Security Directory

T

Urlaub & Reisen direkt beim Reiseveranstalter buchen – TUI.at

tui.at

40

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 25 security findings identified across all modules.

2

2beFOUND Performance Marketing GmbH

2befound.at

38

2beFOUND Performance Marketing GmbH is a specialized digital marketing agency based in Austria, focusing on search engine marketing and optimization services. The company holds a Google Partner certification for 2025, indicating recognized expertise in Google Ads and related services. Their website is built on the Jimdo CMS platform and targets German-speaking business clients seeking to improve their online visibility and search engine rankings. The site content is professionally presented with clear navigation and relevant marketing messaging. Technically, the website uses standard web technologies and integrates Google Analytics for visitor tracking. However, the lack of a valid SSL certificate and HTTPS support is a significant security shortfall that undermines user trust and data protection. The company provides clear contact information including a physical address and phone number, but lacks a Terms of Service page and explicit incident response or security policies. Overall, the business appears credible and established, but the website's security posture requires urgent improvement to meet modern standards.

D

DRK-Kreisverband Nordwestmecklenburg e. V.

drk-nwm.de

35

DRK-Kreisverband Nordwestmecklenburg e. V. is a regional non-profit organization providing a wide range of social, healthcare, emergency, and community services in the Nordwestmecklenburg area of Germany. The website serves as an information portal for their services, events, and engagement opportunities, targeting local residents, families, seniors, and volunteers. The organization is part of the larger Deutsches Rotes Kreuz network, emphasizing humanitarian aid and social support. Technically, the website is built on TYPO3 CMS and hosted by dt-internet.de, but it lacks a valid SSL certificate, which is a critical security shortfall. The site includes cookie consent mechanisms and uses Google Analytics with IP anonymization, indicating some privacy compliance efforts. However, the absence of HTTPS and modern security headers exposes the site to risks and undermines user trust. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect visitors and comply with best practices.

P

PVH Corp.

pvh.com

40

PVH Corp. is a leading global apparel company known for its iconic brands Calvin Klein and Tommy Hilfiger. The company operates in over 40 countries with a large workforce and focuses on delivering fashion and lifestyle products. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive business information targeting consumers, investors, and job seekers. Technically, the site uses modern frameworks like Vue.js and is hosted on Microsoft IIS with Akamai CDN support, but lacks a valid SSL certificate, which is a critical security gap. Security headers are properly configured, but the absence of HTTPS and modern TLS protocols significantly reduces the security posture. Privacy compliance is partially addressed with a clear privacy policy and GDPR indicators, but no cookie consent mechanism is present. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS implementation to enhance security and user trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

W

Wenzel Logistics GmbH

wenzel-logistics.com

38

Wenzel Logistics GmbH is a medium-sized Austrian transport and logistics company offering a broad range of services including intermodal transport, road freight, sea freight, warehousing, and special transports across Europe. The company maintains a professional online presence with clear service descriptions and active social media channels. Technically, the website is built on WordPress using Elementor and optimized with WP Rocket, but critically lacks a valid SSL certificate, impacting security posture. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. The domain registration is consistent with the business claims, indicating legitimacy. Strategic recommendations include immediate SSL implementation and enhanced security headers to improve trust and compliance.

A

Angst+Pfister

angst-pfister.com

39

Angst+Pfister is a large Swiss-based engineering and manufacturing company specializing in custom materials design and engineering solutions. With over 300 engineers and a global presence across 24 locations, the company serves diverse industries including food & beverage, pharma, automotive, and energy. Their business model focuses on B2B partnerships delivering tailored solutions from design to production and distribution. The website reflects a mature digital presence with professional design, comprehensive content, and multilingual support. However, the absence of a valid SSL/TLS certificate is a critical security gap that undermines trust and data protection. Privacy policies and cookie consent mechanisms are in place, indicating GDPR compliance. The company maintains active social media channels and an online shop partner domain, supporting their market reach and customer engagement.

