Security Directory

D

Dunelm

dunelm.com

0

Dunelm is a prominent UK-based retailer specializing in homeware, furniture, and related products, offering a comprehensive e-commerce platform alongside physical stores. The website demonstrates a mature digital presence with extensive product categories, clear navigation, and strong branding. Technically, the site leverages modern technologies including React, Algolia for search, and integrates multiple third-party services for payments, analytics, and marketing. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, which severely impacts the site's security posture. While security headers are present, the lack of proper TLS configuration exposes the site to significant risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR. Overall, the site is professional and trustworthy from a business perspective but requires urgent remediation of its SSL/TLS configuration to ensure user data protection and trust.

E

ENI

eni.com

0

Eni is a large, established integrated energy company headquartered in Italy with a strong global presence and diversified energy portfolio including oil & gas, renewables, and bioenergy. The website reflects a mature digital presence with comprehensive content covering corporate governance, sustainability, investor relations, and career opportunities. Technically, the site uses modern frameworks like Bootstrap and jQuery, hosted on Akamai CDN, and employs Adobe Helix for content management. However, the security posture is weakened by the absence of a valid SSL certificate and HTTPS support, which is a critical vulnerability. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

I

it-novum GmbH

it-novum.com

0

it-novum GmbH is a leading IT consulting and implementation company specializing in Business Open Source and digital transformation within the DACH region. As a subsidiary of Allgeier SE, it has nearly 20 years of experience serving medium-sized businesses, large enterprises, and the public sector. The company offers key services including Big Data Analytics & IoT, IT Service Management, and Enterprise Information Management. The website reflects a professional and consistent brand image with comprehensive content and clear navigation tailored to its target audience. Technically, the website is built on WordPress using Elementor and Astra theme, incorporating modern web technologies and plugins such as Borlabs Cookie for consent management and WP Rocket for performance optimization. While mobile optimization and SEO practices are good, the website currently suffers from an invalid SSL certificate and lacks support for modern TLS protocols, which is a critical security concern. Security posture is moderate with some security headers present and no known vulnerabilities detected, but the invalid SSL certificate significantly reduces trust and security scores. Privacy compliance is strong, with clear privacy and cookie policies and active consent mechanisms. Business credibility is high, supported by detailed contact information, social media presence, and structured data. Overall, the website is professional and trustworthy but requires urgent remediation of SSL issues to improve security and user trust. Strategic recommendations include fixing SSL, enhancing security headers, and maintaining up-to-date software to ensure robust protection and compliance.

A

ACN Opportunity, LLC

myacn.com

0

ACN Opportunity, LLC operates a mature and established website offering essential services such as internet, energy, and wireless, combined with a home-based business opportunity model. The company targets individuals interested in essential services and entrepreneurial ventures, positioning itself as a trusted provider with strong industry memberships and a broad social media presence. Technically, the website leverages modern frontend technologies including Joomla CMS, Bootstrap, jQuery, and Swiper.js, hosted on AWS infrastructure with CloudFront CDN. The site is mobile optimized and SEO friendly, though performance metrics are unavailable. Security posture is weak due to the absence of a valid SSL certificate and HTTPS enforcement, despite the presence of several security headers. Privacy compliance is strong with comprehensive policies and a OneTrust cookie consent mechanism. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust.

H

HAUSER GmbH

hauser.com

0

HAUSER GmbH is a well-established European provider specializing in refrigeration furniture and cooling technology, serving international clients primarily in the food retail and industrial sectors. The company offers comprehensive solutions including innovative, energy-efficient cooling systems, project management, and lifecycle services. With approximately 75 years of experience, HAUSER holds a strong market position as a trusted B2B Komplettanbieter in Austria and Europe. The website is professionally designed, content-rich, and targets business customers seeking high-quality refrigeration solutions. Technically, the website is built on Drupal 10 and employs modern web technologies including Matomo for analytics and TRUENDO for privacy management. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant security and trust concern. Performance data is missing, and DNS records are incomplete, suggesting possible use of CDN or proxy services. The site is mobile-optimized and accessible with good SEO practices. From a security perspective, while several security headers are implemented, the absence of HTTPS and TLS protocols severely undermines the security posture. No explicit security policies or incident response contacts are provided, and no vulnerability disclosure mechanisms are found. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, HAUSER GmbH presents a credible and professional business online presence but must urgently address SSL/TLS implementation to improve security and trust. Strategic recommendations include securing the website with valid certificates, enabling modern TLS protocols, and enhancing security transparency to align with best practices and regulatory requirements.

