Security Directory

I

IOSBET

shelfsailor.com

0

The website shelfsailor.com operates as an online slot gaming platform branded as IOSBET, targeting the Indonesian market. It offers online slot games with a system designed to increase winning chances daily. The site positions itself as a new entrant in the online gaming sector with a focus on Indonesian users, leveraging affiliate partnerships with established e-commerce platforms like Lazada. The business model revolves around online gaming services with promotional and affiliate marketing components. Technically, the site employs modern JavaScript frameworks including React and uses extensive tracking and analytics tools from Alibaba's ecosystem, indicating a moderate level of digital maturity. However, the site suffers from slow performance due to large page size and numerous resources, and it lacks mobile optimization and accessibility features. Security-wise, the absence of HTTPS and security headers significantly weakens its posture, exposing users to potential risks. No privacy or cookie policies are present, and contact information is missing, which raises compliance and trust concerns. Overall, the site is accessible without WAF or security challenges but requires urgent improvements in security, privacy compliance, and performance to enhance user trust and operational integrity.

L

Lakeside Labs GmbH

lakeside-labs.com

0

Lakeside Labs GmbH operates as a research and innovation hub specializing in self-organizing networked systems. The organization targets researchers, technology innovators, and academic-industry partners, offering research projects, publications, and collaborative partnerships. The website reflects a medium-sized technology entity based in Austria with a professional online presence and consistent branding. Technically, the site is built on WordPress with common plugins and libraries, but suffers from slow performance and basic mobile optimization. Security posture is weak due to the absence of a valid SSL certificate and missing DNS records, which undermines trust and exposes the site to potential risks. Privacy compliance is minimal, lacking cookie consent and comprehensive GDPR indicators. Overall, the site is functional but requires significant improvements in security and compliance to enhance trustworthiness and protect user data.

C

Christof Group

christof-group.at

0

Christof Group is a large, family-owned industrial group specializing in critical process equipment manufacturing and plant engineering services, operating across Austria, Germany, and Slovenia. The company is positioned as a world leader in its sector with a strong portfolio of subsidiaries and a history of over 150 years in the industry. The website reflects a professional B2B business model targeting industrial clients in energy, petrochemical, and pharmaceutical sectors. Technically, the site is built on WordPress with modern SEO and multilingual capabilities but lacks HTTPS, which is a significant security shortfall. The security posture is weak due to the absence of SSL/TLS encryption and limited security headers, exposing the site to potential risks. Privacy compliance is addressed with a cookie consent mechanism and privacy policy, but incident response and security policies are missing. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

S

SPAR International

spar-international.com

0

SPAR International is a well-established global voluntary food retail group founded in 1932, operating over 13,900 stores across 48 countries. The business model focuses on licensed wholesalers and retailers working in partnership to deliver diverse store formats and retail solutions. The website reflects a mature digital presence with comprehensive content, clear navigation, and a focus on partner engagement and responsible retailing. Technically, the site is built on WordPress with common plugins and libraries, but suffers from significant security shortcomings including lack of a valid SSL certificate and DNS configuration issues. Privacy compliance is well addressed through Cookiebot consent management and a comprehensive privacy policy. However, the absence of HTTPS and security headers poses risks to user data and trust. Overall, the site is professional and content-rich but requires urgent security improvements to align with best practices and user expectations.

K

Kering Eyewear S.p.A.

keringeyewear.com

0

Kering Eyewear S.p.A. is a prominent luxury eyewear company operating under the global Kering Group umbrella. Established in 2014 and headquartered in Italy, it designs, develops, and distributes eyewear for a portfolio of 14 prestigious brands, including proprietary and licensed luxury houses. The company positions itself as a market leader in the luxury eyewear segment, targeting discerning consumers and industry partners. The website reflects a high level of professionalism with rich multimedia content, clear navigation, and consistent branding across multiple languages and regions. Technically, the site leverages modern JavaScript libraries, Google Tag Manager for analytics, and OneTrust for cookie consent, hosted on Microsoft Azure infrastructure. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy and cookie policies are well implemented, indicating good GDPR compliance. Contact information is available, though no phone numbers are explicitly provided. Overall, the site demonstrates strong business credibility but requires urgent security improvements to meet modern standards.