T

Tiki Surf

twoseasons.co.uk

37

Tiki Surf operates an e-commerce platform specializing in skate, surf, and snow sports products, including clothing, accessories, and equipment. The website is built on the Shopify platform, leveraging multiple third-party marketing and analytics tools such as Google Analytics, Klaviyo, and Trustpilot to enhance customer engagement and trust. The business targets enthusiasts in the UK market, offering a broad product range with a professional and consistent brand presentation. Technically, the site uses modern web technologies and is hosted via Cloudflare and Google Cloud Platform, ensuring scalability and reliability. However, the absence of a valid SSL certificate is a significant security concern that undermines user trust and data protection. Privacy and cookie policies are well implemented, reflecting GDPR compliance. Overall, the site demonstrates a solid e-commerce presence but requires urgent remediation of its SSL configuration to improve security posture.

P

pewag International GmbH

pewag.com

26

pewag International GmbH is a historic Austrian manufacturer specializing in chains and lifting solutions with a global market presence. The company offers a broad portfolio including snow chains, forestry technique, conveyor systems, and DIY products, supported by digital configurators and advisory tools. The website reflects a mature digital infrastructure built on WordPress with multilingual support and integrated analytics and consent management tools. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability, undermining user trust and data protection. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, pewag demonstrates strong business credibility and content quality but must urgently address its security posture to align with industry best practices.

V

VISITECH a.s.

visitech.cz

25

VISITECH a.s. is a Czech-based technology company specializing in cybersecurity, IT infrastructure, and enterprise systems. The company positions itself as a reliable partner for digital transformation and cybersecurity services, offering unique solutions such as the SOC365 security monitoring service. Their market position is strong within the Czech Republic, supported by partnerships with leading global IT vendors and a portfolio of case studies demonstrating successful implementations. The website content is professionally crafted, targeting business clients seeking advanced IT and security solutions. Technically, the website is built on WordPress with modern plugins and frameworks such as Yoast SEO, Bootstrap, and Slick Carousel, indicating a mature digital infrastructure. However, the lack of a valid SSL certificate and HTTPS support is a critical security flaw that undermines trust and exposes users to risks. The site includes GDPR-compliant privacy and cookie policies with a consent mechanism, reflecting good privacy practices. Security posture is currently weak due to missing HTTPS and modern TLS protocols, absence of HSTS, and no OCSP stapling. While content security policy headers are present, the overall SSL/TLS configuration requires urgent improvement. No explicit incident response or vulnerability disclosure information is available, which could be enhanced to improve security transparency. Overall, VISITECH a.s. demonstrates a solid business and technical foundation but must prioritize securing its web presence with proper SSL/TLS implementation to maintain credibility and protect client data. Strategic recommendations include immediate SSL deployment, enhanced security headers, and publishing incident response contacts.

B

Billa BG

billa.bg

40

BILLA Bulgaria operates as a major retail supermarket chain with a strong presence in the Bulgarian market, offering a wide range of food and non-food products, including own brands and partner brands. The company emphasizes customer loyalty through its BILLA Card program and engages actively in social responsibility initiatives. Technically, the website is built on modern frameworks such as Vue.js and Nuxt.js, hosted on Google Cloud, and integrates payment services like Payone. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocols, which is a critical issue. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy compliance. Overall, the website is professional and content-rich but requires urgent security improvements to ensure safe user interactions.

The website rametablouri.ro currently serves only as a redirect to another domain (https://creativeart.ro) and contains no substantive content or business information. The domain is relatively new, registered in 2023, and lacks SSL/TLS configuration, resulting in no HTTPS support. The technical infrastructure is minimal, with only basic security headers present and no advanced security features enabled. Due to the lack of content, privacy policies, or contact information, the site has a low trust and professionalism rating. Security posture is weak due to missing HTTPS and related best practices. Overall, the site appears to be a placeholder or transitional domain rather than an active business website.