E

ETM professional control GmbH

etm.at

0

ETM professional control GmbH is a medium-sized Austrian company specializing in the development of the SIMATIC WinCC Open Architecture SCADA system, serving critical industrial sectors such as energy, transportation, and building automation. As a wholly owned subsidiary of Siemens AG, ETM benefits from strong corporate backing and a global partner network, positioning it as a reputable player in industrial automation software. The website reflects a professional and consistent brand presence with detailed company history and management information. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates marketing and analytics tools such as Adobe DTM and Google Analytics. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture, exposing users to risks and reducing trust. Security headers are present but insufficient without proper TLS implementation. Privacy and cookie policies are linked to Siemens global pages, indicating good compliance with GDPR and related regulations. Overall, the site is content-rich and credible but requires urgent security improvements to protect users and enhance trust.

C

CeMM Research Center for Molecular Medicine of the Austrian Academy of Sciences

cemm.at

0

CeMM is a reputable interdisciplinary research center affiliated with the Austrian Academy of Sciences, focusing on molecular medicine and biomedical research. The website reflects a strong academic and scientific orientation, targeting researchers, students, and collaborators. The technical infrastructure is based on TYPO3 CMS with Apache hosting, and includes privacy-conscious analytics via Matomo. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. The site is well designed, mobile optimized, and rich in content, but security improvements are urgently needed to align with best practices and compliance requirements.

P

Philosophtware

philosophtware.com

0

Philosophtware is a small technology-focused business presenting itself as an IT consulting or software solutions provider. The website content is minimal, with a simple slogan and a single contact email, lacking detailed business descriptions or multiple contact channels. The technical infrastructure is basic, hosted likely on netcup servers, with no modern CMS or frameworks detected. Performance is slow despite the small page size, and SEO and accessibility optimizations are absent. Security posture is weak, with no valid SSL certificate, no HTTPS support, and no security headers or advanced configurations. The presence of Comodo TrustLogo scripts without a valid SSL certificate may mislead visitors about the site's security. Overall, the site lacks critical compliance documents such as privacy and cookie policies, reducing trust and compliance standing.

F

Freshfields

freshfields.com

0

Freshfields is a leading global law firm serving the world’s biggest international organizations with comprehensive legal advisory services. The firm is well-positioned in the market with elite rankings and a strong brand presence. Their website reflects a mature digital infrastructure using modern web technologies such as React and Next.js, hosted on Cloudflare with extensive use of analytics and marketing tools. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses a critical risk to secure communications. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure client interactions.

C

CloudBees, Inc.

cloudbees.com

0

CloudBees, Inc. is a leading enterprise software company specializing in continuous integration and continuous delivery (CI/CD) solutions, primarily based on Jenkins. The company offers a comprehensive suite of DevOps tools and platforms designed to accelerate software delivery, improve developer productivity, and ensure security and compliance at scale. CloudBees holds a strong market position as the #1 Jenkins enterprise CI/CD platform provider, serving large enterprises globally with a focus on technology sectors. Their business model includes SaaS and on-premises offerings, targeting enterprise development teams and IT executives. Technically, CloudBees employs modern web technologies such as React and Next.js, hosted on AWS infrastructure with integrations to major cloud providers. The website demonstrates good digital maturity with responsive design, SEO optimization, and accessibility considerations. Marketing and analytics tools are implemented with user consent mechanisms, reflecting privacy compliance. From a security perspective, while the website implements multiple security headers and policies, a critical issue is the invalid or missing SSL certificate and disabled TLS protocols, which significantly impact the security posture. The company maintains security policies, incident response contacts, and certifications such as SOC 2 and ISO 27001, indicating a mature security framework. However, immediate remediation of SSL and TLS configurations is necessary to protect user data and maintain trust. Overall, CloudBees presents a professional and trustworthy online presence with strong business credibility and technical infrastructure. Addressing the SSL and TLS issues will elevate their security posture and align with their enterprise-grade offerings.

B

BETTERHOMES AG

betterhomes-international.com

0

BETTERHOMES AG operates as an international technology-driven real estate franchise company, pioneering a hybrid brokerage model that combines proprietary software with local market expertise. Founded in 2005 in Zurich, it holds a strong market position as the largest independent real estate broker in Switzerland and has expanded across the DACH region with plans for further international growth. The company offers franchise opportunities supported by advanced technology and a strong partner development culture. Technically, the website is built on modern frameworks including PHP 8.2, Flow Framework, and Neos CMS, with integrations of Bootstrap, FontAwesome, and various JavaScript libraries. However, the website suffers from a critical security deficiency due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the site presents professional content and strong business credibility but requires urgent security improvements to protect user data and maintain trust.

W

Wien Energie GmbH

wienenergie.at

0

Wien Energie GmbH is the largest regional energy supplier in Austria, serving approximately two million people and 230,000 commercial and industrial customers in and around Vienna. The company offers a broad range of energy-related services including electricity, natural gas, district heating, e-mobility, telecommunications, and energy consulting. It operates under the Wiener Stadtwerke Group, reflecting a strong market position and extensive service portfolio. The website is professionally designed with comprehensive content targeting both private and business customers, supported by active social media engagement and clear navigation.