N

Nederman Holding AB

nederman.com

0

Nederman Holding AB is a well-established global leader in industrial air filtration and environmental technology, with a history dating back to 1944. The company offers a comprehensive range of products and services focused on protecting people, the environment, and production processes from harmful industrial emissions. Their market position is strong, supported by multiple subsidiaries and a broad product portfolio including dust and fume extraction systems and connected IIoT solutions. Technically, the website is built on a modern stack including Bootstrap, jQuery, and Sitecore CMS, hosted via Cloudflare, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Privacy compliance is partially addressed through OneTrust cookie consent, but no explicit GDPR or security policies are found. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

M

MCR

morse.com

0

MCR is a well-established and large hotel management and ownership company, recognized as the third largest hotel owner-operator in the United States. The company operates a diverse portfolio of hotels across multiple states and brands, with a strong reputation supported by numerous industry awards and recognitions. The website reflects a mature business with a professional online presence, targeting investors, partners, and hospitality professionals. Technically, the website is built on WordPress with a modern tech stack including jQuery and Google Maps integration, but suffers from a lack of HTTPS due to an invalid or missing SSL certificate, which significantly impacts its security posture. Security headers are well implemented, but the absence of SSL and modern TLS protocols is a critical vulnerability. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of use, but the lack of a cookie consent mechanism is a gap. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

A

ASSA ABLOY Group - global leader in access solutions | ASSA ABLOY

assaabloy.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 19 security findings identified across all modules.

P

Peak Technology

peaktechnology.at

0

Peak Technology is a specialized engineering company focused on manufacturing bespoke carbon fibre components and high pressure vessels primarily for the space and motorsport industries. The company positions itself as a trusted partner with over 15 years of motorsport championship involvement and expertise in space mission components. Their business model is B2B, providing high-tech composite solutions with certifications such as ISO 9001 and EN 9100 that underline their quality management commitment. The website is professionally designed using WordPress with modern SEO practices and structured data, targeting industry professionals and partners. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines trust and data protection. The site lacks a cookie consent mechanism despite setting cookies, and no incident response or vulnerability disclosure policies are visible. Overall, the technical infrastructure is moderate with room for improvement in security and privacy compliance. Strategic recommendations include immediate SSL deployment, enhanced security headers, and formalized security policies to improve the security posture and trustworthiness of the digital presence.

A

Algonquin Orthodontics

algonquinorthodontics.com

0

Algonquin Orthodontics is a specialized orthodontic practice located in Lake in the Hills, Illinois, led by Dr. Amer Shammaa. The practice offers a range of orthodontic services including metal braces, clear braces, and Invisalign® clear aligners, targeting patients of all ages in the local McHenry County area. The website presents a professional and user-friendly interface with clear navigation and relevant content aimed at educating and attracting patients. Technically, the site is built on a Symfony PHP framework hosted on AWS infrastructure, utilizing modern web fonts and iconography, and integrates Google Tag Manager for analytics. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Security headers are minimal, and privacy compliance is poor due to the absence of privacy and cookie policies. The WHOIS data aligns with the business claims, indicating a legitimate small healthcare business. Overall, while the business and content quality are good, the security posture and privacy compliance require urgent improvements to enhance trust and protect user data.

S

SEEBURGER: Integrate your business in any cloud

seeburger.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 23 security findings identified across all modules.

P

pluradent-austria.at

pluradent-austria.at

0

The website pluradent-austria.at operates as an affiliate media platform specializing in online casino reviews and rankings targeted at Austrian players. It provides comprehensive content on casino options, bonuses, payment methods, legal considerations, and responsible gambling. The site is hosted behind Cloudflare and uses modern JavaScript libraries like Swiper.js for UI components. However, the site lacks a valid SSL certificate, resulting in no secure HTTPS connection, which significantly impacts its security posture. Security headers are present but cannot compensate for the missing SSL. Privacy compliance is poor due to the absence of privacy and cookie policies, and no contact information is provided, limiting business credibility. Overall, the site offers good content quality and moderate professionalism but requires urgent improvements in security and privacy to enhance trust and compliance.

Chiesi Farmaceutici S.p.A is a well-established global pharmaceutical company headquartered in Italy, recognized among the top 50 pharmaceutical companies worldwide. The company specializes in respiratory, neonatology, and rare diseases with over 80 years of experience. Their business model focuses on pharmaceutical research, development, manufacturing, and global partnerships, supported by a broad network of subsidiaries across multiple countries. The website reflects a professional corporate presence with comprehensive content targeting healthcare professionals, patients, and partners. Technically, the site uses a PHP backend with various JavaScript libraries and analytics tools, hosted on Azure DNS infrastructure. However, the absence of a valid SSL certificate and lack of HTTPS significantly undermine the security posture. Security headers are implemented but cannot compensate for the missing encryption. Privacy and cookie policies are present with consent mechanisms, indicating good compliance practices. The WHOIS data confirms domain legitimacy and consistency with the company's profile. Overall, the site is functional and professional but requires urgent improvements in SSL/TLS configuration to ensure secure communications.