Cegeka is a well-established European IT company specializing in end-to-end IT solutions, consulting, and digital transformation services. The company targets enterprise clients across multiple sectors including technology, energy, finance, telecommunications, manufacturing, and government. Their website reflects a mature digital presence with comprehensive content, professional design, and clear navigation. Technically, the site is built on HubSpot CMS, leveraging modern web technologies such as Lit and custom web components, and is hosted behind Cloudflare. However, the SSL certificate is invalid or missing, which significantly impacts the security posture. Security headers are well implemented but cannot fully compensate for the lack of proper HTTPS. Privacy and cookie policies are present and GDPR compliant, though no explicit security or incident response policies are found. Overall, the website demonstrates strong business credibility and marketing sophistication but requires urgent SSL remediation to improve security and trust.

M

Motrada Handels GmbH

motrada.net

39

Motrada Handels GmbH is a specialized IT company based in Vienna, Austria, providing customized white-label remarketing platforms primarily for leasing companies, fleet managers, and importers across Europe. Established in 2005, the company has delivered over 60 platforms in 17 countries, positioning itself as a European specialist in this niche. The website reflects a professional and consistent brand image with clear business descriptions and target audience focus. Technically, the site is built on WordPress with modern plugins and frameworks such as Elementor and Slider Revolution, but lacks a valid SSL certificate, which is a critical security shortfall. The presence of cookie consent mechanisms and privacy policies indicates good privacy compliance, although no explicit security or incident response policies are found. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

K

Kirchliche Pädagogische Hochschule Edith Stein

kph-es.at

34

The Kirchliche Pädagogische Hochschule Edith Stein is a regional educational institution in Austria specializing in teacher training and pedagogical education. It operates across four locations in western Austria and offers a range of study programs, continuing education, and research activities. The website is professionally designed and targets prospective and current educators, social pedagogues, and related professionals. The institution is positioned as a reputable academic entity with a clear focus on education and professional development. Technically, the website is built on TYPO3 CMS and uses Apache server technology. It integrates Google Tag Manager for analytics but lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes users to potential data interception risks and undermines trust. Privacy compliance is partially addressed with a comprehensive privacy policy, but no cookie consent mechanism is evident. Contact information is provided primarily via a contact page and footer address, with no direct emails or phone numbers visible on the main page. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

TE Connectivity is a global enterprise specializing in the design and manufacture of connectors, sensors, and electronic components that enable innovation in data, power, signal, and sensing connectivity. With over 80 years of industry experience, TE Connectivity serves a broad range of sectors including energy, transportation, and technology. The company operates a comprehensive digital presence with a well-structured website offering extensive product information, customer engagement tools, and resources for engineers and industrial customers. Technically, the website leverages modern frameworks such as Angular, integrates with Adobe Experience Manager, and uses Akamai CDN for performance and security. However, a critical security gap exists due to the absence of a valid SSL certificate and disabled TLS protocols, which significantly undermines the site's security posture. Privacy and cookie policies are well implemented, reflecting compliance with GDPR and other regulations. Overall, TE Connectivity demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to ensure secure communications and maintain trust.