G

Gebauer & Griller

griller.at

0

Gebauer & Griller (GG Group) is a well-established international family-owned manufacturing group specializing in high-quality wires, cables, and wiring systems for automotive and industrial applications. The company positions itself as a leading provider in energy and data transmission sectors, emphasizing customized solutions, innovation, and strong partnerships. The website reflects a professional digital presence with comprehensive content, including corporate videos, social media integration, and detailed product and corporate information. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates third-party services such as Google reCAPTCHA, Google Maps, Vimeo, and Flockler social feeds. However, the website currently lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical security concern. Security headers are partially implemented, but important features like HSTS and OCSP stapling are missing. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. Contact information is comprehensive, including multiple global office addresses, emails, and phone numbers. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to protect user data and maintain trust.

The website prevero.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking page, which prevents access to any substantive content. The page presented is a security challenge indicating that the user has been blocked, likely due to triggering security rules. No business-related content, metadata, or contact information is available for analysis. The SSL/TLS configuration is invalid, with no valid certificate installed and no modern TLS protocols enabled, which severely impacts the security posture. The site uses Cloudflare as a hosting and security provider but lacks proper HTTPS implementation. Due to the blocking and lack of accessible content, the overall digital maturity and business credibility cannot be assessed accurately.

M

Merkur Versicherung AG

merkur.at

0

Merkur Versicherung AG is Austria's oldest insurance company, specializing in private health, accident, life, property, and legal protection insurance. Positioned as the second largest private health insurer in Austria, it serves a broad audience including private customers, employees, and businesses. The website demonstrates a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its target audience. Technically, the site is built on Liferay DXP with React and Clay UI components, but suffers from critical SSL misconfiguration that undermines its security posture. Security headers are well implemented, but the lack of a valid SSL certificate and disabled TLS protocols present significant risks. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site is trustworthy and professional but requires urgent remediation of SSL issues to ensure secure user interactions.

BRAUN Maschinenfabrik Gesellschaft m.b.H. is a well-established Austrian manufacturing company specializing in steel cutting and grinding machines, hydraulic steel structures, and decommissioning technologies. Founded in 1848, the company holds a strong market position as a technology leader with a global presence, serving industrial clients primarily in the energy and manufacturing sectors. Their product portfolio includes customized solutions for cutting, grinding, and dismantling applications, supported by in-house engineering and automation capabilities. The website reflects a professional business with clear branding and relevant content targeting industrial customers. Technically, the website runs on an Apache server and uses JavaScript libraries including Google Analytics and Google Maps API. However, the site lacks HTTPS encryption, which is a critical security shortfall. Performance metrics are not available, but the site shows basic mobile optimization and SEO practices. The hosting provider is identified via DNS as esys.at, an Austrian hosting service. From a security perspective, the absence of a valid SSL/TLS certificate and HTTPS is a major vulnerability, exposing users to potential data interception. No advanced security headers or policies are implemented, and there is no visible incident response or vulnerability disclosure information. Privacy compliance is minimal, with no cookie consent mechanism detected, although a basic privacy policy and terms of service are present. Overall, the website demonstrates moderate business credibility and content quality but suffers from significant security and privacy compliance gaps. Strategic improvements in SSL deployment, security headers, and privacy mechanisms are recommended to enhance trust and protect users.

U

UNTHA shredding technology GmbH

untha.com

0

UNTHA shredding technology GmbH is a well-established manufacturer specializing in industrial shredding machines for various waste and recycling applications. With over 50 years of experience and a global presence including subsidiaries in the US, the company offers tailored shredding solutions for materials such as residual wood, metal, plastics, electronic waste, and more. The website reflects a professional and comprehensive digital presence with detailed product information and customer testimonials. Technically, the site uses modern frameworks like Next.js and React, hosted on AWS CloudFront, and integrates privacy and analytics tools such as Cookiebot, Google Tag Manager, and Matomo. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that significantly impacts the site's security posture. Security headers are properly configured, but the lack of TLS protocols and certificate transparency compliance are notable vulnerabilities. Overall, the site is trustworthy and business credible but requires urgent security improvements to protect user data and enhance trust.

L

Lomography

lomography.com

0

Lomography is a well-established analogue photography community and e-commerce platform founded in 1994, offering a wide range of analogue cameras, films, lenses, and educational content. The website demonstrates excellent content quality, user experience, and community engagement, targeting photography enthusiasts globally. Technically, the site uses a modern stack with nginx and Phusion Passenger, and employs Google Tag Manager for analytics and marketing. However, a critical security gap exists as the site lacks a valid SSL/TLS certificate and does not serve content over HTTPS, exposing users to potential interception risks. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, the business credibility is high, but the security posture requires urgent improvement to protect users and maintain trust.