G

Geiger.com

geiger.com

0

Geiger.com is a large, family-owned US-based distributor specializing in promotional products, corporate gifts, and imprinted apparel. The company positions itself as the largest family-owned promotional product distributor in the US, serving a broad business audience with a comprehensive product catalog and services including custom products, kitting, corporate programs, and expos. The website reflects a mature digital presence with extensive product categories, client brand logos, and active social media engagement. Technically, the website uses modern JavaScript frameworks such as Vue.js and Bootstrap 5, hosted likely on AWS infrastructure. Marketing and analytics tools include Google Tag Manager, Google Analytics, Osano CMP for consent management, Filestack for file handling, and Searchspring for search functionality. The site is mobile-optimized and accessible with good SEO practices, though performance metrics indicate slow loading. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. While some security headers are present, key TLS protocols and best practices like HSTS, OCSP stapling, and session resumption are not enabled. No incident response or vulnerability disclosure policies are found. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professionally designed and credible from a business standpoint but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include immediate SSL/TLS deployment, enabling modern security headers and protocols, implementing cookie consent, and publishing incident response information.

L

LVA GmbH

lva-gmbh.at

0

LVA GmbH is a well-established Austrian company specializing in food safety, quality control, certification, and training services primarily targeting the food, cosmetics, pharmaceutical, and supplement industries. Founded in 1926, it holds a strong market position as a leading competence center in the Central and Eastern European region, serving clients in over 80 countries. The company offers a comprehensive portfolio including laboratory analyses, expert assessments, inspections, research, and educational seminars. Technically, the website is built on WordPress with modern SEO and cookie consent tools, but lacks a valid SSL certificate, which impacts security and user trust. The security posture is basic with no HTTPS, no HSTS, and missing advanced security headers, exposing the site to potential risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional and content-rich but requires urgent security improvements to align with best practices.

D

DIG GmbH

dig.at

0

DIG GmbH is a medium-sized Austrian company specializing in digital spend management solutions across Source2Pay, Finance, and Supply Chain sectors. As part of the Proalpha Group, DIG offers ERP-independent software and consulting services targeting enterprises seeking to optimize procurement and financial processes. The website demonstrates a professional and consistent brand presence with comprehensive content, customer testimonials, and references from reputable clients. Technically, the site is built on the HubSpot CMS platform, utilizing modern marketing and analytics tools such as HubSpot Analytics, Google Tag Manager, and Cookiebot for consent management. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Performance is also suboptimal with a high load time and resource count. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is credible and well-positioned in its market but requires urgent security improvements.

sprungbrett.at is an Austrian job platform focused on connecting job seekers with employment opportunities primarily in commercial and technical sectors. The website offers job listings, initiative application options, and personnel search services for companies. It targets job seekers in Austria and positions itself as a regional recruitment service with a professional and user-friendly interface. Technically, the site uses a Contao CMS backend with PHP 7.4 and nginx server, integrating common web technologies such as jQuery, Google Analytics, Google Maps API, and ShareThis for social sharing. However, the site lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts its security posture. Security headers are present but undermined by the absence of HTTPS. Privacy compliance is weak, with no visible privacy or cookie policies. Contact information is clearly provided, including email, phone, and physical address, enhancing business credibility. Overall, the site is functional and professional but requires urgent security and compliance improvements.

The website iiasacat.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page that blocks direct content access. This prevents any meaningful extraction of business, contact, or policy information. The domain is registered and uses Cloudflare for DNS and security services, but lacks a valid SSL certificate, which is a critical security deficiency. The absence of visible content, metadata, or structured data indicates the site is either under protection or not publicly available. Consequently, the technical infrastructure appears to rely heavily on Cloudflare's security platform, but the lack of HTTPS and content accessibility severely limits digital maturity and user trust. Security headers are present, but without valid SSL, the overall security posture is weak. No privacy or cookie policies are found, indicating poor compliance with data protection regulations. Overall, the site presents a high risk due to inaccessibility and missing security best practices.

N

NOA

noa-vu.nl

0

NOA is a Dutch company specializing in scientifically validated online assessments and psychological tests, primarily serving educational institutions, HR professionals, and reintegration sectors. With over 25 years of experience and origins linked to the Vrije Universiteit, NOA holds a strong market position supported by ISO 9001 and ISO 27001 certifications. The website reflects a professional and consistent brand with comprehensive content and clear navigation, targeting Dutch-speaking audiences. Technically, the site uses Microsoft IIS with ASP.NET and Umbraco CMS, integrating modern tools like Google Tag Manager and Elmah.io for error logging. However, the absence of HTTPS is a critical security gap, exposing users to potential risks. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Contact information is complete and accessible, enhancing business credibility.