R

Raiffeisen Informatik Technical Services GmbH

ri-s.at

40

Raiffeisen Informatik Technical Services GmbH is a specialized IT service provider focused on delivering on-site user support and field services primarily for the Raiffeisenbanken group, RBI Konzern, and UNIQA in Austria. The company positions itself as a market leader in providing high-quality, timely, and competent IT and security services tailored to banking and insurance sectors. Their service portfolio includes security technology, banking technology, print management, IT services, and telecommunications. The website content and branding consistently reflect their business focus and certifications, including ISO 9001 and ISO 27001, underscoring their commitment to quality and security. Technically, the website is built on WordPress with Apache server infrastructure and uses jQuery and custom JavaScript for interactivity. DNS is managed via Cloudflare secondary nameservers, but the SSL/TLS configuration is critically lacking, with no valid certificate installed and no TLS protocols enabled, which severely impacts the security posture. Performance metrics indicate slow loading, and while mobile optimization is good, accessibility and SEO optimizations are basic. Security-wise, the site implements several important HTTP security headers such as Content Security Policy, X-Frame-Options, and X-XSS-Protection, but these are undermined by the absence of HTTPS. The lack of OCSP stapling, session resumption, and certificate transparency compliance further weakens the security stance. No cookie consent mechanism or incident response contact information is present, which may affect privacy compliance and incident handling readiness. Overall, the website demonstrates a moderate level of professionalism and business credibility but suffers from critical security configuration issues that must be addressed urgently. Strategic improvements in SSL/TLS deployment, privacy compliance, and incident response transparency are recommended to enhance trust and security posture.

The website cismogroup.com currently serves as a minimal placeholder with no substantive content or business information. The site lacks essential elements such as privacy policies, contact details, and meaningful metadata. Technically, it is hosted on an Apache server but does not support HTTPS due to the absence of a valid SSL certificate, which critically undermines its security posture. The security headers present are insufficient to compensate for the lack of encryption and modern TLS protocols. Overall, the site exhibits poor digital maturity and minimal user engagement features. The lack of forms, social media links, or analytics indicates a very basic or inactive web presence. Security risks are elevated due to missing SSL and weak security configurations, and no compliance with privacy regulations is evident. Strategic recommendations include immediate SSL implementation, content development, and privacy compliance to improve trust and security.

EREMA Engineering Recycling Maschinen und Anlagen Ges.m.b.H. is a leading Austrian manufacturer specializing in plastic recycling machinery and systems. Founded in 1983, the company has established itself as a global market leader with over 7000 systems deployed worldwide, producing millions of tons of recycled granulate annually. Their business model focuses on manufacturing innovative recycling machines, providing customer testing centers, and offering digital solutions to optimize recycling processes. The website reflects a professional and comprehensive digital presence targeting industrial clients and businesses in the recycling sector. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, GSAP, and various UI libraries, hosted likely via A1 Telekom Austria infrastructure. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security shortfall. Performance data is missing, and while mobile optimization and SEO are good, accessibility is basic. Privacy and cookie policies are well implemented with consent mechanisms, indicating good GDPR compliance. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the site's security posture, exposing users to potential risks. Other security headers and best practices are missing, and no incident response or vulnerability disclosure information is provided. The domain registration details align well with the company's claims, supporting legitimacy. Overall, while the business and content quality are excellent, the critical lack of HTTPS and SSL significantly lowers the security score and overall trustworthiness. Strategic improvements in security infrastructure are essential to protect users and maintain the company's reputable market position.

Kellanova is a global leader in the food manufacturing sector, specializing in snacking, cereals, noodles, and plant-based foods with a strong portfolio of iconic brands. The company targets consumers worldwide, investors, and potential employees, operating at an enterprise scale with a mature domain presence of over 22 years. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the site leverages modern frameworks such as Bootstrap and Adobe Experience Manager, supported by Akamai CDN and integrated with marketing and privacy tools like Google Tag Manager and OneTrust. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the security posture and user trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The WHOIS data confirms strong domain registration practices and legitimacy. Overall, while the business and content aspects are strong, the lack of HTTPS is a major risk that should be remediated promptly.

Z

zustellpartner.at

zustellpartner.at

40

zustellpartner.at is a specialized regional job platform based in Austria, focusing on providing self-employed newspaper and food delivery jobs primarily in the regions of Steiermark, Kärnten, and Osttirol. The website targets pensioners, students, job seekers, and early risers looking for flexible part-time work. The business model revolves around connecting job seekers with delivery opportunities on a self-employed basis, emphasizing flexible scheduling and local engagement. The site is well-positioned within its niche market, offering clear job listings and application pathways.