W

Würth Österreich

wuerth.at

0

Würth Österreich operates a comprehensive B2B e-commerce platform targeting trade professionals and businesses in Austria. The website offers a wide range of industrial and professional products alongside specialized services such as consulting, digital tools, and engineering support. The company is positioned as a market leader with a strong brand presence and multiple customer engagement channels including social media and mobile apps. Technically, the site uses modern web technologies and a professional CMS, providing a good user experience and mobile optimization. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses risks to data confidentiality and user trust. Privacy compliance is generally good with accessible policies, but lacks a visible cookie consent mechanism. Overall, the site is professional and credible but requires urgent security improvements to protect users and maintain trust.

D

Dorner Electronic GmbH

dorner.at

0

Dorner Electronic GmbH is a medium-sized Austrian company specializing in technology and software solutions for concrete manufacturers, including ready-mix, precast concrete, dry batch, and bulk material sectors. The company positions itself as a European market leader with a global presence through subsidiaries and partner networks. Their offerings include automation solutions, software products, and apps that digitalize and optimize production processes from order to invoicing. Technically, the website is built on modern frameworks such as Next.js and React, hosted on HostingHub Cloud, and demonstrates good mobile optimization and SEO practices. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided, enhancing business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.

Bilfinger SE is an established international industrial services provider specializing in maintenance, expansion, and operation of industrial plants primarily in the energy, chemicals, pharma, and oil & gas sectors. The company operates across Europe, North America, and the Middle East, offering a comprehensive service portfolio including consulting, engineering, manufacturing, assembly, maintenance, and digital applications. The website reflects a mature digital presence built on TYPO3 CMS with a professional design and multilingual support targeting industrial clients globally. Technically, the site uses Apache and PHP 7.4 with various JavaScript libraries and integrates Matomo for analytics and Consentmanager.net for cookie consent management. Security posture is moderate; while security headers and a content security policy are present, the SSL/TLS configuration is currently invalid or missing, which is a critical issue. No WAF or blocking mechanisms are detected, and the site is fully accessible. The domain registration data is consistent with the business claims, showing a long-established domain without privacy protection, supporting legitimacy. Overall, the site is professional and trustworthy but requires urgent SSL/TLS remediation to improve security and user trust.

S

StreamUnlimited Engineering GmbH

streamunlimited.com

0

StreamUnlimited Engineering GmbH is a medium-sized technology company based in Austria, specializing in system integration for connected audio, Matter, IoT, and voice assistant technologies. The company offers a comprehensive portfolio of software and hardware solutions, including StreamSDK, StreamAnalytics, Stream2Go, and StreamAMP, targeting brands and ODMs seeking advanced embedded products. With over 120 professionals and a global reach, StreamUnlimited positions itself as a reliable partner for audio streaming and IoT product development. The website is professionally designed, well-structured, and provides detailed information about products, services, and company values. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. The site includes GDPR-compliant privacy and cookie policies with consent mechanisms, reflecting good privacy practices. Overall, the company demonstrates strong business credibility and digital maturity but must urgently address its security posture to ensure safe and trusted user interactions.

P

Pers-Con

pers-con.at

0

Pers-Con is a specialized recruitment and personal consulting firm focusing on sectors such as automotive, IT, pharma, waste management, insurance, finance, law, and construction. The company operates primarily in Austria and neighboring countries, offering services including direct candidate approach, media-supported search, and social media utilization. The website reflects a professional business with clear service offerings and team member contacts, targeting both companies and job seekers. Technically, the site is built on Joomla CMS with common web technologies like jQuery and Bootstrap, but lacks modern performance optimizations and mobile responsiveness is basic. Critically, the absence of HTTPS and a valid SSL certificate severely impacts security posture and trustworthiness. Cookie consent and privacy policies are implemented, indicating GDPR awareness. Overall, the site is functional but requires urgent security upgrades to meet modern standards.

R

Rubix

theprojectoffice.co.nz

0

Rubix is a New Zealand-based national independent project management consultancy specializing in unlocking project potential across diverse sectors including education, infrastructure, commercial, and sustainability. The company offers comprehensive services from strategic planning through to project delivery, emphasizing sustainable design and construction practices. Their market position is supported by a mature domain and a broad portfolio of projects across New Zealand. Technically, the website is built on Craft CMS and served via nginx with Cloudflare DNS. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall. The site uses Google Tag Manager for analytics but lacks privacy and cookie policies, which impacts privacy compliance. Performance metrics indicate slow DNS resolution, and no advanced security headers or mechanisms are implemented. Security posture is weak due to missing HTTPS, lack of HSTS, and no security headers, exposing users to potential risks. The WHOIS data confirms a consistent and legitimate registration with a mature domain age, though the lack of domain protection locks is noted. Contact information is comprehensive with multiple regional offices, enhancing business credibility. Overall, the website demonstrates good business and content quality but requires urgent security improvements to protect users and enhance trust. Privacy compliance is minimal, and adding policies and consent mechanisms is recommended.