O

Oskar Schmidt GmbH

schmidtauto.at

0

Autohaus Schmidt, officially Oskar Schmidt GmbH, is a well-established automobile dealership and service provider based in Salzburg, Austria, with a history dating back to 1928. The company operates multiple locations and offers a wide range of services including new and used car sales, vehicle rental, servicing, repairs, and financing. Their market position is strong within the regional transportation sector, supported by authorized partnerships with major car brands such as Ford, Volvo, Peugeot, and Citroën. The website reflects a professional and consistent brand image targeting car buyers and service customers in Salzburg and surrounding areas. Technically, the website uses modern JavaScript, AWS CloudFront CDN, and Google Tag Manager for analytics and marketing. However, it lacks HTTPS, which is a critical security deficiency. The site includes cookie consent mechanisms and privacy policies compliant with GDPR, indicating a good level of privacy awareness. Performance data is unavailable, but the site appears mobile-optimized and SEO-friendly. From a security perspective, the absence of SSL/TLS encryption severely impacts the site's security posture, exposing users to potential risks. Other security headers and best practices are partially implemented but overshadowed by the lack of HTTPS. No incident response or vulnerability disclosure policies are present. The domain registration data aligns well with the business claims, enhancing trustworthiness. Overall, while the business and website demonstrate professionalism and good content quality, the critical lack of HTTPS significantly lowers the security score and overall risk profile. Strategic improvements in security infrastructure are essential to protect users and maintain trust.

S&P Global is a leading enterprise in the financial data and analytics sector, providing essential intelligence through a combination of data, connected technologies, and expert insights. The website reflects a mature, well-structured digital presence with comprehensive content targeting financial professionals and enterprises. Technically, the site leverages Adobe Experience Manager CMS, integrates modern analytics and error tracking tools, and maintains good SEO and accessibility standards. However, a critical security gap exists due to the absence of a valid SSL certificate, which significantly impacts the security posture and overall trustworthiness. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. The domain registration aligns with the company's long-standing history and public presence, reinforcing legitimacy. Strategic improvements in SSL configuration and enhanced security practices are recommended to elevate the site's security and trust levels.

A

Amomed Pharma GmbH

amomed.com

0

Amomed Pharma GmbH is a medium-sized healthcare company specializing in pharmaceutical products for intensive care, emergency medicine, anesthesia, psychiatry, and neurology. The company operates as a member of the AOP Health Group, providing critical care medications aimed at reducing mortality and improving quality of life. The website targets healthcare professionals and institutions, offering product information and therapy solutions. Technically, the website is built on WordPress with a PHP backend and uses common web technologies such as jQuery, Bootstrap, and Font Awesome. However, the site lacks a valid SSL certificate, resulting in no proper HTTPS support, which is a significant security concern. Security headers are partially implemented, but critical configurations like TLS protocols and cipher suites are missing. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Contact information is not readily visible on the homepage, limiting user trust and engagement. Overall, the website demonstrates moderate digital maturity but requires urgent improvements in security and privacy to meet modern standards.

D

Donauchem GmbH

donauchem.at

0

Donauchem GmbH is a medium-sized chemical distributor operating primarily in Austria and Central/Eastern Europe. The company specializes in the distribution of chemical raw materials and offers tailored product development through its own research and development department. It serves diverse industries including food, pharma, cosmetics, agriculture, and manufacturing. The website reflects a professional business with clear branding and a comprehensive product portfolio. Technically, the site is built on ASP.NET Web Forms with Kentico CMS and hosted on Microsoft IIS. However, the absence of a valid SSL certificate and lack of HTTPS significantly undermine the security posture. Privacy compliance is well addressed with a privacy policy and cookie consent mechanism in place. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

The website madanyu.org is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block page, which prevents access to any substantive content. The domain is very young, registered in October 2024, and uses privacy protection services for WHOIS data, which obscures registrant details. No business information, contact details, or policies are publicly available on the site. Technically, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. The DNS is managed via Cloudflare, but the absence of a valid certificate and enabled TLS protocols severely impacts security posture. Overall, the site appears to be in an early or unestablished state with minimal digital maturity and poor security hygiene.

G

Globo Lighting

globo-lighting.com

0

Globo Lighting is a well-established European retailer specializing in a wide range of lighting products, including indoor and outdoor lamps, ceiling lights, wall lights, and decorative lighting solutions. With over 25 years of market presence and multiple physical showrooms, the company offers a comprehensive e-commerce platform with detailed product information and multiple language support. The technical infrastructure is based on modern technologies such as Shopware CMS and is hosted on Google Cloud, but lacks a valid SSL certificate, resulting in an insecure HTTP-only connection. Security headers are properly configured, but the absence of HTTPS significantly weakens the security posture. Privacy and cookie policies are present and include consent mechanisms, indicating good compliance with GDPR requirements. The domain is mature and registered consistently with the business profile, enhancing trustworthiness. Overall, the website provides an excellent user experience and professional content but requires urgent security improvements to protect user data and enhance trust.