K

Konfigurator

druck-und-zustellung.at

40

The website druck-und-zustellung.at presents a minimalistic Angular-based configurator interface with no visible business content, contact information, or legal pages such as privacy policy or terms of service. The technical infrastructure includes modern frontend technologies like Angular and the Didomi Consent SDK for cookie consent management, but lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Security headers are partially implemented, but the absence of TLS protocols and cipher suites severely weakens the security posture. The domain registration appears consistent with an Austrian business presence, but the lack of visible business details and minimal content reduces trust and credibility. Overall, the site is functional but immature in content and security maturity.

H

Hill Woltron Management Partner GmbH

hill-woltron.com

25

Hill Woltron Management Partner GmbH is a well-established HR consulting and personnel placement firm operating primarily in Austria and Germany. With over 50 years of experience as an owner-managed family business, it offers a broad range of HR services including recruiting, personnel development, management audits, and employee surveys. The company targets both corporate clients and job candidates, leveraging a strong network and professional expertise to connect people with career opportunities. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the website is built on WordPress using Elementor as the page builder, supported by LiteSpeed Cache for performance optimization. It integrates Google Analytics and Google Tag Manager for analytics and marketing purposes. However, the website lacks HTTPS, which is a critical security shortfall. The site is mobile-optimized and SEO-friendly but suffers from slow performance due to missing SSL and possibly other optimizations. From a security perspective, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. While no other major vulnerabilities or exposed sensitive data were detected, the lack of HTTPS exposes users to risks such as data interception. The site includes a GDPR-compliant privacy and cookie policy with a consent mechanism, but no explicit security policy or incident response information is available. Overall, Hill Woltron presents a credible and professional business with strong market positioning in HR services. The primary risk is the missing HTTPS, which should be addressed urgently to protect user data and improve trust. Strategic recommendations include implementing SSL/TLS, enhancing security headers, and publishing security and incident response policies to strengthen compliance and user confidence.

Magenta.at is the official website of T-Mobile Austria GmbH, a leading telecommunications provider in Austria offering mobile, internet, TV, and bundled services for both consumers and business customers. The website is professionally designed with rich content, clear navigation, and strong branding consistency. It targets a broad audience including private and business users, providing detailed product offerings and customer support resources. Technically, the site is built on Adobe Experience Manager with modern web technologies including AngularJS and jQuery, and integrates marketing and analytics tools such as Google Tag Manager and Usercentrics CMP. However, the website suffers from a critical security issue: the SSL certificate is invalid and no TLS protocols are enabled, severely impacting the security posture. Security headers are partially implemented, but improvements are needed to ensure secure communications. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms in place. Contact information is available primarily via phone and web forms, but no direct company emails are published. Overall, the site is trustworthy and legitimate, with WHOIS data consistent with the company identity. Strategic security improvements are recommended to restore full HTTPS security and enhance user trust.

B

BDI Bioenergy

bdi-bioenergy.com

25

BDI-BioEnergy International GmbH is a medium-sized Austrian company specializing in technology development and industrial plant engineering focused on chemical recycling, bioenergy, and sustainable industrial solutions. The company positions itself as an innovative leader with a strong emphasis on research, development, and turnkey plant solutions for the circular economy. Their key services include biodiesel retrofit, advanced pretreatment, smart operations, biogas, and green technology solutions. The website is built on WordPress with a modern tech stack including Yoast SEO, WPML for multilingual support, and various plugins for user interaction and spam protection. However, the site lacks HTTPS, which is a critical security shortfall. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. The company holds ISO 9001:2015 certification, enhancing its credibility. Overall, the website is professional and well-structured but requires urgent security improvements to protect user data and enhance trust.