F

Flex

flex.com

0

Flex is a global enterprise specializing in advanced manufacturing and end-to-end supply chain solutions. The company offers a broad range of services including design and engineering, supply chain management, advanced manufacturing, post production, and post sale services. With a strong global footprint and multiple subsidiaries, Flex positions itself as a leader in manufacturing innovation and operational efficiency. The website reflects a professional and comprehensive digital presence, targeting businesses requiring scalable manufacturing and supply chain solutions. Technically, the website is built on WordPress and hosted on Pantheon, utilizing modern web technologies such as jQuery, Google Tag Manager, and New Relic for monitoring. The site is well-optimized for SEO and mobile responsiveness, providing a good user experience. However, performance metrics are moderate, and there is room for improvement in loading speed. From a security perspective, the site has several HTTP security headers configured, including HSTS and CSP in report-only mode. Unfortunately, the SSL certificate is invalid or missing, and no TLS protocols are enabled, which significantly weakens the security posture. No direct contact emails or phone numbers are publicly listed, but contact forms are available. Privacy and cookie policies are present and indicate GDPR compliance. Overall, while the business credibility and content quality are high, the lack of proper SSL/TLS configuration is a critical security concern that should be addressed promptly to protect user data and maintain trust.

E

Eurocom Translation Services GmbH

eurocom.at

0

Eurocom Translation Services GmbH is a well-established B2B translation and language service provider based in Austria, with over 30 years of experience and a strong market presence in the DACH region. The company offers a comprehensive suite of services including technical and marketing translations, terminology management, quality management, and language managed services such as Global SEO and machine translation. Eurocom is part of the Kaleidoscope Group, which enhances its technological capabilities and market reach. The website reflects a professional and content-rich digital presence, targeting export-oriented businesses seeking multilingual content solutions. Technically, the site is built on WordPress with modern plugins and tools, but suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no HTTPS support. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. The security posture is basic, lacking important security headers and DNS security features. Overall, Eurocom demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to improve security and trustworthiness.

Tommy Hilfiger is a globally recognized fashion brand offering a wide range of apparel and accessories for men, women, and children through its official online shop. The website targets fashion-conscious consumers and provides a comprehensive e-commerce platform with seasonal collections, sales, and a membership program. The technical infrastructure leverages modern web technologies including Next.js, React, and Contentstack CMS, supported by a robust CDN via Akamai and integrated with multiple third-party services for analytics, marketing, and payment processing. Despite strong security header implementations, the absence of a valid SSL certificate and lack of HTTPS significantly undermines the security posture of the site. Privacy and cookie policies are well documented and indicate GDPR compliance. Overall, the website demonstrates a high level of professionalism and business credibility but requires urgent attention to its SSL configuration to ensure secure user interactions.

N

Nameshift.com

ibk.fr

0

The website ibk.fr is a domain sales landing page managed by Nameshift.com, a company specializing in domain name transfers and escrow services. The business model focuses on providing a safe, fast, and fee-free domain transfer experience for buyers, with the seller paying commissions. The site targets individuals and businesses looking to purchase domain names securely. Technically, the site uses modern frameworks such as SvelteKit and is hosted on a CDN associated with Nameshift.com. However, the website suffers from critical security shortcomings, including the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture. Additionally, privacy and cookie policies are missing, and DNS security configurations are incomplete or malformed. These factors reduce trust and compliance with data protection regulations. Overall, the site presents a basic but functional domain sales platform with room for significant security and compliance improvements.

M

Montanuniversität Leoben

mu-leoben.at

0

Montanuniversität Leoben is a well-established technical university in Austria specializing in sustainable technologies and circular engineering. The website reflects a strong academic and research focus with comprehensive educational offerings and active international partnerships. Technically, the site uses TYPO3 CMS with modern frontend libraries but lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS and incomplete security headers, though privacy compliance is well addressed with cookie consent and GDPR-aligned policies. Overall, the site is professional and trustworthy but requires urgent improvements in security infrastructure to protect user data and enhance trust.

Komatsu Forest is a mature and established manufacturer specializing in forestry machinery and related services, operating primarily out of Sweden. The company offers a broad range of forest machines including harvesters, forwarders, harvester heads, and forestry excavators, complemented by digital solutions such as Smart Forestry and a comprehensive spare parts and training service portfolio. Their market position is strong as a leading global player in forestry equipment, supported by a consistent brand presence and clear communication channels. Technically, the website is built on a Sitecore CMS platform with a technology stack including jQuery, Bootstrap, and Google Fonts. While the site is well-structured, mobile-optimized, and SEO-friendly, it lacks a valid SSL certificate, which significantly impacts its security posture. Performance metrics are incomplete, but the site shows good design and user experience qualities. From a security perspective, the absence of HTTPS and related security headers is a critical vulnerability that exposes users to risks such as data interception. The site does implement privacy and cookie policies with consent mechanisms, indicating awareness of GDPR compliance. However, there is no visible incident response or vulnerability disclosure policy, and no security certifications are presented. Overall, the website is professional and credible but requires urgent security improvements, particularly the implementation of a valid SSL certificate and enhanced security headers, to protect users and improve trustworthiness.

