Security Directory

P

panagenda

panagenda.com

0

panagenda is a technology company specializing in analysis and optimization of IT collaboration landscapes, focusing on Microsoft 365 and HCL Notes/Domino environments. Their offerings include software products like OfficeExpert TrueDEM and MarvelClient, alongside consulting and diagnostic services aimed at improving digital experience and reducing operational costs. The company targets IT professionals and enterprises seeking enhanced collaboration and user experience monitoring solutions. Technically, the website is built on WordPress with a modern tech stack including PHP 8, Apache, and various analytics and marketing tools. SEO and content quality are good, with structured data and comprehensive resource hubs. However, the security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which critically undermines secure communications. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

voestalpine BÖHLER Edelstahl GmbH & Co KG is a leading manufacturer of special high-performance steels serving advanced industrial sectors including aerospace, automotive, and oil & gas. The company operates a state-of-the-art steel plant with a focus on innovation, quality, and environmental standards. The website reflects a mature digital presence with multilingual support, detailed product and application information, and strong branding aligned with its parent company voestalpine AG. Technically, the site is built on WordPress with modern plugins for SEO, multilingual content, and user interaction. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

software4production GmbH is a specialized provider of innovative factory software solutions focused on Industry 4.0 and automation for medium-sized manufacturing enterprises. Their offerings include advanced manufacturing execution systems (MES), production planning and scheduling (PPS), and modules for data acquisition and intralogistics, all built on a robust Java/Jakarta IT architecture. The company holds a strong market position, evidenced by multiple industry awards and a comprehensive portfolio of services including consulting, training, and support. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, hosted on infrastructure associated with udag.de. While the site demonstrates good design and navigation, it lacks a valid SSL certificate and proper HTTPS implementation, which is a significant security concern. Performance metrics are not available, indicating potential areas for improvement in loading speed and optimization. From a security perspective, the absence of HTTPS and modern TLS protocols, along with missing advanced security features like OCSP stapling and session resumption, lowers the site's security posture. However, the presence of some security headers and a comprehensive privacy policy indicates a baseline commitment to security and compliance. Overall, the website is professional and trustworthy in content and business representation but requires urgent security enhancements to protect user data and improve trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and implementing cookie consent mechanisms to enhance privacy compliance.

Grammatix is a small-scale cultural and artistic photography website based in Germany, focusing on exhibitions, projects, and published books related to regions such as Nepal, Tibet, and Kashmir. The site is built on WordPress and uses common plugins like Yoast SEO and Flash Album Gallery to manage content and galleries. While the website offers good content quality and navigation, it lacks modern security measures such as HTTPS, exposing visitors to potential risks. Privacy compliance is minimal, with no visible privacy or cookie policies, and contact information is limited to a contact form without explicit emails or phone numbers. The domain registration is consistent and transparent, but the absence of domain protection locks is a minor security concern. Overall, the site is functional but requires significant improvements in security and privacy to meet modern standards.

A

Aldine ISD

aldineisd.org

0

Aldine ISD is a large, mature public school district based in Houston, Texas, providing a wide range of educational services and resources to students, parents, employees, and the community. The website is professionally designed with clear navigation, comprehensive content, and strong branding consistency. It serves as a central hub for district news, academic programs, employment opportunities, and community engagement. Technically, the site is built on WordPress with modern libraries and plugins, hosted on a reputable platform (WP Engine) and uses Cloudflare for CDN and caching. However, the absence of a valid SSL certificate and HTTPS support is a critical security concern that significantly impacts the site's security posture. Privacy compliance is basic, with a privacy policy present but no visible cookie consent mechanism. Overall, the site is trustworthy and authoritative but requires urgent security improvements.

M

Mayer & Co Beschläge GmbH

maco.at

0

Mayer & Co Beschläge GmbH operates the website maco.at, presenting itself as a leading manufacturer of window, door, and sliding door hardware, including intelligent sensor solutions for smart homes. The company targets B2B customers such as manufacturers and distributors, offering a comprehensive portfolio of products and digital services including partner portals and technical support. The website is professionally designed, multilingual, and rich in content, reflecting a mature digital presence. Technically, the site uses Kentico CMS, jQuery, and integrates Matomo analytics with a consent-based tracking approach, demonstrating a commitment to privacy compliance. However, a critical security gap exists as the maco.at domain lacks a valid SSL certificate and HTTPS support, exposing users to potential risks. The site includes comprehensive privacy and cookie policies, terms of service, and clear contact information, enhancing business credibility. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain compliance.