C

Chrisanne Clover

chrisanne.com

0

Chrisanne Clover operates a professional e-commerce platform specializing in premium dancewear, including competition couture, practice wear, fabrics, and crystals. The company targets dancers and dance enthusiasts, offering bespoke couture services and a wide product range. The website is built on Magento and hosted behind Cloudflare, leveraging modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Cookiebot for privacy compliance. However, the site lacks a valid SSL certificate and does not support modern TLS protocols, which significantly weakens its security posture. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the business presents itself as a reputable and established player in the dancewear retail sector, but urgent improvements in security infrastructure are recommended to protect customer data and enhance trust.

D

Delegate Healthcare Solutions LLC

delegate-group.com

0

Delegate Healthcare Solutions LLC operates as a leading manufacturer of foodservice software tailored for communal catering environments such as healthcare facilities, educational institutions, and senior living communities. The company offers a comprehensive suite of software solutions including patient service, foodservice management, full-service catering, and key functionalities like enterprise resource planning and menu ordering systems. Their market position is strong, supported by partnerships with notable clients and a clear focus on delivering integrated, cloud-hosted, and mobile-optimized solutions. Technically, the website is built on modern frameworks like Next.js and hosted on Vercel, with a CMS likely based on Strapi. While the site demonstrates excellent content quality, branding consistency, and user experience, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of modern TLS protocols. Privacy compliance is addressed through Cookiebot, ensuring consent mechanisms are in place. Overall, the business presents a credible and professional front but must urgently address its SSL/TLS configuration to improve security posture and trustworthiness.

M

MMX e.U.

silberdraht.agency

0

Silberdraht Agency is a small Austrian online marketing firm specializing in services tailored for the BestAger demographic (age 50+). Founded in 2019 and operated by MMX e.U., the agency offers website analysis, creation, optimization, search engine marketing, social media marketing, and newsletter distribution. Their market position is niche-focused with a dedicated team and partnerships that enhance their service offerings. Technically, the website runs on WordPress with popular plugins and themes, but lacks HTTPS, which is a critical security shortfall. The site is mobile-optimized and SEO-friendly but suffers from slow or unmeasured performance. Security posture is weak due to missing SSL and security headers, and privacy compliance is minimal with no cookie consent mechanism. Overall, the business appears legitimate and consistent with its domain registration data, but security improvements are urgently needed.

W

wphelp24.com - Your 24/7 WordPress Support Hub

wphelp24.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 24 security findings identified across all modules.

G

GS1 Austria

gs1.at

0

GS1 Austria is a well-established non-profit organization serving as the official barcode and GTIN issuing authority in Austria. It provides a comprehensive suite of GS1 standards and services to businesses across multiple sectors including retail, manufacturing, transportation, and government. The website reflects a mature digital presence with excellent content quality, clear navigation, and strong branding supported by major corporate clients. Technically, the site is built on Drupal 10 with modern JavaScript libraries and integrates Google analytics and marketing tools, but suffers from a critical lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Contact information is primarily via contact forms, with no direct emails or phone numbers publicly listed. Overall, the site is professional and trustworthy but urgently needs to address its SSL/TLS configuration to improve security and user trust.

G

Gymnasium Camphusianum

camphusianum.nl

0

Gymnasium Camphusianum is a small, community-oriented gymnasium school located in Gorinchem, Netherlands, providing secondary education focused on broad academic knowledge and personal development. The website reflects a well-structured educational institution with clear communication channels, active social media presence, and comprehensive privacy and cookie policies compliant with GDPR. Technically, the site is built on WordPress with modern plugins and themes, leveraging Cloudflare CDN for content delivery. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. This exposes users to potential data interception risks and reduces trustworthiness from a security perspective. Overall, while the content and business credibility are strong, the lack of HTTPS is a major vulnerability that must be addressed promptly.

L

Lorencic GmbH Nfg. & Co KG

lorencic.com

0

Lorencic GmbH Nfg. & Co KG operates as a medium-sized company specializing in construction services and products, including workwear, reinforcement fabrics, construction profiles, diamond cutting discs, and rental of construction machinery. The company targets construction professionals and contractors primarily in Austria and surrounding European countries, as evidenced by multiple country-specific domains. The website presents a professional design with clear navigation and relevant content, supporting its business model as a B2B supplier and rental service provider. Technically, the website runs on an Apache server with Ubuntu, utilizing common JavaScript libraries such as jQuery and Bootstrap for frontend functionality. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. Performance metrics are unavailable, and mobile optimization is basic but functional. The site includes cookie consent mechanisms and basic privacy policy compliance, though more advanced privacy and security policies are lacking. From a security perspective, the lack of HTTPS is a critical vulnerability, exposing users to potential data interception risks. No advanced security headers or incident response information is published, and session management could be improved. The site uses Matomo analytics with user consent, indicating moderate user tracking with some privacy compliance. Overall, the security posture is weak and requires urgent improvements. Strategically, the company should prioritize implementing HTTPS with a valid certificate, enhance security headers, and publish clear security and incident response policies. Improving privacy compliance and expanding trust indicators will also strengthen business credibility and user confidence.