The website kedrion.com is currently inaccessible beyond a Cloudflare security challenge page that requires JavaScript and cookies to proceed. This prevents access to any substantive content, including business, contact, or policy information. The domain's DNS and email configurations are well maintained with proper SPF and DMARC records, indicating a good email security posture. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap. The site employs multiple security headers but lacks modern TLS protocols and HSTS, reducing its overall security posture. Due to the WAF challenge blocking content, a full analysis of the website's business model, services, and compliance cannot be performed.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 12 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

ENERGIEALLIANZ Austria GmbH is a well-established energy sales and trading company founded in 2001, serving millions of customers in Austria and abroad with electricity, natural gas, and related services. The website reflects a mature digital presence built on TYPO3 CMS with modern web technologies and a focus on sustainability and customer service. Security posture is strong with HTTPS, secure cookies, and OCSP stapling, though improvements like HSTS and security.txt could enhance it further. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Contact information is transparent and includes multiple channels. Overall, the site demonstrates professionalism, trustworthiness, and good technical implementation.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

E

Evora Global Limited

evoraglobal.com

40

Evora Global Limited is a UK-based company specializing in sustainability consulting, managed services, and software solutions for real asset investors, owners, and operators. The company holds a strong market position, partnering with many of the world's leading investors and managing a substantial portfolio of assets. Their website is professionally designed, content-rich, and well-branded, targeting stakeholders interested in ESG and climate resilience. Technically, the site is built on WordPress with Gravity Forms and uses Cloudflare for hosting and CDN services. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support. Security headers are partially implemented, but improvements are needed, including enabling HSTS and OCSP stapling. Privacy compliance is moderate, with a comprehensive privacy policy but no visible cookie consent mechanism. Contact information is primarily via web forms, with no direct emails or phone numbers publicly listed. Overall, the website demonstrates a mature digital presence but requires urgent security enhancements to protect user data and improve trust.

S

Steuerexperten Wien | Österreich

steuerexperten.at

40

Steuerexperten.at is a well-established Austrian tax consultancy and business advisory firm based in Vienna, offering a broad range of services including tax consulting, accounting, business immigration, and corporate services. The company targets both Austrian and international clients, leveraging a digital platform (steuerexperten.PRO) to enhance client engagement and document management. The website is professionally designed, multilingual, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and frameworks, but suffers from a critical lack of valid SSL/TLS certification, exposing users to security risks. Privacy compliance is strong, with GDPR-aligned policies and cookie consent mechanisms in place. Contact information and trust signals such as certifications and testimonials are clearly presented, supporting business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect client data and enhance trust.

T

The Los Angeles Film School

filmproductionservices.info

37

The Los Angeles Film School website presents a comprehensive and professional educational institution focused on film, media, animation, and music production programs. It targets prospective students and professionals seeking accredited degree programs both on-campus and online. The site highlights alumni success, industry recognition, and offers extensive resources such as tours, webinars, and detailed program information. Technically, the website is built on WordPress using the Avia framework and incorporates multiple JavaScript libraries for enhanced user experience. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance practices. Overall, the site is trustworthy and professionally maintained but requires urgent security improvements to protect user data and enhance trust.

The website myersautoworld.com purports to represent a Buick GMC dealership offering new and used cars along with auto financing options. However, the actual content is minimal and primarily consists of advertising scripts and placeholder text, indicating the domain may be parked or not actively used for business purposes. The technical infrastructure relies on nginx and Caddy servers with hosting by Hetzner Online, but lacks a valid SSL certificate and HTTPS support, which severely impacts security and trustworthiness. The site includes multiple advertising and tracking scripts from networks such as AdsDeli and Google Adsense, but no clear business contact information or social media presence is provided. Overall, the website demonstrates poor content quality, weak technical implementation, and a deficient security posture, resulting in a low trust score and limited business credibility.

C

Climate KIC | Europe’s leading climate innovation agency and community

climate-kic.org

40

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 22 security findings identified across all modules.