C

Consulting und Unternehmensberatung in Österreich - SHS

shs.at

0

SHS is a well-established consulting firm based in Austria, specializing in process consulting, change management, and organizational excellence. With over 28 years of experience, SHS serves leading companies domestically and internationally and holds a strong market position supported by multiple industry awards and recognitions. The website reflects a professional business model focused on delivering tailored consulting services to demanding clients. Technically, the website is built on WordPress with modern SEO and cookie consent tools, but lacks HTTPS encryption, which is a significant security concern. The absence of SSL/TLS undermines the security posture despite the presence of privacy policies and consent mechanisms. Overall, the site is content-rich and professionally presented but requires urgent security improvements to protect user data and enhance trust.

G

Grupo SM

grupo-sm.com

0

Grupo SM is a large international educational group with a strong presence in Spanish and Portuguese speaking countries. The company operates through multiple subsidiaries and foundations offering educational publishing and related services. The website is built on Drupal 7 and hosted behind Cloudflare, but lacks a valid SSL certificate, resulting in no HTTPS support. The site includes comprehensive privacy and cookie policies with consent mechanisms, reflecting good privacy compliance practices. Social media presence is active and consistent with the brand. However, the absence of direct contact information and security policies such as incident response or vulnerability disclosure reduces transparency. The overall security posture is weak due to missing SSL/TLS and modern security headers, which poses risks to user data confidentiality and trust. Performance metrics are not available, indicating potential issues with site speed or monitoring. Strategic improvements in security infrastructure and contact transparency are recommended to enhance trust and compliance.

S

Spoon

spoon.se

0

Spoon is a well-established Swedish communications agency specializing in strategic and creative marketing services including storytelling, video production, and social media management. The company has a mature market presence with over 26 years of operation and is part of a larger agency network, People People People, enhancing its regional reach. The website reflects a professional and modern digital presence built on WordPress, with good SEO and user experience design. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Cookie consent is managed effectively via Cookiebot, but no privacy policy or terms of service pages were found, indicating compliance gaps. Contact information is clearly provided, supporting business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 12 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

S

StepChange Consulting GmbH

stepchange.com

0

StepChange Consulting GmbH is a specialized management consultancy based in Austria, focusing on the forestry, wood, pulp, paper, packaging, and tissue industries. The company offers a broad range of consulting services including strategy development, operational improvements, turnaround management, mergers and acquisitions, supply chain transformation, and digitalization. Their market position is that of an independent, industry-focused consultancy with a strong emphasis on delivering measurable business results through an experienced international team. Technically, the website is built on the Tilda CMS platform, utilizing nginx as the web server and jQuery for client-side scripting. The site is mobile optimized with good navigation and professional design. However, performance metrics are not available, and accessibility features are basic. From a security perspective, the website lacks HTTPS, which is a critical vulnerability. No SSL/TLS certificate is installed, and no modern security headers beyond X-Frame-Options are present. There is no evidence of privacy or cookie policies, nor incident response or security policies published. This exposes users to risks and reduces trustworthiness. Overall, the website presents a professional business front but suffers from significant security and privacy compliance gaps. Immediate attention to SSL/TLS implementation and privacy policy publication is recommended to improve security posture and user trust.

The website for einstein.br, representing Hospital Israelita Albert Einstein, is currently inaccessible due to a Web Application Firewall (WAF) or security mechanism blocking access. The page returns an 'Access Denied' message with minimal HTML content, preventing extraction of meaningful metadata, business information, or contact details. The DNS configuration indicates the use of Akamai CDN services and multiple mail servers, consistent with a large healthcare organization in Brazil. However, the SSL/TLS configuration is severely lacking, with no valid certificate or modern TLS protocols enabled, exposing the site to security risks. Overall, the website's digital presence is hindered by these security and accessibility issues, limiting user trust and engagement.