V

Verticalfarminstitute

verticalfarminstitute.org

0

The Vertical Farm Institute is a specialized research and consulting organization focused on advancing urban agriculture and vertical farming. Established in 2013 and based in Vienna, Austria, it collaborates on international projects such as Horizon 2020's euPOLIS. The website presents a professional digital presence with rich content including project descriptions, journals, and service offerings targeted at real estate developers, architects, and sustainability-focused stakeholders. Technically, the site is built on WordPress with modern plugins and SEO tools, but lacks a valid SSL certificate, which is a significant security concern. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site demonstrates moderate maturity and credibility but requires urgent improvements in security and privacy practices.

The website es-investments.com currently serves as a parked domain landing page with no active business content or services. It primarily displays advertising and affiliate links indicating the domain is for sale. The technical infrastructure is minimal, hosted on Hetzner Online with a Caddy server, and uses parking scripts from ParkingCrew and Afternic. There is no valid SSL certificate, resulting in no HTTPS support, which is a critical security deficiency. Privacy compliance is minimal with only a basic privacy policy accessible via a popup link, and no cookie consent mechanisms are present. The lack of business information, contact details, and security best practices significantly lowers the site's trustworthiness and credibility.

The website polymet-solutions.com is currently inaccessible due to a Cloudflare security challenge page that requires JavaScript and cookies to be enabled. This prevents access to any substantive content or business information. The domain is registered and uses Cloudflare for DNS and security services but lacks a valid SSL certificate, resulting in no HTTPS support. The absence of privacy policies, contact information, or business details on the landing page limits the ability to assess the company's market position or services. Technically, the site employs Cloudflare's security headers but fails to implement modern TLS protocols or HSTS, reducing its security posture. Overall, the site scores low on content quality, technical implementation, security, privacy compliance, and business credibility due to the blocked content and missing critical elements.

B

BHDT GmbH

bhdt.at

0

BHDT GmbH is a specialist company focused on high pressure equipment and components for the chemical and petrochemical industries, operating primarily in Austria. The company is part of the Dr. Aichhorn Group and offers engineering, design, and production services. The website reflects a medium-sized B2B manufacturing business with a professional online presence and clear business segmentation. Technically, the site is built on WordPress with common plugins for SEO, multilingual support, and marketing analytics. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. Privacy policies are present but lack a cookie consent mechanism, which may affect GDPR compliance. Overall, the site is functional and professional but requires urgent security improvements.

A

AICHELIN Holding GmbH

aichelin.com

0

AICHELIN Holding GmbH is a leading industrial manufacturing company specializing in heat treatment solutions for metallic parts and components. The company offers a broad portfolio including industrial furnace systems, industrial burner systems, vacuum furnaces, and battery materials, supported by comprehensive global service offerings. Their website reflects a professional B2B focus targeting industrial clients and equipment manufacturers. Technically, the site uses modern JavaScript libraries, Bootstrap framework, and integrates consent management and Google Tag Manager for analytics and privacy compliance. However, the SSL/TLS configuration is critically flawed with an invalid certificate and no enabled TLS protocols, posing a significant security risk. Security headers are well implemented, but the lack of valid HTTPS severely impacts the security posture. Privacy policies and cookie consent mechanisms are present and GDPR compliant. WHOIS data confirms the legitimacy and consistency of the domain registration with the business identity. Overall, the website is content-rich and professionally presented but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions and trust.

The website onecareco.com is currently a parked domain with minimal content primarily consisting of advertising scripts and placeholders. There is no active business information, contact details, or meaningful content describing any products or services. The domain is mature, registered since 2007, but the website does not reflect an active or professional business presence. Technically, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. The hosting provider is Hetzner Online, and the site uses nginx and Caddy servers with JavaScript-based ad delivery. Security posture is weak with no modern TLS protocols enabled and no security headers configured. Privacy compliance is minimal with only a basic privacy policy page present and no cookie consent mechanism. Overall, the site scores low on content quality, technical implementation, security, privacy compliance, and business credibility.

A

Amgen Inc.

amgen.com

0

Amgen Inc. is a leading global biotechnology company focused on developing innovative biologic medicines to treat serious illnesses. The website reflects a mature enterprise with comprehensive content covering its science, products, corporate responsibility, and investor relations. The target audience includes healthcare professionals, patients, investors, and partners. The business model centers on research, development, manufacturing, and delivery of biologic therapeutics, positioning Amgen as a pioneer in biotechnology with a strong market presence. Technically, the website employs modern JavaScript libraries such as jQuery and Slick Carousel, uses lazy loading for images, and integrates Google Tag Manager and Cookiebot for analytics and privacy compliance. Hosting is via Amazon CloudFront CDN, supporting global content delivery. The site is mobile optimized with good SEO and accessibility basics, though some accessibility features could be enhanced. From a security perspective, the site implements several security headers including Content Security Policy and X-Frame-Options. However, a critical issue is the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture. No TLS protocols are enabled, and HSTS is not properly configured. These gaps expose users to potential risks and undermine trust. Overall, the website is professionally designed and content-rich, but the lack of HTTPS and valid SSL certificate is a major security concern. Strategic improvements in SSL/TLS deployment and enhanced security configurations are essential to protect user data and maintain trust. Privacy compliance is well addressed with Cookiebot and clear privacy and cookie policies. Business credibility is high, supported by consistent branding and comprehensive corporate information.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