Summit Printing LLC operates as an established online commercial printing company founded in 2010, offering a wide range of printing services including banners, brochures, business cards, mailing services, and graphic design. The company targets businesses and graphic designers across the United States and Canada, leveraging multiple plant locations to provide fast production and free shipping. The website presents a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site uses PHP 7.0.33, jQuery, Modernizr, and is hosted behind Cloudflare with LiteSpeed server technology. However, the absence of a valid SSL certificate and HTTPS implementation is a significant security shortfall. Security headers such as HSTS, X-Frame-Options, and X-Content-Type-Options are present, but the lack of TLS protocols and certificate transparency compliance reduces the overall security posture. Privacy compliance is basic, with a privacy policy and terms of service present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site scores moderately on content quality and business credibility but is penalized heavily for security deficiencies.

E

Eti

etietieti.com

0

Eti is a well-established Turkish food manufacturing company with a strong market presence and a diverse product portfolio including biscuits, chocolates, and health-oriented food products. The website serves as a comprehensive corporate portal providing product information, recipes, corporate governance details, career opportunities, and social responsibility initiatives. The site targets consumers interested in quality food products and healthy nutrition, leveraging a consistent brand identity and multiple language options for international reach. Technically, the website is built on ASP.NET WebForms and uses modern JavaScript libraries for UI enhancements. However, performance metrics are lacking and the site suffers from a critical security issue: the absence of a valid SSL certificate and HTTPS support, which significantly impacts user trust and security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR requirements. Social media integration and partner links enhance the brand's digital ecosystem. Overall, Eti's website is professional and content-rich but requires urgent security improvements to meet modern standards.

R

Rail Cargo Group

railcargo.com

0

Rail Cargo Group is a well-established rail logistics provider operating primarily in Europe and Asia, offering a broad range of freight and logistics services including wagon loads, intermodal and multimodal logistics, and railway operations. The company targets businesses requiring efficient rail freight solutions and maintains a strong market position supported by its parent company ÖBB. Technically, the website employs modern JavaScript libraries and custom corporate scripts, with a focus on accessibility and SEO, though performance data is unavailable. Security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, despite good security header implementation. Privacy compliance is supported by a comprehensive privacy policy and GDPR adherence, with Matomo analytics used for privacy-conscious tracking. Overall, the site is professional and trustworthy but requires urgent SSL/TLS remediation to improve security and user trust.

The website kphgraz.at is currently inaccessible, returning an HTTP 403 Forbidden error indicating that access is denied due to insufficient permissions. The site lacks any visible content, metadata, or structured data, which prevents a full analysis of its business or technical attributes. The hosting provider is identified as World4You, an Austrian hosting company, and the domain is registered consistently with the website's country. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. No privacy, cookie, or terms of service policies are present, and no contact information is available, which further reduces trust and compliance levels. Overall, the site appears to be either misconfigured or a placeholder without active content.

E

ekey biometric systems GmbH

ekey.net

0

ekey biometric systems GmbH is a medium-sized Austrian technology company founded in 2002, specializing in fingerprint-based access control and smart home integration solutions. The company holds a leading market position in Europe for fingerprint access systems, offering a range of products including door-integrated fingerprint readers, wall-mounted units, and retrofit kits. Their business model focuses on manufacturing, sales, and providing support and training services. The website reflects a mature digital presence with multilingual support and comprehensive product information targeting homeowners, businesses, and smart home users. Technically, the site is built on WordPress with modern plugins and analytics tools, but suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Security headers are well configured, and privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

T

Tyco

tyco.com

0

Tyco, a subsidiary of Johnson Controls, is a mature enterprise-level provider of integrated security products and solutions, including access control, video surveillance, cloud services, and fire suppression. The company targets commercial and enterprise customers globally, leveraging a broad partner ecosystem and multiple subsidiary brands. The website demonstrates a professional design with good content quality and clear navigation, supported by modern technologies such as Sitecore CMS and Bootstrap. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses risks to secure communications. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the domain registration and WHOIS data confirm the legitimacy and maturity of the business. Strategic improvements in SSL and TLS configuration are recommended to enhance security and trust.

Tarian Group, LLC is a large US-based security services provider specializing in guarding services, integrated security technology, risk advisory, and preparedness training. The company targets critical infrastructure, government, healthcare, commercial, and residential sectors, positioning itself as North America’s fastest growing security provider with a client-centric and innovative approach. The website is built on WordPress with the Divi theme and several plugins, showing a modern but somewhat basic technical infrastructure. However, the absence of HTTPS and SSL certificates is a significant security shortfall. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and multiple licensed office locations. The security posture is weak due to lack of HTTPS and missing security headers, but no active vulnerabilities were detected. Overall, the site is professional and trustworthy but requires urgent security improvements.