The website rosendahlaustria.com currently returns an HTTP 404 Not Found error with no accessible content, indicating it is either inactive or under construction. The domain is registered with valid DNS A and MX records, but no SSL certificate is installed, and the site is served over unencrypted HTTP. There are no privacy, cookie, or terms of service policies, nor any contact or business information available on the site. Technically, the site uses Microsoft-HTTPAPI/2.0 as the server software but lacks modern web technologies or frameworks. Security posture is poor due to the absence of HTTPS, security headers, and other best practices. Overall, the site has very low trustworthiness and business credibility due to lack of content and security features.

R

Roland Spedition GmbH

rolsped.com

0

Roland Spedition GmbH is a well-established Austrian logistics company specializing in combined rail and intermodal transport services. With over 26 years of domain presence, the company positions itself as a leader in hinterland traffic within Austria, offering a comprehensive range of services including operating, trucking, intermodal solutions, and additional services such as customs clearance and hazardous goods transport. The website content is professionally presented in German, targeting businesses requiring efficient and climate-friendly freight transport solutions. Technically, the site is built on WordPress with common industry-standard libraries and plugins, but suffers from a lack of proper SSL/TLS configuration, which significantly impacts its security posture. The company maintains clear contact information and implements cookie consent mechanisms, reflecting basic GDPR compliance. However, no explicit security or incident response policies are published, and no vulnerability disclosure or security.txt files are found.

H

Hotel Pfefferkorn

pfefferkorns.net

0

Hotel Pfefferkorn is a luxury hospitality provider located in Lech am Arlberg, Austria, offering premium accommodations, wellness, and dining experiences. The business is well positioned in the alpine tourism market with recognized culinary certifications such as Michelin, Falstaff, and Gault Millau. The website is professionally designed using WordPress with multilingual support and SEO optimization. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. Cookie consent mechanisms and a comprehensive privacy policy demonstrate good privacy compliance. Contact information is clearly presented, supporting business credibility. Overall, the site reflects a mature hospitality business with room for improvement in security infrastructure.

S

Scheer IMC

im-c.com

0

Scheer IMC is a well-established enterprise learning company specializing in scalable LMS solutions, automated eLearning content creation, and custom learning experiences. The company serves large global brands and has a strong market position supported by extensive client references and industry awards. Technically, the website is built on WordPress and uses modern JavaScript libraries and Cloudflare CDN for hosting and performance. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines trust and exposes users to risks. Privacy compliance is well addressed with Cookiebot and a comprehensive privacy policy. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements.

B

Bohmann Druck und Verlag GmbH

bohmann.at

0

Bohmann Druck und Verlag GmbH is a well-established Austrian media company with an 80-year history, specializing in official and municipal publications such as the Amtsblatt der Stadt Wien and the Österreichische Gemeinde Zeitung. The company targets municipal decision makers and businesses, positioning itself as one of Austria's largest private communication firms. Their business model centers on publishing and communication services with a medium-sized operational scale. Technically, the website is built on an Apache server, likely using TYPO3 CMS with Bootstrap and jQuery for frontend components. Hosting is provided by A1 Telekom Austria. The site includes Google Fonts and uses Matomo and Google Analytics for visitor tracking, with a cookie consent mechanism in place. However, performance metrics are unavailable, and mobile optimization is basic. From a security perspective, the website lacks HTTPS, which is a critical vulnerability. No SSL certificate is installed, and no modern security headers are present. While no known SSL vulnerabilities or exposed sensitive data were detected, the absence of HTTPS severely impacts the security posture. Privacy and cookie policies exist and appear GDPR compliant, but no incident response or security policies are publicly disclosed. Overall, the website is functional with good content relevance and moderate trustworthiness but requires urgent security improvements, especially the implementation of HTTPS and enhanced security headers, to protect user data and improve compliance.

W

Wenatex Das Schlafsystem GmbH

wenatex.com

0

Wenatex Das Schlafsystem GmbH is a medium-sized Austrian company specializing in ergonomic sleep systems, including mattresses, slatted frames, pillows, and bedding accessories. With over 30 years of experience, the company emphasizes quality, innovation, and personalized customer consultation, positioning itself as a trusted brand in the sleep product retail and manufacturing sector. The website reflects a mature digital presence with modern technologies such as Nuxt.js and AWS hosting, providing a rich user experience with multimedia content and clear navigation. However, the absence of a valid SSL certificate significantly undermines the security posture, exposing users to potential risks. While privacy and cookie policies are present and GDPR compliant, the lack of explicit security policies and incident response information suggests room for improvement in security governance. Overall, the website is professional and trustworthy but requires urgent security enhancements to protect user data and maintain credibility.