B

bfi Steiermark

bfi-stmk.at

0

bfi Steiermark is a large, well-established adult education institution based in Austria, offering a wide range of courses, seminars, and certifications across multiple professional fields. The website targets adult learners and professionals in the Steiermark region, providing a comprehensive educational service portfolio. Technically, the site is built on the Contao CMS platform and uses common web technologies such as jQuery and Less CSS. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security vulnerability. Security headers are implemented, but the absence of HTTPS severely impacts the overall security posture. The site includes GDPR-compliant privacy and cookie policies with a consent mechanism, and it maintains active social media channels for engagement. Overall, while the business and content quality are good, the technical and security shortcomings require urgent attention to protect user data and improve trust.

K

Kreutzpointner

kreutzpointner.de

0

Kreutzpointner is a well-established family-owned company specializing in electrical and information technology solutions, with over 100 years of experience and operations in Germany, Austria, and Romania. The company offers a comprehensive portfolio including electrical installations, renewable energy, software solutions, and full-service offerings such as consulting, engineering, execution, and maintenance. Their market position is strong with multiple subsidiaries and a broad service spectrum targeting industrial, commercial, and public sectors. Technically, the website is built on WordPress with modern plugins and frameworks, providing good SEO and user experience. However, the security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which poses significant risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility is high, supported by certifications and detailed company information.

N

Namirial GmbH

xyzmo.com

0

Namirial GmbH operates in the digital transaction management and e-signature software sector, providing omni-channel solutions that enable businesses to conduct secure digital transactions anytime and anywhere. The company is recognized as a leader in its market segment, offering qualified trust services compliant with eIDAS regulations, and supports both SaaS and on-premise deployments. Their target audience primarily consists of businesses seeking digital transformation in document signing and workflow management. Technically, the website uses modern web technologies such as jQuery and integrates third-party services for fonts, translation, and marketing analytics. However, the absence of a valid SSL certificate and HTTPS severely undermines the security posture, despite the presence of several security headers and policies. The domain is mature and consistent with the company's history, but the imminent expiry poses a risk if not renewed promptly. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.

W

Wienerberger AG

wienerberger.com

0

Wienerberger AG is a leading global manufacturer and supplier of building materials, specializing in bricks, clay roof tiles, pipe systems, and surface pavings. The company holds a strong market position as the world's largest brick producer and a market leader in Europe for clay roof tiles and infrastructure solutions. The website reflects a mature and professional digital presence with comprehensive content targeting investors, customers, and job seekers. Technically, the site is built on Adobe Experience Manager and uses modern web technologies, but critically lacks HTTPS/SSL encryption, exposing users to security risks. Security headers are partially implemented, but the absence of SSL/TLS significantly lowers the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high business credibility and content quality but requires urgent security improvements to protect user data and maintain trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

H

Hotwell US

hotwellus.com

0

Hotwell US is a specialized company focused on developing advanced wireline well logging tools, systems, and software primarily serving the energy sector. The business operates a WordPress-based website that provides basic information about its products and services but lacks comprehensive content and contact details. The company appears to be a small-sized entity with a mature domain age of 18 years, indicating an established presence in its niche market. Technically, the website relies on older versions of WordPress and jQuery, with Cloudflare providing DNS and hosting services. SEO is moderately optimized using Yoast SEO, but mobile optimization and accessibility are basic. Security posture is weak due to the absence of HTTPS/SSL, lack of security headers, and missing privacy and cookie policies. Google Analytics is used for user tracking without any consent mechanism, raising privacy compliance concerns. Overall, the website presents a low trustworthiness level and requires significant improvements in security and compliance to meet modern standards.

F

FH Oberösterreich

fh-ooe.at

0

FH Oberösterreich (FH OÖ) is a leading university of applied sciences in Austria, offering a wide range of bachelor and master degree programs across multiple campuses. The institution emphasizes praxis-oriented education, personal consultation, and maintains strong international partnerships. The website reflects a mature digital presence with comprehensive content, clear navigation, and multilingual support. Technically, the site uses modern frameworks such as Vue.js and Craft CMS, and integrates various analytics and marketing tools with user consent mechanisms. However, the security posture is weakened by the absence of a valid SSL certificate and lack of security headers, exposing users to potential risks. Privacy compliance is well addressed with detailed policies and cookie consent. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to ensure secure communications.