X

x.test GmbH

xtest.at

22

x.test GmbH is a specialized company in electronic measurement technology based in Austria, founded in 2010. The company offers a range of products and consulting services focused on electronic measurement, emphasizing quality and customer trust. The website is built on WordPress with modern plugins and frameworks, providing a professional and user-friendly experience. However, the absence of an SSL certificate and HTTPS significantly impacts the security posture, exposing users to potential risks. The site implements GDPR-compliant cookie consent mechanisms and provides clear privacy and terms of service pages, reflecting good privacy compliance. Overall, the business appears legitimate and well-positioned in its niche, but security improvements are critical.

T

Thomas Ebenstein

ebenstein.info

27

The website represents Thomas Ebenstein, a professional tenor associated with the Wiener Staatsoper, serving as an artist portfolio and promotional platform. The site targets opera enthusiasts and event organizers, providing information about the artist and his season engagements. Technically, the site is built on WordPress using popular page builders like Elementor and WPBakery, hosted on viennacix.com infrastructure. While the design and content quality are good with proper SEO and mobile optimization, the site lacks a valid SSL certificate, which significantly impacts its security posture. Analytics tools such as Google Analytics and Jetpack Stats are used, with a cookie consent mechanism in place, indicating some level of privacy compliance. However, the absence of explicit contact information, security policies, and incident response details limits the site's trustworthiness and business credibility. Overall, the site is functional and professional but requires critical security improvements to enhance user trust and compliance.

W

Google Ads Agentur | Conversion-Optimierung | Wien, Krems

webperfect.at

26

Website security analysis completed with a risk score of 26/100.

S

Sepura Limited

sepura.com

40

Sepura Limited is a UK-based company specializing in the design, development, and supply of TETRA and LTE digital radio products and applications for business and mission-critical communications. The company holds a strong market position as a leading provider of TETRA radios with a legacy spanning over 125 years. Their solutions target public safety, energy, transportation, and commercial sectors globally, supported by a large partner network and extensive R&D efforts. Technically, the website is built on WordPress with modern plugins and marketing tools, demonstrating good digital maturity and SEO practices. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and trust indicators such as certifications and customer testimonials. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

F

Fundación Paraguaya

fundacionparaguaya.org.py

40

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 26 security findings identified across all modules.

Website security analysis completed with a risk score of 38/100.

Website security analysis completed with a risk score of 29/100.

The website lesliestreet.cz currently serves as a simple redirect to an external blog hosted on blog.goodhighway.com, with no substantive content or business information presented on the landing page. The domain is registered and hosted via redirect.host, indicating its primary function is redirection rather than hosting original content. Due to the lack of content, metadata, or business details, the site does not provide insight into any company operations, services, or market positioning. From a technical perspective, the site lacks a valid SSL certificate and does not support HTTPS, exposing visitors to potential security risks. No security headers or best practices are implemented, and no analytics or tracking technologies are detected. The site performance cannot be assessed due to the absence of content and resources. Security posture is weak, with critical issues including no HTTPS support and no security headers. Privacy compliance is non-existent as no privacy or cookie policies are found. Business credibility is low due to the absence of contact information, company details, or trust indicators. Overall, the site presents a high risk from a security and trust perspective and offers no meaningful business or user engagement value. Strategic recommendations include securing the domain with a valid SSL certificate, implementing essential security headers, and developing original content with clear business information and compliance policies to improve trust and security posture.

Zeuxis & Parrhasius is a small retail e-commerce business specializing in handcrafted luxury wallpapers based in Vienna, Austria. The website is built on the Shopify platform, leveraging modern web technologies and optimized for mobile devices. The business targets customers seeking premium wallcoverings with worldwide shipping options. While the site demonstrates good design quality, clear navigation, and professional content, it lacks a valid SSL certificate, which significantly impacts its security posture. The presence of multiple payment options and partner affiliations adds trust signals, but the absence of a visible privacy policy and direct contact emails limits privacy compliance and user trust. Overall, the site is functional and professional but requires critical security improvements to enhance user safety and compliance.