Titan Machinery is a large, established full-service dealer specializing in agriculture and construction equipment, operating over 100 dealerships across multiple countries. The company offers new and used equipment sales, rentals, parts, service, and financing solutions, representing major CNH Industrial brands. The website is professionally designed using modern technologies such as ASP.NET and Vue.js, hosted behind Cloudflare for performance and security. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, exposing users to potential risks. Privacy and cookie policies are present but basic, and no direct contact information is visible on the homepage. Social media presence is strong, supporting brand trust. The domain is mature and well-protected, indicating a legitimate business. Overall, the website demonstrates good business credibility and technical implementation but requires urgent security improvements.

F

Fellner Wratzfeld & Partner Rechtsanwälte GmbH

fwp.at

0

Fellner Wratzfeld & Partner Rechtsanwälte GmbH is a leading Austrian law firm with over 130 highly qualified professionals. The firm offers a broad range of legal services including corporate law, banking and finance, compliance, ESG, real estate, and dispute resolution. It holds a strong market position supported by multiple industry awards and recognitions such as EMEA Top Tier Firm 2025 and IFLR1000 2024. The website is professionally designed, content-rich, and targets businesses and individuals seeking legal expertise in Austria and related sectors. Technically, the site runs on an Apache Ubuntu server with Bootstrap and Google Tag Manager integration, but suffers from slow performance and lacks a valid SSL certificate, which impacts its security posture. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. The security posture is basic, with no HTTPS enabled and missing key security headers, exposing the site to potential risks. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS configuration and security best practices to enhance user trust and data protection.

A

Agentur XY GmbH

xy.de

0

Agentur XY GmbH is a creative agency and production house based in Berlin, Germany, founded in 2018. The company specializes in delivering bold advertising campaigns and production services for global brands, including notable clients such as Netflix, Stepstone, and Playmobil. The website reflects a professional and consistent brand image with rich multimedia content and active social media presence. Technically, the site is built on WordPress with modern libraries and SEO optimizations, but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are partially implemented, but the absence of TLS protocols and domain security features like DNSSEC and DMARC reduce the overall security posture. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or detailed GDPR compliance indicators. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

V

Vienna House: Home

vi-hotels.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 27 security findings identified across all modules.

GE Vernova is a leading global energy technology company focused on accelerating the transition to reliable, affordable, and sustainable energy. The company offers a broad portfolio of energy generation and electrification technologies including gas, hydro, nuclear, steam power, wind power, and advanced electrification software and services. Their market position is strong, supported by a large global workforce and extensive technology base that contributes significantly to global electricity generation. The website reflects a professional and comprehensive digital presence with detailed business, investor, and sustainability information targeted at industry stakeholders, investors, partners, and potential employees. Technically, the site is built on Drupal 10, uses Cloudflare CDN, and integrates modern analytics and marketing tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS enforcement, which significantly impacts the security posture. Privacy and cookie policies are present and appear compliant with GDPR standards. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

Advance International Media Limited operates as a media planning and advertising agency focused on placing brands across influential media titles internationally. The company offers services including digital planning and advertising, programmatic advertising, content marketing, and print advertising. Their market position is that of a small, specialized media agency with a presence primarily in the UK and partnerships across Europe. The website content is professionally presented with good navigation and relevant business information targeting brands and advertisers seeking international media exposure. Technically, the website is built on WordPress using common libraries such as jQuery and Slick Carousel, hosted on 1&1 IONOS DNS infrastructure. However, the site lacks HTTPS, which is a critical security shortfall. Security headers are minimal and no advanced security policies or incident response contacts are disclosed. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Overall, the website demonstrates moderate business credibility but requires significant improvements in security and privacy compliance to meet modern standards.

