvements to enable HTTPS and strengthen its security framework.

A

A&N GesbR

an-gesbr.com

0

A&N GesbR is a small partnership business based in Linz, Austria, represented by Philipp Asanger and Manuel Nobis. The website serves primarily as an informational portal with links to partner sites and basic company details including a physical address and VAT number. The business appears to operate in a retail or tools-related sector, though no explicit service descriptions are provided. Technically, the website is built on WordPress using Elementor and common web technologies such as jQuery and Bootstrap. However, the site lacks HTTPS, which is a critical security deficiency. No privacy or cookie policies are present, and no contact emails or phone numbers are provided, limiting user engagement and compliance with data protection regulations. The overall security posture is weak, with no advanced security headers or protections implemented. Performance data is missing, but the site likely suffers from slow loading due to lack of optimization. The domain registration data aligns well with the website content and business location, indicating legitimacy. Strategic improvements in security, privacy compliance, and contact transparency are recommended to enhance trust and professionalism.

A

Allianz Elementar Versicherungs AG

allianz.at

0

Allianz Elementar Versicherungs AG operates a comprehensive insurance website targeting private customers in Austria, offering a wide range of insurance and financial products including vehicle, health, accident, and life insurance. The website demonstrates strong market positioning with extensive content, professional design, and consistent branding. Technically, the site is built on Adobe Experience Manager, leveraging Cloudflare for hosting and CDN services, and integrates modern marketing and analytics tools such as Adobe Analytics and OneTrust for GDPR compliance. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, significantly impacting the security posture. Privacy policies and cookie consent mechanisms are well implemented, reflecting good GDPR compliance. Overall, the site is trustworthy and professional but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

DXC Technology is a leading global IT services and consulting company that helps enterprises and public sector organizations modernize their IT infrastructure, optimize data architectures, and enhance security across cloud environments. The company offers a broad portfolio of services including cloud and infrastructure, consulting and engineering, insurance software and business process services, modern workplace solutions, and security services. The website reflects a mature enterprise with consistent branding, comprehensive content, and a global reach with multiple language and regional versions. Technically, the site is built on Adobe Experience Manager with modern marketing and analytics tools integrated, providing a good user experience and accessibility. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses a risk to secure communications. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high business credibility and professionalism but requires urgent remediation of SSL/TLS issues to improve security and trust.

E

Erste Asset Management

erste-am.com

0

Erste Asset Management operates as an international asset management company serving both institutional and private investors, primarily based in Austria. The website presents a professional and well-structured digital presence targeting these investor groups with clear navigation and relevant content. Technically, the site leverages a modular GEM framework hosted on AWS CloudFront CDN, ensuring scalability and modern web practices. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, despite the presence of several security headers and a strict DMARC policy. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR adherence is evident. Overall, while the business credibility and content quality are strong, the critical lack of HTTPS is a major risk that needs immediate remediation.

O

Omalon

trap.gr

0

Omalon is a Greek company specializing in landscaping, cleaning, asset care, and pest control services, targeting large-scale projects with a focus on sustainability and high standards. The company holds ISO 14001 certification, reflecting its commitment to environmental management. The website is built on WordPress using Elementor and various JetPlugins, hosted on SiteGround, and integrates Google Tag Manager and Analytics for marketing and tracking purposes. While the site is professionally designed and content-rich, it lacks a valid SSL certificate, which is a critical security vulnerability. Privacy and cookie policies are well implemented with consent mechanisms, and contact information is clearly provided. Overall, the business appears legitimate and moderately mature digitally but needs urgent security improvements to protect user data and enhance trust.

Ö

Österreichische Gesundheitskasse

sgkk.at

0

The Österreichische Gesundheitskasse (ÖGK) operates as a major public healthcare insurance provider in Austria, offering a broad range of health-related services to insured individuals, employers, and partners. The website serves as an information and service portal, providing access to appointment scheduling, customer service, health information, and career opportunities. The target audience primarily includes Austrian residents and healthcare stakeholders. The organization holds a strong market position as a government-affiliated entity with consistent branding and trust indicators such as official social media presence and comprehensive privacy policies. Technically, the website is built on a custom CMS likely based on Gentics Content Server, utilizing Jakarta Faces (JSF) framework and jQuery 3.6.0. It integrates Piwik PRO for analytics and employs a detailed Content Security Policy. However, the site currently lacks a valid SSL certificate and does not support HTTPS, which significantly impacts its security posture. Performance data is limited but suggests slower load times. Accessibility and SEO optimizations are well implemented. From a security perspective, the absence of HTTPS and modern TLS protocols is a critical vulnerability. While security headers like CSP and HSTS are present, the lack of a valid certificate and secure transport reduces overall security. No explicit incident response or vulnerability disclosure mechanisms are found. Privacy compliance is strong, with clear cookie consent and privacy policies aligned with GDPR. Overall, the website is professional and trustworthy in content and business credibility but requires urgent improvements in SSL/TLS implementation to enhance security and user trust. Strategic recommendations include immediate SSL certificate deployment, enabling modern TLS protocols, and enhancing security header configurations to protect user data and comply with best practices.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