D

Division4

d4group.com

40

Website security analysis completed with a risk score of 40/100.

A

AEROCOMPACT Europe GmbH

aerocompact.com

23

AEROCOMPACT Europe GmbH operates as a global provider of photovoltaic mounting solutions, specializing in intelligent solar racking systems for roofs and open spaces. The company positions itself as a dynamic pioneer in the energy transition sector, offering both physical products and digital planning tools such as the Aerotool platform. Their market presence is supported by multiple global offices and a comprehensive service portfolio targeting solar engineers, project developers, and wholesalers. Technically, the website is built on TYPO3 CMS and employs modern web technologies including Google Tag Manager, Swiper.js, and Globe.gl for interactive features. While the site is content-rich and well-structured with good SEO practices, performance metrics indicate slow loading times, and accessibility features are basic. Mobile optimization is good, ensuring usability across devices. From a security perspective, the site lacks a valid SSL certificate and does not properly support HTTPS, which is a critical vulnerability. Security headers are minimal, and modern TLS protocols are not enabled. Despite these issues, the site uses secure cookies and has implemented privacy and cookie policies compliant with GDPR. Analytics and marketing tools are in use, with moderate user tracking. Overall, the website demonstrates strong business credibility and content quality but suffers from significant security shortcomings that must be addressed to protect user data and maintain trust. Strategic improvements in SSL/TLS configuration and security headers are recommended to elevate the security posture and compliance level.

A

TOTEM | Telemonitoraggio

asja.biz

36

Website security analysis completed with a risk score of 36/100.

O

Okto Community TV

okto.tv

36

Okto.tv is a community television platform based in Austria, focused on providing a space for media creators to develop and share their content. The website offers video streaming, live TV, workshops, and community engagement features. It targets local and cultural content creators and viewers, operating as a niche media broadcaster with a small organizational size and a mature domain age of 19 years. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and Usercentrics CMP for cookie consent, but lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security gap. The security posture is weak due to missing TLS protocols, HSTS, and other security headers. Privacy compliance is good with clear policies and consent mechanisms. The site lacks explicit contact information and incident response details, which impacts business credibility. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and enhance trust.

F

frhg.org

frhg.org

35

The website frhg.org is currently a parked domain with no active business content or services. It primarily displays advertisements and a message indicating the domain may be for sale, targeting domain investors or buyers. There is no identifiable company or business information, and the site lacks contact details or interactive features. Technically, the site is hosted by Bodis, a domain parking service, and uses basic HTML, CSS, and JavaScript with Google Adsense for monetization. Performance is poor with a very slow load time, and mobile optimization is minimal. Security posture is weak due to the absence of a valid SSL certificate, no HTTPS support, and lack of security headers or DNS security features. Privacy compliance is minimal with only a basic privacy policy page and no cookie consent mechanism. Overall, the site has low trustworthiness and credibility, reflecting its status as a parked domain rather than an active business website.

M

M.O.O.CON GmbH

moo-con.com

29

M.O.O.CON GmbH is a leading consulting firm specializing in sustainable buildings, service, and change processes. The company focuses on creating identity-forming work, learning, and cultural environments that contribute significantly to business success, user satisfaction, and environmental sustainability. Their market position is strong within the German-speaking region, targeting corporate clients across various sectors including facility management, human resources, and organizational development. The website reflects a professional and comprehensive presentation of their services and projects, supported by active social media engagement and content marketing through blogs and whitepapers. Technically, the site is built on TYPO3 CMS with modern web fonts and widgets, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and HTTPS support. This exposes visitors to potential risks and undermines trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility and content quality are high, but urgent security improvements are necessary to align with best practices and protect user data.

M

Metro New York & Southern Connecticut - Higher Education Jobs - Higher Education Recruitment Consortium

mnyscherc.org

40

Website security analysis completed with a risk score of 40/100.