W

WiLLTRON Technologies GmbH

willtron.at

0

WiLLTRON Technologies GmbH is a specialized Austrian company founded in 2005, focusing on testing, measuring, monitoring, and analyzing wired and wireless IP networks and communication systems. Their offerings include a range of hardware and software solutions, seminars, and webinars targeting network professionals and communication system installers. The company maintains strategic partnerships with international manufacturers, positioning itself as a niche provider in the telecommunications technology sector. The website reflects a professional and consistent brand image with clear contact information and service descriptions. Technically, the site is built on TYPO3 CMS with common frontend frameworks and libraries, but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS exposes users to potential data interception risks and reduces trustworthiness. Privacy and cookie policies are present with consent mechanisms, but no terms of service or explicit security policies are found. Social media presence is moderate, including Facebook, LinkedIn, and Google Plus (deprecated). Overall, the website is functional and informative but requires urgent security improvements to meet modern standards.

Tungsten Automation Corporation, formerly known as Kofax, is a leading enterprise technology provider specializing in AI-powered workflow automation solutions. The company offers a broad portfolio of products including document and workflow automation, accounts payable and receivable automation, print and workplace automation, and PDF and eSignature solutions. Positioned as a market leader, Tungsten Automation is recognized by industry analysts such as Everest Group and IDC for its intelligent document processing capabilities. The company targets global enterprises seeking to streamline complex, data-intensive business processes and improve operational efficiency through AI and automation technologies. Technically, the website is built on a modern stack including Sitecore CMS, jQuery, and integrates multiple marketing and analytics tools such as Google Analytics, Visual Website Optimizer, and Eloqua. Hosting appears to be on Microsoft Azure. While the site demonstrates excellent content quality, branding consistency, and user experience, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts its security posture. Privacy policies and cookie consent mechanisms are present and GDPR compliant, supporting good privacy compliance. Overall, the site reflects a mature enterprise digital presence but urgently requires remediation of its SSL/TLS configuration to meet basic security standards.

G

Getzner Textil AG

getzner.at

0

Getzner Textil AG is a well-established Austrian textile manufacturer with a history dating back to 1818. The company specializes in high-quality fashion fabrics, corporate fashion textiles, personal protective equipment, sports equipment textiles, and industrial textiles, emphasizing innovation and sustainability. Their market position is strong within Europe, serving a diverse clientele including fashion designers, garment makers, and industrial users. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional design. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and Matomo Analytics, hosted behind Fastly CDN and Varnish cache. However, a critical security gap exists as the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which severely impacts security posture. Privacy and cookie policies are well implemented with consent mechanisms, and the company maintains active social media channels. Overall, the domain registration and DNS data align with the company's claims, indicating legitimacy and trustworthiness.

U

UBIMET

ubimet.com

0

UBIMET is a mature meteorological services company founded in 2008, specializing in providing high-precision, tailored weather data and integrated systems to businesses across sectors such as energy, transportation, insurance, retail, and media. The company leverages proprietary AI-driven weather models combining multiple data sources to deliver scalable and precise weather information. Their market position is strong, supported by a consistent brand, client testimonials, and certifications like ISO 27001. Technically, the website is built on WordPress with modern plugins and lazy loading for images, but suffers from critical security shortcomings including the absence of a valid SSL certificate and disabled TLS protocols, which significantly impact the security posture. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the site presents professional content and good user experience but requires urgent security improvements to protect user data and enhance trust.

The Australian Government Department of Foreign Affairs and Trade (DFAT) operates as the primary government agency responsible for managing Australia's international relations, trade, and diplomatic efforts. The website serves as an authoritative source of information for Australian citizens, international partners, businesses, and travelers, providing comprehensive content on foreign affairs, trade agreements, development programs, consular services, and travel advice. The site is well-branded, professionally designed, and consistent with government standards, reflecting its enterprise-level stature within the government sector. Technically, the website is built on Drupal 10 and hosted on GovCMS, a platform tailored for Australian government entities. It integrates modern tools such as Google Tag Manager and ReadSpeaker for analytics and accessibility. The site demonstrates good mobile optimization, accessibility, and SEO practices. However, performance metrics are unavailable, and some technical debt is evident in the lack of a valid SSL certificate and disabled TLS protocols, which critically impact security posture. From a security perspective, the absence of a valid SSL certificate and TLS support is a significant vulnerability, exposing users to potential data interception and undermining trust. While security headers like X-Content-Type-Options and X-Frame-Options are correctly implemented, the lack of HTTPS and session security mechanisms lowers the overall security score. Privacy compliance is partial, with a comprehensive privacy policy present but no cookie consent mechanism despite the use of tracking scripts. Contact information is clearly provided, enhancing business credibility. Overall, the website is a high-quality government portal with excellent content and user experience but suffers from critical security shortcomings that must be addressed urgently to protect users and maintain trust. Strategic improvements in SSL/TLS deployment, privacy compliance, and security best practices are recommended to elevate the site's security posture and compliance standards.