Meusburger Georg GmbH & Co KG is a market leader in manufacturing high-precision standard parts, serving global customers in mould, die, and jig & fixture construction. The company offers a comprehensive product portfolio including standard parts, workshop equipment, hot runner systems, and control systems. Their website reflects a mature digital presence with extensive product categorization and multi-language support. However, the absence of a valid SSL/TLS certificate significantly impacts the security posture, exposing users to potential risks. Security headers are well configured, but the lack of HTTPS is a critical vulnerability. Privacy compliance is moderate with a privacy policy present but no visible cookie consent mechanism. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

T

Tyromotion GmbH

tyromotion.com

0

Tyromotion GmbH is a medium-sized Austrian company specializing in the development and manufacture of advanced technology-driven rehabilitation and therapy devices, targeting healthcare professionals and patients globally. The company holds a strong market position as a leading innovator in robotic-assisted rehabilitation solutions and patient management software. Their website reflects a professional and comprehensive digital presence, showcasing detailed product information, customer references, and active engagement through social media and newsletters. Technically, the site is built on WordPress with modern SEO and multilingual support, but suffers from slow performance and lacks a valid SSL certificate, which critically impacts security and user trust. Security headers are partially implemented, but the absence of HTTPS and TLS protocols is a significant vulnerability. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and maintain trust.

A

Activision Publishing

treyarch.com

0

Treyarch.com is the official website of Treyarch Studios, a renowned video game developer known for the Call of Duty Black Ops series. The site is professionally designed, targeting gamers and industry professionals, and showcases the company's history, culture, and game portfolio. It operates under the parent company Activision Publishing, reflecting a strong market position in the gaming industry. Technically, the site uses Adobe Experience Manager CMS, hosted via Akamai, and integrates modern marketing and analytics tools such as Google Tag Manager and Adobe Launch. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical issue for user trust and data protection. Privacy and cookie policies are comprehensive and GDPR compliant, linked through the parent company domain. Overall, the site is content-rich and trustworthy but requires urgent security improvements.

E

easybank

easybank.at

0

easybank is a leading direct bank in Austria, offering a comprehensive range of financial services including personal and business accounts, loans, credit cards, savings, and investment products. The website reflects a mature digital presence with a focus on user experience, mobile optimization, and clear navigation. The business is well-positioned in the Austrian banking sector, supported by its parent company BAWAG Group and subsidiaries such as easyleasing.at. Technically, the site uses CoreMedia CMS and integrates modern marketing and analytics tools like Adobe and Google Tag Manager, alongside a consent management platform for privacy compliance. However, the website suffers from a critical security deficiency: it lacks a valid SSL certificate and does not support HTTPS, exposing users to significant risks. Security headers and modern TLS protocols are also absent, which undermines the overall security posture. Privacy policies and cookie consent mechanisms are well implemented, indicating good compliance with GDPR. Overall, while the business and content quality are excellent, the security shortcomings significantly impact the risk profile and trustworthiness of the site.

G

GE HealthCare

gehealthcare.com

0

GE HealthCare is a leading enterprise in the healthcare technology sector, specializing in precision health solutions including imaging systems, ultrasound, patient care, pharmaceutical imaging agents, and digital healthcare solutions. The company targets healthcare providers and clinicians, offering integrated technologies to improve patient outcomes and operational efficiency. The website reflects a mature, well-established business with a strong market position and comprehensive service offerings. Technically, the website is built on a modern stack including React and Sitecore CMS, with extensive use of analytics and marketing tools such as Google Tag Manager, Adobe Marketing Cloud, and New Relic. The site is well-optimized for mobile and accessibility, though performance is moderate due to large page size and resource count. Security posture is a concern due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical issue. Other security best practices like HSTS and OCSP stapling are also missing. The domain is mature and registered consistently with the business claims, enhancing trustworthiness. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing HTTPS, enabling modern TLS protocols, and improving security headers and mechanisms.

A

AFFiRiS AG

affiris.com

0

AFFiRiS AG is a clinical-stage biopharmaceutical company based in Austria, specializing in the development of novel immunotherapies for chronic diseases such as neurodegenerative disorders and hypercholesterolemia. The company leverages its proprietary AFFITOME® technology to create Specific Active ImmunoTherapies (SAIT) aimed at improving patient outcomes beyond current treatment options. The website presents a professional and well-structured digital presence targeting patients, investors, and healthcare professionals, with clear business and contact information. However, the absence of a valid SSL certificate and HTTPS implementation represents a significant security risk that undermines user trust and data protection. The site uses WordPress CMS with common plugins and libraries, but performance metrics indicate slow loading times, suggesting room for technical optimization. Privacy compliance is addressed through a cookie consent banner and a privacy policy, though terms of service and explicit security policies are not evident. Overall, AFFiRiS demonstrates a credible business profile with a need to urgently improve its security posture to protect visitors and comply with best practices.