U

United Nations Office on Drugs and Crime

unodc.org

0

The United Nations Office on Drugs and Crime (UNODC) operates as a key intergovernmental agency focused on combating illicit drugs, crime, corruption, and terrorism globally. It provides extensive research, policy guidance, and technical assistance to member states and partners, positioning itself as a leading authority in its domain. The website reflects a mature, well-branded digital presence with comprehensive content and multi-language support targeting governments, NGOs, researchers, and the public. Technically, the site uses a modern tech stack including Apache, AngularJS, Bootstrap, and Google Tag Manager, hosted on UN Vienna infrastructure. While the site is moderately performant and mobile-optimized, it lacks a valid SSL certificate and modern TLS support, which critically undermines its security posture. Security headers are well implemented, but the absence of HTTPS and session security features are significant vulnerabilities. From a security perspective, the site demonstrates good header policies but fails to provide encrypted transport, OCSP stapling, or session resumption. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Business credibility is high given the official UN affiliation and consistent WHOIS data. Overall, the site is authoritative and professional but requires urgent security improvements, especially SSL deployment, to ensure trust and compliance. Strategic recommendations include obtaining valid HTTPS certificates, enabling modern TLS protocols, implementing cookie consent, and enhancing incident response visibility.

T

TransPerfect

transperfect.com

0

TransPerfect is a leading global provider of translation and localization services, serving a wide range of industries including technology, healthcare, finance, retail, and media. The company operates an enterprise-grade website built on Drupal 10, featuring extensive content, client case studies, and multiple subsidiary domains. The technical infrastructure includes modern web technologies and CDN services, ensuring good performance and mobile optimization. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses a critical risk to secure communications. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website reflects a mature, professional enterprise with strong business credibility but requires urgent remediation of SSL/TLS issues to improve security and trust.

The website porreal.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking page. This prevents access to any meaningful content or business information. The site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. No privacy, cookie, or terms of service policies are present, and no contact or business details are available on the landing page. The technical infrastructure is limited to Cloudflare's security and hosting services, but the site suffers from very poor performance and no visible SEO or accessibility features. Overall, the security posture is weak due to missing SSL and security headers, and the site is effectively non-functional for analysis purposes.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

V

Valneva

valneva.com

0

Valneva is a specialty vaccine company focused on the development, manufacturing, and commercialization of prophylactic vaccines addressing infectious diseases with unmet medical needs. The company has a strong market position with multiple commercialized vaccines and a robust pipeline targeting diseases such as chikungunya, Lyme disease, Shigella, and Zika. The website reflects a professional corporate presence with comprehensive investor relations and media resources, targeting healthcare professionals, investors, and partners globally. Technically, the website is built on WordPress with modern SEO and marketing tools, including Google Tag Manager and social media integrations. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses significant risks to data confidentiality and user trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional and credible but requires urgent remediation of SSL/TLS issues to improve security and trust.

N

NOVOMATIC AG

novomatic.com

0

NOVOMATIC AG is a leading global gaming technology company headquartered in Austria, founded in 1980. It operates as a full-service provider in the gaming industry, offering a broad portfolio including gaming cabinets, games, platforms, and additional products. The company has a strong market position as one of the largest gaming technology corporations worldwide and the clear market leader in Europe. The website reflects a professional corporate presence targeting industry partners, casino operators, and job seekers, with comprehensive contact information and multilingual support. Technically, the website is built on Drupal 10 CMS and leverages modern JavaScript libraries and analytics tools such as Matomo. It is hosted behind Sucuri Cloudproxy WAF, ensuring some level of protection. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that significantly lowers the security posture. The site implements security headers and content security policies but must urgently address SSL/TLS configuration to protect user data and maintain trust. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies, including a consent mechanism. The company demonstrates business credibility through detailed contact information, licensing by the UK Gambling Commission, and consistent WHOIS data. Overall, the site is content-rich, professionally designed, and trustworthy but requires immediate security improvements regarding SSL/TLS. Strategic recommendations include obtaining and properly configuring SSL certificates, enabling modern TLS protocols, enhancing OCSP stapling and session resumption, and maintaining strong security header policies. These steps will improve security, user trust, and compliance with industry standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

F

Fischer Sports

fischersports.com

0

Fischer Sports is a well-established Austrian manufacturer and retailer specializing in premium alpine and nordic ski equipment as well as hockey sticks. The company has a strong market presence with a comprehensive product range targeting both professional athletes and recreational users. Their website demonstrates a high level of digital maturity, utilizing modern frameworks such as Nuxt.js and Shopware CMS, supported by Cloudflare for hosting and security. Despite the rich content and professional design, the absence of a valid SSL certificate and lack of HTTPS support represent significant security concerns. The site includes comprehensive privacy and cookie policies with consent mechanisms, reflecting good privacy compliance. However, direct contact information such as company emails or phone numbers is not prominently available, relying mainly on contact forms. Overall, the business appears legitimate and trustworthy, but urgent improvements in security infrastructure are recommended.