D

DORDA Rechtsanwälte GmbH

dbj.at

0

DORDA Rechtsanwälte GmbH is a leading Austrian law firm specializing in business and economic law, offering a broad range of legal services including transactions, restructurings, and digital transformation advisory. The website reflects a professional and comprehensive digital presence with excellent content quality and user experience, targeting business clients nationally and internationally. Technically, the site is built on Drupal 10 with modern features such as video backgrounds and Matomo analytics, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, the absence of HTTPS and security headers significantly lowers the security posture. Overall, the domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness.

The website denkstatt.sk currently serves as a parked domain page primarily linking to Regery, Ltd., a company specializing in domain registration, SSL certificates, and web hosting services. The site content is minimal and focused on redirecting users to Regery's main platform for domain and SSL management. The technical infrastructure relies on Bootstrap and particles.js for frontend presentation and is hosted behind Cloudflare DNS services. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. Additionally, the website performance is slow, with a load time exceeding 15 seconds, and there are no advanced security headers or privacy policies implemented. The WHOIS data presents suspicious future creation and update dates, which undermines trust in the domain's legitimacy. Overall, the site functions as a placeholder with limited business information and weak security posture.

I

Innconcepts IT GmbH

innconcepts.at

0

Innconcepts IT GmbH is a specialized Oracle Partner providing innovative hospitality software solutions tailored for hotels, gastronomy, and wellness sectors. Their offerings include cloud-based hotel and restaurant management software, wellness and leisure software, and comprehensive hospitality IT services. The company positions itself as a customer-centric and authentic partner, emphasizing personalized service and modern technology adoption. The website reflects a professional and consistent brand image with excellent content quality and clear messaging targeting hospitality industry professionals. Technically, the website is built on Drupal 10 CMS, hosted on Apache servers with modern JavaScript libraries such as Alpine.js and AOS for animations. It employs Google Tag Manager and Google Analytics for tracking and marketing purposes, alongside a compliant cookie consent mechanism. Performance is fast, mobile optimization is excellent, and SEO practices are good. Security headers are present, and the SSL certificate is valid, although HSTS is not enabled, which is a recommended improvement. From a security perspective, the site demonstrates good baseline security practices with no detected vulnerabilities or exposed sensitive data. However, the absence of a dedicated security policy or incident response contact and lack of security.txt file indicates room for maturity improvement. Privacy compliance is well addressed with cookie consent and a privacy policy, but terms of service and data protection officer contact details are missing. Overall, the website and business present a trustworthy and professional front with moderate to high security posture and good privacy compliance. Strategic recommendations include enabling HSTS, publishing a security policy and vulnerability disclosure mechanism, and enhancing transparency around incident response to further strengthen trust and security culture.

U

United Nations Commission On International Trade Law

uncitral.org

0

The United Nations Commission On International Trade Law (UNCITRAL) operates as a key intergovernmental organization under the United Nations, focused on developing and harmonizing international trade law frameworks. The website serves as an authoritative resource for legal texts, working documents, technical assistance, and research related to international trade law, targeting governments, legal professionals, and trade stakeholders globally. The organization is well-established with a mature domain and consistent branding aligned with UN standards. Technically, the website is built on Drupal 7 with common web technologies such as jQuery and Bootstrap. While the site demonstrates good content quality, navigation, and mobile optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS enforcement, which severely impacts its security posture. Performance metrics are unavailable, but the technical stack suggests potential modernization needs. Security-wise, the site implements some security headers but fails to provide a valid SSL/TLS configuration, exposing users to risks and undermining trust. Privacy compliance is minimal, with no visible cookie consent mechanisms and only a basic privacy policy linked externally. Contact information is not explicitly provided on the homepage, limiting direct communication channels. Overall, the site is credible and authoritative but requires urgent security improvements to protect users and maintain trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, enhancing privacy and cookie consent mechanisms, and modernizing the technical infrastructure to improve performance and security.

P

Posthotel Achenkirch GmbH

posthotel.at

0

Posthotel Achenkirch GmbH operates a premium 5-star adults-only hotel located in Tirol, Austria, specializing in wellness, gourmet dining, and active holidays. The website presents a rich, multilingual content experience with clear business information and strong branding consistency. Technically, the site is built on TYPO3 CMS, uses modern JavaScript practices, and integrates marketing and analytics tools such as Google Analytics and Usercentrics for cookie consent. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, exposing visitors to potential risks. The site implements basic security headers but lacks advanced protections like HSTS and OCSP stapling. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the business is credible and well-positioned in the hospitality market, but urgent security improvements are needed to protect user data and enhance trust.