B

Bauer Media Group

bauermedia.co.uk

0

Bauer Media Group is a well-established UK-based media company operating across multiple sectors including audio broadcasting, publishing, and advertising services. The company targets a broad UK adult audience and maintains a strong market position with a portfolio of iconic brands. The website reflects a mature digital presence with comprehensive content, structured data, and good SEO practices. However, the technical infrastructure shows critical security gaps, notably the absence of a valid SSL/TLS certificate and lack of HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed through external policies and a consent management platform. Overall, the business credibility is strong, but the security weaknesses pose risks that should be urgently addressed.

V

Vienna Insurance Group

vig.com

0

Vienna Insurance Group (VIG) is a leading insurance group in Central and Eastern Europe, operating through over 50 insurance companies and pension funds across 30 countries with approximately 30,000 employees. The website reflects a mature, enterprise-level business with a strong market position and comprehensive service offerings in insurance and reinsurance. The digital infrastructure is modern, leveraging JavaScript frameworks and a CMS (Umbraco), with good content quality and user experience. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which is a critical vulnerability for a financial services website. Privacy and cookie policies are well implemented and GDPR compliant, supporting regulatory adherence. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure communications.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

B

biocrates life sciences ag

biocrates.com

0

biocrates life sciences ag is a well-established company specializing in quantitative metabolomics kits and services, serving a global scientific and research audience. Their offerings include metabolomics phenotyping, data analysis, pathway analysis, and multiomics data services, supported by a strong community and certified laboratories. The website is professionally designed with comprehensive content and clear navigation, targeting researchers and institutions in healthcare and biotechnology sectors. Technically, the site runs on WordPress with the Divi theme and integrates modern analytics and cookie consent tools, but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility is high, supported by consistent WHOIS data and trust indicators such as testimonials and certifications. Strategic improvements in SSL deployment and security hardening are recommended to enhance trust and compliance.

A

Attention Required! | Cloudflare

kiska.com

0

The website kiska.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking the visitor. The accessible content is limited to a Cloudflare challenge page indicating that the visitor has been blocked due to triggering security rules. As a result, no business content, metadata, or contact information is available for analysis. The DNS records show that the domain uses Cloudflare for DNS and mail services, but the SSL/TLS configuration is invalid or missing, resulting in no HTTPS support. This significantly impacts the security posture and trustworthiness of the site. Overall, the site lacks visible privacy, cookie, or terms of service policies, and no forms or business contact details are present. The site’s technical infrastructure relies heavily on Cloudflare, but the current blocking status prevents a full assessment of the business or technical maturity.

E

Ethical Workforce

ethicalworkforce.co.uk

0

Ethical Workforce is a specialist hospitality recruitment agency based in London, offering permanent and temporary staffing solutions with an international reach. The company targets both employers seeking hospitality staff and jobseekers looking for roles in the hospitality sector. Their website presents a professional image with clear service offerings and client testimonials from notable hospitality figures, positioning them as a trusted niche player in the recruitment market. Technically, the website is built on WordPress using PHP 7.4 and Apache, with common plugins such as Yoast SEO and WPBakery Page Builder. Google Tag Manager is used for analytics and marketing tracking. The site is mobile optimized and SEO friendly, but lacks performance metrics data. The hosting provider is not explicitly identified but uses hdodns.com nameservers. From a security perspective, the site has critical weaknesses: it does not have an SSL/TLS certificate installed, serving content over HTTP only, which severely impacts user trust and data security. No modern TLS protocols or security headers are present. Cookie consent is implemented, but no privacy policy or terms of service pages were found, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires urgent security improvements, especially implementing HTTPS and enhancing privacy compliance. Strategic recommendations include obtaining a valid SSL certificate, adding comprehensive privacy and terms pages, and improving security headers to protect users and build trust.

O

Ojo de Pez

ojodepez.com.py

0

Ojo de Pez is a Paraguayan advertising agency specializing in creative, digital, and media services, with a 20-year history in the industry. The company targets businesses seeking to strengthen their brand identity and communication strategies. The website reflects a professional and consistent brand image with good content quality and user experience. However, the technical infrastructure shows significant gaps, notably the absence of HTTPS and a valid SSL certificate, which critically undermines security and user trust. The site uses common marketing and analytics tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight Tag, but lacks visible cookie consent mechanisms and privacy policies, raising compliance concerns. Overall, the business appears legitimate and established, but the digital security posture requires urgent improvement.

Z

ZETA

zeta.com

0

ZETA is a large, established engineering and consulting company specializing in the pharmaceutical and biotech industries. They provide comprehensive services including process engineering, automation, food engineering, lifecycle management, and digitalization solutions. The company operates globally with multiple locations and a strong market presence in Austria and beyond. Their website reflects a professional and content-rich digital presence targeting industry clients seeking advanced technological solutions. Technically, the website is built on the Contao CMS platform, served by Apache, and uses common web technologies such as jQuery and Google Tag Manager. While the site is well-structured and optimized for mobile devices, performance metrics indicate slow loading times, and accessibility features are basic. SEO practices are good with proper meta tags and Open Graph data. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability. Security headers are partially implemented, but important features like HSTS, OCSP stapling, and session resumption are missing. The extensive use of tracking and marketing tools is managed with a clear cookie consent mechanism, indicating good privacy compliance. Overall, the website presents a trustworthy and professional business front but requires urgent improvements in SSL/TLS security to protect user data and enhance trust. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include immediate SSL certificate installation, enabling modern security protocols, and enhancing security headers to meet industry best practices.

T

TD SYNNEX Corporation

techdata.com

0

TD SYNNEX Corporation operates as a leading global technology distributor and solutions aggregator, serving a broad ecosystem of technology partners, vendors, and customers. The company offers a wide range of services including technology solutions, business services, digital platforms, and technology education, positioning itself as a central player in the IT distribution market. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its enterprise audience. Technically, the site is built on WordPress with Visual Composer and uses modern web technologies; however, performance is moderate and accessibility features are basic. Security posture is currently weak due to the absence of a valid SSL certificate and disabled TLS protocols, exposing the site to potential risks. Privacy and cookie policies are well implemented, indicating good compliance with GDPR and related regulations. Overall, the site demonstrates high business credibility but requires urgent security improvements to protect user data and maintain trust.

Takeda Pharmaceutical Company Limited is a leading global biopharmaceutical company headquartered in Japan, focused on research, development, and commercialization of innovative medicines across multiple therapeutic areas including oncology, rare diseases, neuroscience, and vaccines. The website serves a diverse audience including patients, healthcare professionals, investors, and job seekers, offering comprehensive corporate, scientific, and investor information. Technically, the site is built on modern frameworks such as Next.js and hosted on Vercel with Cloudflare CDN, ensuring good performance and mobile optimization. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, which severely impacts the site's security posture. Privacy and cookie policies are well implemented with consent mechanisms, and the site demonstrates good compliance with GDPR. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

The website for Stora Enso is currently inaccessible due to a Cloudflare firewall block, presenting a minimal page indicating the user has been blocked by the firewall. This prevents access to any substantive business content, policies, or contact information. The domain is mature and registered with strong protections, indicating a legitimate and established business presence. However, the lack of a valid SSL certificate and HTTPS support on the site is a critical security deficiency. The technical infrastructure relies on Cloudflare for security and hosting, but the SSL configuration is incomplete or invalid, which severely impacts the security posture. Overall, the site is not currently usable for end users, and the lack of visible privacy or cookie policies further reduces compliance and trust. Strategic recommendations include resolving SSL issues, improving content accessibility, and publishing comprehensive privacy and security policies.

T

TD Canada Trust

td.com

0

TD Canada Trust is a leading North American financial institution offering a broad range of banking and investment services to personal, small business, and commercial clients. The website reflects a mature digital presence with comprehensive content on corporate values, sustainability, innovation, and customer care. The technical infrastructure is built on Adobe Experience Manager and supported by major third-party services for analytics and marketing. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses significant risks to user data confidentiality and trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements.