C

ConVista Consulting AG

convista.com

0

ConVista Consulting AG is a leading SAP and IT consulting firm based in Germany, specializing in digital transformation across multiple industries including insurance, energy, healthcare, and manufacturing. The company offers comprehensive end-to-end solutions, combining deep industry expertise with technological innovation. Their market position is strong, supported by multiple industry awards and certifications such as SAP Gold Partner and Great Place to Work recognitions. The website reflects a professional and well-branded presence targeting enterprise clients seeking SAP and IT consulting services. Technically, the website is built on WordPress with modern optimization tools like WP Rocket and uses a variety of JavaScript libraries including jQuery and Swiper.js. The site is mobile-optimized and accessible, with good SEO practices and structured data enhancing search visibility. However, the technical infrastructure shows weaknesses in security, notably the absence of a valid SSL certificate and lack of TLS protocol support, which critically undermines secure communications. Security posture is currently basic, with several HTTP security headers implemented but critical SSL/TLS deficiencies present. Privacy compliance is strong, with clear GDPR-aligned privacy and cookie policies and consent mechanisms in place. Contact information is transparent and comprehensive, including phone, email, physical address, and contact forms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility. Strategically, the company should prioritize obtaining and maintaining a valid SSL certificate and enabling modern TLS protocols to secure all communications. Enhancing security best practices will improve trust and compliance, supporting their strong market position and client relationships.

The website dyna-meet.at is currently inaccessible due to a Cloudflare anti-bot challenge page, which prevents access to any meaningful content or business information. The domain is registered and configured with DNS records including Google MX servers and Jimdo nameservers, suggesting the use of Jimdo as a website builder and Google Workspace for email. However, the lack of a valid SSL certificate and absence of HTTPS severely impacts the security posture. No privacy, cookie, or terms of service policies are detectable, and no contact or business information is available on the landing page. The site performance is poor, with a very slow load time likely caused by the challenge mechanism.

H

Hartlauer Handelsgesellschaft m.b.H.

hartlauer.at

0

Hartlauer Handelsgesellschaft m.b.H. operates a large retail and e-commerce platform focused on optics, photography, mobile phones, and hearing aids in Austria. With over 160 physical stores and a comprehensive online shop, it serves a broad consumer base with premium products and services including free eye tests and hearing aid trials. The website is professionally designed with excellent content quality and user experience, supported by a modern technology stack primarily based on Salesforce Commerce Cloud and integrated marketing and analytics tools. However, a critical security issue is present due to the lack of a valid SSL certificate and absence of HTTPS, severely impacting the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, and the company demonstrates strong business credibility with clear contact information and trust seals. Strategic security improvements are urgently needed to protect user data and maintain trust.

F

Forerunners Network

roadmap2050.at

0

Forerunners Network is a German-language media platform based in Austria focusing on ESG (Environmental, Social, Governance) topics, infrastructure, and sustainability. It offers news articles, podcasts, videocasts, and a newsletter subscription service targeting an audience interested in sustainable development and innovation. The platform maintains a consistent brand presence and active social media engagement across multiple channels. Technically, the website runs on WordPress with the Bricks theme and uses plugins such as Borlabs Cookie for consent management and Podigee for podcast integration. However, the site lacks HTTPS, which is a critical security shortcoming. Security headers are minimal, and no incident response or security policies are publicly disclosed. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

D

d:code:it Ltd

dcodeit.com

0

d:code:it Ltd is a digital design and development studio specializing in transforming enterprises, particularly in the financial services sector. The company targets global banks and enterprises, offering innovative financial solutions, trading applications, and management consulting services. Their market position is that of a niche, specialized provider with a strong focus on complex UI and fintech applications. The website reflects a professional and consistent brand image with detailed leadership information and a comprehensive privacy policy demonstrating GDPR compliance. Technically, the website is hosted on AWS infrastructure using Amazon S3 and CloudFront CDN, with modern JavaScript and SVG animations enhancing user experience. However, the site suffers from an invalid SSL certificate and lack of modern TLS protocols, which significantly impacts its security posture. Privacy compliance is well addressed in the policy, but no explicit cookie consent mechanism is present. Overall, the site is functional and professional but requires urgent security improvements to ensure trust and compliance.

F

F/LIST

f-list.at

0

F/LIST is a well-established Austrian family business specializing in luxury interior outfitting for business jets, private jets, and high-end living spaces such as hotels. The company emphasizes craftsmanship, innovation, and premium materials, positioning itself as a global leader in the luxury interiors market. The website reflects a professional and consistent brand image with multilingual support and rich content tailored to its affluent target audience. Technically, the site is built on WordPress with modern plugins and libraries, hosted on Hostinger with LiteSpeed server technology. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which critically impacts secure communications. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a clear privacy policy. Contact information is transparent and includes multiple channels, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.