B

BrandSourcery GmbH

adpl-solutions.at

0

BrandSourcery GmbH is a Vienna-based production agency specializing in below-the-line marketing materials and services. Their offerings include visual merchandising, promotional items, marketing logistics, print management, and digital solutions, targeting businesses seeking comprehensive marketing support. The website is built on WordPress with a range of plugins supporting multilingual content, marketing, and GDPR compliance. However, the absence of a valid SSL certificate and HTTPS implementation represents a significant security risk. While privacy and cookie policies are comprehensive and GDPR compliant, the lack of HTTPS undermines user trust and data security. The site is accessible without WAF or security challenges, but performance data suggests potential slowness. Contact information is complete and professional, supporting business credibility.

The domain hallocards.co.uk currently hosts no active website content and instead displays a default 'Site Not Found' placeholder page provided by DreamHost. There is no visible business information, contact details, or any form of user engagement mechanisms. The domain is registered and uses DreamHost nameservers with Google MX for email, indicating basic domain setup but no active business presence. Technically, the site is served over HTTP without SSL/TLS encryption, which is a critical security deficiency. No modern web technologies, analytics, or security headers are implemented, reflecting a minimal digital maturity level. The absence of privacy, cookie, or terms of service policies further indicates a lack of compliance with data protection regulations. Overall, the security posture is weak due to missing HTTPS and lack of security best practices. The domain registration appears legitimate but the lack of content and security measures poses a high risk for trust and credibility. Strategic recommendations include installing a valid SSL certificate, publishing actual website content, implementing security headers, enabling DNSSEC and CAA, and establishing privacy and cookie policies to improve compliance and user trust.

S

Strom und Gas für Düsseldorf und NRW | Stadtwerke Düsseldorf

swd-ag.de

0

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 29 security findings identified across all modules.

J

JOANNEUM RESEARCH Forschungsgesellschaft mbH

joanneum.at

0

JOANNEUM RESEARCH Forschungsgesellschaft mbH is a leading Austrian research institution specializing in applied research and technology development across multiple sectors including healthcare, digital technologies, robotics, and environmental sciences. The organization serves industry, government, and research partners with innovative solutions and maintains a strong market position supported by international collaborations and a large workforce. The website reflects a mature digital presence with comprehensive content and professional design, targeting stakeholders in research and industry. Technically, the site is built on WordPress with Elementor and uses modern web technologies, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are well implemented, indicating good GDPR compliance. However, the absence of explicit security policies and incident response information suggests room for improvement in security governance. Overall, the site is trustworthy and professional but requires urgent security enhancements to protect user data and improve trust.

W

WIG Wietersdorfer Holding GmbH

wietersdorfer.com

0

WIG Wietersdorfer Holding GmbH is a large, family-owned industrial enterprise based in Austria with a 125-year history. The company operates internationally with subsidiaries in multiple countries, focusing on sectors such as cement, lime, GFK and PP pipe systems, and industrial minerals. Their business model is centered on manufacturing and global distribution, targeting industrial and construction markets. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support. Technically, the site is built on WordPress with the Avada theme and uses common plugins for forms, multilingual content, and cookie management. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocols, which is a critical issue that needs immediate remediation. Privacy compliance is well addressed with comprehensive policies and a robust cookie consent mechanism. Overall, the site demonstrates good business credibility and digital maturity but requires urgent security improvements to protect user data and maintain trust.

A

Air Liquide

airliquide.com

0

Air Liquide is a global leader in gases, technologies, and services for industry and healthcare, operating in 60 countries with a large workforce and millions of customers. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding. However, the technical security posture is weak due to an invalid SSL certificate and disabled TLS protocols, which poses significant risks to user trust and data security. Privacy and cookie policies are well implemented and GDPR compliant, supporting regulatory adherence. The absence of direct contact information and vulnerability disclosure policies suggests areas for improvement in transparency and incident response readiness. Overall, the domain registration data aligns well with the business claims, indicating high legitimacy.

W

Wüstenrot

wuestenrot.at

0

Wüstenrot is a well-established Austrian financial services provider with a 100-year history, offering integrated banking, insurance, and savings products. The website reflects a mature digital presence with professional design, comprehensive content, and clear navigation tailored to private customers in Austria. Technically, the site is built on Adobe Experience Manager and uses modern web technologies and analytics tools. However, a critical security gap exists due to the absence of a valid SSL certificate and enabled TLS protocols, exposing users to potential risks. Privacy compliance is strong with GDPR-aligned cookie consent and detailed privacy policies. Overall, the business is credible and trustworthy, but urgent security improvements are needed to protect user data and maintain trust.